Complete Privacy & Security Podcast E059

Complete Privacy & Security Podcast

Complete Privacy & Security Podcast E059: Michael Returns and We Tackle Listener Q&A

This week Michael returns to clean out the inbox of all your listener questions.

Subscribe at:

RSS
iTunes
Google
Stitcher


SHOW NOTES

INTRO
uBlock Origin
Firefox Mr. Robot Stunt
Mac Root Password Vulnerability, If you are on macOS High Sierra, update to macOS version 10.13.2.
ProtonMail Bridge out of beta

MAIN TOPIC – Listener Q&A
What is an IRS protection PIN and should I have one?
I am traveling overseas and need a constant internet connection. How secure/private is a mobile cellular hotspot?
Have you guys moved to Linux laptops and if so, what do you think?
What are your thoughts on Brave Browser?
I’ve read that Amazon tracks everything I do on my Kindle. Is there a way to use my Kindle privately?
You can now customize Signal with an avatar and nickname. Are there risks to doing this?
Can you give us an update on Volume II of The Complete Privacy & Security Desk Reference?
I am considering a name change. Do you recommend this/is it worth it?
How much information do I have to give the account who is doing my taxes? What is the minimum I can give them?
How do you listen to podcasts/music, i.e. do you worry that you might be “podcast fingerprinted” based on the shows you subscribe to?
If Michael keeps his phone in a Faraday bag, how does he charge it?
Some Windows PCs allow you to disable the camera and microphone at the BIOS level. Can this still be hacked?
Do you still run anti-virus on your Mac, or just Little Snitch?

Is it vital for me to put my KeePassXC database in a VeraCrypt container
Can you migrate apps or gift card balances to a new Apple account anonymously?
I have a custom domain name with my business. Is there an advantage to using this with ProtonMail? Does it make it more secure? Are there disadvantages to this strategy?
The 2020 census is coming up. Do I have to respond?
My doctor wants to have a video/teleconference via Doxy.me. Is it secure?
Is there an open-source version of Little Snitch for Linux?
Do you guys have any update on using Open Street Map? Are GPS devices transmitting my location?
There is no way to globally disable Siri on iOS 11. Since I have to disable it on a per-app basis, does this mean it is still listening? Do you guys have a fix for this?

OFFENSE/DEFENSE
OFFENSE: http://freecarrierlookup.com/
DEFENSE: Discussed on the show!


The Complete Privacy and Security Desk Reference Vol. I

The Complete Privacy and Security Desk Reference Vol. II

Michael’s Website
https://privacy-training.com/

Justin’s Website
https://operational-security.com/

6 thoughts on “Complete Privacy & Security Podcast E059”

  1. Can you recommend a privacy-respecting free or low cost web-based faxing service? On the few occasions I need to fax, it would be good to know a trustworthy service.

  2. Do you folks have an opinion about the use of Orbot VPN versus Opera VPN (the mobile version) for cellphone privacy?
    Also, for computers, you have mentioned VPN redundancy (e.g. Proton VPN used together with Opera (browser-based) VPN). Some have opined it might redundancy might not work well, and might be counterproductive. Would like your thoughts.

    1. Due to Opera’s questionable country of origin, I would stay away from it. Orbot isn’t bad but it leverages Tor and again, only protects traffic in the browser. Tor also comes with it’s own set of problems, like notoriously slow connections.

      Again, Orbot isn’t inherently bad, but Opera very well might be.
      JC

  3. Hello. I am a relatively new listener and am working on implementing privacy & security improvements. In an online forum a person recently posted that her iPhone was pickpocketed in Mexico and although she had a 6 digit PIN set they were able to change her Facebook password. She was able to change her other account passwords and sent a wipe command, but is not sure if the phone got wiped as it may have been taken offline.

    The last I heard there was only a select few people/firms that had methods to crack the security on an iPhone. The most publicized story was with the Las Vegas shooter’s phone that the FBI wanted Apple to help them access, but they refused. Later the FBI said they had hired a contractor that was able to crack it and they dissolved the lawsuit with Apple.

    Do you have any updated information regarding this? Is it possible that less sophisticated thieves have a way to crack the security? What counter measures can we put in place to add security to the phone?

    1. If you use a passcode that is 10+ characters long and enable the function that wipes the phone after 10 incorrect attempts, you’ll be fine even against sophisticated adversaries.
      The fact that the woman’s FB password was changed really means very little in this conversation, because Facebook doesn’t exist solely on her phone. It might have been broken and changed, anyway. Or the phone might have just been used to receive an SMS verification, which was very likely visible on the lock screen.

Leave a Reply

Your email address will not be published.