エピソード
-
After escaping to the mountains and living like a recluse for the past few months, I am back. In this week's show, I discuss my latest experiences in purchasing a home and titling in a living trust, along with the potential obstacles with title deeds and mortgage lenders, and avoiding data breaches with utility companies. I also revisit GrapheneOS after using it daily for the past year, and answer listener questions.
In this week's episode:
Living in the mountainsBuying a house with a living trustPotential pitfalls with title deeds and mortgage lendersBalancing privacy and securityThe 'All or Nothing' approachWhy I still use Obsidian over Standard NotesRevisiting GrapheneOS and the Play Integrity APIBaby ReindeerListeners Questions"Privacy is rarely lost in one fell swoop. It is usually eroded over time, bit by bit."- Daniel J. Solove
-
In this week's episode:CLEAR Privacy and Selling SoulsAuthy discontinues the desktop app from March 19th, 2024Alternative MFA solutions using KeepassXC and KeepassDXStoring backup MFA codes in a Veracrypt containerMake sure you keep scanned copies of your credit cards and ID!Update on the SANS OSINT SummitAlternative to Mint Mobile with TelloUsing the Starbucks app privatelyCustom domain namesShow Links:CLEAR Security Breach: https://www.youtube.com/watch?v=i0I0BTtnMC4OSINT Combine Free Tools: osintcombine.com/freetoolsWhatsmyname: https://whatsmyname.app/Tello: https://tello.com/QR Scanner (PFA) by Secuso Research Group: https://secuso.aifb.kit.edu/english/QR_Scanner.phpSkull Games: https://skullgames.io/Trace Labs: https://www.tracelabs.org/Expired Domains: https://www.expireddomains.net/deleted-domains/"The right to be left alone is indeed the beginning of all freedom."
In this week's show, I discuss CLEAR's intrusive privacy policy and highlight alternatives to Authy using KeePass, with a privacy friendly solution for scanning QR codes. I also address the common mistakes people make when backing up their MFA codes. Additionally, I share some of the highlights from attending the SANS OSINT Summit in Washington, D.C., and explore various uses for custom domain names. Finally, I touch on the Starbucks app and the benefits of using Tello for pre-paid SIM cards.
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on March 14, 2024- Supreme Court Justice William O. Douglas
-
エピソードを見逃しましたか?
-
In today's show, I have a conversation with Lawrence Gentilello, the CEO and Founder of Optery, a personal data removal service. Lawrence shares his own experiences with identity theft and what motivated him to start Optery. We also discuss the future of privacy in the United States, Utah's new privacy law, the Utah Consumer Privacy Act (UCPA), and the bare minimum you should be doing to protect and secure your private data.
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on March 6, 2024Follow Ray on Twitter @privacypod
In this week's episode:Lawrence's experience with identity theft highlights the importance of a credit freezeThe need for disinformationA reminder on hunting appsThe future of data privacy and the need for services like OpteryData privacy in the UK and the existence of search sites like 192.comUpdate on next weeks showShow Links:Optery website: https://www.optery.com/PC Magazine Editors Choice Award for Optery: https://www.pcmag.com/reviews/opteryPC Magazine's list of the best personal data removal services: https://www.pcmag.com/picks/the-best-personal-data-removal-servicesUtah Consumer Privacy Act (UCPA): https://attorneygeneral.utah.gov/utah-consumer-protection-act-a-new-law-to-protect-online-privacy/"If privacy is outlawed, only outlaws will have privacy."- Philip R. Zimmermann, creator of PGP encryption
-
In this weeks show I discuss some of the concerns of using TOR over a VPN, and take another look at data removal from people search sites, including a look at Mozilla Monitor, a new service for data removal from the makers of Firefox. I'll also discuss the importance of freezing your credit and putting the title of your home into a revocable living trust, prior to removing your records from people search sites.
Follow on Twitter (X): @privacypod
In this week's episode:I'm still on the road!Anonymity with TOR and VPNGet that Credit Freeze and Revocable Living TrustData Removals from people search sitesMozilla Monitor, a new data removal serviceQuick update on the Complete pfSense Setup GuideShow Links:Mozilla Monitor: https://monitor.mozilla.orgTor Browser: https://www.torproject.org/downloadDeepCorr: https://dl.acm.org/doi/pdf/10.1145/3243734.3243824Foundations of Digital Privacy, Part One: https://lockdown.media/the-foundations-of-digital-privacy“If you want to keep a secret, you must also hide it from yourself.”
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on February 16, 2024-George Orwell
-
In this Friday Field Notes episode of The Lockdown, I share my experience with imposter syndrome, and compare practical privacy approaches with extreme measures, inspired by my move to the USA.
Follow on Twitter (X): @privacypod
In this week's episode:Using alias names with food appsMore on practical privacy vs the extremeMy motivations for privacy after my move to the USASimplewall for Windows 10Using Virtual MachinesDual boot Windows for gaming vs productivityMicro-segmentation strategiesWindows 10 LTSC for privacy? I'm the Imposter! Show Links: qView Image Viewer: https://interversehq.com/qviewGPG4Win: https://www.gpg4win.org/download.htmlWindows 10 LTSC: https://www.cdw.com/search/?key=Windows%20LTSCSimplewall: https://github.com/henrypp/simplewall"Be yourself; everyone else is already taken."
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on January 31, 2024-Oscar Wilde
Music: The Lockdown -
This week, I introduce Defensive OSINT, address privacy concerns while on the road, and examine the intricacies of alias usage and AI-based face morphing for photo alteration. Sharing insights from my recent travels, I highlight the need for vigilance and innovative strategies for maintaining privacy on the go. The episode explores the pros and cons of using alias names for hotel bookings, including the challenges of identity verification during check-in, while I discuss smart, alternative solutions for these scenarios. Join me as we navigate the complexities of preserving privacy in an era rife with survlleiance and data breaches, providing practical tips and advice for privacy-conscious travelers and digital citizens.
In This Week's Show:Privacy on the road with hotels, VRBO rentals, and UberWhy we do this, and the reasons behind our privacy lifestyleA look at Defensive OSINT strategiesFace morphing our real photos for privacyLocation tracking on your phoneMySudo and pre-paid burner numbersA surprise guest?Show Links:Black Portable Hotel Door Lock: https://www.amazon.com/Portable-Security-Additional-Traveling-Apartment/dp/B0CFVS6NRNPython Script for ThisPersonDoesNotExist: https://github.com/locksec/tpdne_pyFacemorph.me: https://facemorph.meUpscayl: https://www.upscayl.orgFile Optimizer: https://nikkhokkho.sourceforge.io/static.php?page=FileOptimizer
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on January 27, 2024Intro voice-over: IRLRosie - Creative Commons Attribution license (reuse allowed)
“Give me six lines written by the most honest man, and I will find something in them to hang him.” - Cardinal Richelieu
Music: The Lockdown -
In this week's episode, it's time to wrap up 2023 with another look at Privacy.com, and my strategies for avoiding bank account lockout. I delve into the CIA Triad, breaking down its relevance to everyday privacy concerns. The episode also takes a practical turn with a guide on using FindMyDevice on GrapheneOS, and the FindMyDevice feature on the Garmin Instinct 2 watch for tracking lost phones.
I also tackle the debate between biometric authentication and passcodes, taking our threat model into consideration. For those interested in storage synchronization solutions, I discuss using Nextcloud for a variety of purposes, including photo backups, syncing Keepass, and markdown notes, highlighting its versatility for privacy.
Join me for an episode packed with valuable insights and tips for enhancing your digital privacy and security as we welcome in 2024!
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on January 03, 2024
In this week's episode:
1. Closing 2023 with Privacy.com
2. How the CIA Triad Relates to privacy
3. Tracking Lost Phones with FindMyDevice on GrapheneOS and a Garmin watch
4. Biometric authentication vs Passcodes
5. Using Nextcloud for photo backups, Keepass Sync, and taking notes in Markdown
6. Backups with Backblaze B2 and Restic
Show Links:
https://www.privacy.com
https://strongboxsafe.com
https://www.keepassdx.com
https://grapheneos.org
https://gitlab.com/Nulide/findmydevice
https://obsidian.md
https://www.backblaze.com/cloud-storage
https://restic.net
https://www.garmin.com/en-US/p/775697
Ray Ban Meta News: https://san.com/cc/investigation-into-new-meta-smart-glasses-brings-privacy-concerns
Music: The Lockdown
"We suffer more often in imagination than in reality." - Seneca -
In this week’s show, Ray Heffer gives a farewell to Michael Bazzell's Privacy, Security, and OSINT show. Also, speculation about living in a faraday cage continues, and the reasons Firefox is still better than Brave for privacy and security. Ray also talks about when privacy techniques go wrong, with his lockout from Privacy.com.
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on November 22nd, 2023This week's episode:
IntroductionNotable mention for Michael BazzellNew website and Twitter accountWhy I don't use Brave and the reasons Firefox is still the best optionWhen Privacy Techniques Go WrongLinks mentioned in the show:
MITRE ATT&CK (Credentials from Web Browsers): https://attack.mitre.org/techniques/T1555/003/
MITRE ATT&CK (Password Managers): https://attack.mitre.org/techniques/T1555/005/
Tor Project Recommendations: https://support.torproject.org/tbb/tbb-9/
Brave (VPN Services) Issue: https://github.com/brave/brave-browser/issues/33726
Citi Virtual Credit Cards: https://www.cardbenefits.citi.com/Products/Virtual-Account-Numbers
Citi (True Name) Card: https://banking.citi.com/cbol/updatemyname/default.htm
IronVest (Formerly Abine Blur): https://ironvest.com/pricing/
Wise Virtual Card (UK): https://wise.com/gb/virtual-card/Intro music: The Lockdown
"Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius
-
In this week’s FRIDAY FIELD NOTES, Ray Heffer discusses the Zero Trust security model, a framework that's revolutionizing how organizations protect their critical systems and data. Diving into the depths of cybersecurity, we clear up common myths and misinterpretations surrounding Zero Trust, illuminating its role as not just a defensive strategy but a comprehensive approach to modern threats.
Zero Trust operates on the principle of "never trust, always verify," but what does this mean in practice? Zero Trust doesn't just look outward; it recognizes that threats also come from the inside. By assuming that a breach is not just possible, but has already happened, Zero Trust strategies are uniquely positioned to mitigate damage by insiders, whether malicious or accidental.
Introduction and Brill is living in a Faraday cageHow we got to Zero Trust by understadning the Cyber Kill ChainThe Principals of Zero TrustRecommended Zero Trust Frameworks
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on November 09, 2023
This week's episode:NIST Zero Trust Architecture (SP 800-207): https://csrc.nist.gov/pubs/sp/800/207/final
CISA Zero Trust Maturity Model: https://www.cisa.gov/zero-trust-maturity-model
Cyber Kill Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
Intro music: The Lockdown
"Security is always seen as too much until the day it is not enough." — William H. Webster -
Welcome to episode four of The Lockdown - The Practical Privacy and Security podcast.
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on November 06, 2023
This week's episode:
1. I'm back!
2. Traveling to London and Los Angeles
3. A major privacy invasion for Jennifer Lawrence
4. The Psychology of social engineering
Intro music: The Lockdown
"To be yourself in a world that is constantly trying to make you something else is the greatest accomplishment." - Ralph Waldo Emerson -
Welcome to episode three of The Lockdown - The Practical Privacy and Security podcast.
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on April 09, 2023
This week's episode:
1. The case of Zachary McCoy
2. Why do all this?
3. The Apple Ecosystem
4. My experience with GrapheneOS
Get GrapheneOS: https://grapheneos.org/
The case of Zachary McCoy:
https://www.theguardian.com/us-news/2021/sep/16/geofence-warrants-reverse-search-warrants-police-google
Tracking Phones, Google Is a Dragnet for the Police:
https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html
Denmark frees 32 inmates over flaws in phone geo-location evidence:
https://www.theguardian.com/world/2019/sep/12/denmark-frees-32-inmates-over-flawed-geolocation-revelations
Intro music: The Lockdown
"The rights of one are as sacred as the rights of a million." - Eugene V. Debs -
Welcome to episode two of The Lockdown - Practical Privacy and Security podcast. In this episode I share the saga of the LastPass breach, and my thoughts on password managers and authenticator apps.
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on March 19, 2023
This week's episode:
1. The LastPass Breach
2. Password Managers: Dashlane, 1Password, BitWarden, and KeePassXC
3. Authenticator Apps: Google Authenticator, Aegis, and Authy.
Recommended Password Managers:
1. https://keepassxc.org (Desktop)
2. https://www.keepassdx.com (Android only)
3. https://strongboxsafe.com (iOS only)
4. https://bitwarden.com (Top recommendation for cloud hosted)
5. https://1password.com (Ease of use, and great option for cloud hosted)
6. https://www.dashlane.com (Expensive, no desktop app)
Recommended Authenticator Apps:
1. https://authy.com
2. https://getaegis.app (Android only)
Get Yubikey:
https://www.yubico.com
Intro music: The Lockdown
"In the long run, we will have to rebuild the universe of the online world to have security first and ease of use second." - Moxie Marlinspike -
Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown
This episode was recorded on March 10, 2023
Show Links:
Stalkerware: https://www.theregister.com/2023/02/07/stalkerware_developer_fined/
IntelTechniques (List of People Search Sites): https://inteltechniques.com/workbook.html
This week's privacy tips:
1. Privacy check-up / opt-out from people search sites
2. Establish a Revocable Living Trust. Be sure to hire an estate planning attorney.
3. Custom domains with Namecheap and add privacy.
4. Setup a private mailbox with UPS.
5. Use Privacy.com for virtual payment cards.
6. MySudo virtual phone numbers. Stop being tracked, and avoid SIM swap attacks!
7. Use SimpleMobile or Mint for a pre-paid cellphone option.
Not Sponsors:
https://www.privacy.com/
https://mysudo.com/
https://www.namecheap.com/
Intro music: The Lockdown
“Who controls the past controls the future. Who controls the present controls the past.” - 1984 by George Orwell