The Lockdown - Practical Privacy & Security

In this week’s show, Ray Heffer says goodbye to Michael Bazzell's Privacy, Security, and OSINT show. Also, speculation continues about living in a faraday cage, and the reasons Firefox is still better than Brave for privacy and security. Ray also talks about when privacy techniques go wrong, with his lockout from Privacy.com.This episode was recorded on November 22nd, 2023Follow me on Twitter @privacypodThis week's episode:IntroductionNotable mention for Michael BazzellNew website and Twitter accountWhy I don't use Brave and the reasons Firefox is still the best optionWhen Privacy Techniques Go WrongLinks mentioned in the show:MITRE ATT&CK (Credentials from Web Browsers): https://attack.mitre.org/techniques/T1555/003/MITRE ATT&CK (Password Managers): https://attack.mitre.org/techniques/T1555/005/Tor Project Recommendations: https://support.torproject.org/tbb/tbb-9/Brave (VPN Services) Issue: https://github.com/brave/brave-browser/issues/33726Citi Virtual Credit Cards: https://www.cardbenefits.citi.com/Products/Virtual-Account-NumbersCiti (True Name) Card: https://banking.citi.com/cbol/updatemyname/default.htmIronVest (Formerly Abine Blur): https://ironvest.com/pricing/Wise Virtual Card (UK): https://wise.com/gb/virtual-card/Intro music: The Lockdown (composed by Ray Heffer)"Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius

In this week’s FRIDAY FIELD NOTES, Ray Heffer discusses the Zero Trust security model, a framework that's revolutionizing how organizations protect their critical systems and data. Diving into the depths of cybersecurity, we clear up common myths and misinterpretations surrounding Zero Trust, illuminating its role as not just a defensive strategy but a comprehensive approach to modern threats.Zero Trust operates on the principle of "never trust, always verify," but what does this mean in practice? Zero Trust doesn't just look outward; it recognizes that threats also come from the inside. By assuming that a breach is not just possible, but has already happened, Zero Trust strategies are uniquely positioned to mitigate damage by insiders, whether malicious or accidental.This episode was recorded on November 9th, 2023Follow me on Twitter @privacypodThis week's episode:Introduction and Brill is living in a Faraday cageHow we got to Zero Trust by understadning the Cyber Kill ChainThe Principals of Zero TrustRecommended Zero Trust FrameworksNIST Zero Trust Architecture (SP 800-207): https://csrc.nist.gov/pubs/sp/800/207/finalCISA Zero Trust Maturity Model: https://www.cisa.gov/zero-trust-maturity-modelCyber Kill Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.htmlIntro music: The Lockdown composed by Ray Heffer"Security is always seen as too much until the day it is not enough." — William H. Webster

Welcome to episode four of The Lockdown - The Practical Privacy and Security podcast.This episode was recorded on November 6th, 2023Follow me on Twitter @privacypodThis week's episode:1. I'm back!2. Traveling to London and Los Angeles3. A major privacy invasion for Jennifer Lawrence4. The Psychology of social engineeringIntro music: The Lockdown by Ray Heffer "To be yourself in a world that is constantly trying to make you something else is the greatest accomplishment." - Ralph Waldo Emerson

Welcome to episode three of The Lockdown - The Practical Privacy and Security podcast.This episode was recorded on April 9th, 2023Follow me on Twitter @privacypodThis week's episode:1. The case of Zachary McCoy2. Why do all this?3. The Apple Ecosystem4. My experience with GrapheneOSGet GrapheneOS: https://grapheneos.org/The case of Zachary McCoy:https://www.theguardian.com/us-news/2021/sep/16/geofence-warrants-reverse-search-warrants-police-googleTracking Phones, Google Is a Dragnet for the Police:https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.htmlDenmark frees 32 inmates over flaws in phone geo-location evidence:https://www.theguardian.com/world/2019/sep/12/denmark-frees-32-inmates-over-flawed-geolocation-revelationsIntro music: The Lockdown by Ray Heffer "The rights of one are as sacred as the rights of a million." - Eugene V. Debs

Welcome to episode two of The Lockdown - Practical Privacy and Security podcast. In this episode I share the saga of the LastPass breach, and my thoughts on password managers and authenticator apps. This episode was recorded on March 19th, 2023Follow me on Twitter @privacypodThis week's episode:1. The LastPass Breach2. Password Managers: Dashlane, 1Password, BitWarden, and KeePassXC3. Authenticator Apps: Google Authenticator, Aegis, and Authy.Recommended Password Managers:1. https://keepassxc.org (Desktop)2. https://www.keepassdx.com (Android only)3. https://strongboxsafe.com (iOS only)4. https://bitwarden.com (Top recommendation for cloud hosted)5. https://1password.com (Ease of use, and great option for cloud hosted)6. https://www.dashlane.com (Expensive, no desktop app)Recommended Authenticator Apps:1. https://authy.com2. https://getaegis.app (Android only)Get Yubikey: https://www.yubico.comIntro music: The Lockdown by Ray Heffer "In the long run, we will have to rebuild the universe of the online world to have security first and ease of use second." - Moxie Marlinspike

This episode was recorded on March 10th 2023.Follow me on Twitter @privacypodShow Links:Stalkerware: https://www.theregister.com/2023/02/07/stalkerware_developer_fined/IntelTechniques (List of People Search Sites): https://inteltechniques.com/workbook.htmlThis week's privacy tips:1. Privacy check-up / opt-out from people search sites2. Establish a Revocable Living Trust. Be sure to hire an estate planning attorney.3. Custom domains with Namecheap and add privacy.4. Setup a private mailbox with UPS.5. Use Privacy.com for virtual payment cards.6. MySudo virtual phone numbers. Stop being tracked, and avoid SIM swap attacks!7. Use SimpleMobile or Mint for a pre-paid cellphone option.Not Sponsors:https://www.privacy.com/https://mysudo.com/https://www.namecheap.com/Intro music: The Lockdown by Ray Heffer “Who controls the past controls the future. Who controls the present controls the past.” - 1984 by George Orwell