Firewalls Don't Stop Dragons Podcast-logo

Firewalls Don't Stop Dragons Podcast

News & Politics Podcasts

A Podcast on Computer Security & Privacy for Non-Techies

A Podcast on Computer Security & Privacy for Non-Techies


United States


A Podcast on Computer Security & Privacy for Non-Techies




Best & Worst Gifts Guide 2020

Looking for fun gifts that won't also be gifts to hackers and data miners? In today's show, I'll list off the top products and services from my annual Naughty & Nice gifts guide! Every year, I review several popular gifts and give you my recommendations on which ones to buy and which ones to avoid like the plague (or the pandemic?). In other news: Spotify has been hacked and you should change your password; Google is looking to add end-to-end encryption to its new Android RCS messaging...


Dark Patterns (Part 2)

So, what can we do about these dark patterns? Are there technical solutions to this problem? Or will this require regulations? Or perhaps we just need to train our engineers and consumers better? In part 2 of my interview with Dr. Colin Gray of Purdue University, we talk about some possible solutions to the dark patterns problem, as well as tips and tricks for avoiding them. Colin also shares several interesting resources for further study. Colin M. Gray is an Assistant Professor at Purdue...


Dark Patterns (Part 1)

Are you tired of being pestered to allow notifications or access to your location? Do you wonder why you have to give your credit card number in order to sign up for "free" trials? Why weren't you told about the shipping costs until the very last screen in the purchase process? Are you sure that you didn't intend to sign up for all those newsletters? You're not alone, and you're not simply being subjected to clever marketing. You've been the victim of dark patterns: specific,...


Zoom: Now with Actual Privacy

Zoom went from an obscure teleconferencing company to a household word when the pandemic hit. Zoom wasn’t the best videoconferencing app by any means. But it was dead simple to use and kinda fun to say. For better or worse, it became the de facto tool for many of us to keep in touch. Over that time, Zoom has made many important improvements. This week it has finally rolled out what appears to be true end-to-end encryption (E2EE). Today I'll tell you how to enable this new feature. In other...


The Ebb & Flow of the Internet

For better or for worse, the internet today is funded by advertising. While ads can be annoying, the real issue isn't having to watch ads - it's when then ads watch us. AdTech today is premised on invasive personal data collection. Companies like Google and Facebook amass voluminous dossiers on each of us, and sell highly-targeted ads based on our income, gender, age, location, buying habits, personal interests, sexual orientation, and much, much more. But it doesn't have to be that way. And...


Big Proctor is Watching You (part 2)

In the second half of my interview with the EFF’s Lindsay Oliver and Jason Kelley, we talk about how these draconian surveillance systems put several students at a distinct disadvantage and how the teacher themselves feel about all of this. How might all of this normalize surveillance for young people? Can the invisible hand of the market resolve some of these issues? What should the policies be around proctoring and the use of these surveillance apps? How can we push back and demand change...


Big Proctor is Watching You (part 1)

In this time of COVID19, we've all had to learn to work and learn from home. But how do our bosses know we're not screwing around instead of working? How do our teachers know we're not cheating? It turns out that they're both willing to go to extremely intrusive measures to try to figure that out. Home and mobile device surveillance technology is booming thanks to this global pandemic, as we will learn from talking to the EFF's Lindsay Oliver and Jason Kelley. They have been investigating...


National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month! The theme this year is: if you connect it, protect it! And given how popular IoT devices are these days, and also how horrid their security usually is, this advice has never been more important. In today's show, I'll walk through some top cyber tips for protecting your devices and your home network. And there's a TON of news, as well: I'll update you on the "App Fairness" campaign from Epic, Protonmail, Spotify and others; watch out for fake...


Apple’s Epic Battle Royale (Part 2)

What do Apple, Tyson Foods and Worldwide Wrestling (WWE) all have in common? And what is "chickenization"? In part 2 of my interview with Cory Doctorow, he explains how some markets in the US economy are completely distorted by dominant sellers as well as dominant buyers. Seeing all of these specific markets as facets of a single economic problem, we can find common cause and perhaps a common solution. Cory Doctorow ( is a science fiction author, activist, and journalist. He is...


Apple’s Epic Battle Royale (Part 1)

Apple and Epic Games are locked in an epic legal (and PR) battle that may determine the future of the App Store, the Google Play Store, and several other game distribution networks. At the heart of this debate is the disproportionate influence the app store owner has over the apps in their store, including demanding a hefty cut of the app maker's profits. How did we get to this place? How does this distort the market for software? When did "contempt of business model" become a felony? Today...


Take Out the (Windows) Trash

If you're a Windows PC user, you know the term "bloatware", or maybe "crapware". Every consumer PC comes chock full of it. Free trials of games, cloud storage services and antivirus software. Half a dozen "helper" apps from the PC manufacturer. Pre-installed calling, chat, and shopping services. It's a mess. But they're not just annoying. They can slow down your computer's startup and shutdown, and waste precious battery life on laptops. Today I'll share two ways to take out this trash. In...


It’s a Trap!

Enterprising scammers have found some very clever ways to trick you into believing your computer needs fixing, when in reality it's just fine. Using various techniques, fake web pop-up alerts can cause your browser or computer to seem sluggish or malfunctioning. And then you get a helpful pop-up alerting you of a serious problem and offering to help you fix it - for a fee. I'll tell you how to spot these fakes and how to recover from the issues they've inflicted. In other news: there's a new...


Firefox Privacy (Part 2)

Did you know that Google's search can track you on a non-Chrome browser, even if you block third party cookies? And did you also know that there's a gaping privacy hole in web surfing that even a VPN may not fix? Is it possible to defeat browser fingerprinting? In the second half of my interview with Mozilla's Chief Security Officer Marshall Erwin, we'll answer these questions and much more. Marshall will give us his personal privacy tips and tell us about some upcoming Firefox features. And...


Firefox Privacy (Part 1)

If you really care about online privacy, you can't use Google's Chrome browser. Google is an advertising company. Everything else they do is in support of that core business. If you want a secure, fast browser that is actually focused on protecting your privacy, you want to be using Mozilla's Firefox browser. Today I'll be speaking with Mozilla's Chief Security Officer, Marshall Erwin. We'll trace Firefox's heritage back to the stalwart Netscape Navigator and then dive into the ugly world of...


Apple’s Epic Battle

Epic - the maker of the massively popular game Fortnite - has thrown down the proverbial gauntlet. It has decided that it no longer wishes to cut Apple in for 30% of its profits... Which is exactly what all app developers do - and have explicitly and contractually agreed to do - in return for using Apple's platform, tools, software development kits, and security testing. Apple provides this and access to billions of users. Microsoft, Sony and Google charge the same 30% in their app stores....


This is Why We Can’t Have Nice Things (part 2)

Can Facebook or Google really promise to keep your data private in this era of mass surveillance by the likes of the NSA and GCHQ? Max Schrems doesn't think so, and he's convinced the EU Court of Justice of the same thing. There's no way to protect user data when intelligence agencies are hoovering up all our communications and storing them on massive server farms forever. In part 2 of my chat with EFF's Danny O'Brien, we'll talk about the two Shrems cases in the EU and what the recent...


This is Why We Can’t Have Nice Things (part 1)

What good are privacy laws when we all know that intelligence agencies don't play by the rules? How can any company promise to keep our data safe when we know that agencies like the NSA and GCHQ are hoovering it all up? That's the essential argument behind the Max Schrems cases at the European Court of Justice. And the EU court agrees. In part 1 of my interview with EFF's Danny O'Brien, we'll talk about how we got here and how the parallel development of data mining and mass surveillance led...


The Pros & Cons of Antivirus Software

When most people think of protecting their computers, they think of antivirus software. Viruses are a real problem, of course, but how well do antivirus (AV) apps protect you? And are there any downsides to using AV software? Turns out there are plenty - so many that the cons probably outweigh the pros for most people, on Apple Mac or on Windows PC. Don't believe me? Listen to this show and then decide. In other news: Google is finally bringing its Google One storage app to iOS, but don't...


The Great Twitter Hack

Last week, Twitter was massively hacked - apparently just to launch a Bitcoin scam (though that story is still developing). Famous people's accounts were taken over, including Joe Biden, Barack Obama, Bill Gates, Elon Musk and several popular brand name accounts. (President Trump's account was not taken over due to enhanced security measures.) But beyond the details of the hack, we need to look at the bigger picture and what this hack should be telling us about these totally unregulated...


Your Money or Your Data (part 2)

In the second part of my interview with Renee Dudley from ProPublica, we delve into the cyber insurance and ransomware incident response industries, including how some of these companies are being less than forthcoming about their services. In fact, it appears that several "incident response" companies are simply paying the ransom and then charging companies a fee on top of that. We'll talk about how cyber insurance works and how to decide whether or not it's for you. And Renee will also...