August 28, 2023

Assessing Your Network Security

59 minutes

In the third part of my series on securing your home network, we’ll assess your security and privacy vulnerabilities. In prior weeks, we’ve exhaustively listed our network devices (Scan) and removed any devices that we no longer need or don’t need to be “smart” (Simplify). Now it’s time to investigate the remaining devices and think about what we need to do to secure them.

In other news: an old Mac malware info stealer is back; thousands of Android apps are evading detection using an interesting technique; Illinois just passed a law allowing doxing victims to sue perpetrators for damages; Meta plans to roll out end-to-end encryption for Messenger by year’s end; LinkedIn accounts are being targeted for takeover; Intel’s GPU driver collects personal info by default; Tesla suffers data breach of 75,000 current and former employees; police are accessing DNA databases even for people who opted out of this access; Pennsylvania court says police been to be transparent about social media monitoring; Kansas newspaper raid by police teaches us how better to encrypt our data; hackers are selling credit report info on just about any American; NSA director tells employees to spy “with dignity and respect”.

Article Links

[TechRadar] One of the worst Mac malware strains is back and hiding as a productivity app – so beware https://www.techradar.com/pro/security/one-of-the-worst-mac-malware-strains-is-back-and-hiding-as-a-productivity-app-so-beware

[Tom’s Guide] Thousands of Android malware apps use stealthy APKs to bypass security, study finds https://www.tomsguide.com/news/thousands-of-android-malware-apps-use-stealthy-apks-to-bypass-security-study-finds

[Ars Technica] Illinois just made it possible to sue people for doxxing attacks https://arstechnica.com/tech-policy/2023/08/illinois-just-made-it-possible-to-sue-people-for-doxxing-attacks/

[TechCrunch] Meta plans to roll out default end-to-end encryption for Messenger by the end of the year https://techcrunch.com/2023/08/22/meta-plans-to-roll-out-default-end-to-end-encryption-for-messenger-by-the-end-of-the-year/

[TechRadar] LinkedIn user accounts have been taken over in huge hacking campaign https://www.techradar.com/pro/security/linkedin-user-accounts-have-been-taken-over-in-huge-hacking-campaign

[extremetech.com] Intel’s GPU Drivers Now Collect Telemetry https://www.extremetech.com/gaming/intels-gpu-drivers-now-collect-telemetry-including-how-you-use-your-computer

[TechCrunch] Tesla says data breach impacting 75,000 employees was an insider job https://techcrunch.com/2023/08/21/tesla-breach-employee-insider/

[BBC] Why US tech giants are threatening to quit the UK https://www.bbc.com/news/technology-66304002

[The Intercept] Police Are Getting DNA Data From People Who Think They Opted Out https://theintercept.com/2023/08/18/gedmatch-dna-police-forensic-genetic-genealogy/

[The Associated Press] A Pennsylvania court says state police can’t hide how it monitors social media https://apnews.com/article/pennsylvania-police-aclu-social-media-monitoring-1508189aba86cc776e19892b4a2b358a

[freedom.press] What a newsroom police raid teaches us about encrypting our devices https://freedom.press/training/blog/marion-record-police-raid/

[404media.co] The Secret Weapon Hackers Can Use to Dox Nearly Anyone in America for $15 https://www.404media.co/the-secret-weapon-hackers-can-use-to-dox-nearly-anyone-in-america-for-15-tlo-usinfosearch-transunion/

[The Intercept] NSA Orders Employees to Spy on the World “With Dignity and Respect” https://theintercept.com/2023/08/25/nsa-spy-dignity-respect/

Tip of the Week: Securing Your Network 3: Assess: https://firewallsdontstopdragons.com/secure-your-network-3-assess/

Further Info

Dragon Challenge Coin promotion: https://fdsd.me/promo823

Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch

Give the gift of privacy and security: https://fdsd.me/coupons

Send me your questions! https://fdsd.me/qna

Support our mission! https://fdsd.me/support

Subscribe to the newsletter: https://fdsd.me/newsletter

Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book

Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest

Generate secure passphrases! https://d20key.com/#/

Table of Contents

Use these timestamps to jump to a particular section of the show.

0:00:52: News rundown

0:03:09: One of the worst Mac malware strains is back

0:06:15: Android malware apps use stealthy APKs to bypass security

0:09:17: Illinois now allows you to sue for doxxing attacks

0:13:59: Meta to roll out default E2EE for Messenger by year’s end

0:17:06: LinkedIn accounts taken over in huge hacking campaign

0:19:39: Intel’s GPU Drivers Now Collect Telemetry

0:23:34: Data breach impacting 75,000 Tesla employees was inside job

0:26:39: Why US tech giants are threatening to quit the UK

0:29:26: Police Are Getting DNA Data From People Who Think They Opted Out

0:34:58: PA court says state police can’t hide how it monitors social media

0:37:13: What a newsroom police raid teaches us about security

0:42:58: The Tool Hackers Can Use to Dox Nearly Anyone in America

0:49:14: NSA Orders Employees to Spy “With Dignity and Respect”

0:51:40: Need more Dear Carey questions!

0:52:01: Tip of the Week

0:57:01: Wrap up

...more

View all episodes

By Carey Parker

4.9

6464 ratings