1 00:00:07,673 --> 00:00:09,955 Hello, everybody. Welcome back to firewall, Stone stop 2 00:00:09,994 --> 00:00:12,382 dragons. I'm your host, Gary Parker. As always. 3 00:00:13,178 --> 00:00:14,770 We have episode 385 4 00:00:14,770 --> 00:00:17,237 today for 07/15/2024. 5 00:00:18,050 --> 00:00:19,250 And we got a new show for you 6 00:00:19,250 --> 00:00:20,769 today I have plenty of interesting topics to 7 00:00:20,769 --> 00:00:22,449 cover real quick though before we get to. 8 00:00:22,690 --> 00:00:23,810 I wanna give you an update on the 9 00:00:23,810 --> 00:00:24,609 book surge. 10 00:00:26,140 --> 00:00:28,450 We'd we didn't meet any of the milestones 11 00:00:28,609 --> 00:00:29,087 I'd hoped for, 12 00:00:30,282 --> 00:00:31,954 which is a shame. We got actually very 13 00:00:31,954 --> 00:00:34,047 close to cracking the top 10 in 14 00:00:34,998 --> 00:00:36,996 basically all 3 categories. I think at 1 15 00:00:36,996 --> 00:00:40,431 point we were, maybe 13 on 01:15 16 00:00:40,431 --> 00:00:41,250 on another 17 00:00:42,118 --> 00:00:43,548 very close to the top 10, and I 18 00:00:43,548 --> 00:00:45,454 think in the low twenties on the third 19 00:00:45,454 --> 00:00:47,360 category. Most of that happened on Monday and 20 00:00:47,519 --> 00:00:49,560 Tuesday, which, you know, kinda makes sense the 21 00:00:49,996 --> 00:00:52,140 I imagine most people got the podcast on 22 00:00:52,140 --> 00:00:53,330 those days. And if they were gonna do 23 00:00:53,330 --> 00:00:54,442 it, they did it because they were waiting 24 00:00:54,442 --> 00:00:55,474 to do it because I said to wait 25 00:00:55,474 --> 00:00:56,927 to do it. So 26 00:00:58,032 --> 00:00:59,626 you know, that's kinda when we spiked. I 27 00:00:59,626 --> 00:01:00,902 was hoping maybe we could get a little 28 00:01:00,902 --> 00:01:02,815 surge for the weekend, but it just definitely 29 00:01:02,815 --> 00:01:03,532 did not happen. 30 00:01:04,250 --> 00:01:05,387 So, nevertheless, 31 00:01:05,779 --> 00:01:08,006 Thank you very much for everybody who participated, 32 00:01:08,324 --> 00:01:11,052 but I'm gonna try 1 last thing 33 00:01:11,745 --> 00:01:12,700 just to see, 34 00:01:13,256 --> 00:01:14,942 and I'll tell you more about that after 35 00:01:14,942 --> 00:01:15,897 the news. So stay tuned. 36 00:01:16,692 --> 00:01:18,522 We'll we'll try once more. We're gonna focus 37 00:01:18,522 --> 00:01:21,068 on a single day this coming weekend. Front 38 00:01:21,068 --> 00:01:22,913 of you who miss it last week, this 39 00:01:22,913 --> 00:01:24,765 will be an opportunity to try 40 00:01:25,538 --> 00:01:27,446 again. And I I don't know if it's 41 00:01:27,446 --> 00:01:28,958 still going. I didn't realize this when I 42 00:01:28,958 --> 00:01:31,200 first started to but Amazon leaks currently is 43 00:01:31,200 --> 00:01:34,143 running a buy 2 get 1 free or 44 00:01:34,143 --> 00:01:36,291 buy 3 for the price of 2. That's 45 00:01:36,291 --> 00:01:37,738 how I think they phrase it You know, 46 00:01:37,818 --> 00:01:39,172 so if you wanted to buy multiple copies, 47 00:01:39,331 --> 00:01:40,526 you know, maybe give 1 away or give 48 00:01:40,526 --> 00:01:42,517 1 your local library or senior center or 49 00:01:42,517 --> 00:01:43,154 something like that, 50 00:01:44,110 --> 00:01:44,907 this would be, 51 00:01:45,623 --> 00:01:47,073 a great way to do that. I will 52 00:01:47,073 --> 00:01:48,590 say more about that after the news. 53 00:01:49,228 --> 00:01:51,063 Also as promised, I will be giving away 54 00:01:51,063 --> 00:01:53,617 a free ticket to Def con 32 in 55 00:01:53,697 --> 00:01:56,180 Las Vegas, Nevada, that will go from August 56 00:01:56,180 --> 00:01:57,691 eighth through August eleventh. 57 00:01:58,327 --> 00:01:59,679 Though, if you're gonna go all the way 58 00:01:59,679 --> 00:02:01,666 to Vegas anyway, you might wanna go a 59 00:02:01,666 --> 00:02:03,893 couple extra days and go to b sides 60 00:02:03,893 --> 00:02:06,294 as well. It's even cheaper and also fun. 61 00:02:06,532 --> 00:02:07,646 But the ticket that we have to give 62 00:02:07,646 --> 00:02:10,350 away is for Def con itself. It is 63 00:02:10,350 --> 00:02:11,543 a 480 64 00:02:11,543 --> 00:02:13,704 dollar value, the cost I gone up quite 65 00:02:13,704 --> 00:02:15,290 a bit. That's cheap for a tech conference, 66 00:02:15,449 --> 00:02:16,877 but it's kind of expensive for Del Con. 67 00:02:17,035 --> 00:02:18,146 I think when I first started going a 68 00:02:18,146 --> 00:02:19,574 few years back It was in the 300 69 00:02:19,574 --> 00:02:20,104 dollar range 70 00:02:20,542 --> 00:02:22,767 So, anyway, that may mean that they're gonna 71 00:02:22,767 --> 00:02:24,436 give a really cool electronic badge this year. 72 00:02:24,675 --> 00:02:25,946 I haven't actually looked into that to see 73 00:02:25,946 --> 00:02:27,934 if that's the deal. But regardless, it's a 74 00:02:27,934 --> 00:02:30,180 free ticket to Def con I'm basically gonna 75 00:02:30,180 --> 00:02:31,620 do a straight up raffle for this because 76 00:02:31,780 --> 00:02:33,699 I realized that, you know, not that many 77 00:02:33,699 --> 00:02:36,180 of you will both be willing and able 78 00:02:36,180 --> 00:02:38,265 to go. But if that interests you at 79 00:02:38,265 --> 00:02:40,172 all, Def con is a lot of fun, 80 00:02:40,331 --> 00:02:41,603 You might wanna go back and listen to 81 00:02:41,603 --> 00:02:43,430 some of my Def con podcast to get 82 00:02:43,430 --> 00:02:43,589 a, 83 00:02:44,304 --> 00:02:46,229 flavor for what it's like. If you just 84 00:02:46,229 --> 00:02:48,147 go to podcast podcasts that firewalls, don't dot 85 00:02:48,147 --> 00:02:49,825 dragons dot com and search on Def con, 86 00:02:50,544 --> 00:02:52,701 you'll find those episodes pretty quickly. But if 87 00:02:52,701 --> 00:02:54,060 you ever thought about going, and this would 88 00:02:54,060 --> 00:02:55,433 be 1 to go, and I will offer 89 00:02:55,433 --> 00:02:57,112 a little bit more incentive to do so, 90 00:02:57,831 --> 00:02:59,909 and I'll get into those details after the 91 00:02:59,909 --> 00:03:02,067 news. Alright. So we got a good news 92 00:03:02,067 --> 00:03:03,425 show for you today. And lots of good 93 00:03:03,425 --> 00:03:04,556 juicy topics to cover. 94 00:03:05,191 --> 00:03:07,175 We'll start off with a, an Australian man 95 00:03:07,175 --> 00:03:09,501 was charged with running a fake Wifi 96 00:03:10,350 --> 00:03:12,652 router on domestic airline flights. 97 00:03:13,223 --> 00:03:15,451 A lawsuit against Airbnb and b about hidden 98 00:03:15,451 --> 00:03:17,758 cameras has exposed some interesting data on the 99 00:03:17,758 --> 00:03:20,463 number of complaints that people staying there have 100 00:03:20,463 --> 00:03:21,918 had over the years about 101 00:03:22,308 --> 00:03:23,502 being secretly recorded. 102 00:03:24,058 --> 00:03:25,354 Some popular links, 103 00:03:26,047 --> 00:03:27,024 mesh routers 104 00:03:27,399 --> 00:03:28,933 have been shown to 105 00:03:29,405 --> 00:03:30,544 send the Wifi 106 00:03:31,324 --> 00:03:34,205 credentials and plain text across the Internet, which 107 00:03:34,205 --> 00:03:36,284 is not a good thing. There's a new 108 00:03:36,284 --> 00:03:37,905 password cracking list 109 00:03:38,379 --> 00:03:41,165 making the rounds called Rock 20 24. 110 00:03:41,722 --> 00:03:43,314 I'll explain a little bit about the history 111 00:03:43,314 --> 00:03:43,792 of that. 112 00:03:44,827 --> 00:03:47,812 But it p contains 10000000000 113 00:03:48,429 --> 00:03:48,929 unique 114 00:03:49,626 --> 00:03:50,764 plain text passwords. 115 00:03:51,620 --> 00:03:53,636 Also, there's been another At and T 116 00:03:54,508 --> 00:03:56,503 Data breach, this 1 involving call records and 117 00:03:56,503 --> 00:03:57,243 text records 118 00:03:57,621 --> 00:03:59,457 and the metadata surrounding those. 119 00:04:00,016 --> 00:04:01,612 Signal has been under fire this week on 120 00:04:01,612 --> 00:04:02,250 social media, 121 00:04:02,904 --> 00:04:04,521 Thanks to a rather 122 00:04:04,978 --> 00:04:07,450 provocative post from a security researcher and a 123 00:04:07,450 --> 00:04:09,524 mis who we've talked about here before. There's 124 00:04:09,524 --> 00:04:10,401 a lot to unpack there. 125 00:04:11,199 --> 00:04:12,475 And I've got... I have opinions. 126 00:04:13,047 --> 00:04:14,397 And we'll talk about that quite a bit. 127 00:04:15,112 --> 00:04:18,392 Mozilla has announced a trial for their privacy 128 00:04:18,765 --> 00:04:19,742 preserving ad 129 00:04:20,195 --> 00:04:20,695 attribution 130 00:04:21,322 --> 00:04:21,822 technology, 131 00:04:22,197 --> 00:04:24,424 which apparently has been going on for a 132 00:04:24,424 --> 00:04:26,491 couple years now, and I really either missed 133 00:04:26,491 --> 00:04:28,559 it or forgot about it, but it has 134 00:04:28,559 --> 00:04:29,990 come back up because they are putting it 135 00:04:29,990 --> 00:04:30,729 in Firefox 136 00:04:31,358 --> 00:04:33,831 and turning it on by default, which I 137 00:04:33,831 --> 00:04:36,622 do not appreciate. So, we will talk about 138 00:04:36,622 --> 00:04:38,297 that quite a bit as well. And then 139 00:04:38,297 --> 00:04:39,276 finally, Proton 140 00:04:39,653 --> 00:04:40,791 continues to release 141 00:04:41,504 --> 00:04:42,004 very 142 00:04:42,464 --> 00:04:45,264 welcome new features for their product line, and 143 00:04:45,264 --> 00:04:47,504 they have finally come out with a Google 144 00:04:47,504 --> 00:04:48,464 docs replacement. 145 00:04:49,037 --> 00:04:51,894 That is end to end encrypted. And finally 146 00:04:51,894 --> 00:04:52,926 from my to of the week, I'm going 147 00:04:52,926 --> 00:04:54,537 to tell you how and why 148 00:04:55,227 --> 00:04:55,965 to block 149 00:04:56,418 --> 00:04:56,814 advertisements. 150 00:04:57,624 --> 00:04:59,141 So lots of stuff to talk about. Let's 151 00:04:59,141 --> 00:04:59,780 get right to it. 152 00:05:06,087 --> 00:05:07,259 Alright. This is from the hacker 153 00:05:07,778 --> 00:05:09,933 An Australian man has been charged with running 154 00:05:09,933 --> 00:05:12,487 a fake Wifi f access point during a 155 00:05:12,487 --> 00:05:14,503 domestic flight with an aim to steal user's 156 00:05:14,642 --> 00:05:15,360 credentials and data. 157 00:05:15,933 --> 00:05:19,508 The unnamed 42 year old allegedly established fake 158 00:05:19,508 --> 00:05:22,949 free Wi Access points, which mimic legitimate networks 159 00:05:23,179 --> 00:05:25,813 to capture personal data from unsuspecting victims who 160 00:05:25,813 --> 00:05:28,366 mistakenly connected to them according to the Australian 161 00:05:28,366 --> 00:05:30,441 federal police or the A fp. The agency 162 00:05:30,441 --> 00:05:32,208 said the subject was charged in May of 163 00:05:32,208 --> 00:05:34,457 20 24 after it launched in launched an 164 00:05:34,673 --> 00:05:35,706 investigation a month earlier, 165 00:05:36,262 --> 00:05:38,409 following a report from an airline about a 166 00:05:38,409 --> 00:05:41,060 suspicious Wifi Work identified by its employees during 167 00:05:41,060 --> 00:05:43,300 a domestic flight. A subsequent search of his 168 00:05:43,300 --> 00:05:45,779 baggage on April nineteenth led to the seizure 169 00:05:45,779 --> 00:05:48,154 of a portable wireless access device, a lap 170 00:05:48,274 --> 00:05:50,192 laptop in a mobile phone. He was arrested 171 00:05:50,192 --> 00:05:52,350 on May eighth after a search warrant was 172 00:05:52,350 --> 00:05:54,587 executed at his home. The individual is said 173 00:05:54,587 --> 00:05:56,665 to have staged what's called an evil twin 174 00:05:56,745 --> 00:06:00,896 Wifi attack across various locations, including domestic flights 175 00:06:00,896 --> 00:06:04,394 and airports in Perth, Melbourne, an adelaide to 176 00:06:04,394 --> 00:06:06,541 imp legitimate Wifi f networks. 177 00:06:07,194 --> 00:06:09,115 Users who attempted to connect to the free 178 00:06:09,115 --> 00:06:11,514 pho network were prompted to enter their email 179 00:06:11,514 --> 00:06:14,806 address or social media credentials through a captive 180 00:06:14,806 --> 00:06:16,717 portal webpage page. I'll come back to that 181 00:06:16,717 --> 00:06:18,229 in a second. This is a quote from 182 00:06:18,229 --> 00:06:19,025 the F quote. 183 00:06:19,741 --> 00:06:21,970 The email and password details harvested could be 184 00:06:21,970 --> 00:06:24,694 used to access more personal information including a 185 00:06:24,694 --> 00:06:27,811 victims online communications, stored images and videos or 186 00:06:27,811 --> 00:06:30,768 bank details unquote. The defendant has been charged 187 00:06:30,768 --> 00:06:31,987 with 3 counts of 188 00:06:32,366 --> 00:06:36,041 unauthorized impairment of electronic communication and 3 counts 189 00:06:36,041 --> 00:06:38,581 of possession or control of data with the 190 00:06:38,581 --> 00:06:40,486 intent to commit a serious offense. 191 00:06:41,453 --> 00:06:43,622 Has also been charged with 1 count of 192 00:06:43,758 --> 00:06:47,017 unauthorized access or modification of restricted data, 1 193 00:06:47,017 --> 00:06:50,236 count of dishonest obtaining or dealing in personal 194 00:06:50,453 --> 00:06:53,024 financial information and 1 kind of possession of 195 00:06:53,321 --> 00:06:55,871 identification information. If convicted, he faces up to 196 00:06:55,871 --> 00:06:58,181 a maximum of 23 years in prison. 197 00:06:58,674 --> 00:07:00,429 And here's a final quote from A quote. 198 00:07:01,067 --> 00:07:03,061 To connect to a free Wi network, you 199 00:07:03,061 --> 00:07:05,374 shouldn't have to enter any personal details such 200 00:07:05,374 --> 00:07:07,368 as logging in through an email or social 201 00:07:07,368 --> 00:07:07,926 media account. 202 00:07:08,659 --> 00:07:10,733 If you do want to use public Wi 203 00:07:10,733 --> 00:07:11,211 hotspots, 204 00:07:11,850 --> 00:07:14,822 install a reputable virtual private network or Vpn 205 00:07:15,120 --> 00:07:17,114 on your devices to encrypted secure your data 206 00:07:17,114 --> 00:07:18,390 when using the Internet unquote. 207 00:07:19,281 --> 00:07:21,113 Okay. I'm... I'm gonna come back to that 208 00:07:21,113 --> 00:07:22,387 as well, But but going all the way 209 00:07:22,387 --> 00:07:23,740 back for a second. So basically what this 210 00:07:23,740 --> 00:07:26,289 person did was they carried equipment with them 211 00:07:26,289 --> 00:07:26,926 onto these planes, 212 00:07:27,659 --> 00:07:29,977 to set up a wifi Network. Battery operated 213 00:07:29,977 --> 00:07:33,114 or something. And that Wifi network probably imp, 214 00:07:34,052 --> 00:07:35,970 the Wifi Network that was available in the 215 00:07:35,970 --> 00:07:37,902 airplane because it's easy to do. All you... 216 00:07:38,141 --> 00:07:40,376 The the Ssid, the thing that says, you 217 00:07:40,376 --> 00:07:40,535 know, 218 00:07:41,254 --> 00:07:44,286 free qantas airlines, wi, or whatever, 219 00:07:44,845 --> 00:07:46,530 that's just a string that anybody can type 220 00:07:46,530 --> 00:07:48,754 into their Wifi Router, and and he named 221 00:07:48,754 --> 00:07:51,854 his the same thing or something similar, something 222 00:07:51,854 --> 00:07:52,464 that looked 223 00:07:52,904 --> 00:07:54,262 like it was supposed to be free, you 224 00:07:54,262 --> 00:07:57,160 know, airline Wi or whatever. And so people 225 00:07:57,219 --> 00:07:59,537 nearby would connect to that Wifi hotspot that 226 00:07:59,537 --> 00:08:01,075 he had control over 227 00:08:01,628 --> 00:08:03,856 And then, as part of the connection process, 228 00:08:04,015 --> 00:08:05,526 you can throw up this captive portal. And 229 00:08:05,526 --> 00:08:07,037 if you're not familiar with that, if you 230 00:08:07,037 --> 00:08:09,124 been to anyway so free public Wi, 231 00:08:09,923 --> 00:08:11,760 they often... No matter what you try to 232 00:08:11,760 --> 00:08:13,598 connect you once you, connect to the Wi 233 00:08:13,837 --> 00:08:16,565 And, you know, they throw up this starter 234 00:08:16,565 --> 00:08:18,151 page says, hey, thanks for using our free 235 00:08:18,310 --> 00:08:18,389 Wifi. 236 00:08:19,341 --> 00:08:21,087 Agree to these terms and conditions by checking 237 00:08:21,087 --> 00:08:23,229 this box, you know, read this policy here, 238 00:08:23,388 --> 00:08:24,910 what you no never does. And then click 239 00:08:24,910 --> 00:08:26,259 here to continue. And then once you do 240 00:08:26,259 --> 00:08:28,481 that once, it remembers you and you can 241 00:08:28,481 --> 00:08:30,782 go surfing the web as usual. At places 242 00:08:30,782 --> 00:08:31,417 like hotels, 243 00:08:32,225 --> 00:08:34,210 oftentimes the cap affordable have you entered maybe 244 00:08:34,210 --> 00:08:36,353 your name and or room number so they 245 00:08:36,353 --> 00:08:37,702 can kinda keep track of who you are. 246 00:08:38,179 --> 00:08:40,242 But to my knowledge, they don't actually check 247 00:08:40,242 --> 00:08:42,165 that. So you can put whatever you want 248 00:08:42,165 --> 00:08:44,232 there. But in this case, this person threw 249 00:08:44,232 --> 00:08:46,163 up a captive portal that asked for 250 00:08:46,697 --> 00:08:48,685 credentials for social media accounts and things like 251 00:08:48,685 --> 00:08:50,036 that. And then once you put those in, 252 00:08:50,449 --> 00:08:52,914 that... You've given this person your credentials to 253 00:08:52,914 --> 00:08:54,186 that account and they can do whatever they 254 00:08:54,186 --> 00:08:56,412 want with that account. So back to the 255 00:08:56,412 --> 00:08:58,161 advice given it by the, the A here, 256 00:08:58,574 --> 00:09:00,324 a Vpn would not have helped in this 257 00:09:00,324 --> 00:09:01,756 situation. You still would have had to gone 258 00:09:01,756 --> 00:09:03,290 through this captive portal. So, 259 00:09:03,665 --> 00:09:05,986 a Vpn would not have prevented that. And 260 00:09:05,986 --> 00:09:07,495 you still could have been tricked into giving 261 00:09:07,495 --> 00:09:09,958 away your credentials. The main takeaway honestly for 262 00:09:09,958 --> 00:09:11,467 me is what I'll keep telling you guys 263 00:09:11,467 --> 00:09:13,056 is that is, I I never use public 264 00:09:13,135 --> 00:09:13,453 Wi. 265 00:09:14,183 --> 00:09:15,537 So if I'm on a plane even if 266 00:09:15,537 --> 00:09:17,129 they've got free Wifi F, I just I 267 00:09:17,129 --> 00:09:19,119 just don't use it. We're we're used to 268 00:09:19,119 --> 00:09:21,030 not having Wifi an airplane. So I just... 269 00:09:21,189 --> 00:09:22,796 So I just don't use it. If I 270 00:09:22,796 --> 00:09:24,329 were, if there was some sort of emergency 271 00:09:24,466 --> 00:09:26,771 situation, then, yes, I would use Vpn. But, 272 00:09:26,930 --> 00:09:28,521 again, that wouldn't protect for this particular case, 273 00:09:28,600 --> 00:09:29,793 so you still have to be careful. And 274 00:09:29,793 --> 00:09:31,482 if you sign into 1 of these Wifi 275 00:09:31,482 --> 00:09:32,999 things and I asked you to give away 276 00:09:32,999 --> 00:09:34,755 credentials for social media or something, 277 00:09:35,634 --> 00:09:37,470 that should be a huge red flag. So 278 00:09:37,470 --> 00:09:39,226 instead of public Wi, I use my phone's 279 00:09:39,226 --> 00:09:42,039 hotspot feature. Which most modern phones now have 280 00:09:42,039 --> 00:09:43,179 available and most 281 00:09:43,559 --> 00:09:45,799 cellular accounts now include, you might have to 282 00:09:45,799 --> 00:09:47,319 pay for a higher level plan to get 283 00:09:47,319 --> 00:09:49,163 that. But that's what I do now instead 284 00:09:49,163 --> 00:09:50,115 of using public Wi. 285 00:09:51,067 --> 00:09:52,733 Alright. Moving on. This one's from 9 to 286 00:09:52,733 --> 00:09:54,955 5 Mac, and it's about hidden cameras and 287 00:09:55,193 --> 00:09:56,089 Airbnb properties 288 00:09:56,398 --> 00:09:58,068 I spoke about a while back... There was 289 00:09:58,068 --> 00:09:59,975 some other new story about this. But the 290 00:09:59,975 --> 00:10:01,645 the key to this story is that, 291 00:10:02,281 --> 00:10:03,871 because of a lawsuit around this, 292 00:10:04,523 --> 00:10:04,841 some, 293 00:10:05,558 --> 00:10:08,506 internal data has been released, and it's not 294 00:10:08,506 --> 00:10:08,586 good. 295 00:10:09,701 --> 00:10:12,344 A previously un lawsuit regarding hidden cameras and 296 00:10:12,583 --> 00:10:16,343 Airbnb properties reveals that the company generated 35000 297 00:10:16,559 --> 00:10:19,581 support tickets by customers complaining about surveillance devices. 298 00:10:20,073 --> 00:10:22,383 A lengthy Cnn report says that the problem 299 00:10:22,383 --> 00:10:25,251 appears to be a substantial 1. Thousands of 300 00:10:25,251 --> 00:10:27,561 images have been recovered from short term rental 301 00:10:27,561 --> 00:10:28,755 host by law enforcement. 302 00:10:29,169 --> 00:10:31,958 Hidden cameras placed in bedrooms and bathrooms showing 303 00:10:31,958 --> 00:10:34,828 guests during their most private moments. Changing clothes, 304 00:10:35,067 --> 00:10:37,393 being with their children even having sex according 305 00:10:37,393 --> 00:10:40,020 to Cnn review of Court Police records, as 306 00:10:40,020 --> 00:10:42,169 well as interviews with nearly 2 dozen guests 307 00:10:42,169 --> 00:10:44,558 who found surveillance devices at short term rental 308 00:10:44,558 --> 00:10:45,058 properties 309 00:10:45,448 --> 00:10:47,039 or were told by police that they had 310 00:10:47,039 --> 00:10:49,346 been secretly recorded. But the scale of the 311 00:10:49,346 --> 00:10:51,493 problem had previously been unknown due to a 312 00:10:51,493 --> 00:10:53,641 number of Airbnb policies and practices. 313 00:10:54,133 --> 00:10:57,179 These include seeking to settle cases through arbitration 314 00:10:57,316 --> 00:10:59,226 and failing to notify police even when it 315 00:10:59,226 --> 00:11:01,629 seems clear a crime has been committed. And 316 00:11:01,629 --> 00:11:02,666 this appears to be a quote from the 317 00:11:02,745 --> 00:11:05,457 Cnn report. During the hours long deposition, the 318 00:11:05,696 --> 00:11:08,328 Airbnb employee also revealed that when a guest 319 00:11:08,328 --> 00:11:10,163 complains of a hidden camera, the company doesn't 320 00:11:10,163 --> 00:11:11,120 as a matter of practice, 321 00:11:11,929 --> 00:11:13,990 notify law enforcement not even when a child 322 00:11:13,990 --> 00:11:16,843 is involved. The company may, however, reach out 323 00:11:16,843 --> 00:11:18,769 to hosts about complaints 324 00:11:19,077 --> 00:11:21,775 as part of internal inquiries, a move law 325 00:11:21,775 --> 00:11:24,791 enforcement experts say could hinder criminal investigations because 326 00:11:24,791 --> 00:11:27,013 it gives suspects time to destroy evidence. 327 00:11:27,904 --> 00:11:31,260 Airbnb seeks to compel planets into arbitration, a 328 00:11:31,260 --> 00:11:33,897 process that hides cases from public view, according 329 00:11:33,897 --> 00:11:36,429 to 6 attorneys who represented clients and cases 330 00:11:36,788 --> 00:11:38,384 against the short term rental platform. 331 00:11:38,863 --> 00:11:41,416 When a settlement is reached, Airbnb has required 332 00:11:41,416 --> 00:11:44,783 users to sign confidentiality agreements which bar them 333 00:11:44,783 --> 00:11:46,541 from discussing details of the deal. 334 00:11:47,260 --> 00:11:49,976 Airbnb told Cnn, its use of arbitration and 335 00:11:49,976 --> 00:11:52,867 non disclosure agreements are standard practice within the 336 00:11:52,867 --> 00:11:54,704 industry, and that is sadly true. Okay, Back 337 00:11:54,704 --> 00:11:56,861 to the article, a court ordered the company 338 00:11:56,861 --> 00:11:59,348 to disclose how many planes it had received 339 00:11:59,348 --> 00:12:01,972 about surveillance devices in Airbnb properties in the 340 00:12:01,972 --> 00:12:05,255 past decade, and it responded that 35000 341 00:12:05,312 --> 00:12:06,187 tickets had been raised. 342 00:12:06,759 --> 00:12:09,151 Europe regulates the short term rental industry imposing 343 00:12:09,151 --> 00:12:11,702 wide ranging controls and how companies like Airbnb 344 00:12:11,702 --> 00:12:14,254 can operate, but the Us has no similar 345 00:12:14,254 --> 00:12:14,754 federal 346 00:12:15,211 --> 00:12:17,699 regulations. That can says the report allow the 347 00:12:17,699 --> 00:12:19,615 company to claim it is only a tech 348 00:12:19,615 --> 00:12:20,115 platform 349 00:12:20,573 --> 00:12:22,887 and not responsible for anything that happens at 350 00:12:22,887 --> 00:12:23,685 the rental properties. 351 00:12:24,338 --> 00:12:26,889 Airbnb makes this argument under section 02:30. 352 00:12:27,527 --> 00:12:30,419 Legislation intended to protect web publishers from liability 353 00:12:30,556 --> 00:12:33,123 from comments posted by users. And this is 354 00:12:33,123 --> 00:12:35,438 a quote from Shannon Sc, who's a Florida 355 00:12:35,438 --> 00:12:37,275 attorney who settled an Airbnb Sue for a 356 00:12:37,275 --> 00:12:40,548 client, saying, quote, they're not arguing. This didn't 357 00:12:40,548 --> 00:12:43,356 happen. Your client isn't injured. They're arguing, we 358 00:12:43,356 --> 00:12:44,254 aren't responsible, 359 00:12:44,791 --> 00:12:47,263 unquote. But 1 member of Congress hopes to 360 00:12:47,263 --> 00:12:50,054 change that. Illinois representative Jan Chi cask, who 361 00:12:50,054 --> 00:12:52,543 has introduced legislation that aims to curb big 362 00:12:52,543 --> 00:12:54,461 technologies companies use of section 02:30, 363 00:12:54,941 --> 00:12:57,019 argued that the platform would be safer if 364 00:12:57,259 --> 00:12:59,416 Airbnb were forced to take responsibility for what 365 00:12:59,416 --> 00:13:00,535 happens at its listings. 366 00:13:01,189 --> 00:13:03,415 Right now, section 02:30 is used as a 367 00:13:03,415 --> 00:13:05,245 get out of jail free card, the Democratic 368 00:13:05,245 --> 00:13:08,744 lawmaker said. Now, Airbnb responded to this article 369 00:13:08,744 --> 00:13:10,509 and they said, The company told us that 370 00:13:10,509 --> 00:13:13,373 35000 tickets does not correspond to the number 371 00:13:13,373 --> 00:13:16,396 of complaints as some complaints can generate multiple 372 00:13:16,396 --> 00:13:18,727 tickets. It also stated that the tickets related 373 00:13:18,727 --> 00:13:22,162 to surveillance devices, which can include things like 374 00:13:22,162 --> 00:13:23,920 doorbell cameras and noise sensors. 375 00:13:24,575 --> 00:13:26,495 Airbnb added that some of the tickets also 376 00:13:26,495 --> 00:13:28,894 refer to false alarms where a retro believes 377 00:13:28,894 --> 00:13:30,815 a camera is present when it isn't. 378 00:13:31,615 --> 00:13:33,226 Okay. So, yeah, That does muddy the water 379 00:13:33,226 --> 00:13:34,126 some, but 380 00:13:34,983 --> 00:13:37,537 that's still an awful lot of complaints. Now, 381 00:13:37,697 --> 00:13:39,932 this whole section 02:30 thing really doesn't make 382 00:13:39,932 --> 00:13:41,804 sense to me. I don't know how Airbnb 383 00:13:42,101 --> 00:13:43,000 claim to be 384 00:13:43,697 --> 00:13:46,091 a platform, like a social media company. It 385 00:13:46,091 --> 00:13:48,325 that just doesn't make sense. If they're talking 386 00:13:48,325 --> 00:13:51,136 about comments posted on forums that they host, 387 00:13:51,775 --> 00:13:53,613 you know, on their website, you know, maybe 388 00:13:53,613 --> 00:13:57,138 comments and reviews for properties? Okay. Then Section 389 00:13:57,138 --> 00:13:58,805 02:30 would make sense. I mean, that they 390 00:13:58,805 --> 00:14:00,630 shouldn't really be held liable if somebody posts 391 00:14:00,630 --> 00:14:02,851 a really nasty comment. But I don't know 392 00:14:02,851 --> 00:14:04,378 how in the world you try to apply 393 00:14:04,378 --> 00:14:08,208 section 02:32 their policies around hidden web cameras 394 00:14:08,208 --> 00:14:10,203 on their properties. That that that doesn't make 395 00:14:10,203 --> 00:14:11,240 any sense to me whatsoever. 396 00:14:11,734 --> 00:14:12,931 So anyway, take away here, 397 00:14:13,889 --> 00:14:14,128 again, 398 00:14:14,846 --> 00:14:17,580 be aware that when you're going to Vr 399 00:14:17,719 --> 00:14:20,781 or Airbnb or some of these other services 400 00:14:20,836 --> 00:14:23,056 that let people rent their homes out to 401 00:14:23,056 --> 00:14:25,911 other people. There are some un people who 402 00:14:25,911 --> 00:14:27,045 will hide 403 00:14:27,355 --> 00:14:29,674 you know, surveillance cameras and not tell you 404 00:14:29,674 --> 00:14:32,634 about them. Airbnb has policies that says they 405 00:14:32,634 --> 00:14:35,034 must disclose these things now, which is something 406 00:14:35,034 --> 00:14:36,714 they didn't always have, but apparently they have 407 00:14:36,714 --> 00:14:38,002 now. You're supposed to know where they are, 408 00:14:38,161 --> 00:14:39,988 and there's never supposed to be a camera 409 00:14:39,988 --> 00:14:41,973 and an and, like, bedrooms and bathrooms and 410 00:14:41,973 --> 00:14:43,721 places like that where you're likely to be 411 00:14:43,721 --> 00:14:44,833 in states of un andres. 412 00:14:45,404 --> 00:14:47,404 But it is still a problem. And 1 413 00:14:47,404 --> 00:14:48,684 that you should be aware of. 414 00:14:49,404 --> 00:14:51,404 What do you do about it? It's it's 415 00:14:51,404 --> 00:14:52,524 really kinda hard to do anything about it. 416 00:14:52,684 --> 00:14:54,365 There are some techniques that you can use 417 00:14:54,365 --> 00:14:56,924 to try to spot hidden cameras, but it's 418 00:14:56,924 --> 00:14:58,591 it's not that easy to do. These cameras 419 00:14:58,591 --> 00:15:00,971 are super tiny they're you can hide them 420 00:15:00,971 --> 00:15:03,845 just about anywhere they're very difficult to find 421 00:15:03,845 --> 00:15:04,959 if they're hidden properly. 422 00:15:05,436 --> 00:15:07,185 The other takeaway from me here is that 423 00:15:07,185 --> 00:15:10,388 this forced arbitration stuff has got to change 424 00:15:10,940 --> 00:15:13,259 I understand certainly why companies want to do 425 00:15:13,259 --> 00:15:15,259 this, but I don't know why we let 426 00:15:15,259 --> 00:15:17,259 them get away with doing it. Our court 427 00:15:17,259 --> 00:15:18,779 system isn't imperfect. It's backed up. 428 00:15:20,151 --> 00:15:22,854 Arbitration can be good, but, you know, there's 429 00:15:22,854 --> 00:15:24,683 still some transparency that needs to go along 430 00:15:24,683 --> 00:15:26,989 with that somehow. But anyway, I'm I'm not 431 00:15:26,989 --> 00:15:28,897 a lawyer, so maybe Should just stop talking 432 00:15:28,897 --> 00:15:30,049 about that because I 433 00:15:30,426 --> 00:15:32,022 don't really know what I speak So alright. 434 00:15:32,261 --> 00:15:34,336 Moving on. This next 1 is from Stack 435 00:15:34,495 --> 00:15:36,705 Diary, and it's a site that I don't, 436 00:15:37,222 --> 00:15:39,929 but 1 of my followers pointed me to 437 00:15:39,929 --> 00:15:42,158 this, and thank you to them. And it's 438 00:15:42,158 --> 00:15:44,228 about some serious security problems with Links as 439 00:15:44,228 --> 00:15:44,467 routers? 440 00:15:45,918 --> 00:15:48,796 According to tested Coup, a Belgian equivalent of 441 00:15:48,796 --> 00:15:51,673 the consumers Association. 2 types of links routers 442 00:15:51,673 --> 00:15:54,810 are sending Wi login details in plain text 443 00:15:55,123 --> 00:15:58,625 to Amazon Aws servers. This discovery involves the 444 00:15:58,705 --> 00:15:59,205 Links 445 00:15:59,581 --> 00:16:01,252 V, that's VELP, 446 00:16:02,048 --> 00:16:05,327 pro 6 e and pro 7 mesh routers. 447 00:16:05,963 --> 00:16:08,192 These look... These are little pillars that kinda 448 00:16:08,192 --> 00:16:09,943 look like about the size of a pringles 449 00:16:09,943 --> 00:16:11,933 can maybe except they're more squared often than 450 00:16:11,933 --> 00:16:12,172 round. 451 00:16:12,823 --> 00:16:14,331 So if you have a links list router 452 00:16:14,331 --> 00:16:15,284 that looks like that in your house, 453 00:16:16,475 --> 00:16:19,412 pay attention to this. During routine installation checks, 454 00:16:19,650 --> 00:16:20,419 test and coupe 455 00:16:20,779 --> 00:16:23,333 detected several data packets being transmitted to an 456 00:16:23,892 --> 00:16:26,287 Aws server in the Us. These packets included 457 00:16:26,287 --> 00:16:28,362 the configured Ss ssid name, that's the Wifi 458 00:16:28,362 --> 00:16:30,050 f name that you would see when you 459 00:16:30,050 --> 00:16:31,161 bring up your phone and say connect to 460 00:16:31,161 --> 00:16:32,589 this network and the name provided there. That's 461 00:16:32,589 --> 00:16:34,969 the Id name. So it include the Sis 462 00:16:35,207 --> 00:16:37,508 Id name and password in clear text. 463 00:16:38,079 --> 00:16:40,072 The identification tokens for the network within a 464 00:16:40,072 --> 00:16:42,862 broader database and an access token for a 465 00:16:42,862 --> 00:16:44,934 user session potentially paving the way for a 466 00:16:44,934 --> 00:16:46,784 man in the middle attack. A man in 467 00:16:46,784 --> 00:16:48,382 the middle attack is a security breach in 468 00:16:48,382 --> 00:16:50,779 which should attacker intercept the communication between your 469 00:16:50,939 --> 00:16:52,957 Lin router and the Amazon web server 470 00:16:53,496 --> 00:16:56,144 without either party's knowledge. In this context, means 471 00:16:56,144 --> 00:16:58,372 the attacker could capture your Wifi network name 472 00:16:58,372 --> 00:17:01,078 or the Ssid and password as they are 473 00:17:01,078 --> 00:17:02,692 transmitted in plain text 474 00:17:03,082 --> 00:17:05,488 allowing them to read or alter these sensitive 475 00:17:05,544 --> 00:17:08,164 details to potentially gain unauthorized access to your 476 00:17:08,164 --> 00:17:08,481 network. 477 00:17:09,117 --> 00:17:11,737 The consumer organization conducted these tests using the 478 00:17:11,737 --> 00:17:14,769 latest firmware available at the time. Despite warning 479 00:17:14,848 --> 00:17:17,548 Links in November, no effective measures have been 480 00:17:17,548 --> 00:17:17,786 taken. 481 00:17:18,500 --> 00:17:20,485 Links this released a firmware update after the 482 00:17:20,485 --> 00:17:22,730 initial warning, but it did not address the 483 00:17:22,730 --> 00:17:24,905 concerns raised, and this is a quote from 484 00:17:25,203 --> 00:17:27,596 someone at Tested coup, quote, we regret the 485 00:17:27,596 --> 00:17:29,510 lack of response from Links and expected more 486 00:17:29,510 --> 00:17:31,105 from such a renowned brand on, unquote. 487 00:17:32,157 --> 00:17:34,469 Test group suspects the security issue might stem 488 00:17:34,469 --> 00:17:36,702 from third party software used in Lin as 489 00:17:36,702 --> 00:17:39,493 firmware. However, they emphasize that this does not 490 00:17:39,493 --> 00:17:40,392 excuse the vulnerability. 491 00:17:40,864 --> 00:17:43,017 For those who already own the affected routers 492 00:17:43,017 --> 00:17:45,648 they have recommended changing the Wifi Network name 493 00:17:45,648 --> 00:17:46,388 and password 494 00:17:46,765 --> 00:17:49,795 via the web interface instead of the app. 495 00:17:50,367 --> 00:17:52,834 This precaution prevents the Ssid name and password 496 00:17:52,834 --> 00:17:54,744 from being transmitted in readable text. 497 00:17:55,619 --> 00:17:57,768 Test and coupe contacted Links us again just 498 00:17:57,768 --> 00:18:00,335 day before today's publication in response to the 499 00:18:00,335 --> 00:18:02,815 year ongoing issue, giving them a brief window 500 00:18:02,815 --> 00:18:04,974 to respond. However, they have not received any 501 00:18:04,974 --> 00:18:07,294 acknowledgment or a solution from the manufacturer. 502 00:18:07,869 --> 00:18:09,864 And again, another quote from the researchers quote, 503 00:18:10,023 --> 00:18:12,497 the vulnerability persists even in the latest Links 504 00:18:12,497 --> 00:18:16,022 7 pro highlighting a critical security lapse. While 505 00:18:16,022 --> 00:18:18,567 breaching in that requires effort and technical skill, 506 00:18:19,124 --> 00:18:22,227 the attacker can cause extensive damage once inside. 507 00:18:22,957 --> 00:18:25,422 Links list themselves recommended the V product lines 508 00:18:25,422 --> 00:18:28,364 for small offices making this issue particularly concerning 509 00:18:28,364 --> 00:18:30,431 for both personal and professional environments. 510 00:18:31,164 --> 00:18:33,025 Alright. So what what it sounds like is 511 00:18:33,085 --> 00:18:35,505 there is an app to set up these 512 00:18:35,804 --> 00:18:36,285 routers, 513 00:18:36,765 --> 00:18:39,005 which is becoming more and more common these 514 00:18:39,005 --> 00:18:40,044 days with smart devices. 515 00:18:40,699 --> 00:18:42,295 And when using that app to set up 516 00:18:42,295 --> 00:18:44,529 these devices with the password and setting the 517 00:18:44,848 --> 00:18:45,247 Ssid, 518 00:18:45,726 --> 00:18:46,923 and it looks like the app or the 519 00:18:46,923 --> 00:18:47,982 routers are sending 520 00:18:48,694 --> 00:18:51,586 some information up to some cloud server somewhere 521 00:18:51,644 --> 00:18:53,638 for links is probably or maybe for a 522 00:18:53,638 --> 00:18:56,053 third party, I'm not sure, but that that 523 00:18:56,191 --> 00:18:57,488 communication sends the 524 00:18:57,865 --> 00:19:00,853 credentials for... The credentials for your Wifi router 525 00:19:01,230 --> 00:19:03,623 uni uninterrupted. If they were really able to 526 00:19:03,623 --> 00:19:05,856 intercept this, That means the communication itself wasn't 527 00:19:05,856 --> 00:19:08,664 encrypted which today is almost unheard of. And 528 00:19:08,664 --> 00:19:11,705 if someone were able to intercept that communication 529 00:19:11,705 --> 00:19:14,105 somehow, you know, maybe you're in apartment complex 530 00:19:14,105 --> 00:19:16,357 or you're you're in a neighborhood with close 531 00:19:16,357 --> 00:19:18,526 houses and somebody in nearby just kinda of 532 00:19:19,059 --> 00:19:20,433 sniffing the air for 533 00:19:20,807 --> 00:19:21,307 for 534 00:19:21,760 --> 00:19:24,003 communications like this. If they were to intercept 535 00:19:24,003 --> 00:19:25,679 this then they would be able to get 536 00:19:25,679 --> 00:19:26,875 on your Wifi F network and then get 537 00:19:26,875 --> 00:19:28,471 up to all sorts of no good. Now 538 00:19:28,471 --> 00:19:29,668 how likely is that to happen? 539 00:19:30,226 --> 00:19:31,912 I don't know. But it really is a 540 00:19:31,912 --> 00:19:34,849 horrible mistake by Lin, and they're right. I 541 00:19:34,849 --> 00:19:37,073 mean, links is a huge name and in 542 00:19:37,073 --> 00:19:38,446 networking products and 543 00:19:39,312 --> 00:19:41,060 that this should not have happened. My guess 544 00:19:41,060 --> 00:19:43,047 is probably the same as the researchers and 545 00:19:43,047 --> 00:19:44,954 that is it may not have been links 546 00:19:44,954 --> 00:19:46,464 as code doing this, It may have been 547 00:19:46,464 --> 00:19:48,785 some third party library or or S sdk 548 00:19:48,785 --> 00:19:50,537 that they were including that is making this 549 00:19:50,537 --> 00:19:53,324 mistake. But nevertheless links this should be testing 550 00:19:53,324 --> 00:19:55,315 their products and should be... Should have caught 551 00:19:55,315 --> 00:19:57,083 this a long time ago. And should have 552 00:19:57,083 --> 00:19:59,075 fixed it right away when notified. So if 553 00:19:59,075 --> 00:20:00,589 you have these products, you could log in 554 00:20:00,589 --> 00:20:02,901 to the web interface for your router that 555 00:20:02,901 --> 00:20:04,630 is, you know, get on the Wifi network 556 00:20:04,749 --> 00:20:07,061 Or if these devices actually have an ethernet 557 00:20:07,061 --> 00:20:08,177 plug on that, I'm not sure if they 558 00:20:08,177 --> 00:20:08,336 do. 559 00:20:09,134 --> 00:20:10,329 But you should be able go to the, 560 00:20:10,967 --> 00:20:13,174 administrator page for the the router, which is 561 00:20:13,373 --> 00:20:15,992 special designated web page or, manual that comes 562 00:20:15,992 --> 00:20:17,976 with the router, which you could probably download 563 00:20:17,976 --> 00:20:20,277 online if you don't have it anymore. We'll 564 00:20:20,277 --> 00:20:21,309 give you instructions of how to do that. 565 00:20:21,467 --> 00:20:23,545 And then you change the password there, 566 00:20:24,260 --> 00:20:26,085 then apparently, that does not send it in 567 00:20:26,085 --> 00:20:27,989 the clear to to the web. So that 568 00:20:27,989 --> 00:20:28,703 would be a good idea. 569 00:20:29,753 --> 00:20:31,429 Alright. Next up, This is from Cyber news, 570 00:20:31,588 --> 00:20:33,981 and it's about the next iteration of what's 571 00:20:33,981 --> 00:20:35,040 called the Rock 572 00:20:35,817 --> 00:20:38,723 password list. Which is basically a list maintained 573 00:20:38,781 --> 00:20:40,296 by maintain and traded 574 00:20:40,694 --> 00:20:41,433 amongst hackers 575 00:20:41,970 --> 00:20:44,122 for trying to brute force passwords. And this 576 00:20:44,122 --> 00:20:44,622 1 577 00:20:45,012 --> 00:20:48,664 is now the official largest known, which contains 578 00:20:48,664 --> 00:20:49,800 10000000000 579 00:20:50,173 --> 00:20:50,888 unique passwords. 580 00:20:51,444 --> 00:20:53,919 The king is dead. Long lived the king. 581 00:20:54,316 --> 00:20:56,775 Cyber news researchers discovered what appears to be 582 00:20:56,775 --> 00:20:57,909 the largest password 583 00:20:58,282 --> 00:20:59,496 compilation with a staggering 584 00:21:00,203 --> 00:21:05,326 9948575739 585 00:21:05,702 --> 00:21:07,456 unique plain text passwords. 586 00:21:08,107 --> 00:21:10,728 The file with the data titled ro 20 587 00:21:10,728 --> 00:21:13,746 24 dot text was posted on July fourth 588 00:21:13,746 --> 00:21:15,176 by 4 user Obamacare. 589 00:21:15,653 --> 00:21:17,082 That's an odd name for a hacker, but 590 00:21:17,082 --> 00:21:20,030 okay. The team cross referenced the passwords included 591 00:21:20,030 --> 00:21:22,249 in the Rock 20 24 leak with data 592 00:21:22,249 --> 00:21:24,548 from Cyber news leaked password Checker, 593 00:21:25,118 --> 00:21:27,105 which revealed that these passwords came from a 594 00:21:27,105 --> 00:21:29,489 mix of old and new data breaches. And 595 00:21:29,489 --> 00:21:31,555 this is a quote from the researchers they 596 00:21:31,555 --> 00:21:34,201 said, quote, In its essence, the Rock 20 597 00:21:34,201 --> 00:21:36,776 24 is a compilation of real world passwords 598 00:21:36,995 --> 00:21:38,671 used by individuals all over the world. 599 00:21:39,470 --> 00:21:41,920 Revealing that many passwords for threat actors 600 00:21:42,279 --> 00:21:44,840 substantially heighten the risk of credential stuffing attacks, 601 00:21:45,000 --> 00:21:45,160 unquote. 602 00:21:46,039 --> 00:21:48,200 Credential stuffing attacks can be severely damaging for 603 00:21:48,200 --> 00:21:50,759 users and businesses. For example, a recent wave 604 00:21:50,759 --> 00:21:54,046 of attacks targeting set satanic ticket master, advanced 605 00:21:54,126 --> 00:21:56,119 Auto parts, quote wizard and others was a 606 00:21:56,119 --> 00:21:58,352 direct result of credential shopping attacks against the 607 00:21:58,352 --> 00:22:00,185 victim's cloud service provider snowflake. 608 00:22:00,679 --> 00:22:02,992 Also from the researchers quote, threat actors could 609 00:22:02,992 --> 00:22:05,783 exploit the Ro 20 24 password compilation to 610 00:22:05,783 --> 00:22:08,574 conduct Brute force attacks and gain unauthorized access 611 00:22:08,574 --> 00:22:11,532 to various online accounts used by individuals who 612 00:22:11,532 --> 00:22:14,071 employee passwords included in the dataset unquote. The 613 00:22:14,150 --> 00:22:16,451 Rock 20 24 compilation did not just fall 614 00:22:16,451 --> 00:22:17,086 from the sky. 615 00:22:17,657 --> 00:22:19,487 3 years ago, Cyber news published a story 616 00:22:19,487 --> 00:22:22,350 about the Ro 20 21 password compilation, the 617 00:22:22,350 --> 00:22:24,736 largest at the time with 8400000000.0 618 00:22:24,736 --> 00:22:25,611 plain text passwords. 619 00:22:26,182 --> 00:22:28,089 According to the team's analysis of Rock 20 620 00:22:28,089 --> 00:22:28,565 24, 621 00:22:29,201 --> 00:22:31,663 attackers developed a dataset by scouring the Internet 622 00:22:31,663 --> 00:22:34,283 for data leaks, adding another 1500000000.0 623 00:22:34,283 --> 00:22:36,527 passwords from 20 20 through 20 24, 624 00:22:37,006 --> 00:22:39,161 and increasing the dataset set by 15 percent. 625 00:22:39,560 --> 00:22:41,178 The Ro 20 21 626 00:22:41,317 --> 00:22:43,312 compilation an expansion of a data breach from 627 00:22:43,312 --> 00:22:44,371 2009 628 00:22:44,683 --> 00:22:46,751 included tens of millions of user passwords for 629 00:22:46,751 --> 00:22:49,774 social media accounts. Since then, however, the compilation 630 00:22:49,774 --> 00:22:50,592 has balloon 631 00:22:50,967 --> 00:22:54,266 exponentially. Most likely, the latest Ro iteration contains 632 00:22:54,403 --> 00:22:56,334 information collected from over 4000 633 00:22:56,391 --> 00:22:58,062 databases over more than 2 decades. 634 00:22:58,634 --> 00:23:01,106 The Cyber news team believes the attackers can 635 00:23:01,106 --> 00:23:04,398 utilize the 10000000000 strong Rock q 20 24 636 00:23:04,616 --> 00:23:07,248 compilation to target any system that isn't protected 637 00:23:07,248 --> 00:23:10,053 against Brute force attacks. This includes everything from 638 00:23:10,053 --> 00:23:12,523 online and offline services to Internet facing cameras 639 00:23:12,523 --> 00:23:14,914 and industrial hardware. 1 more quote from the 640 00:23:14,914 --> 00:23:17,877 team, quote, moreover, combined with other leaked databases 641 00:23:17,877 --> 00:23:20,267 on hacker forms and marketplaces, which for example, 642 00:23:20,984 --> 00:23:23,948 contain user email addresses and other credentials Ro 643 00:23:23,948 --> 00:23:26,261 20 24 can contribute to a cascade of 644 00:23:26,261 --> 00:23:28,972 data breaches financial fraud and identity theft quote. 645 00:23:29,531 --> 00:23:31,286 While there is no silver bullet to protect 646 00:23:31,286 --> 00:23:33,040 users who had their passwords exposed, 647 00:23:33,773 --> 00:23:36,905 impacted individuals and organizations to should take up 648 00:23:36,963 --> 00:23:37,681 mitigation strategies. 649 00:23:38,160 --> 00:23:40,951 The Cyber news research team advises to 1, 650 00:23:41,350 --> 00:23:44,073 immediately reset the passwords for all accounts associated 651 00:23:44,073 --> 00:23:44,945 with leaked passwords. 652 00:23:45,421 --> 00:23:47,879 It is strongly recommended to select strong unique 653 00:23:47,879 --> 00:23:50,734 passwords that are not reused across multiple platforms. 654 00:23:51,464 --> 00:23:54,265 2 enable defect authentication or M mfa wherever 655 00:23:54,265 --> 00:23:57,785 possible, this enhances security by requiring additional verification 656 00:23:57,785 --> 00:23:58,505 beyond a password. 657 00:23:58,998 --> 00:24:01,870 And 3, utilize password manager software to securely 658 00:24:01,870 --> 00:24:03,545 generate and store complex passwords. 659 00:24:04,023 --> 00:24:06,895 Password managers mitigate the risk of password reuse 660 00:24:06,895 --> 00:24:07,932 across different accounts. 661 00:24:08,744 --> 00:24:11,137 Cyber will include data from Rock 20 24 662 00:24:11,137 --> 00:24:13,769 in the leaked password checker, allowing anyone to 663 00:24:13,769 --> 00:24:15,763 check if their credentials were exposed by the 664 00:24:15,763 --> 00:24:17,778 latest record holding exposed password 665 00:24:18,236 --> 00:24:20,320 compilation. Alright. So let me just explain what 666 00:24:20,320 --> 00:24:21,036 this what this is. 667 00:24:21,832 --> 00:24:24,139 Really, all this is is a massive text 668 00:24:24,139 --> 00:24:25,673 file full of 669 00:24:26,380 --> 00:24:27,333 breached passwords. 670 00:24:27,730 --> 00:24:29,579 Passwords that have been 671 00:24:30,269 --> 00:24:30,769 discovered 672 00:24:31,698 --> 00:24:33,047 or hacked somehow, 673 00:24:33,619 --> 00:24:36,328 over the past, basically 2 decades. These are 674 00:24:36,328 --> 00:24:39,675 gonna include things like password or password 1234 675 00:24:39,675 --> 00:24:40,951 or monkey 123. 676 00:24:41,444 --> 00:24:43,442 You know, all the really bad passwords that 677 00:24:43,442 --> 00:24:44,800 we that we know and love. 678 00:24:45,679 --> 00:24:47,696 But 10000000000 of them, 10000000000 679 00:24:47,836 --> 00:24:48,315 unique ones. 680 00:24:48,969 --> 00:24:50,719 Now I tried to download this file. 681 00:24:51,515 --> 00:24:52,629 There were a couple places I found in 682 00:24:52,629 --> 00:24:53,823 the web that had it, but they were 683 00:24:53,823 --> 00:24:55,732 really, really slow and the file was enormous. 684 00:24:56,544 --> 00:24:57,980 And a lot of people were saying that 685 00:24:57,980 --> 00:24:59,336 it's full of a bunch of junk too. 686 00:24:59,735 --> 00:25:01,729 So apparently, it's not a clean listing of 687 00:25:01,729 --> 00:25:02,687 10000000000 passwords, 688 00:25:03,165 --> 00:25:04,692 but this Rocky thing has been around for 689 00:25:04,692 --> 00:25:07,076 a while. And if you have done any 690 00:25:07,076 --> 00:25:07,712 basic hacking, 691 00:25:08,348 --> 00:25:10,733 you will be familiar with it. There are 692 00:25:10,733 --> 00:25:12,641 cyber tools like John The ripper, 693 00:25:13,373 --> 00:25:16,565 that use lists like this to automate brute 694 00:25:16,565 --> 00:25:19,038 force attacks. In other words, to take all 695 00:25:19,038 --> 00:25:19,777 these passwords 696 00:25:20,329 --> 00:25:24,317 and probably pre hash them using, several common 697 00:25:24,317 --> 00:25:25,035 hash techniques. 698 00:25:25,513 --> 00:25:27,667 And then when they get a password database 699 00:25:27,667 --> 00:25:29,262 somewhere, look at all the hash passwords and 700 00:25:29,262 --> 00:25:30,060 see if there's any matches. 701 00:25:30,714 --> 00:25:32,734 And then they would then know what your 702 00:25:32,954 --> 00:25:35,515 underlying password is. Or sometimes what they'll do 703 00:25:35,515 --> 00:25:37,355 is they'll just take these passwords and take 704 00:25:37,355 --> 00:25:39,355 a list of users that they that know 705 00:25:39,355 --> 00:25:41,463 have account on, let's say a certain bank 706 00:25:41,600 --> 00:25:43,270 or social media accounts and they may have 707 00:25:43,270 --> 00:25:44,941 gotten this from other places and just combine 708 00:25:44,941 --> 00:25:47,659 the 2 and say, okay, just start trying 709 00:25:47,659 --> 00:25:49,564 all these passwords with all these email addresses 710 00:25:49,564 --> 00:25:51,152 and see if any of those combinations actually 711 00:25:51,152 --> 00:25:53,375 get, you know, get me in. That is 712 00:25:53,375 --> 00:25:54,248 a brute force attack. 713 00:25:54,979 --> 00:25:57,313 And it's not done by hand. It's done 714 00:25:57,451 --> 00:25:59,365 by computers, so it can happen very, very 715 00:25:59,365 --> 00:26:00,982 quickly. And that's why it's important 716 00:26:01,359 --> 00:26:04,390 for sites that accept credentials over the web, 717 00:26:04,964 --> 00:26:07,122 to have protections like rate limiting, like, you 718 00:26:07,122 --> 00:26:09,359 know, you can't enter a, you know, million 719 00:26:09,359 --> 00:26:12,476 passwords per hour. If you fail 10 times 720 00:26:12,476 --> 00:26:14,164 in a row, they should cut you off 721 00:26:14,164 --> 00:26:15,753 for an hour or a day, 722 00:26:16,389 --> 00:26:17,899 but there's a lot of sites that do 723 00:26:17,899 --> 00:26:19,726 not do that. And if the thing that 724 00:26:19,726 --> 00:26:21,872 they are attacking is something that's offline, 725 00:26:22,363 --> 00:26:24,741 if they, you know, steal your laptop or 726 00:26:24,741 --> 00:26:27,461 steal your phone or something that has password 727 00:26:27,516 --> 00:26:28,784 protections on it, and they actually have it 728 00:26:28,784 --> 00:26:29,419 in their possession. 729 00:26:30,229 --> 00:26:32,307 They can lose their computer on it and 730 00:26:32,307 --> 00:26:33,665 just try as fast as possible. 731 00:26:34,144 --> 00:26:35,822 And if you're using 1 of these passwords, 732 00:26:36,382 --> 00:26:38,000 then they may eventually 733 00:26:38,314 --> 00:26:40,472 get in. So that is why you need 734 00:26:40,472 --> 00:26:42,709 a password manager to generate crazy, 735 00:26:43,108 --> 00:26:43,588 random, 736 00:26:44,547 --> 00:26:46,956 long, strong, unique passwords for all of your 737 00:26:46,956 --> 00:26:48,309 sites. And you don't have to remember them 738 00:26:48,309 --> 00:26:49,742 or even type them in because the password 739 00:26:49,742 --> 00:26:51,812 manager does all that for you. Alright. Next 740 00:26:51,812 --> 00:26:53,085 up, this is from Tech ranch, and it's 741 00:26:53,085 --> 00:26:55,154 about an, yet another At and T breach. 742 00:26:56,363 --> 00:26:57,954 On Friday, which I think was just last 743 00:26:58,034 --> 00:27:00,261 Friday. At and T said cyber criminals stole 744 00:27:00,261 --> 00:27:02,909 the phone records of, quote unquote, nearly all 745 00:27:03,299 --> 00:27:05,126 of its customers. A data breach that will 746 00:27:05,126 --> 00:27:07,032 force the company to notify around a hundred 747 00:27:07,032 --> 00:27:08,224 and 10000000 748 00:27:08,224 --> 00:27:08,542 users. 749 00:27:09,098 --> 00:27:11,004 At and T said the stolen data included 750 00:27:11,004 --> 00:27:11,504 records 751 00:27:11,893 --> 00:27:14,349 like which phone numbers a certain customer called 752 00:27:14,349 --> 00:27:16,965 and texted, the total count of calls and 753 00:27:16,965 --> 00:27:20,176 texts and call for a 6 month period 754 00:27:20,232 --> 00:27:22,853 beginning May first of 20 22 through October 755 00:27:22,853 --> 00:27:24,124 30 first of 20 22. 756 00:27:24,680 --> 00:27:26,507 At and T said the stolen data does 757 00:27:26,507 --> 00:27:29,025 not include any content of calls or tax 758 00:27:29,544 --> 00:27:31,062 nor their time or date. 759 00:27:31,701 --> 00:27:33,459 For some of the affected customers, the cyber 760 00:27:33,459 --> 00:27:35,636 criminals were also able to steal sell site 761 00:27:35,935 --> 00:27:38,099 identification numbers, linked to phone calls and text 762 00:27:38,099 --> 00:27:40,562 messages according to At and T. This means 763 00:27:40,562 --> 00:27:43,954 that potentially, someone could use this information to 764 00:27:43,994 --> 00:27:46,456 figure out the approximate location of a customer 765 00:27:46,456 --> 00:27:47,965 when they made a certain caller sent to 766 00:27:47,965 --> 00:27:51,063 text, and perhaps infer sensitive information about their 767 00:27:51,063 --> 00:27:52,810 lives. And this is a quote from Rachel 768 00:27:52,889 --> 00:27:53,287 To, 769 00:27:54,257 --> 00:27:56,888 social engineering expert and founder of Security firm, 770 00:27:57,127 --> 00:28:00,237 social proof security. And, Rachel says, quote, this 771 00:28:00,237 --> 00:28:03,040 could reveal where someone lives works spends their 772 00:28:03,040 --> 00:28:05,527 free time, who they communicate with in secret 773 00:28:05,584 --> 00:28:09,001 including affairs, any crime based communication or typical 774 00:28:09,001 --> 00:28:11,306 private sensitive conversations that require secrecy. 775 00:28:11,877 --> 00:28:14,203 This is a big deal for anyone affected 776 00:28:14,259 --> 00:28:14,418 unquote. 777 00:28:15,212 --> 00:28:16,879 At and T blamed the incident on a 778 00:28:16,879 --> 00:28:19,261 recent breach at cloud service provider snowflake that's 779 00:28:19,261 --> 00:28:21,500 the second time you've bed today. Which has 780 00:28:21,500 --> 00:28:24,602 affected dozens of companies, including Ticket master, Sa 781 00:28:24,682 --> 00:28:27,387 Bank and Lending tree subsidiary quote wizard. 782 00:28:27,959 --> 00:28:30,033 At this point, it's unclear exactly who's is 783 00:28:30,033 --> 00:28:33,384 behind the snowflake breach. Man, the cybersecurity firm 784 00:28:33,384 --> 00:28:35,001 hired by snowflake to investigate 785 00:28:35,314 --> 00:28:38,268 said a financially motivated criminal group they identify 786 00:28:38,268 --> 00:28:40,503 as Un 5537 787 00:28:40,503 --> 00:28:41,381 was responsible. 788 00:28:41,780 --> 00:28:43,217 The type of data stolen an At and 789 00:28:43,297 --> 00:28:45,387 T's data breach is tipped referred to as 790 00:28:45,387 --> 00:28:48,020 metadata because it doesn't include the contents of 791 00:28:48,020 --> 00:28:50,892 calls or texts, but only information about those 792 00:28:50,892 --> 00:28:51,690 calls and texts. 793 00:28:52,342 --> 00:28:54,327 That, however doesn't mean that there are no 794 00:28:54,327 --> 00:28:56,948 risks for the victims of this breach. To 795 00:28:56,948 --> 00:28:58,537 says that this type of data makes it 796 00:28:58,537 --> 00:29:01,078 easier for cyber criminals to imp people you 797 00:29:01,078 --> 00:29:03,405 trust making it easier for them to craft 798 00:29:03,405 --> 00:29:06,198 more believable social engineering or phishing attacks against 799 00:29:06,278 --> 00:29:07,235 At and T customers. 800 00:29:08,273 --> 00:29:10,285 Another quote from Tow back, quote, The attackers 801 00:29:10,285 --> 00:29:12,285 know exactly who you're likely to pick up 802 00:29:12,285 --> 00:29:14,765 a call from, who you're likely to text 803 00:29:14,765 --> 00:29:15,265 back 804 00:29:15,565 --> 00:29:17,644 how long you communicate with that person and 805 00:29:17,644 --> 00:29:20,076 even potentially where you were located during that 806 00:29:20,214 --> 00:29:22,048 conversation due to the metadata that was stolen, 807 00:29:22,208 --> 00:29:24,760 unquote. Rune Sand, the founder of Granite, a 808 00:29:24,760 --> 00:29:26,913 firm that helps journalists and activist be more 809 00:29:26,913 --> 00:29:28,918 secure said the, quote, Even if you don't 810 00:29:28,918 --> 00:29:30,743 do anything important or sensitive, 811 00:29:31,298 --> 00:29:33,441 who you talk to when and how often 812 00:29:33,441 --> 00:29:35,425 is still personal to you and should remain 813 00:29:35,425 --> 00:29:36,377 private to you as well. 814 00:29:36,949 --> 00:29:39,023 I think everyone should be very angry about 815 00:29:39,023 --> 00:29:40,937 this and demand better from the tel codes. 816 00:29:41,415 --> 00:29:42,692 It's not enough to say, oh, by the 817 00:29:42,692 --> 00:29:44,686 way, your data was taken. We are sorry 818 00:29:44,686 --> 00:29:47,732 and taking this very seriously on quote, Sand 819 00:29:47,732 --> 00:29:50,127 vic says it's more concerning for higher risk 820 00:29:50,127 --> 00:29:52,681 individuals affected by the breach. Again, quote, some 821 00:29:52,681 --> 00:29:54,676 may consider changing their numbers and using a 822 00:29:54,676 --> 00:29:56,841 different provider, but it just really depends on 823 00:29:56,841 --> 00:29:59,861 the circumstances end unquote. Higher risk individuals can 824 00:29:59,861 --> 00:30:01,768 include those who have a reason to shield 825 00:30:01,768 --> 00:30:04,153 their identities such as survivors of domestic abuse. 826 00:30:04,884 --> 00:30:07,201 Sand vic also says that using encrypted chat 827 00:30:07,201 --> 00:30:09,358 apps like signal, which doesn't hold the type 828 00:30:09,358 --> 00:30:11,676 of metadata At and T just lost and 829 00:30:11,835 --> 00:30:12,335 Whatsapp 830 00:30:12,809 --> 00:30:14,730 could be better for security because these companies 831 00:30:14,730 --> 00:30:16,730 have a better track record of protecting user 832 00:30:16,730 --> 00:30:19,769 data. Jake Williams, a cybersecurity expert and former 833 00:30:20,089 --> 00:30:20,829 Nsa hacker 834 00:30:21,224 --> 00:30:22,978 told Tech crunch that the risk is greater 835 00:30:22,978 --> 00:30:25,531 for businesses and intelligence targets following the At 836 00:30:25,531 --> 00:30:27,684 and T breach. And this quote from Williams 837 00:30:27,684 --> 00:30:29,758 quote, threat actors can use this data to 838 00:30:29,758 --> 00:30:30,930 create patterns of life 839 00:30:31,607 --> 00:30:33,917 Call data records provide a wealth of value 840 00:30:33,917 --> 00:30:35,294 for intelligence, analysts 841 00:30:35,670 --> 00:30:38,275 unquote. Williams also said that it's possible hackers 842 00:30:38,394 --> 00:30:40,307 can combine this data with that of data 843 00:30:40,307 --> 00:30:43,416 breaches because, quote, previous At and T incidents 844 00:30:43,416 --> 00:30:46,819 mapped customer phone numbers to other identifying information 845 00:30:47,416 --> 00:30:50,600 simplifying weapon of the newly compromised data. In 846 00:30:50,600 --> 00:30:52,748 short, this data is a gold mine for 847 00:30:52,748 --> 00:30:55,136 understanding who talks to whom, which can for 848 00:30:55,136 --> 00:30:58,013 instance be used for developing human sources unquote. 849 00:30:58,569 --> 00:31:01,348 Okay. So that's that's obviously not for you 850 00:31:01,348 --> 00:31:02,222 and me likely. 851 00:31:02,857 --> 00:31:04,939 This is more spike kind of stuff. Or 852 00:31:04,939 --> 00:31:07,017 espionage kind of stuff. But nevertheless, this is 853 00:31:07,017 --> 00:31:07,656 private data. 854 00:31:08,296 --> 00:31:10,234 And for the few people whose, 855 00:31:10,693 --> 00:31:12,611 you know, location information may have also been 856 00:31:12,611 --> 00:31:14,070 leaked with the this metadata, 857 00:31:14,623 --> 00:31:16,055 That could be a real problem, but I 858 00:31:16,055 --> 00:31:17,646 also have to just agree with this sentiment 859 00:31:17,646 --> 00:31:19,498 that it it is just no longer 860 00:31:20,589 --> 00:31:22,909 acceptable for these companies who are leaking their 861 00:31:22,909 --> 00:31:24,420 data like a sieve to come out and 862 00:31:24,420 --> 00:31:26,963 say, oh, yeah. Hey. Sorry about that. We 863 00:31:26,963 --> 00:31:29,586 really really value your privacy here is a 864 00:31:29,586 --> 00:31:30,404 year of 865 00:31:30,873 --> 00:31:33,738 you know, credit monitoring. And that's it. We 866 00:31:33,738 --> 00:31:35,728 need to somehow be able to hold these 867 00:31:35,728 --> 00:31:36,228 companies 868 00:31:36,603 --> 00:31:37,103 accountable 869 00:31:37,478 --> 00:31:40,127 for this. Because until there's a real financial 870 00:31:40,597 --> 00:31:43,777 impact to them screwing up like this. They're 871 00:31:43,777 --> 00:31:45,447 not gonna take security seriously. Like, why would 872 00:31:45,447 --> 00:31:47,434 they? So again, what this is it's for 873 00:31:47,434 --> 00:31:49,263 a 6 month period, 2 years ago, 874 00:31:50,393 --> 00:31:52,008 this is a list of 875 00:31:52,783 --> 00:31:54,775 most of At and T's customers, 876 00:31:55,572 --> 00:31:57,086 text and call logs. 877 00:31:57,737 --> 00:32:00,828 That apparently have, you know, who was talking 878 00:32:00,828 --> 00:32:03,839 with whom, but not when or where in 879 00:32:03,839 --> 00:32:04,394 most cases. 880 00:32:05,044 --> 00:32:07,112 There's no content of the text messages, at 881 00:32:07,112 --> 00:32:09,339 least from what they're saying so far and 882 00:32:09,339 --> 00:32:11,169 definitely not contents of the of the phone 883 00:32:11,169 --> 00:32:13,576 calls. But still. It's a massive data breach 884 00:32:13,576 --> 00:32:15,651 and it's related... And it's related again to 885 00:32:15,651 --> 00:32:17,109 this snowflake breach, which 886 00:32:17,567 --> 00:32:20,122 just shows you how important these quote supply 887 00:32:20,122 --> 00:32:22,615 chain attacks are. A lot of these big 888 00:32:22,615 --> 00:32:23,115 companies 889 00:32:23,735 --> 00:32:26,615 rely on a very few subset of important 890 00:32:26,615 --> 00:32:28,430 tech companies that you've never heard of 891 00:32:28,947 --> 00:32:31,731 until until these breaches occur, and then it 892 00:32:31,731 --> 00:32:33,482 becomes a real problem. So we need much 893 00:32:33,482 --> 00:32:36,505 more accountability for these security failures? Or they're 894 00:32:36,505 --> 00:32:37,301 just gonna continue? 895 00:32:38,032 --> 00:32:40,020 Alright. Just a couple more new stories and 896 00:32:40,020 --> 00:32:42,247 then, a quick note about Proton, and then 897 00:32:42,247 --> 00:32:43,043 we'll get to my tip of the week. 898 00:32:43,679 --> 00:32:45,761 But these next 2 stories in particular are 899 00:32:45,761 --> 00:32:47,351 gonna be a little bit longer and take 900 00:32:47,351 --> 00:32:48,622 a little bit more analysis. 901 00:32:49,099 --> 00:32:50,767 So this first 1 is from stack diary, 902 00:32:50,926 --> 00:32:51,824 and it's about 903 00:32:53,092 --> 00:32:55,107 a that happened on 904 00:32:55,804 --> 00:32:59,609 social media between signal and a researcher or 905 00:32:59,968 --> 00:33:02,197 or research team, both are true, 906 00:33:03,152 --> 00:33:06,814 named My, YSK, and we've mentioned Mis before. 907 00:33:07,292 --> 00:33:07,792 And 908 00:33:08,736 --> 00:33:10,243 there's a lot of nuance to this, and 909 00:33:10,322 --> 00:33:10,798 I've got a lot, 910 00:33:11,671 --> 00:33:13,574 a lot of takeaways on this. But let 911 00:33:13,574 --> 00:33:14,843 me let me read this and and then 912 00:33:14,922 --> 00:33:15,556 I'll get to my take. 913 00:33:16,209 --> 00:33:19,023 Popular encrypted messaging app signals is facing criticism 914 00:33:19,161 --> 00:33:21,178 over a security issue in its desktop 915 00:33:21,635 --> 00:33:21,795 application. 916 00:33:22,593 --> 00:33:24,999 Researchers and app users are raised concerns about 917 00:33:24,999 --> 00:33:27,486 how the app handles encryption keys on desktop 918 00:33:27,542 --> 00:33:29,687 services against, so basically on your computer, which 919 00:33:29,687 --> 00:33:31,197 is different from your smartphone. 920 00:33:32,005 --> 00:33:35,174 According to cybersecurity researchers mask the desktop version 921 00:33:35,174 --> 00:33:38,423 of signal stores encryption keys, in plain text. 922 00:33:38,914 --> 00:33:41,389 An issue that potentially exposes users to data 923 00:33:41,389 --> 00:33:41,549 theft. 924 00:33:42,267 --> 00:33:44,982 Musk detailed the problems on Twitter, highlighting that 925 00:33:44,982 --> 00:33:47,696 signals desktop app stores local chat history encryption 926 00:33:47,696 --> 00:33:50,587 keys in a plain text file accessible by 927 00:33:50,587 --> 00:33:52,905 any process on the system. And a quick 928 00:33:52,905 --> 00:33:55,622 quote from Mis said, quote, end to end 929 00:33:55,622 --> 00:33:57,595 encryption is useless if any of the ends 930 00:33:57,794 --> 00:33:59,552 get compromised on quote, which is a point 931 00:33:59,552 --> 00:34:00,991 that I've often made on this program. 932 00:34:01,630 --> 00:34:03,627 According to My, signal users who link a 933 00:34:03,627 --> 00:34:05,865 desktop app may have a false sense of 934 00:34:05,865 --> 00:34:06,105 security. 935 00:34:06,837 --> 00:34:09,170 They created a simple python script that copied 936 00:34:09,227 --> 00:34:12,255 signals local storage directory on a Mac then 937 00:34:12,255 --> 00:34:14,724 transferred this data to a fresh macos installation 938 00:34:14,724 --> 00:34:15,601 in a virtual machine. 939 00:34:16,254 --> 00:34:18,668 By placing the copy data in the appropriate 940 00:34:18,726 --> 00:34:21,119 directory and installing signal on the virtual machine, 941 00:34:21,598 --> 00:34:25,107 they successfully restored their entire signal session including 942 00:34:25,107 --> 00:34:25,666 chat histories. 943 00:34:26,318 --> 00:34:28,550 The researchers were then able to run 3 944 00:34:28,550 --> 00:34:29,050 simultaneous 945 00:34:29,507 --> 00:34:32,695 active signal sessions on the original Mac, and 946 00:34:32,695 --> 00:34:34,231 iphone and the virtual machine 947 00:34:34,622 --> 00:34:37,429 without any warning from signal about the cloned 948 00:34:37,645 --> 00:34:40,429 session. Messages were delivered to either the Mac 949 00:34:40,429 --> 00:34:43,224 or Vm With the iphone receiving all messages. 950 00:34:43,779 --> 00:34:46,795 Importantly, the phone still only showed 1 linked 951 00:34:46,795 --> 00:34:50,381 device failing to detect the unauthorized set on 952 00:34:50,381 --> 00:34:53,082 the virtual machine. The ability to transfer chat 953 00:34:53,082 --> 00:34:54,988 histories like this is not limited to Macos. 954 00:34:55,226 --> 00:34:57,053 A user on Twitter showed that the encryption 955 00:34:57,053 --> 00:34:59,436 keys and signals configuration file on linux are 956 00:34:59,436 --> 00:35:01,522 set with permissions that make them readable by 957 00:35:01,522 --> 00:35:03,993 any process the local user runs. This means 958 00:35:03,993 --> 00:35:06,326 that while a key logger might require admin 959 00:35:06,544 --> 00:35:09,660 access to install, any app script with sufficient 960 00:35:09,660 --> 00:35:12,679 permissions could access these plain text keys. Naomi 961 00:35:12,758 --> 00:35:14,824 Brock, who we interviewed here just a couple 962 00:35:14,824 --> 00:35:17,500 of months ago, recommended un linking any desktop 963 00:35:17,619 --> 00:35:20,630 service from signal accounts. Rockwell explains, quote, a 964 00:35:20,630 --> 00:35:22,715 long known problem is that signal storage your 965 00:35:22,770 --> 00:35:24,434 decryption keys on desktop and a plain text 966 00:35:24,434 --> 00:35:24,672 file, 967 00:35:25,244 --> 00:35:27,402 not your key chain, making it accessible to 968 00:35:27,402 --> 00:35:27,881 any app, 969 00:35:28,680 --> 00:35:30,119 unquote, but then she adds if you trust 970 00:35:30,119 --> 00:35:32,356 your computer, you're fine, suggesting that users who 971 00:35:32,356 --> 00:35:34,842 are cautious about their security might want to 972 00:35:34,842 --> 00:35:37,307 reconsider using the desktop version of signal. Mixed 973 00:35:37,307 --> 00:35:39,932 analysis aligns with a 20 18 report. 974 00:35:40,584 --> 00:35:42,969 By bleep computer, which also highlighted the poor 975 00:35:42,969 --> 00:35:44,956 handling of encryption keys and signals desktop app. 976 00:35:45,672 --> 00:35:48,136 Signals approach to end to end encryption focuses 977 00:35:48,136 --> 00:35:49,567 on protecting data in transit. 978 00:35:50,059 --> 00:35:52,284 However, once the data reaches the user's device, 979 00:35:52,442 --> 00:35:55,223 the responsibility for security largely falls on the 980 00:35:55,223 --> 00:35:55,541 user. 981 00:35:56,177 --> 00:35:59,054 While standard, this practice assumes the user's devices 982 00:35:59,054 --> 00:36:02,482 are secure from Malicious software or unauthorized access, 983 00:36:02,641 --> 00:36:04,794 which may not always be the case. In 984 00:36:04,794 --> 00:36:07,446 20 18, in response to Bleep computers article 985 00:36:07,757 --> 00:36:09,818 Joshua Lu who works at signal said the 986 00:36:09,818 --> 00:36:12,195 following. The database key was never intended to 987 00:36:12,195 --> 00:36:14,652 be a secret. At rest encryption is not 988 00:36:14,652 --> 00:36:17,063 something that signal desktop is currently trying to 989 00:36:17,063 --> 00:36:19,860 provide or has ever claimed to provide. Full 990 00:36:19,860 --> 00:36:22,097 disc encryption can be enabled at the Os 991 00:36:22,097 --> 00:36:23,956 level on most desktop platforms. 992 00:36:24,989 --> 00:36:27,533 So considering this context, it's questionable why signal 993 00:36:27,533 --> 00:36:29,680 stores chat history and encrypted form at all, 994 00:36:30,316 --> 00:36:32,781 particularly since media attachments remain une unavailable, and 995 00:36:32,781 --> 00:36:34,053 that's a link to another article which I'll 996 00:36:34,053 --> 00:36:35,738 need to follow and I didn't realize that 997 00:36:35,738 --> 00:36:38,045 media attachments were encrypted either. It's clear the 998 00:36:38,045 --> 00:36:40,431 signal has not altered its approach to this 999 00:36:40,431 --> 00:36:42,261 issue. We were able to confirm that on 1000 00:36:42,261 --> 00:36:45,307 a windows system Signal continues to store a 1001 00:36:45,307 --> 00:36:47,224 key to the config dot Json file in 1002 00:36:47,224 --> 00:36:48,262 the app data directory. 1003 00:36:48,981 --> 00:36:51,151 I was following this on Twitter. And Meredith 1004 00:36:51,230 --> 00:36:52,742 Whitaker, who's the president of Signal, 1005 00:36:53,537 --> 00:36:55,230 who... I have a lot of respect for 1006 00:36:55,764 --> 00:36:56,639 responded this way. 1007 00:36:57,688 --> 00:37:00,230 There's been some chatter about signal desktop recently, 1008 00:37:00,389 --> 00:37:02,851 so let's clear the air. 3 points. 1. 1009 00:37:03,328 --> 00:37:06,029 The reported issues rely on an attacker already 1010 00:37:06,029 --> 00:37:08,673 having full access to your device, either physically, 1011 00:37:09,073 --> 00:37:11,471 through a malware compromise or ava via a 1012 00:37:11,471 --> 00:37:13,868 malicious application running on the same device. This 1013 00:37:13,868 --> 00:37:16,186 is not something that signal or any other 1014 00:37:16,186 --> 00:37:18,754 app can fully protect against nor do we 1015 00:37:18,754 --> 00:37:19,551 ever claim to. 1016 00:37:20,427 --> 00:37:22,978 2, we continue working to harden our desktop 1017 00:37:22,978 --> 00:37:26,023 build across supported operating systems and take advantage 1018 00:37:26,023 --> 00:37:28,900 of new platform capabilities as they emerge. Those 1019 00:37:28,900 --> 00:37:31,137 of you following our repo can follow this 1020 00:37:31,137 --> 00:37:32,735 work there, and I'll come back to that. 1021 00:37:33,545 --> 00:37:36,165 And 3, the posters who raised this issue 1022 00:37:36,165 --> 00:37:38,389 did so without contacting us directly. 1023 00:37:39,103 --> 00:37:41,183 Instead they went straight to social media and 1024 00:37:41,183 --> 00:37:44,210 some cases using inflammatory language and they dropped 1025 00:37:44,210 --> 00:37:46,839 these claims over a Us holiday weekend. 1026 00:37:47,317 --> 00:37:49,787 This is the opposite of responsible disclosure. 1027 00:37:50,519 --> 00:37:52,912 We ask those who are serious about security 1028 00:37:52,912 --> 00:37:55,704 and privacy to please engage us directly in 1029 00:37:55,704 --> 00:37:58,349 the future instead of resort first to online 1030 00:37:58,349 --> 00:38:01,211 claims that can confuse non experts and lead 1031 00:38:01,211 --> 00:38:04,470 people to make unsafe choices and develop inaccurate 1032 00:38:04,470 --> 00:38:06,617 mental models based on scary language. 1033 00:38:07,189 --> 00:38:10,305 We monitor security at signal dot org carefully 1034 00:38:10,305 --> 00:38:13,341 and respond to all legitimate reports. Alright. Back 1035 00:38:13,341 --> 00:38:15,934 to the article, the response to meredith statement 1036 00:38:15,993 --> 00:38:19,349 has varying opinions on social media. Some users 1037 00:38:19,349 --> 00:38:21,187 argue that the issue of storing encryption keys 1038 00:38:21,187 --> 00:38:23,205 in plain text has been known for years 1039 00:38:23,439 --> 00:38:25,594 with the initial report dating back to 20 1040 00:38:25,594 --> 00:38:27,748 18, which this article just talked about. The 1041 00:38:27,748 --> 00:38:29,823 idea being that signal has had ample time 1042 00:38:29,823 --> 00:38:30,860 to address the problem. 1043 00:38:31,434 --> 00:38:33,991 Others criticized the assertion that full device access 1044 00:38:33,991 --> 00:38:36,089 is necessary for exploiting this vulnerability, 1045 00:38:36,628 --> 00:38:38,786 pointing out that access to user level files 1046 00:38:38,786 --> 00:38:39,425 is sufficient. 1047 00:38:40,079 --> 00:38:42,151 It's a tough 1 to balance. The mixed 1048 00:38:42,151 --> 00:38:44,942 reactions highlight the tension between immediate security needs 1049 00:38:44,942 --> 00:38:47,971 and developers practical limitations in safeguard local data. 1050 00:38:48,784 --> 00:38:50,936 On April first, a pull request was made 1051 00:38:50,936 --> 00:38:53,248 on github. This is their code repo for 1052 00:38:53,248 --> 00:38:56,380 signal that would alleviate this problem by implementing 1053 00:38:56,518 --> 00:38:58,629 electrons safe storage Api 1054 00:38:59,167 --> 00:39:01,484 and on July tenth, which was just last 1055 00:39:01,484 --> 00:39:01,644 week. 1056 00:39:02,363 --> 00:39:05,400 1 of Signals developers finally accepted the safe 1057 00:39:05,400 --> 00:39:07,650 store a Api poor request on Github that 1058 00:39:07,650 --> 00:39:08,868 which should mean that that 1059 00:39:09,485 --> 00:39:10,464 solution that was 1060 00:39:10,842 --> 00:39:12,757 posted on April first, which kind of addresses 1061 00:39:12,757 --> 00:39:13,955 this problem I'll come back in a minute. 1062 00:39:14,528 --> 00:39:16,763 Has been accepted and will go into a 1063 00:39:16,763 --> 00:39:18,998 future signal release. It is possible that the 1064 00:39:18,998 --> 00:39:21,312 concern about signals desktop encryption key storage may 1065 00:39:21,312 --> 00:39:22,031 be overblown. 1066 00:39:22,683 --> 00:39:24,666 1 user on Twitter contend that the current 1067 00:39:24,666 --> 00:39:27,284 setup is, quote, best for the masses, not 1068 00:39:27,284 --> 00:39:29,108 the extremely security conscious, quote. 1069 00:39:29,837 --> 00:39:32,136 This v viewpoint suggests that users highly concerned 1070 00:39:32,136 --> 00:39:35,252 about potential 0 day exploits or arbitrary code 1071 00:39:35,387 --> 00:39:38,652 execution should consider more stream measures such as 1072 00:39:38,652 --> 00:39:41,612 setting message expiration timers to very short intervals 1073 00:39:41,746 --> 00:39:43,888 or avoiding message retention altogether. 1074 00:39:44,539 --> 00:39:46,297 And that's referring to a signal feature where 1075 00:39:46,297 --> 00:39:47,836 you could actually have your messages 1076 00:39:48,454 --> 00:39:50,372 automatically deleted over a certain period of time 1077 00:39:50,372 --> 00:39:51,731 and you could do that per user or 1078 00:39:51,731 --> 00:39:52,050 per group. 1079 00:39:52,702 --> 00:39:54,451 And that user added, quote, even if you 1080 00:39:54,451 --> 00:39:57,074 install as root and use Su to open 1081 00:39:57,074 --> 00:39:58,448 it, there are still privilege 1082 00:39:58,822 --> 00:40:01,579 escalation 0 days, and I'm sure you don't 1083 00:40:01,699 --> 00:40:03,443 suspect to the source and check some of 1084 00:40:03,443 --> 00:40:06,138 all binaries areas you execute as root. This 1085 00:40:06,138 --> 00:40:07,565 isn't as big of an issue as it's 1086 00:40:07,565 --> 00:40:08,833 made out to be here unquote. 1087 00:40:09,483 --> 00:40:11,791 In a post on Mastodon, The researchers noted 1088 00:40:11,791 --> 00:40:14,099 that this practice is common among many applications. 1089 00:40:14,497 --> 00:40:17,681 They cited Whatsapp and Apple's imessage as examples. 1090 00:40:18,237 --> 00:40:19,948 Whatsapp apps chat context 1091 00:40:20,406 --> 00:40:23,599 can be accessed by any other launched application 1092 00:40:23,599 --> 00:40:24,237 without restriction. 1093 00:40:24,955 --> 00:40:27,291 I imessage, however, stores data in a sandbox 1094 00:40:27,844 --> 00:40:28,344 preventing 1095 00:40:28,723 --> 00:40:32,000 unauthorized processes from accessing it. In both cases, 1096 00:40:32,320 --> 00:40:34,637 attackers must first gain access to the local 1097 00:40:34,637 --> 00:40:37,847 user account to reach such application data. Once 1098 00:40:37,847 --> 00:40:40,473 this access is obtained, other data is typically 1099 00:40:40,473 --> 00:40:43,498 also vulnerable including locally stored documents that are 1100 00:40:43,498 --> 00:40:46,601 usually une encrypted unless users take specific measures. 1101 00:40:47,255 --> 00:40:48,934 The researchers point out that the level of 1102 00:40:48,934 --> 00:40:51,255 protection needed for chat content compared to other 1103 00:40:51,255 --> 00:40:54,215 locally stored data may vary depending on the 1104 00:40:54,215 --> 00:40:54,590 specific 1105 00:40:55,108 --> 00:40:55,267 situation. 1106 00:40:56,304 --> 00:40:57,123 Okay. So 1107 00:40:57,659 --> 00:40:58,934 there's kind of a lot to unpack here. 1108 00:40:59,413 --> 00:41:02,362 I've actually been debating this at length with 1109 00:41:02,362 --> 00:41:03,135 some of my 1110 00:41:03,494 --> 00:41:05,487 some of my privacy peeps. And I think 1111 00:41:05,487 --> 00:41:07,082 there's a lot of blame to go around 1112 00:41:07,082 --> 00:41:07,901 here. And 1113 00:41:08,278 --> 00:41:11,229 first of all, I... Yes. This was reported 1114 00:41:11,229 --> 00:41:12,106 in 20 18. 1115 00:41:12,919 --> 00:41:15,317 So it is a known issue. So in 1116 00:41:15,317 --> 00:41:17,155 that sense, Mis was basically saying, 1117 00:41:17,954 --> 00:41:19,472 look, there's no reason to go through this 1118 00:41:19,472 --> 00:41:21,710 private disclosure process because you've known about this 1119 00:41:21,710 --> 00:41:22,110 for years. 1120 00:41:22,764 --> 00:41:25,800 However, that said, the way it was presented 1121 00:41:25,800 --> 00:41:26,918 on social media was, 1122 00:41:28,037 --> 00:41:29,475 I think a little bit alarm. 1123 00:41:30,128 --> 00:41:31,642 And there is something to be said for 1124 00:41:31,642 --> 00:41:34,749 the fact that it's really, really hard to 1125 00:41:34,749 --> 00:41:35,249 secure 1126 00:41:35,705 --> 00:41:37,639 local data from malware 1127 00:41:38,016 --> 00:41:40,422 running on that machine because anything you can 1128 00:41:40,422 --> 00:41:40,661 do, 1129 00:41:41,460 --> 00:41:43,614 that Malware can do. And sometimes that Malware 1130 00:41:43,614 --> 00:41:45,051 can even do more. If you're if you 1131 00:41:45,051 --> 00:41:47,445 have a non administrator account as your normal 1132 00:41:47,445 --> 00:41:50,090 account, there are bugs in software which allow 1133 00:41:50,250 --> 00:41:51,387 Malware to gain 1134 00:41:51,763 --> 00:41:52,639 higher privileges. 1135 00:41:53,117 --> 00:41:55,427 And so, basically, I think signals perspective on 1136 00:41:55,427 --> 00:41:57,673 this, which appears to match that of you 1137 00:41:57,673 --> 00:41:58,492 know, other 1138 00:41:59,428 --> 00:42:01,661 applications that are privacy and security oriented is 1139 00:42:01,661 --> 00:42:03,815 that, look, if you manage to get malware 1140 00:42:03,815 --> 00:42:06,447 running on this system, if the endpoint itself 1141 00:42:06,447 --> 00:42:07,165 is compromised, 1142 00:42:07,818 --> 00:42:09,096 then there's not a whole lot we can 1143 00:42:09,096 --> 00:42:11,592 do. And so, therefore, we're not gonna bother 1144 00:42:11,810 --> 00:42:12,209 doing it. 1145 00:42:13,007 --> 00:42:15,402 They count on things like, you know, encrypting 1146 00:42:15,402 --> 00:42:17,809 your entire hard drive. To prevent somebody's from, 1147 00:42:17,968 --> 00:42:20,298 like, stealing your laptop or stealing your smartphone 1148 00:42:20,912 --> 00:42:23,220 and finding the keys and decrypt your stuff 1149 00:42:23,220 --> 00:42:24,494 because they won't be able to decrypt anything 1150 00:42:24,494 --> 00:42:25,926 because all the entire hard drives is encrypted. 1151 00:42:26,419 --> 00:42:29,234 But if you're malware running on that system 1152 00:42:29,692 --> 00:42:32,188 as the the logged in user or even 1153 00:42:32,326 --> 00:42:34,641 somebody with higher privilege, it's really hard to 1154 00:42:34,641 --> 00:42:37,369 hide stuff. From from that malware because they 1155 00:42:37,369 --> 00:42:38,885 have the same permissions you do, if you 1156 00:42:38,885 --> 00:42:40,321 can read your messages, they can read your 1157 00:42:40,321 --> 00:42:40,640 messages. 1158 00:42:41,199 --> 00:42:43,047 Even if the stuff was encrypted, that the 1159 00:42:43,047 --> 00:42:44,711 the malware may be able to launch the 1160 00:42:44,711 --> 00:42:46,772 app, maybe even behind the scenes without it 1161 00:42:46,772 --> 00:42:48,595 coming up and you're seeing it, you know, 1162 00:42:48,833 --> 00:42:49,887 launch it in an immediately 1163 00:42:50,433 --> 00:42:51,862 put it in your dock or something like 1164 00:42:51,862 --> 00:42:54,085 that, and then scroll through this stuff and 1165 00:42:54,085 --> 00:42:54,958 and screen grab it. 1166 00:42:55,672 --> 00:42:56,784 I mean, you know, there's a lot of 1167 00:42:56,784 --> 00:42:58,705 things you can do as now we're running 1168 00:42:58,705 --> 00:43:00,613 on a system that's very hard to protect 1169 00:43:00,613 --> 00:43:03,396 against. Okay. So so there's that. But I 1170 00:43:03,396 --> 00:43:06,257 also think that Meredith response was a little 1171 00:43:06,257 --> 00:43:08,981 bit tone deaf. I think I think you 1172 00:43:08,981 --> 00:43:10,975 could say all you on about some random 1173 00:43:10,975 --> 00:43:13,688 researcher, and this is, honestly, somebody who's done 1174 00:43:13,688 --> 00:43:15,458 some really good work in the past. And 1175 00:43:15,458 --> 00:43:16,356 you can kinda 1176 00:43:16,969 --> 00:43:19,118 complain about the way they approach this problem, 1177 00:43:19,277 --> 00:43:20,789 and I think some of those complaints could 1178 00:43:20,789 --> 00:43:22,300 be valid. That doesn't mean you have to 1179 00:43:22,300 --> 00:43:23,994 do the same thing. I I personally 1180 00:43:24,385 --> 00:43:26,324 if I were and Meredith position 1181 00:43:26,625 --> 00:43:28,625 would have been a little bit more diplomatic 1182 00:43:28,625 --> 00:43:29,505 about it than she was, 1183 00:43:30,065 --> 00:43:32,385 maybe Would've have reached out to them directly 1184 00:43:32,385 --> 00:43:34,551 and privately. You know, basically do the thing 1185 00:43:34,551 --> 00:43:36,540 that you wanted them to do with you. 1186 00:43:37,017 --> 00:43:39,403 And also, there are mitigation that can be 1187 00:43:39,403 --> 00:43:41,010 used. In fact, talked about it in this 1188 00:43:41,010 --> 00:43:43,180 article. There there are ways to 1189 00:43:43,715 --> 00:43:46,579 sandbox data so that, for example, 1190 00:43:47,056 --> 00:43:49,068 1 application running as the user 1191 00:43:49,379 --> 00:43:51,693 can't access data from another application even for 1192 00:43:51,693 --> 00:43:54,407 that same user. This is commonly done on 1193 00:43:54,407 --> 00:43:56,641 smartphones now. In fact, a lot of the 1194 00:43:56,641 --> 00:43:58,329 protections that are on smartphones phones really should 1195 00:43:58,329 --> 00:44:00,717 be migrated to desktop computers. They're pretty good. 1196 00:44:01,275 --> 00:44:02,787 So there are things that can be done. 1197 00:44:02,946 --> 00:44:05,197 There are mitigation strategies. There are 1198 00:44:05,588 --> 00:44:07,659 some steps that could make this better that 1199 00:44:07,738 --> 00:44:09,411 I think they should do. And it actually 1200 00:44:09,411 --> 00:44:11,242 kinda sounds like they might be doing them. 1201 00:44:11,561 --> 00:44:14,442 So after complaining after complaining about it, and 1202 00:44:14,442 --> 00:44:17,248 complaining about the way it was presented and 1203 00:44:17,861 --> 00:44:20,088 something that was brought up 5 or 6 1204 00:44:20,088 --> 00:44:22,155 years ago that they're finally just now addressing. 1205 00:44:22,314 --> 00:44:24,239 They are addressing it, And they're basically taking 1206 00:44:24,239 --> 00:44:26,473 this person's advice. Now it is possible. I 1207 00:44:26,473 --> 00:44:28,068 mean, I'm a software I've seen this happen. 1208 00:44:28,228 --> 00:44:30,702 It's possible for software companies of have any 1209 00:44:30,702 --> 00:44:30,941 size. 1210 00:44:31,673 --> 00:44:32,950 For things like this to just slip through 1211 00:44:32,950 --> 00:44:34,944 the cracks. Mistakes are made, people are human. 1212 00:44:35,502 --> 00:44:37,177 When this was first brought up in 20 1213 00:44:37,177 --> 00:44:39,171 18, some of these stand sandbox boxing and 1214 00:44:39,171 --> 00:44:42,219 other integration strategies probably didn't exist. And that 1215 00:44:42,219 --> 00:44:44,616 not trying to excuse this. Signal needs to 1216 00:44:44,616 --> 00:44:46,374 do better. They are the gold standard for 1217 00:44:46,374 --> 00:44:47,813 this as far as I'm concerned, I will 1218 00:44:47,813 --> 00:44:50,290 still recommend them, especially just for regular people 1219 00:44:50,290 --> 00:44:52,217 like you and me. But they need to 1220 00:44:52,217 --> 00:44:54,682 be making their stuff better constantly, and they 1221 00:44:54,682 --> 00:44:57,625 need to be receptive and responsive to criticism 1222 00:44:57,625 --> 00:44:59,692 like this, even when it's not done in, 1223 00:44:59,772 --> 00:45:00,726 you know, the best way. 1224 00:45:01,378 --> 00:45:03,365 So if you are in a high risk 1225 00:45:03,365 --> 00:45:06,092 category and you're using signal as a desktop 1226 00:45:06,149 --> 00:45:07,501 app. Well, first of all, you could... First 1227 00:45:07,501 --> 00:45:08,852 thing you could do is not use it 1228 00:45:08,852 --> 00:45:10,363 as a desktop app anymore, just use it 1229 00:45:10,363 --> 00:45:10,974 under Smartphone 1230 00:45:11,412 --> 00:45:12,684 But if you do use it under on 1231 00:45:12,684 --> 00:45:13,956 your desktop app and you link it to 1232 00:45:13,956 --> 00:45:16,104 your account, you might wanna set, you know, 1233 00:45:16,263 --> 00:45:18,410 just pairing messages so that the data is 1234 00:45:18,410 --> 00:45:18,648 deleted, 1235 00:45:19,841 --> 00:45:20,659 consistent basis 1236 00:45:21,365 --> 00:45:22,713 Obviously, you wanna make sure that your hard 1237 00:45:22,713 --> 00:45:24,538 drive is encrypted. You wanna be using the 1238 00:45:24,538 --> 00:45:26,123 latest version of signal because it sounds like 1239 00:45:26,123 --> 00:45:28,106 they might actually be putting some mitigation strategies 1240 00:45:28,106 --> 00:45:30,114 in soon. But otherwise, you need to follow 1241 00:45:30,114 --> 00:45:31,414 some very careful 1242 00:45:31,954 --> 00:45:33,875 Internet hygiene and computer hygiene to make sure 1243 00:45:33,875 --> 00:45:35,715 that you don't get infected because once you 1244 00:45:35,715 --> 00:45:36,755 get malware in your system, 1245 00:45:37,649 --> 00:45:39,565 you know, it's really, really hard to protect 1246 00:45:39,565 --> 00:45:41,800 it. Signal should do what they can, but 1247 00:45:41,959 --> 00:45:44,434 I don't consider it signals fault. If you 1248 00:45:44,434 --> 00:45:45,870 manage to get it infected by something else, 1249 00:45:46,030 --> 00:45:48,120 they there's a lot of different ways they 1250 00:45:48,120 --> 00:45:49,397 can try to get it your signal data. 1251 00:45:49,956 --> 00:45:52,350 No matter what protections signal tries to put 1252 00:45:52,350 --> 00:45:54,719 on it. End day end encryption is exactly 1253 00:45:55,077 --> 00:45:57,694 between the 2 endpoints, it is extremely secure. 1254 00:45:58,091 --> 00:46:00,391 But at the endpoints, by necessity, it needs 1255 00:46:00,391 --> 00:46:02,394 to be uni uninterrupted, so that the people 1256 00:46:02,394 --> 00:46:04,632 at either end could actually, you know, write 1257 00:46:04,632 --> 00:46:05,751 and read the messages. 1258 00:46:06,230 --> 00:46:08,068 And that means that if the endpoint is 1259 00:46:08,068 --> 00:46:08,568 compromised, 1260 00:46:09,107 --> 00:46:11,505 then that data is potentially vulnerable. 1261 00:46:11,918 --> 00:46:13,532 So act accordingly and 1262 00:46:14,305 --> 00:46:17,032 bake that into your threat models and 1263 00:46:17,487 --> 00:46:18,282 security strategies. 1264 00:46:18,934 --> 00:46:20,695 Oh, 1 more quick comment about this. The 1265 00:46:20,695 --> 00:46:22,934 whole thing about cl, the messages and taking 1266 00:46:22,934 --> 00:46:25,255 them to a different machine and having signaled 1267 00:46:25,255 --> 00:46:26,375 not call that out. 1268 00:46:27,502 --> 00:46:28,931 I would hope that signal would be able 1269 00:46:28,931 --> 00:46:30,463 to... If they haven't 1270 00:46:30,914 --> 00:46:31,788 built this in already, 1271 00:46:32,661 --> 00:46:34,803 defeat this particular situation. I mean, this is 1272 00:46:34,803 --> 00:46:37,277 another tricky thing. Like, let's say, I'm trying 1273 00:46:37,277 --> 00:46:38,704 to spy on somebody. I know that you 1274 00:46:38,704 --> 00:46:39,021 signal. 1275 00:46:39,735 --> 00:46:41,162 I managed to get access to the device 1276 00:46:41,162 --> 00:46:42,669 either through malware directly. 1277 00:46:43,318 --> 00:46:45,224 Getting into their account on the device, and 1278 00:46:45,382 --> 00:46:47,764 I do this. I copy off all of 1279 00:46:47,764 --> 00:46:49,431 their signal data. Okay. Great. I've got that. 1280 00:46:49,670 --> 00:46:50,805 But maybe they have 1281 00:46:51,114 --> 00:46:53,110 you know, the message is being deleted right 1282 00:46:53,110 --> 00:46:55,185 away or the on a very short term 1283 00:46:55,185 --> 00:46:57,101 basis. If I... Still... If I can copy 1284 00:46:57,101 --> 00:46:59,416 this data off of that machine to another 1285 00:46:59,416 --> 00:46:59,735 machine, 1286 00:47:00,308 --> 00:47:01,735 All of a sudden, that other machine is 1287 00:47:01,735 --> 00:47:04,376 basically a new signal client for that user 1288 00:47:04,590 --> 00:47:06,811 automatically logged in and good to go, and 1289 00:47:06,811 --> 00:47:08,731 now I can, you know, watch the messages 1290 00:47:08,731 --> 00:47:10,083 that go back and forth on that account. 1291 00:47:10,560 --> 00:47:13,185 And signal wouldn't call that out as a 1292 00:47:13,185 --> 00:47:14,776 new device. Like, hey, that's weird. 1293 00:47:15,430 --> 00:47:17,190 You know, maybe there's some ids buried in 1294 00:47:17,190 --> 00:47:18,710 there, but I'm like, I'm seeing this Id 1295 00:47:18,710 --> 00:47:20,949 twice. That's that's strange. I should call that 1296 00:47:20,949 --> 00:47:22,630 out. So that's something else is signal I 1297 00:47:22,630 --> 00:47:23,910 think needs to address here. 1298 00:47:24,804 --> 00:47:26,641 Alright. 1 more kind of controversial story here, 1299 00:47:26,801 --> 00:47:28,559 and then we'll, get to some lighter fare. 1300 00:47:29,438 --> 00:47:31,275 And and this is directly from Mozilla. 1301 00:47:31,849 --> 00:47:33,203 It's part of a press release they just 1302 00:47:33,203 --> 00:47:35,035 put out, and it's something that I either 1303 00:47:35,035 --> 00:47:37,425 mister or forgot about, but it's something they're 1304 00:47:37,425 --> 00:47:38,960 calling privacy preserving 1305 00:47:39,655 --> 00:47:43,168 attribution, and it's about a supposedly privacy preserving 1306 00:47:43,168 --> 00:47:44,304 way to do 1307 00:47:44,915 --> 00:47:45,415 track 1308 00:47:46,582 --> 00:47:48,487 ads. So anyway, let me let me read 1309 00:47:48,487 --> 00:47:49,282 this and I'll give a comment. 1310 00:47:50,648 --> 00:47:53,842 Privacy preserving attribution is an experimental feature in 1311 00:47:54,001 --> 00:47:56,556 Firefox version 01:28, which by the way just 1312 00:47:56,556 --> 00:47:58,950 came out. Mozilla is prototyping this feature in 1313 00:47:58,950 --> 00:48:01,684 order to form an emerging web standard designed 1314 00:48:01,684 --> 00:48:04,505 to help sites understand how their ads perform 1315 00:48:04,885 --> 00:48:08,019 without collecting data about individual people. By offering 1316 00:48:08,019 --> 00:48:10,420 sites a non invasive alternative to cross site 1317 00:48:10,420 --> 00:48:13,059 tracking, we hope to achieve a significant reduction 1318 00:48:13,059 --> 00:48:14,900 in this harmful practice across the web. 1319 00:48:15,871 --> 00:48:18,337 Attribution is how advertisers learn whether their advertising 1320 00:48:18,337 --> 00:48:18,576 works. 1321 00:48:19,610 --> 00:48:21,837 Attribution measures how many people saw an add 1322 00:48:21,837 --> 00:48:23,610 on a web site, and then later visited 1323 00:48:23,610 --> 00:48:26,410 the advertisers website to do something the advertiser 1324 00:48:26,410 --> 00:48:29,289 cared about. For example, maybe someone sees ad 1325 00:48:29,289 --> 00:48:31,223 for a sale on a product, and then 1326 00:48:31,223 --> 00:48:31,941 buys that product. 1327 00:48:32,818 --> 00:48:35,052 Attribution counts how many people do that. 1328 00:48:36,090 --> 00:48:37,765 Attribution is very important to advertisers. 1329 00:48:38,340 --> 00:48:40,519 Sadly, tracking is the only way to perform 1330 00:48:40,660 --> 00:48:42,260 attribution without help from the browser. 1331 00:48:42,980 --> 00:48:45,434 Tracking is terrible for privacy because it gives 1332 00:48:45,554 --> 00:48:47,949 it is detailed information about what you do 1333 00:48:47,949 --> 00:48:50,981 online. While Firefox includes many privacy protections that 1334 00:48:50,981 --> 00:48:52,577 make it more difficult for sites to track 1335 00:48:52,577 --> 00:48:53,215 you online, 1336 00:48:53,789 --> 00:48:57,469 like enhanced tracking protection, total cookie protection, query 1337 00:48:57,469 --> 00:48:59,150 parameter stripping and many other measures, 1338 00:48:59,710 --> 00:49:02,122 there's a huge incentive for sites to find 1339 00:49:02,122 --> 00:49:04,534 ways around these in order to perform 1340 00:49:04,911 --> 00:49:06,983 attribution. Our hope is that if we develop 1341 00:49:06,983 --> 00:49:10,103 a good attribution solution, it will offer a 1342 00:49:10,103 --> 00:49:13,203 real alternative to more objection practices like tracking. 1343 00:49:13,680 --> 00:49:15,429 We are currently testing this approach to see 1344 00:49:15,429 --> 00:49:17,576 if it can provide advertisers with the information 1345 00:49:17,576 --> 00:49:18,291 they're looking for. 1346 00:49:19,182 --> 00:49:22,773 P doesn't involve websites tracking you. Instead, your 1347 00:49:22,773 --> 00:49:26,179 browser is in control. This means strong privacy 1348 00:49:26,299 --> 00:49:29,010 safeguards including the option to not participate, and 1349 00:49:29,090 --> 00:49:30,605 I'll come back to that important point in 1350 00:49:30,605 --> 00:49:33,555 a second. P is enabled in Firefox starting 1351 00:49:33,555 --> 00:49:34,911 in version 01:28. 1352 00:49:35,563 --> 00:49:37,318 A small number of sites are going to 1353 00:49:37,318 --> 00:49:39,891 test this and provide feedback to inform our 1354 00:49:40,188 --> 00:49:42,500 standardization plans and help us understand if this 1355 00:49:42,500 --> 00:49:43,936 is likely to gain traction. 1356 00:49:44,507 --> 00:49:46,972 P can be disabled in Firefox settings. 1357 00:49:47,528 --> 00:49:49,992 Firefox provides an easy simple option to disable 1358 00:49:49,992 --> 00:49:53,193 the privacy preserving attribution feature if users prefer 1359 00:49:53,193 --> 00:49:54,231 not to participate. 1360 00:49:54,871 --> 00:49:56,708 Websites will not know if you chose to 1361 00:49:56,708 --> 00:49:58,786 opt out in this way. To opt out 1362 00:49:58,786 --> 00:50:00,236 do the following. And the menu bar at 1363 00:50:00,236 --> 00:50:02,250 the top of the screen, click Firefox and 1364 00:50:02,307 --> 00:50:03,923 select preferences or settings 1365 00:50:04,379 --> 00:50:06,530 depending on your Macos version in the privacy 1366 00:50:06,530 --> 00:50:09,913 and security panel, find the website advertising preferences 1367 00:50:10,048 --> 00:50:13,300 section and uncheck the box labeled allow websites 1368 00:50:13,300 --> 00:50:15,918 to perform privacy preserving ad measurements. 1369 00:50:16,648 --> 00:50:18,637 So the press release was longer than that, 1370 00:50:18,716 --> 00:50:20,545 and they get into some other stuff. It 1371 00:50:20,545 --> 00:50:21,818 also provides a link to 1372 00:50:22,375 --> 00:50:24,625 a much more detailed and technical 1373 00:50:25,492 --> 00:50:27,879 breakdown of what this P is actually doing 1374 00:50:27,879 --> 00:50:29,869 under the covers, which I did read through 1375 00:50:29,869 --> 00:50:31,380 and so I will give you my take 1376 00:50:31,380 --> 00:50:32,255 on what I found there. 1377 00:50:33,145 --> 00:50:34,654 First of all, let's state the obvious. 1378 00:50:35,608 --> 00:50:38,331 The way the the the web works today 1379 00:50:38,626 --> 00:50:40,794 is we have an ad based 1380 00:50:41,265 --> 00:50:44,465 quote unquote, free model where, you know, a 1381 00:50:44,465 --> 00:50:47,025 lot of sites don't charge you, and instead 1382 00:50:47,025 --> 00:50:49,184 sell ad space on their sites and make 1383 00:50:49,184 --> 00:50:51,757 money that way. And these ad companies, Google 1384 00:50:51,757 --> 00:50:53,516 and Facebook chief among them, But there are 1385 00:50:53,516 --> 00:50:54,415 there are others 1386 00:50:55,034 --> 00:50:56,713 really want to be able to go back 1387 00:50:56,713 --> 00:50:59,030 to the people advertising with them to give 1388 00:50:59,030 --> 00:51:01,833 them much information as possible about how effective 1389 00:51:01,833 --> 00:51:04,461 their ads are. That is this attribution thing 1390 00:51:04,461 --> 00:51:06,612 that we're talking about. And there's this notion 1391 00:51:06,612 --> 00:51:07,112 of 1392 00:51:07,487 --> 00:51:07,806 impressions, 1393 00:51:08,379 --> 00:51:11,031 and conversions. So an ad impression 1394 00:51:11,568 --> 00:51:12,387 is when 1395 00:51:12,843 --> 00:51:15,713 they can verify that somebody saw 1 of 1396 00:51:15,713 --> 00:51:16,112 your ads. 1397 00:51:17,161 --> 00:51:19,463 Sometimes it also means that they actually clicked 1398 00:51:19,463 --> 00:51:21,210 on 1 of your ads. It's that's it's 1399 00:51:21,210 --> 00:51:23,036 a 2 part thing, But those those are 1400 00:51:23,036 --> 00:51:25,278 ad impressions. Those are Those are the gotcha. 1401 00:51:25,438 --> 00:51:28,074 That is they successfully got their advertisement in 1402 00:51:28,074 --> 00:51:30,072 front of you. And then a conversion is 1403 00:51:30,072 --> 00:51:31,371 that you actually then 1404 00:51:31,922 --> 00:51:33,989 did something based on that ad that they 1405 00:51:33,989 --> 00:51:36,056 wanted you to do. And what that is 1406 00:51:36,056 --> 00:51:37,805 kinda varies depending on what they wanna measure. 1407 00:51:37,964 --> 00:51:40,110 Sometimes it's it's sufficient that you just got 1408 00:51:40,110 --> 00:51:42,588 to their website. Other times, they actually want 1409 00:51:42,588 --> 00:51:44,573 to know that you bought something from their 1410 00:51:44,573 --> 00:51:47,773 website. That is called a conversion. And since 1411 00:51:47,987 --> 00:51:50,947 these things often happen at different times, and 1412 00:51:50,947 --> 00:51:52,062 maybe even different devices, 1413 00:51:52,779 --> 00:51:55,249 they really have a hard time linking those 1414 00:51:55,249 --> 00:51:57,980 2 things together. But they desperately wanna do 1415 00:51:57,980 --> 00:51:58,139 so. 1416 00:51:58,859 --> 00:52:00,859 And and of course, the the classic quote 1417 00:52:00,859 --> 00:52:02,139 here, and I looked this up because I 1418 00:52:02,139 --> 00:52:02,940 wanted to know who said it. 1419 00:52:03,659 --> 00:52:05,119 Was by a guy named John Wanna, 1420 00:52:05,673 --> 00:52:07,658 and he is the creator of what would 1421 00:52:07,658 --> 00:52:09,643 eventually become Macy's, and he said this, like, 1422 00:52:09,723 --> 00:52:11,311 a hunt over a hundred years ago. And 1423 00:52:11,311 --> 00:52:13,296 the quote is half the money I spend 1424 00:52:13,296 --> 00:52:15,778 on advertising is wasted. The trouble is, I 1425 00:52:15,778 --> 00:52:17,697 don't know which half. That is what this 1426 00:52:17,697 --> 00:52:20,173 is trying to address. These people who are 1427 00:52:20,173 --> 00:52:21,532 trying to advertise their products and try to 1428 00:52:21,532 --> 00:52:23,050 get people to then go buy their products. 1429 00:52:24,103 --> 00:52:25,936 Need some way to know if the ads 1430 00:52:25,936 --> 00:52:28,487 they're placing are are working because, you know, 1431 00:52:28,567 --> 00:52:30,639 if they if they put their ad in 1432 00:52:30,639 --> 00:52:31,516 20 different places, 1433 00:52:32,407 --> 00:52:34,077 And only 2 of those places are actually 1434 00:52:34,077 --> 00:52:35,032 bringing in customers, 1435 00:52:35,509 --> 00:52:37,259 then they wanna focus their advertising on those 1436 00:52:37,259 --> 00:52:38,532 2 places and not on the others. 1437 00:52:39,184 --> 00:52:41,741 So this whole attribution thing is crucial for 1438 00:52:41,741 --> 00:52:42,940 somebody who's advertising. 1439 00:52:43,499 --> 00:52:45,417 And again, the way this really works is 1440 00:52:45,417 --> 00:52:47,255 there's people who want to sell products and 1441 00:52:47,255 --> 00:52:49,260 there's places that need to sell advertising space. 1442 00:52:49,419 --> 00:52:51,510 And then there's companies like Google who match 1443 00:52:51,567 --> 00:52:54,644 in between and put those together and and 1444 00:52:54,764 --> 00:52:56,920 know, take money from companies that wanna advertise 1445 00:52:56,920 --> 00:52:58,357 and then give that money to the websites 1446 00:52:58,357 --> 00:53:01,071 when they show ads and convert Yada. That's 1447 00:53:01,071 --> 00:53:02,907 the whole ad marketing thing that's happening here. 1448 00:53:03,465 --> 00:53:03,965 Now 1449 00:53:05,231 --> 00:53:07,216 I was kinda surprised as that Firefox was 1450 00:53:07,216 --> 00:53:10,552 doing this because Firefox is very privacy oriented 1451 00:53:10,552 --> 00:53:11,585 and the the threes reason in that I, 1452 00:53:11,823 --> 00:53:14,940 you know, often recommend them as my favorite 1453 00:53:14,940 --> 00:53:16,293 browser. It's the 1 I use on all 1454 00:53:16,293 --> 00:53:18,283 my devices. And they have gone to great 1455 00:53:18,283 --> 00:53:20,034 lengths to prevent this web tracking, and they... 1456 00:53:20,193 --> 00:53:21,546 Some of their technology is very good at 1457 00:53:21,546 --> 00:53:23,654 it. But these companies are so desperate 1458 00:53:24,110 --> 00:53:26,283 to do this attribution that they 1459 00:53:26,978 --> 00:53:28,811 are it's this constant cat and mouse game 1460 00:53:28,811 --> 00:53:30,404 where they're trying to work around all these 1461 00:53:30,404 --> 00:53:33,454 privacy protections to track you anyway. Now I 1462 00:53:33,454 --> 00:53:35,135 read through the technical diet details of this, 1463 00:53:35,215 --> 00:53:35,855 and it's actually... 1464 00:53:36,494 --> 00:53:37,695 It's certainly in spirit, 1465 00:53:38,335 --> 00:53:40,179 very similar to what Google is trying to 1466 00:53:40,179 --> 00:53:42,006 do with their privacy sandbox and their topics 1467 00:53:42,244 --> 00:53:44,651 Api. They're trying to 1468 00:53:45,740 --> 00:53:48,940 learn more about you in a way that 1469 00:53:48,940 --> 00:53:49,440 doesn't 1470 00:53:50,375 --> 00:53:54,123 impact any particular person's privacy. They're trying to 1471 00:53:54,123 --> 00:53:55,877 basically do a lot of this stuff in 1472 00:53:55,877 --> 00:53:56,356 aggregate. 1473 00:53:56,768 --> 00:53:58,434 And that is what Mozilla is trying to 1474 00:53:58,434 --> 00:54:00,497 do here as well. When I looked into 1475 00:54:00,497 --> 00:54:02,164 this also found out that they're working with 1476 00:54:02,322 --> 00:54:04,306 Meta. In other words, Facebook on this, which 1477 00:54:04,306 --> 00:54:05,074 is another 1478 00:54:05,753 --> 00:54:08,065 another black mark as far as I'm concerned. 1479 00:54:08,225 --> 00:54:10,618 But I understand again, why they're trying to 1480 00:54:10,618 --> 00:54:11,277 do this 1481 00:54:11,655 --> 00:54:13,489 as people are blocking through party cookies and 1482 00:54:13,489 --> 00:54:14,606 trying to block all this tracking, 1483 00:54:15,179 --> 00:54:17,485 they're desperately trying to find something that will 1484 00:54:17,485 --> 00:54:20,132 work that people will allow to work 1485 00:54:20,586 --> 00:54:22,972 so that they can continue with their advertising 1486 00:54:22,972 --> 00:54:24,741 business. They're trying to use some of these 1487 00:54:24,741 --> 00:54:27,613 privacy enhancing technologies, these Pet that we talked 1488 00:54:27,613 --> 00:54:29,209 about last week with our our nap, 1489 00:54:30,087 --> 00:54:30,587 specifically 1490 00:54:31,139 --> 00:54:32,674 Mo mozilla plan is using 1491 00:54:33,050 --> 00:54:36,157 differential privacy and multi party computation. They're trying 1492 00:54:36,157 --> 00:54:37,431 to do this right. And the ups shot 1493 00:54:37,431 --> 00:54:39,263 of what of what these things do. This 1494 00:54:39,263 --> 00:54:42,540 end Google's privacy sandbox is they're trying to 1495 00:54:42,540 --> 00:54:43,597 get the browser 1496 00:54:44,290 --> 00:54:47,791 to record all this information instead of the 1497 00:54:47,791 --> 00:54:50,352 websites you visit and know, recording this information 1498 00:54:50,352 --> 00:54:51,785 via third party cookies and such, 1499 00:54:52,501 --> 00:54:54,889 and keeping it all local to the browser, 1500 00:54:55,048 --> 00:54:56,583 and then have the browser 1501 00:54:56,974 --> 00:54:58,887 in a privacy preserving way, 1502 00:54:59,764 --> 00:55:02,235 aggregate and report this data in such a 1503 00:55:02,235 --> 00:55:05,047 fashion that nobody can figure out specifically 1504 00:55:05,839 --> 00:55:08,336 who that information is about. But in aggregate, 1505 00:55:08,955 --> 00:55:11,352 can see that, okay, you know, of these 1506 00:55:11,352 --> 00:55:13,590 10 websites where I posted this ad, 1507 00:55:14,163 --> 00:55:16,150 2 of them had a very strong conversion 1508 00:55:16,150 --> 00:55:18,137 rate. I don't know who did it. I 1509 00:55:18,137 --> 00:55:19,408 may know a little bit about when, 1510 00:55:20,362 --> 00:55:22,128 but that's about it. And by the way, 1511 00:55:22,367 --> 00:55:24,280 another way, that a... This attribution is often 1512 00:55:24,280 --> 00:55:26,514 done is through these promo codes. You see 1513 00:55:26,514 --> 00:55:28,108 these all the time. Right? Now you'll get 1514 00:55:28,108 --> 00:55:29,783 an email from somebody saying, hey, we're having 1515 00:55:29,783 --> 00:55:31,313 a special this week you bought from us 1516 00:55:31,313 --> 00:55:33,468 before, or you've been on our website many 1517 00:55:33,468 --> 00:55:35,463 times and never bought something. Here's a promo 1518 00:55:35,463 --> 00:55:37,299 code that you can use for the next, 1519 00:55:37,459 --> 00:55:39,156 you know, month or something to buy 1520 00:55:39,709 --> 00:55:40,908 a product and we'll and we'll give you 1521 00:55:40,908 --> 00:55:43,704 a discount. Well, that specific promo code helps 1522 00:55:43,704 --> 00:55:47,221 them attribute the advertising campaign directly, like whoever 1523 00:55:47,221 --> 00:55:48,180 uses that promo code, 1524 00:55:49,230 --> 00:55:51,297 you know, got it hopefully from their advertising 1525 00:55:51,297 --> 00:55:54,081 campaign. Now, course, there are deal coupon sites 1526 00:55:54,081 --> 00:55:55,853 that totally screw that up 1527 00:55:56,228 --> 00:55:56,728 by 1528 00:55:57,119 --> 00:55:58,976 publishing these promo codes 1529 00:55:59,514 --> 00:56:01,909 to everybody. And so that, again, that screws 1530 00:56:01,909 --> 00:56:03,585 up their whole attribution thing to the point 1531 00:56:03,585 --> 00:56:05,262 where a lot of times, once these codes 1532 00:56:05,262 --> 00:56:06,320 show up on those 1533 00:56:06,634 --> 00:56:09,587 deal coupon sites, they're canceled immediately because they're 1534 00:56:09,587 --> 00:56:11,742 now useless to them. The whole point of 1535 00:56:11,742 --> 00:56:13,817 the promo code was to help them figure 1536 00:56:13,817 --> 00:56:14,317 out 1537 00:56:15,027 --> 00:56:17,407 how to attribute the impression with the conversion. 1538 00:56:18,200 --> 00:56:19,549 Alright. Just a couple more notes about this. 1539 00:56:19,707 --> 00:56:21,794 So so far, this appears to only 1540 00:56:22,103 --> 00:56:24,644 handle the attribution aspect. Obviously, there's a lot 1541 00:56:24,644 --> 00:56:26,972 more to advertising that Google and Facebook offer 1542 00:56:27,822 --> 00:56:31,014 about very detailed demographics on people that are 1543 00:56:31,014 --> 00:56:32,918 looking at and buying their products. That is 1544 00:56:32,918 --> 00:56:34,266 not included in this whatsoever. 1545 00:56:34,663 --> 00:56:36,408 Also, this is a very limited trial. There's 1546 00:56:36,408 --> 00:56:37,305 only certain 1547 00:56:38,092 --> 00:56:40,565 websites that are even participating in this. It 1548 00:56:40,565 --> 00:56:42,319 is also not the full solution. They are 1549 00:56:42,319 --> 00:56:43,856 just testing part of this technology. 1550 00:56:44,393 --> 00:56:45,748 And also, I have to think that ad 1551 00:56:45,748 --> 00:56:46,886 blockers would completely 1552 00:56:47,358 --> 00:56:49,115 screw up this whole process because you're not 1553 00:56:49,115 --> 00:56:50,392 being showed the ads in the first place. 1554 00:56:50,871 --> 00:56:52,547 But if you're interested in the details, if 1555 00:56:52,547 --> 00:56:53,984 you really wanna dig into it, there are 1556 00:56:53,984 --> 00:56:55,421 links in the show notes that take you 1557 00:56:55,421 --> 00:56:55,661 to, 1558 00:56:56,871 --> 00:56:57,690 Mo mozilla is 1559 00:56:58,145 --> 00:57:00,532 more detailed description of this. It's it's it's 1560 00:57:00,532 --> 00:57:02,204 worth a rate. It's not super long. But 1561 00:57:02,363 --> 00:57:03,636 I'm gonna be keeping an eye on this. 1562 00:57:04,608 --> 00:57:06,443 And I will let you know what I 1563 00:57:06,443 --> 00:57:07,720 find. And the devil's is always in the 1564 00:57:07,720 --> 00:57:09,635 details. I'll be very interested to see what 1565 00:57:09,635 --> 00:57:10,614 other people think 1566 00:57:11,151 --> 00:57:12,996 about this and if they could find ways 1567 00:57:12,996 --> 00:57:14,427 to break it. If they can find ways 1568 00:57:14,427 --> 00:57:14,927 to 1569 00:57:15,539 --> 00:57:17,470 manipulate the system to still 1570 00:57:17,844 --> 00:57:19,036 track individual people. 1571 00:57:19,688 --> 00:57:21,597 Like, for example, looking at the technical details, 1572 00:57:21,755 --> 00:57:24,005 there's there's an ad campaign Id 1573 00:57:24,380 --> 00:57:25,892 that's recorded. If you were to give up 1574 00:57:25,892 --> 00:57:27,578 a particular their Id per person, that then 1575 00:57:27,658 --> 00:57:29,011 I would think you could track them. No 1576 00:57:29,011 --> 00:57:30,682 matter what you did to try to hide 1577 00:57:30,682 --> 00:57:32,990 their identity. But I wanna make 2 other 1578 00:57:32,990 --> 00:57:34,423 points at At a much higher level. 1579 00:57:35,458 --> 00:57:35,776 First of all, 1580 00:57:36,588 --> 00:57:38,181 this really kinda is the holy grail. This... 1581 00:57:38,659 --> 00:57:40,832 We... If we're going to say 1582 00:57:41,288 --> 00:57:43,997 that we want to have this ad driven 1583 00:57:43,997 --> 00:57:46,565 web economy where we have these quote free 1584 00:57:46,565 --> 00:57:48,405 services, and that we pay for them is 1585 00:57:48,405 --> 00:57:49,764 by looking at ads, 1586 00:57:51,045 --> 00:57:51,925 and not blocking them, 1587 00:57:52,484 --> 00:57:54,492 then coming up with some way to do 1588 00:57:54,492 --> 00:57:56,898 that that preserves our privacy 1589 00:57:57,907 --> 00:58:00,630 is a really, really big deal and worth 1590 00:58:00,686 --> 00:58:02,116 trying to figure out. I don't know if 1591 00:58:02,116 --> 00:58:04,840 they'll get there. But, you know, I applaud 1592 00:58:04,840 --> 00:58:05,639 the fact that they're trying. 1593 00:58:06,677 --> 00:58:08,613 On the other hand, Mo mozilla 1594 00:58:08,992 --> 00:58:10,748 is creeping me out that they're doing this 1595 00:58:10,748 --> 00:58:13,500 in the first place. Apparently, They've also recently 1596 00:58:13,559 --> 00:58:15,880 merged with or acquired an ad company. 1597 00:58:16,839 --> 00:58:18,119 You know, and they've gotta make money too. 1598 00:58:18,359 --> 00:58:20,280 I get it. I just don't like they're 1599 00:58:20,280 --> 00:58:22,207 doing it. More than I like that Apple 1600 00:58:22,207 --> 00:58:23,799 has its own ad business either. I think 1601 00:58:23,799 --> 00:58:24,993 they should just leave that alone. Of course, 1602 00:58:25,232 --> 00:58:25,732 Apple's 1603 00:58:26,266 --> 00:58:26,766 making 1604 00:58:27,142 --> 00:58:28,574 more money than just about any other company 1605 00:58:28,574 --> 00:58:29,768 on of the planet, and that is certainly 1606 00:58:29,768 --> 00:58:32,014 not the same as most Mozilla. But also, 1607 00:58:32,253 --> 00:58:32,992 they really 1608 00:58:33,527 --> 00:58:35,679 absolutely should not have turned this on by 1609 00:58:35,679 --> 00:58:38,642 default. I am sure that they needed people 1610 00:58:38,642 --> 00:58:40,156 to do this so they could test it. 1611 00:58:40,475 --> 00:58:42,307 And if they did it as an opt 1612 00:58:42,307 --> 00:58:44,299 in thing, they probably would have gotten no 1613 00:58:44,299 --> 00:58:45,038 uptake whatsoever. 1614 00:58:46,291 --> 00:58:48,297 I understand why they did it. But they 1615 00:58:48,297 --> 00:58:49,331 should not have done it that way. 1616 00:58:50,128 --> 00:58:51,719 So I'm sure we'll have more to say 1617 00:58:51,719 --> 00:58:52,993 about this in the future. I will keep 1618 00:58:52,993 --> 00:58:54,505 an eye on it, and I will report 1619 00:58:54,505 --> 00:58:55,005 back 1620 00:58:55,380 --> 00:58:57,211 as there are new developments. 1621 00:58:58,503 --> 00:59:00,021 Alright. Finally, I was gonna read this article 1622 00:59:00,021 --> 00:59:01,699 from Life factor, but... I'm just gonna summarize 1623 00:59:01,699 --> 00:59:03,297 it actually very quickly. You can... You can 1624 00:59:03,297 --> 00:59:04,415 still find the link in the share notes 1625 00:59:04,415 --> 00:59:06,815 if you want. But basically, Proton has just 1626 00:59:06,815 --> 00:59:09,536 come out with a end to end encrypted 1627 00:59:09,591 --> 00:59:12,606 private version of Google Docs. Something I've been 1628 00:59:12,606 --> 00:59:13,106 wanting 1629 00:59:13,493 --> 00:59:15,956 for so so long. I've only played with 1630 00:59:15,956 --> 00:59:17,228 it a little bit, but it does look, 1631 00:59:17,307 --> 00:59:19,374 you know, very full featured. It's got a 1632 00:59:19,374 --> 00:59:21,440 nice slick interface. It looks very reminiscent of 1633 00:59:21,599 --> 00:59:23,364 Google Docs. Have to play with it some 1634 00:59:23,364 --> 00:59:24,795 more to figure out if there's any major 1635 00:59:24,795 --> 00:59:26,625 features that I like that are missing, but 1636 00:59:26,625 --> 00:59:28,057 it looks pretty good so far, 1637 00:59:28,852 --> 00:59:31,098 but it's it's something that I've been wanting 1638 00:59:31,098 --> 00:59:32,295 for so so long. It's 1 of the 1639 00:59:32,295 --> 00:59:34,150 last few Google services 1640 00:59:34,607 --> 00:59:35,962 that I have not been able to replace. 1641 00:59:36,202 --> 00:59:37,876 So this is a really huge deal for 1642 00:59:37,876 --> 00:59:37,956 me. 1643 00:59:38,768 --> 00:59:40,443 If you have not tried proton at all, 1644 00:59:40,603 --> 00:59:41,958 this might be the thing that, you know, 1645 00:59:42,198 --> 00:59:43,474 gets you to give it a shot. They 1646 00:59:43,474 --> 00:59:45,090 do have a very usable free 1647 00:59:45,547 --> 00:59:47,302 tier that you can start with to play 1648 00:59:47,302 --> 00:59:49,313 play around with But I'm very interested that. 1649 00:59:49,552 --> 00:59:52,189 I have confirmed with Andy, the Ceo that 1650 00:59:52,189 --> 00:59:53,387 he's gonna come back and we're gonna talk 1651 00:59:53,387 --> 00:59:54,686 about this and other 1652 00:59:55,065 --> 00:59:56,996 new things that proton is doing and will 1653 00:59:56,996 --> 00:59:59,951 be doing in the near future. So I'm 1654 00:59:59,951 --> 01:00:01,627 very much looking forward to that. They've come 1655 01:00:01,627 --> 01:00:02,984 out with all all sorts of new stuff. 1656 01:00:03,144 --> 01:00:05,871 They've got the password manager. They've also just 1657 01:00:05,871 --> 01:00:07,543 released a new feature for their password manager 1658 01:00:07,543 --> 01:00:09,771 that allows you to securely share credentials with 1659 01:00:09,771 --> 01:00:10,885 people on a limited basis. 1660 01:00:11,601 --> 01:00:13,689 They're doing some great work. So I'm very 1661 01:00:13,689 --> 01:00:15,287 much looking forward to talking to Andy about 1662 01:00:15,287 --> 01:00:15,686 all that, 1663 01:00:16,565 --> 01:00:17,604 sometime in the next couple months. 1664 01:00:19,203 --> 01:00:21,041 Okay. So let's get to... Alright. So let's 1665 01:00:21,041 --> 01:00:22,652 jump to my tip of the week. And 1666 01:00:22,812 --> 01:00:24,667 I wanna talk to you again about 1667 01:00:25,282 --> 01:00:26,000 blocking ads. 1668 01:00:26,717 --> 01:00:29,188 It's obviously very relevant to something we're talking 1669 01:00:29,188 --> 01:00:31,433 about today. And it's something that I've covered 1670 01:00:31,433 --> 01:00:32,708 on and off over the years, I had 1671 01:00:32,708 --> 01:00:33,925 an older article 1672 01:00:34,859 --> 01:00:36,293 about this that I called on the ethics 1673 01:00:36,293 --> 01:00:38,303 of ad blocking. And I realized, 1674 01:00:38,782 --> 01:00:40,300 as I was doing some research for this, 1675 01:00:41,179 --> 01:00:42,537 that I wrote that almost 8 years ago 1676 01:00:42,537 --> 01:00:44,375 now. It still holds up pretty well actually. 1677 01:00:44,868 --> 01:00:45,983 I wanted to revisit it for the tip 1678 01:00:45,983 --> 01:00:47,336 of the week. And again, if you go 1679 01:00:47,336 --> 01:00:49,803 to firewalls don't dragons, the top blog article 1680 01:00:49,803 --> 01:00:51,474 there is the full length version of this 1681 01:00:51,474 --> 01:00:53,783 with all sorts of helpful links and other 1682 01:00:53,783 --> 01:00:53,942 information. 1683 01:00:54,594 --> 01:00:56,588 I highly recommend that you do that. And 1684 01:00:56,588 --> 01:00:58,343 if you want this information to just come 1685 01:00:58,343 --> 01:00:59,401 to you automatically 1686 01:00:59,778 --> 01:01:01,214 every 2 weeks, you can sign up for 1687 01:01:01,214 --> 01:01:03,128 my newsletter because my blog on my newsletter 1688 01:01:03,128 --> 01:01:05,374 are almost always the same thing. So really 1689 01:01:05,374 --> 01:01:08,557 quickly, ads are obviously, ubiquitous today. 1690 01:01:10,149 --> 01:01:10,649 They're 1691 01:01:11,104 --> 01:01:13,651 often very annoying. I understand that part of 1692 01:01:13,651 --> 01:01:15,338 it. But they're also a privacy risk and 1693 01:01:15,338 --> 01:01:16,453 even a security risk. 1694 01:01:17,090 --> 01:01:19,001 We've already talked about the privacy risks in 1695 01:01:19,001 --> 01:01:20,275 terms of a lot of these ads wanting 1696 01:01:20,275 --> 01:01:22,107 to track you and build these dossier on 1697 01:01:22,107 --> 01:01:23,952 you. But because of the way the ad 1698 01:01:23,952 --> 01:01:24,748 networks work, 1699 01:01:25,304 --> 01:01:27,532 and it's kinda like billboard space available for 1700 01:01:27,532 --> 01:01:30,316 anybody to buy, bad guys often buy that 1701 01:01:30,316 --> 01:01:33,144 space and put up fishing ads or even 1702 01:01:33,285 --> 01:01:35,525 ads that can deliver malware either by clicking 1703 01:01:35,525 --> 01:01:37,125 on them or in some cases just by 1704 01:01:37,125 --> 01:01:39,445 visiting the page. That's less common, but it 1705 01:01:39,445 --> 01:01:42,244 has happened. And so I think everybody is 1706 01:01:42,244 --> 01:01:45,419 perfectly within their rights to block most ads, 1707 01:01:45,896 --> 01:01:47,483 even just the annoying part. I mean, I 1708 01:01:47,642 --> 01:01:49,094 I've seen other people 1709 01:01:49,484 --> 01:01:51,977 browse the web who don't have ad blockers 1710 01:01:52,036 --> 01:01:53,949 installed, and I I just blows my mind. 1711 01:01:54,188 --> 01:01:55,943 I look... Out how can you even deal 1712 01:01:55,943 --> 01:01:58,096 with that? It's just so so annoying. 1713 01:01:58,668 --> 01:02:00,019 So I've been using an ad blocker for 1714 01:02:00,019 --> 01:02:01,155 a long time. And 1715 01:02:01,610 --> 01:02:03,597 as far as the ethics go, yes, these 1716 01:02:03,597 --> 01:02:05,505 websites need to show ads to make money 1717 01:02:05,505 --> 01:02:07,254 and they need money to survive. I get 1718 01:02:07,254 --> 01:02:09,574 that. So you know, there are ways that 1719 01:02:09,574 --> 01:02:13,311 you can certainly disable ad blocking on websites 1720 01:02:13,311 --> 01:02:14,447 that you want to 1721 01:02:15,140 --> 01:02:16,969 access because maybe they block you if you 1722 01:02:16,969 --> 01:02:18,099 don't turn off your blocker, 1723 01:02:18,818 --> 01:02:20,816 or because you wanna support them. You are 1724 01:02:20,816 --> 01:02:22,813 gonna take some risks in doing that, but 1725 01:02:22,813 --> 01:02:24,811 it's often possible to actually view the ads 1726 01:02:24,811 --> 01:02:27,456 and still block the tracking. Which the solutions 1727 01:02:27,536 --> 01:02:29,603 I'm going to give to you today will 1728 01:02:29,603 --> 01:02:30,398 hopefully do for you. 1729 01:02:31,192 --> 01:02:32,385 So there's 2 kind of basic ways that 1730 01:02:32,464 --> 01:02:33,657 I talk about blocking ads. First of all, 1731 01:02:33,816 --> 01:02:35,262 is is in your browser. And the best 1732 01:02:35,262 --> 01:02:37,967 way to do that is to install u 1733 01:02:37,967 --> 01:02:40,592 block origin. There are many ad blockers out 1734 01:02:40,592 --> 01:02:40,672 there, 1735 01:02:41,403 --> 01:02:43,498 it's been called the biggest boycott in history 1736 01:02:43,557 --> 01:02:44,993 because there are so many of them than 1737 01:02:44,993 --> 01:02:46,668 so many people use them, because we all 1738 01:02:46,668 --> 01:02:49,619 hate these horrible horrible annoying ads. But the 1739 01:02:49,619 --> 01:02:51,969 best 1 by far. Bar on 1740 01:02:52,348 --> 01:02:54,505 is U block origin. Now do not confuse 1741 01:02:54,505 --> 01:02:55,464 that with u block. 1742 01:02:56,103 --> 01:02:57,942 This is something I I kinda wish 1 1743 01:02:57,942 --> 01:03:00,114 of these guys would change the names. But 1744 01:03:00,114 --> 01:03:01,635 you block and u block origin are not 1745 01:03:01,635 --> 01:03:03,255 the same thing, and there's a long 1746 01:03:03,635 --> 01:03:06,194 nasty history between those 2 products, the 1 1747 01:03:06,194 --> 01:03:07,154 you want for sure. 1748 01:03:07,809 --> 01:03:09,090 Is you block origin. 1749 01:03:09,730 --> 01:03:11,170 And to get the full benefit of u 1750 01:03:11,170 --> 01:03:12,930 block origin, you need to use a browser 1751 01:03:12,930 --> 01:03:13,590 like Firefox 1752 01:03:14,210 --> 01:03:16,704 because all the Chromium based browser, including Google 1753 01:03:16,784 --> 01:03:19,421 Chrome and Microsoft Edge are now using this 1754 01:03:19,421 --> 01:03:21,838 thing called Manifest v 3, which basically 1755 01:03:22,217 --> 01:03:24,315 prevents U block origin from doing 1756 01:03:24,787 --> 01:03:26,217 what it really needs to do to to 1757 01:03:26,217 --> 01:03:28,283 properly block ads. In fact, they had to 1758 01:03:28,283 --> 01:03:30,666 come up with you block origin light to 1759 01:03:30,666 --> 01:03:32,733 address those browsers because they can no longer 1760 01:03:32,733 --> 01:03:34,265 do what they what they used to be 1761 01:03:34,265 --> 01:03:36,905 able to do. So another reason to switch 1762 01:03:36,905 --> 01:03:37,545 to Firefox. 1763 01:03:38,344 --> 01:03:39,945 Now if you... For some reason, don't like 1764 01:03:39,945 --> 01:03:41,545 you black origin, you can also try Ef 1765 01:03:41,545 --> 01:03:42,585 efs privacy badger, 1766 01:03:43,398 --> 01:03:46,350 or Duck goes privacy essentials. They also do 1767 01:03:46,350 --> 01:03:48,286 similar things. You could theoretically 1768 01:03:48,664 --> 01:03:49,164 install 1769 01:03:49,541 --> 01:03:50,911 2 or 3 of if you wanted to, 1770 01:03:51,070 --> 01:03:52,264 they call kinda do the same thing and 1771 01:03:52,264 --> 01:03:53,378 they do it a little differently. 1772 01:03:54,094 --> 01:03:54,833 They can 1773 01:03:55,367 --> 01:03:56,243 interfere with each other some. 1774 01:03:57,118 --> 01:03:58,789 But from my experience, u block origin is 1775 01:03:58,789 --> 01:03:59,267 all you need. 1776 01:03:59,998 --> 01:04:01,352 And u black origin has got a lot 1777 01:04:01,352 --> 01:04:03,126 of other really cool features, 1778 01:04:03,661 --> 01:04:05,811 that let you get rid of, other pop 1779 01:04:05,811 --> 01:04:07,722 ups and things that's got this little zap 1780 01:04:07,722 --> 01:04:09,811 feature you know, when something pops over and 1781 01:04:09,811 --> 01:04:11,168 you just... And you visit that site all 1782 01:04:11,168 --> 01:04:12,606 the time, you're tired are seeing the pop 1783 01:04:12,606 --> 01:04:15,001 up saying, subscribe to my newsletter, you can 1784 01:04:15,001 --> 01:04:16,996 actually with u block origins zap those, so 1785 01:04:16,996 --> 01:04:18,846 they're never shown again. Which is wonderful. 1786 01:04:19,324 --> 01:04:20,678 But the other 1 I wanna spend more 1787 01:04:20,678 --> 01:04:21,873 time on today is what I don't talk 1788 01:04:21,873 --> 01:04:24,285 about as much. And that is blocking ads 1789 01:04:24,422 --> 01:04:27,785 using Dns or the domain name system. So 1790 01:04:27,785 --> 01:04:30,025 again, the domain system is kinda like the 1791 01:04:30,025 --> 01:04:32,045 phone book for the Internet. It converts 1792 01:04:32,425 --> 01:04:33,385 names to numbers, 1793 01:04:33,864 --> 01:04:34,800 and instead of 1794 01:04:35,239 --> 01:04:38,116 person's names to telephone numbers it converts domain 1795 01:04:38,116 --> 01:04:40,594 names like firewalls don't strap dragons dot com 1796 01:04:40,594 --> 01:04:42,671 to an Ip address like 34 dot 1 1797 01:04:42,671 --> 01:04:44,349 74 dot 87 dot 100. 1798 01:04:44,844 --> 01:04:46,280 That last 1 is something that we don't 1799 01:04:46,280 --> 01:04:48,036 like as humans, but computers, that's what they 1800 01:04:48,036 --> 01:04:49,552 need to to wrap these things. So this 1801 01:04:49,552 --> 01:04:51,388 is the conversion your computer is doing whenever 1802 01:04:51,388 --> 01:04:52,665 it's trying to get to websites. 1803 01:04:53,317 --> 01:04:54,690 And websites with ads 1804 01:04:55,065 --> 01:04:57,869 have all sorts of well known 1805 01:04:58,561 --> 01:04:59,061 advertising 1806 01:04:59,435 --> 01:05:00,253 domain names 1807 01:05:00,800 --> 01:05:03,125 that they go to call out to to, 1808 01:05:03,260 --> 01:05:05,085 you know, to show these ads. So you 1809 01:05:05,085 --> 01:05:07,172 can just intercept that lookup 1810 01:05:07,798 --> 01:05:09,383 And whenever it's for a well known ad 1811 01:05:09,383 --> 01:05:12,079 site, just don't let that route through. And 1812 01:05:12,079 --> 01:05:14,140 then those ads can't show up. Your browser 1813 01:05:14,140 --> 01:05:14,775 can't fetch them. 1814 01:05:15,504 --> 01:05:16,863 1 of the really cool things about using 1815 01:05:17,023 --> 01:05:17,523 Dns 1816 01:05:17,982 --> 01:05:19,820 is that it's not just for your web 1817 01:05:19,820 --> 01:05:21,738 browser. A lot of your apps on your 1818 01:05:21,738 --> 01:05:23,416 computer are also doing the same thing if 1819 01:05:23,416 --> 01:05:25,268 they've got... If it's a free app that 1820 01:05:25,268 --> 01:05:27,095 you've installed in your computer that's ad based, 1821 01:05:27,969 --> 01:05:30,034 it can sometimes block those ads as well. 1822 01:05:30,352 --> 01:05:32,592 But if you go even 1 step up 1823 01:05:32,592 --> 01:05:34,024 in the food chain. If you go up 1824 01:05:34,024 --> 01:05:36,012 to your router, your home router, 1825 01:05:36,649 --> 01:05:39,170 your Wifi at home and and set that 1826 01:05:39,689 --> 01:05:42,986 Dns on that device, which will then propagate 1827 01:05:43,445 --> 01:05:45,443 to all the other devices in your home, 1828 01:05:45,922 --> 01:05:48,320 You can now block ads for everything within 1829 01:05:48,320 --> 01:05:48,880 your home network. 1830 01:05:49,533 --> 01:05:51,448 Now there can be exceptions to that. Each 1831 01:05:51,448 --> 01:05:52,826 device in your home could 1832 01:05:53,362 --> 01:05:53,862 theoretically 1833 01:05:54,400 --> 01:05:56,963 define its own Dns server, but generally, the 1834 01:05:56,963 --> 01:05:58,391 way it works is when these devices come 1835 01:05:58,391 --> 01:05:59,660 up and asked to get on the network, 1836 01:06:00,056 --> 01:06:02,118 part of the information provided by the router 1837 01:06:02,118 --> 01:06:03,863 other than the Ip address to use locally, 1838 01:06:04,355 --> 01:06:05,793 is also, hey. When you wanna do a 1839 01:06:05,873 --> 01:06:08,030 Dns query, here's where you should send it. 1840 01:06:08,270 --> 01:06:09,948 Usually, that's to the router and then the 1841 01:06:09,948 --> 01:06:12,105 router sends it on to wherever they wanna 1842 01:06:12,105 --> 01:06:12,345 do it. 1843 01:06:13,079 --> 01:06:15,000 By default, the way that usually works as 1844 01:06:15,000 --> 01:06:16,599 it goes to your Internet service provider. 1845 01:06:17,480 --> 01:06:19,320 And your Internet service provider by the way, 1846 01:06:19,960 --> 01:06:21,900 uses that information to track 1847 01:06:22,213 --> 01:06:24,200 all the websites you go to. And and 1848 01:06:24,200 --> 01:06:25,869 may even be bundling those up and selling 1849 01:06:25,869 --> 01:06:28,413 those to somebody else as well. So another 1850 01:06:28,413 --> 01:06:29,659 great reason to use 1851 01:06:30,338 --> 01:06:33,449 some Dns besides your Internet service providers to 1852 01:06:33,449 --> 01:06:34,109 deny them 1853 01:06:34,726 --> 01:06:36,481 at least a way to easily track where 1854 01:06:36,481 --> 01:06:37,851 you go. They're even if you don't do 1855 01:06:37,931 --> 01:06:39,524 Dns lookup through them, they could still see 1856 01:06:39,524 --> 01:06:40,878 the Ip addresses as you go to and 1857 01:06:40,878 --> 01:06:42,313 they can look those up as well, but 1858 01:06:42,313 --> 01:06:43,667 it's it's not quite a straightforward. 1859 01:06:44,319 --> 01:06:46,654 So within the whole Dns solution, there's 2 1860 01:06:47,192 --> 01:06:48,947 solutions that I'm gonna propose. First of all, 1861 01:06:49,665 --> 01:06:50,622 next Dns. 1862 01:06:51,181 --> 01:06:52,550 There are other ones to do this as 1863 01:06:52,550 --> 01:06:54,641 well, but Next Dns is my favorite. It's 1864 01:06:54,858 --> 01:06:57,484 extremely customizable, it's very, very powerful and it 1865 01:06:57,484 --> 01:06:58,996 just works like a charm. 1866 01:06:59,568 --> 01:07:00,386 So Next 1867 01:07:00,840 --> 01:07:02,748 has a free version, but it's limited to 1868 01:07:02,748 --> 01:07:04,338 how many queries you could do per month. 1869 01:07:04,974 --> 01:07:06,326 I just pay for it. It's not that 1870 01:07:06,326 --> 01:07:07,677 expensive. I think it's like, 50 bucks a 1871 01:07:07,677 --> 01:07:09,842 year or something like that. And when I 1872 01:07:09,842 --> 01:07:11,378 set my home router to 1873 01:07:11,755 --> 01:07:13,909 use that Dns, and so every device in 1874 01:07:13,909 --> 01:07:16,143 my house then uses next Dns for dns, 1875 01:07:16,462 --> 01:07:18,376 I get ad blocking on every device in 1876 01:07:18,376 --> 01:07:19,666 my home. Is fantastic. 1877 01:07:20,382 --> 01:07:21,976 Now for devices that can leave my home, 1878 01:07:22,135 --> 01:07:24,365 like my smartphone and my laptop, you could 1879 01:07:24,365 --> 01:07:27,232 also configure Dns directly on those devices, 1880 01:07:28,201 --> 01:07:30,185 to use Next Dns as well. And if 1881 01:07:30,185 --> 01:07:31,535 you go to the Next dns site, they've 1882 01:07:31,535 --> 01:07:33,757 got a really nice, listing there for how 1883 01:07:33,757 --> 01:07:35,821 to set set up Next Dns at all 1884 01:07:35,821 --> 01:07:38,536 those devices, In some cases you download this 1885 01:07:38,536 --> 01:07:40,125 profile and it's just a matter double clicking 1886 01:07:40,125 --> 01:07:42,293 this profile and and your 1887 01:07:42,667 --> 01:07:44,018 operating system saying, are you sure you wanna 1888 01:07:44,018 --> 01:07:44,891 do this and you say, yes, 1889 01:07:45,622 --> 01:07:48,087 And then now you're using that Dns. It's 1890 01:07:48,087 --> 01:07:50,313 actually gotten pretty simple. And then you can 1891 01:07:50,313 --> 01:07:51,824 go to the next Dns dashboard and get 1892 01:07:51,824 --> 01:07:52,937 also is a really cool. 1893 01:07:53,908 --> 01:07:55,583 Analytics to see how many ads you've blocked 1894 01:07:55,583 --> 01:07:57,417 and where they're coming from and things like 1895 01:07:57,417 --> 01:08:00,448 that. It's really neat. Tech, which is a 1896 01:08:00,448 --> 01:08:02,703 fantastic website and Henry and those guys are 1897 01:08:02,761 --> 01:08:04,127 some of my favorite privacy people. 1898 01:08:05,157 --> 01:08:06,449 They have done a really 1899 01:08:06,821 --> 01:08:10,150 detailed next Dns video. It's about 40 minutes 1900 01:08:10,150 --> 01:08:10,388 long. 1901 01:08:11,199 --> 01:08:11,918 I've got a link to it in and 1902 01:08:11,918 --> 01:08:14,395 show notes that's well worth the watch. Because 1903 01:08:14,474 --> 01:08:16,552 Next Dns does so much more than just 1904 01:08:16,552 --> 01:08:17,910 had add in tracker blocking. 1905 01:08:18,484 --> 01:08:20,470 So that's option 1. Now if you're a 1906 01:08:20,470 --> 01:08:21,821 do it yourself or if you're a hobby, 1907 01:08:21,979 --> 01:08:22,877 if you like to 1908 01:08:23,331 --> 01:08:25,238 mu around with computers and electronics, 1909 01:08:26,050 --> 01:08:28,850 Another solution that's kinda similar is a project 1910 01:08:28,850 --> 01:08:29,729 called Pi hole. 1911 01:08:30,369 --> 01:08:32,210 And that's PIH0LE, 1912 01:08:32,369 --> 01:08:34,623 pie like the the Greek letter. Because it's 1913 01:08:34,623 --> 01:08:37,657 based on the Raspberry pie mini computer. And 1914 01:08:37,657 --> 01:08:39,173 you could buy a raspberry pie for about 1915 01:08:39,173 --> 01:08:41,249 35 bucks, but you'll also need to buy 1916 01:08:41,249 --> 01:08:42,527 a power supply and a case and an 1917 01:08:42,606 --> 01:08:44,538 Sd card if it'll run you maybe a 1918 01:08:44,538 --> 01:08:45,896 hundred bucks when it's all said and done. 1919 01:08:46,296 --> 01:08:48,553 But basically, you set up this little dedicated 1920 01:08:48,932 --> 01:08:51,030 Dns server in your house 1921 01:08:51,502 --> 01:08:53,487 and then you point your router to that 1922 01:08:53,487 --> 01:08:55,711 for Dns lookup ups. Effectively, it does the 1923 01:08:55,711 --> 01:08:56,981 same thing, and it's also got some fun 1924 01:08:56,981 --> 01:08:58,728 dashboards and things. It's a little more involved, 1925 01:08:58,886 --> 01:09:00,157 You know, hey, if you don't wanna pay 1926 01:09:00,157 --> 01:09:03,111 in an ongoing subscription for next Dns, and 1927 01:09:03,111 --> 01:09:04,382 you wanna, you know, have all little funnel 1928 01:09:04,382 --> 01:09:04,938 order project. 1929 01:09:05,812 --> 01:09:07,322 That is a cool way to go. The 1930 01:09:07,322 --> 01:09:09,045 only thing... The only downside of that is 1931 01:09:09,163 --> 01:09:10,511 for your devices that leave your home. 1932 01:09:11,384 --> 01:09:13,287 It's kinda harder to use that pie. You 1933 01:09:13,287 --> 01:09:15,904 can set up, you know, Vpn connections back 1934 01:09:15,904 --> 01:09:16,801 to your home 1935 01:09:17,429 --> 01:09:20,386 router that peek into your raspberry pie, but 1936 01:09:20,386 --> 01:09:22,783 that's that's a pain in the butt. So 1937 01:09:22,783 --> 01:09:24,541 anyway, I have migrated to Next dns and 1938 01:09:24,621 --> 01:09:25,180 I have loved it. 1939 01:09:26,152 --> 01:09:27,660 But if you wanna, you know, get little 1940 01:09:27,660 --> 01:09:29,090 more geek and try something on your own, 1941 01:09:29,328 --> 01:09:30,440 check out the pie hole project. 1942 01:09:31,234 --> 01:09:33,061 So there are a couple caveats and garages 1943 01:09:33,061 --> 01:09:35,305 to this whole thing. When you start introducing 1944 01:09:35,305 --> 01:09:36,978 things like e block origin or next dns, 1945 01:09:37,137 --> 01:09:39,051 either 1 of them. They start blocking things, 1946 01:09:39,210 --> 01:09:41,441 and some websites just do not like that. 1947 01:09:42,013 --> 01:09:43,844 Some will detect that you are trying to 1948 01:09:43,844 --> 01:09:46,231 block ads and complain, and they'll either not 1949 01:09:46,231 --> 01:09:48,380 let you into their site until you've disabled 1950 01:09:48,380 --> 01:09:50,210 your ad blocker or sometimes they'll just pop 1951 01:09:50,210 --> 01:09:51,739 up a warning and if You kinda have 1952 01:09:51,739 --> 01:09:53,577 to look for the the little hidden link 1953 01:09:53,577 --> 01:09:56,054 that says, continue this time, and I promise 1954 01:09:56,054 --> 01:09:58,611 next time, I'll I'll block my ads. They're 1955 01:09:58,611 --> 01:10:00,538 all a little bit different. But some websites, 1956 01:10:00,697 --> 01:10:03,158 they just outright break. Like, things just don't 1957 01:10:03,158 --> 01:10:05,383 work. Like, whoever design that webpage page did 1958 01:10:05,383 --> 01:10:07,551 not take into account the fact that somebody 1959 01:10:08,339 --> 01:10:10,337 might go to the trouble of blocking certain 1960 01:10:10,337 --> 01:10:13,453 elements of that page from loading. So some 1961 01:10:13,453 --> 01:10:15,372 websites were just not function. Like, they won't 1962 01:10:15,372 --> 01:10:17,290 load at all, or they're partially load or 1963 01:10:17,290 --> 01:10:19,054 you'll They look like they load, but then 1964 01:10:19,054 --> 01:10:20,164 you go to fill out a form or 1965 01:10:20,164 --> 01:10:21,434 click a button and nothing happens. 1966 01:10:21,989 --> 01:10:23,575 You'll need to be aware that when you're 1967 01:10:23,575 --> 01:10:24,710 using these kind of 1968 01:10:25,241 --> 01:10:27,484 technologies, it can cause things like that to 1969 01:10:27,484 --> 01:10:28,918 happen and you're gonna have to do some 1970 01:10:28,918 --> 01:10:31,946 debugging. You can actually pretty easily just turn 1971 01:10:31,946 --> 01:10:34,271 off you block origin for example on any 1972 01:10:34,271 --> 01:10:36,498 given website either temporarily or permanently, 1973 01:10:36,896 --> 01:10:38,168 and then reload the page and see if 1974 01:10:38,168 --> 01:10:39,362 it works, and then you'll know that was 1975 01:10:39,362 --> 01:10:42,167 the problem. If it's next Dns, however, you're 1976 01:10:42,167 --> 01:10:43,365 actually gonna have to log into your Next 1977 01:10:43,365 --> 01:10:45,922 dns account. Look at the logs. It'll show 1978 01:10:45,922 --> 01:10:47,440 you like, live, 1979 01:10:48,254 --> 01:10:50,090 updates of what was recently blocked and why. 1980 01:10:50,809 --> 01:10:52,485 And, you know, you may find it something 1981 01:10:52,485 --> 01:10:54,401 there. And then from next Dns, you can 1982 01:10:54,401 --> 01:10:56,497 put it on your allow list either temporarily 1983 01:10:56,556 --> 01:10:57,216 or permanently 1984 01:10:57,609 --> 01:10:59,599 and see if that fixes your problem. It 1985 01:10:59,599 --> 01:11:01,748 sounds bad and it can be frustrating. It 1986 01:11:01,748 --> 01:11:03,420 doesn't happen that often. I just want you 1987 01:11:03,420 --> 01:11:05,489 to be aware that it can happen when 1988 01:11:05,489 --> 01:11:07,001 you're doing this sorts of blocking. 1989 01:11:07,574 --> 01:11:08,852 Now by the way, there's no reason you 1990 01:11:08,852 --> 01:11:10,690 can't do both. I do both. I have 1991 01:11:10,690 --> 01:11:12,927 both do black origin and next Dns. They 1992 01:11:12,927 --> 01:11:15,015 do different things in different ways. They don't 1993 01:11:15,015 --> 01:11:16,996 really interfere with each other, it just does 1994 01:11:16,996 --> 01:11:18,185 mean that if you have to debug now, 1995 01:11:18,264 --> 01:11:20,007 you've got check both those as possible sources 1996 01:11:20,007 --> 01:11:20,483 of the problem. 1997 01:11:21,116 --> 01:11:22,724 1 more thing I will add is that 1998 01:11:22,724 --> 01:11:24,561 if you use a Vpn, a lot of 1999 01:11:24,561 --> 01:11:26,239 times your Vpn service will have its own 2000 01:11:26,239 --> 01:11:27,358 dedicated Dns service. 2001 01:11:28,317 --> 01:11:30,748 So unless you do some kinda tricky 2002 01:11:31,364 --> 01:11:34,237 configurations. When you're using a Vpn, often that 2003 01:11:34,237 --> 01:11:36,470 means you're not using next Dns, But, you 2004 01:11:36,470 --> 01:11:38,145 know, if you're using you v block origin, 2005 01:11:38,304 --> 01:11:40,395 then you're still gonna get that protection. You're 2006 01:11:40,395 --> 01:11:42,074 just not gonna get the Next Dns protection. 2007 01:11:42,635 --> 01:11:43,994 In fact, a lot of times I actually 2008 01:11:43,994 --> 01:11:44,814 use this 2009 01:11:45,194 --> 01:11:45,694 fact 2010 01:11:45,994 --> 01:11:48,494 that the Vpn doesn't use Next dns because 2011 01:11:48,635 --> 01:11:50,649 oftentimes what I'm like, in a newsletter or 2012 01:11:50,649 --> 01:11:51,710 somebody sends me 2013 01:11:52,570 --> 01:11:53,070 form 2014 01:11:53,609 --> 01:11:55,130 email that they sent to a lot of 2015 01:11:55,130 --> 01:11:55,369 people, 2016 01:11:56,010 --> 01:11:59,385 the services that send mass mailing often replace 2017 01:11:59,385 --> 01:12:02,284 whatever links are in that email with special 2018 01:12:02,344 --> 01:12:04,264 redirect links because they wanna know who clicked 2019 01:12:04,264 --> 01:12:05,144 on what and when. 2020 01:12:05,957 --> 01:12:08,205 And those redirect links under the covers 2021 01:12:08,658 --> 01:12:10,328 can be blocked by next Dns. 2022 01:12:10,804 --> 01:12:12,314 So you'll click on the ads and they 2023 01:12:12,314 --> 01:12:14,221 just won't go anywhere. They don't work. 2024 01:12:14,792 --> 01:12:16,778 And so in cases like that, often what 2025 01:12:16,936 --> 01:12:18,207 I'll do is I'll just quickly turn on 2026 01:12:18,207 --> 01:12:20,509 my Vpn and click on it again and 2027 01:12:20,509 --> 01:12:22,017 very often then it will go through and 2028 01:12:22,017 --> 01:12:24,096 then I'll turn my Vpn back off. Yes, 2029 01:12:24,255 --> 01:12:26,478 that means that some analytics somewhere knew that 2030 01:12:26,556 --> 01:12:28,462 I clicked on that link. But in most 2031 01:12:28,462 --> 01:12:30,208 cases, that's all they're looking for is just 2032 01:12:30,208 --> 01:12:31,796 knowing that someone did click it, and that's 2033 01:12:31,796 --> 01:12:34,039 that's fine. So there you have everybody, your 2034 01:12:34,039 --> 01:12:35,555 news and your tip of the week. 2035 01:12:41,297 --> 01:12:43,148 All everybody do it this week. Thank you 2036 01:12:43,148 --> 01:12:43,787 for tuning in. 2037 01:12:44,587 --> 01:12:46,823 A couple quick reminders. First of all, do 2038 01:12:46,823 --> 01:12:49,460 take your questions, Listener our questions, dear carry 2039 01:12:49,460 --> 01:12:49,780 questions. 2040 01:12:50,274 --> 01:12:52,029 You can go to FDSD 2041 01:12:52,029 --> 01:12:53,624 dot me slash QNA. 2042 01:12:54,103 --> 01:12:56,016 That link is in the show notes, or 2043 01:12:56,016 --> 01:12:57,293 you can just send me an email at 2044 01:12:57,293 --> 01:12:59,447 dear carey at firewalls don't stop dragons dot 2045 01:12:59,447 --> 01:13:01,134 com. And that's CAREY. 2046 01:13:01,611 --> 01:13:03,122 So real quick on the book search. First 2047 01:13:03,122 --> 01:13:05,429 of all, again, thank you very very much 2048 01:13:05,429 --> 01:13:07,737 to everybody who participated. I'm sure we sold 2049 01:13:07,737 --> 01:13:09,817 a good number of books, We got very 2050 01:13:09,817 --> 01:13:11,799 close to hitting the top 10. If you're 2051 01:13:11,799 --> 01:13:13,543 curious, I do have some statistics on that 2052 01:13:13,543 --> 01:13:14,257 and some graph. 2053 01:13:15,050 --> 01:13:16,398 I will try to put that up somewhere. 2054 01:13:16,636 --> 01:13:17,926 I'm not maybe I'll add that to the 2055 01:13:17,926 --> 01:13:20,158 bottom of the book search blog post on 2056 01:13:20,158 --> 01:13:22,152 my website. But we got very close to 2057 01:13:22,152 --> 01:13:23,587 the top 10, And I I wanna give 2058 01:13:23,587 --> 01:13:25,261 it 1 more shot. So what I'm gonna 2059 01:13:25,261 --> 01:13:25,761 do 2060 01:13:26,314 --> 01:13:27,595 is for Saturday, 2061 01:13:28,074 --> 01:13:30,175 July twentieth. I'm gonna pick a single 2062 01:13:30,635 --> 01:13:32,175 day. So if you 2063 01:13:32,555 --> 01:13:34,555 missed it last week for some reason or 2064 01:13:34,555 --> 01:13:36,167 didn't get around to doing it, and would 2065 01:13:36,167 --> 01:13:37,201 like to try again. 2066 01:13:37,757 --> 01:13:39,746 Go to amazon dot com and buy a 2067 01:13:39,746 --> 01:13:42,371 copy of my book this Saturday, July twentieth. 2068 01:13:42,863 --> 01:13:44,453 If you are willing to buy more than 2069 01:13:44,453 --> 01:13:47,393 1 copy, currently, Amazon has a 3 for 2070 01:13:47,393 --> 01:13:49,618 the price of 2 sale going on, 2071 01:13:50,349 --> 01:13:51,546 It's not just my book it's other stuff 2072 01:13:51,546 --> 01:13:52,743 too. So I guess actually you might be 2073 01:13:52,743 --> 01:13:54,579 able to use that to buy some other 2074 01:13:54,579 --> 01:13:56,416 books besides mine. But if you wanted to 2075 01:13:56,416 --> 01:13:58,411 buy 3 copies of my book for the 2076 01:13:58,411 --> 01:14:00,259 price of 2, you could give the extra 2077 01:14:00,259 --> 01:14:02,248 copies to friends and family or maybe to 2078 01:14:02,248 --> 01:14:03,283 your local library, 2079 01:14:04,158 --> 01:14:06,147 a local high school library maybe or a 2080 01:14:06,147 --> 01:14:07,898 senior center. That's a great place for this 2081 01:14:07,898 --> 01:14:08,057 book. 2082 01:14:08,867 --> 01:14:10,536 So that... That's a that's a potential option, 2083 01:14:10,695 --> 01:14:12,443 and you could do that. And if you 2084 01:14:12,443 --> 01:14:13,738 can do it on Saturday, 2085 01:14:14,112 --> 01:14:15,781 we'll see if we can't focus all of 2086 01:14:15,781 --> 01:14:17,505 our attention on a single day and give 2087 01:14:17,782 --> 01:14:20,163 1 more shot to crack into the top 2088 01:14:20,163 --> 01:14:20,243 10. 2089 01:14:21,037 --> 01:14:22,545 Because we didn't really hit... We didn't really 2090 01:14:22,545 --> 01:14:24,052 hit the milestones. I did get some extra 2091 01:14:24,052 --> 01:14:27,243 reviews just a handful, which is look, better 2092 01:14:27,243 --> 01:14:27,640 than nothing, 2093 01:14:28,354 --> 01:14:29,703 but it's really, really hard to get reviews. 2094 01:14:29,941 --> 01:14:31,608 I definitely need more. You could still do 2095 01:14:31,608 --> 01:14:33,512 that because I would also like to get 2096 01:14:33,512 --> 01:14:35,675 the average rating my book up. Only went 2097 01:14:35,675 --> 01:14:37,195 up a tenth of a point. I really 2098 01:14:37,195 --> 01:14:38,875 like to get it up higher. So that 2099 01:14:38,875 --> 01:14:40,555 is something else you could do. I don't 2100 01:14:40,555 --> 01:14:42,235 know if doing that on Saturday really counts. 2101 01:14:42,728 --> 01:14:44,160 Actually, I think it takes them, like, even 2102 01:14:44,160 --> 01:14:46,626 24 hours before the review posts. So maybe 2103 01:14:46,626 --> 01:14:47,739 you could do it on Friday. I don't 2104 01:14:47,739 --> 01:14:49,012 know that I even matters as far as 2105 01:14:49,012 --> 01:14:50,853 timing. But that is still something I would 2106 01:14:50,853 --> 01:14:52,518 love to have you do. So we'll give 2107 01:14:52,518 --> 01:14:54,422 that 1 more shot. Because we didn't really 2108 01:14:54,422 --> 01:14:56,246 make the milestones. I'm gonna hold off on 2109 01:14:56,246 --> 01:14:57,278 planning a Zoom call, 2110 01:14:58,250 --> 01:15:00,729 nevertheless, you know, if you did do something 2111 01:15:00,729 --> 01:15:02,409 here, you know, save some evidence of that, 2112 01:15:02,569 --> 01:15:05,130 take a screenshot of your social media post 2113 01:15:05,130 --> 01:15:05,630 or 2114 01:15:06,425 --> 01:15:08,345 your purchase email or something like that. Just 2115 01:15:08,345 --> 01:15:09,864 hold just hold onto to it. I've got 2116 01:15:09,864 --> 01:15:11,704 a couple more campaigns I wanna run in 2117 01:15:11,704 --> 01:15:12,985 the next 2 or 3 months or so. 2118 01:15:13,639 --> 01:15:15,074 And at the end of all that, I 2119 01:15:15,074 --> 01:15:16,908 think I'm gonna have a thank you Zoom 2120 01:15:16,908 --> 01:15:18,743 party. And so you'll need someone to punch 2121 01:15:18,743 --> 01:15:19,403 that ticket 2122 01:15:19,860 --> 01:15:21,694 to to to get your invite to that 2123 01:15:21,694 --> 01:15:23,051 party. So hold on to that evidence. 2124 01:15:23,783 --> 01:15:25,538 I may be asking for that later. Now, 2125 01:15:25,698 --> 01:15:27,134 I do have 1 more promotion. 2126 01:15:27,931 --> 01:15:29,447 And thank you very much to Grey fox, 2127 01:15:29,606 --> 01:15:31,440 who is what of... Which is the handle 2128 01:15:31,440 --> 01:15:33,057 for 1 of my patrons 2129 01:15:33,448 --> 01:15:35,456 who had an extra ticket to Def con 2130 01:15:35,511 --> 01:15:37,732 and is offering it up to me to 2131 01:15:37,732 --> 01:15:39,001 give away to you. 2132 01:15:39,636 --> 01:15:41,325 I realized this is only going to 2133 01:15:41,792 --> 01:15:43,301 appeal to a limited number of you. First 2134 01:15:43,301 --> 01:15:44,887 of all, you've gotta be able to go. 2135 01:15:45,523 --> 01:15:47,904 Again, it's August 8 through eleventh in Las 2136 01:15:48,063 --> 01:15:48,777 Vegas, Nevada, 2137 01:15:49,426 --> 01:15:51,251 So you... You're gonna have to buy a 2138 01:15:51,251 --> 01:15:52,520 plane ticket, and you're gonna have to get 2139 01:15:52,520 --> 01:15:54,345 lodging. But if you'd like to get in 2140 01:15:54,345 --> 01:15:55,773 and say 4 and 80 bucks, 2141 01:15:56,423 --> 01:15:58,254 We've got a ticket to give you. So 2142 01:15:58,333 --> 01:16:00,244 I'm going to do a straight up raffle 2143 01:16:00,244 --> 01:16:01,916 on that. If you're willing able to go, 2144 01:16:02,472 --> 01:16:05,034 send an email to me at dc c 2145 01:16:05,034 --> 01:16:06,944 24 as in dev con 24. 2146 01:16:07,502 --> 01:16:08,877 Dc c 24 2147 01:16:09,093 --> 01:16:11,162 at firewalls don't dot agnes dot com. And 2148 01:16:11,241 --> 01:16:12,276 I'll put that in the show notes too 2149 01:16:12,355 --> 01:16:13,803 So you don't have to remember it. But 2150 01:16:13,803 --> 01:16:15,159 shoot me an email and say that you'd 2151 01:16:15,159 --> 01:16:17,154 like to enter that raffle. Now, I am 2152 01:16:17,154 --> 01:16:18,908 gonna throw in 1 other bit of incentive. 2153 01:16:19,306 --> 01:16:21,220 As you know, I give away Dragon challenge 2154 01:16:21,220 --> 01:16:23,316 coins from time to time, and 2155 01:16:23,628 --> 01:16:25,778 besides having this really super cool dragon coin, 2156 01:16:26,653 --> 01:16:28,404 that also doubles as a d 20 die 2157 01:16:28,404 --> 01:16:30,256 that you can use to generate past phrases 2158 01:16:30,314 --> 01:16:32,701 at my website, d 20 key dot com, 2159 01:16:33,194 --> 01:16:34,966 if you should ever meet me in person 2160 01:16:35,103 --> 01:16:37,807 and present this coin, I will buy you 2161 01:16:37,807 --> 01:16:39,876 a drink on me. So I'm gonna offer 2162 01:16:39,876 --> 01:16:41,807 here as an additional incentive to 2163 01:16:42,197 --> 01:16:43,015 do this raffle 2164 01:16:43,947 --> 01:16:45,458 is if you sign up to be an 2165 01:16:45,458 --> 01:16:48,322 annual patron at the night aren't level or 2166 01:16:48,322 --> 01:16:48,822 higher 2167 01:16:49,213 --> 01:16:51,468 and you in the raffle, I will personally 2168 01:16:51,606 --> 01:16:54,637 hand you a dragon challenge coin and buy 2169 01:16:54,637 --> 01:16:56,871 you a drink on the spot in wonderful 2170 01:16:56,950 --> 01:16:58,840 Las Vegas Nevada when we both go 2171 01:16:59,597 --> 01:17:01,832 to Def con. And note that I'm still 2172 01:17:01,832 --> 01:17:04,467 doing the Treasure chest promotion that's an ongoing 2173 01:17:04,467 --> 01:17:06,063 thing for people who sign up as a 2174 01:17:06,063 --> 01:17:07,420 patron for night Erin and above, 2175 01:17:07,994 --> 01:17:09,592 And that is you basically get a 40 2176 01:17:09,592 --> 01:17:10,492 dollar value 2177 01:17:11,110 --> 01:17:13,608 coupon for either malware bites, proton 2178 01:17:14,067 --> 01:17:16,479 or safe port master. So it covers a 2179 01:17:16,479 --> 01:17:18,720 good bit of your of your annual subscription. 2180 01:17:19,360 --> 01:17:20,960 So that's all kinda wrapped into it. If 2181 01:17:20,960 --> 01:17:22,960 you've got any questions, you can let me 2182 01:17:22,960 --> 01:17:24,295 know when you send me an email a 2183 01:17:24,493 --> 01:17:26,326 24 at firewalls stones dot dragons dot com. 2184 01:17:26,884 --> 01:17:28,956 I will announce that winner probably in 2 2185 01:17:28,956 --> 01:17:30,708 weeks. I wanna make sure I have time 2186 01:17:30,708 --> 01:17:32,860 to get it to everybody but before we 2187 01:17:32,860 --> 01:17:33,577 go to Las Vegas. 2188 01:17:34,309 --> 01:17:35,736 So sometime the next 2 weeks if you 2189 01:17:35,736 --> 01:17:37,163 wanna enter into that raffle for a free 2190 01:17:37,163 --> 01:17:39,384 ticket to Def con 32, just shoot me 2191 01:17:39,384 --> 01:17:41,445 that email. And you can wait of course 2192 01:17:41,445 --> 01:17:41,945 until 2193 01:17:42,734 --> 01:17:44,252 you you find out if you win if 2194 01:17:44,252 --> 01:17:45,770 you also want to become a patron to 2195 01:17:45,770 --> 01:17:47,528 do the Dragon coin thing. That's totally up 2196 01:17:47,528 --> 01:17:49,445 to you. Alright. We're already running long. So 2197 01:17:49,445 --> 01:17:50,739 let me cut it off here. We've got 2198 01:17:50,739 --> 01:17:53,536 a great interview next week on Os or 2199 01:17:53,536 --> 01:17:56,332 open source intelligence with Jason Edison from Intel 2200 01:17:56,332 --> 01:17:58,170 techniques. That's a... Was a really great interview. 2201 01:17:58,583 --> 01:18:00,572 So stay tuned for that. And lots of 2202 01:18:00,572 --> 01:18:01,924 other great stuff coming down the pike. So 2203 01:18:01,924 --> 01:18:03,674 if you haven't already subscribed and then you 2204 01:18:03,674 --> 01:18:05,265 won't miss any of that goodness. 2205 01:18:06,000 --> 01:18:08,239 Alright. Take care everybody. Stay safe out there 2206 01:18:08,239 --> 01:18:10,000 and until next week as always. 2207 01:18:10,560 --> 01:18:12,212 Don't get caught with your dr