Firewalls Don't Stop Dragons Podcast

LastPass Source Code Breach

Listen Later

Password manager software maker LastPass suffered a data breach last week, which understandably made their customers very nervous – and caused some people to question the decision to put all their passwords in one digital basket. In today’s show, I’ll explain why this particular breach was not a threat to anyone’s passwords and why you should still use a high quality password manager.

In other news: Former security chief blows the whistle on Twitter; major VPN providers are pulling out of India over surveillance law issues; a set of popular Chrome extensions caught committing click fraud; Google’s new Chrome extension restrictions threaten to hobble ad blockers; a father’s Google accounts are deleted over false AI-flagged CSAM; US Federal Trade Commission sues a data broker over lax protection of location data; EFF finds another data broker selling location data to law enforcement; Google launches bug bounty program for open source software projects; DuckDuckGo’s email privacy protection feature now available to all; Ohio judge rules that scanning students’ rooms before tests is illegal; a flight to Cabo is nearly grounded thanks to a passenger sending dick pics to other passengers, including one of the pilots.

Article Links
  1. [The Washington Post] Former security chief claims Twitter buried ‘egregious deficiencies’ https://www.washingtonpost.com/technology/interactive/2022/twitter-whistleblower-sec-spam/
  2. [9to5mac.com] Major VPN services shut down in India over anti-privacy law; Apple hasn’t yet commented https://9to5mac.com/2022/09/01/major-vpn-services/
  3. [BleepingComputer] Chrome extensions with 1.4 million installs steal browsing data https://www.bleepingcomputer.com/news/security/chrome-extensions-with-14-million-installs-steal-browsing-data/
  4. [BleepingComputer] AdGuard’s new ad blocker struggles with Google’s Manifest v3 rules https://www.bleepingcomputer.com/news/security/adguard-s-new-ad-blocker-struggles-with-google-s-manifest-v3-rules/
  5. [The New York Times] A Dad Took Photos of His Naked Toddler for the Doctor. Google Flagged Him as a Criminal. https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html
  6. [Reuters] U.S. FTC sues data broker Kochava for alleged sale of sensitive data https://www.reuters.com/legal/us-ftc-sues-data-broker-kochava-alleged-sale-sensitive-data-2022-08-29/
  7. [Electronic Frontier Foundation] Data Broker Helps Police See Everywhere You’ve Been with the Click of a Mouse: EFF Investigation https://www.eff.org/press/releases/data-broker-helps-police-see-everywhere-youve-been-click-mouse-eff-investigation
  8. [Naked Security] LastPass source code breach – do we still recommend password managers? https://nakedsecurity.sophos.com/2022/08/29/lastpass-source-code-breach-do-we-still-recommend-password-managers/
  9. [Decipher] Google Launches Bug Bounty Program For Open Source Projects https://duo.com/decipher/google-launches-bug-bounty-program-for-its-open-source-projects
  10. [Spread Privacy] Protect Your Inbox: DuckDuckGo Email Protection Beta Now Open to All! https://spreadprivacy.com/protect-your-inbox-with-duckduckgo-email-protection/
  11. [The Verge] University can’t scan students’ rooms during remote tests, judge rules https://www.theverge.com/2022/8/23/23318067/cleveland-state-university-online-proctoring-decision-room-scan
  12. [VICE] Creeps Airdropping Dick Pics Just Made Flying Even Worse https://www.vice.com/en/article/3adag9/southwest-tiktok-video-pilot-airdropped-nudes
  13. Tip of the Week: How to Prevent Cyberflashing https://firewallsdontstopdragons.com/how-to-prevent-cyberflashing/ 
    14. Further Info
    • Peppering Your Passwords: https://firewallsdontstopdragons.com/password-manager-paranoia/
    • Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/
    • Check out my book, Firewalls Don’t Stop Dragons: https://www.amazon.com/gp/product/1484261887 
    • Become a Patron! https://www.patreon.com/FirewallsDontStopDragons 
    • Donate directly with Monero! https://firewallsdontstopdragons.com/contact/ 
    • Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker
    • Generate secure passphrases! https://d20key.com/#/
      • Table of Contents

      Use these timestamps to jump to a particular section of the show.

      • 0:01:32: Update Google Chrome and older iPhones
      • 0:05:48: Twitter whistleblower
      • 0:10:29: Major VPN services shutting down in India
      • 0:14:00: Popular Chrome extensions committing link fraud
      • 0:16:51: Google Chrome changes will limit ad blockers
      • 0:23:38: Father loses Google accounts of false CSAM flagging by AI
      • 0:27:22: FTC sues data broker
      • 0:30:17: EFF research uncovers more police purchases of location data
      • 0:34:55: LastPass source code breach
      • 0:46:43: Google launches bug bounty for open source software
      • 0:49:51: DuckDuckGo email privacy feature now open to all
      • 0:55:55: Court blocks scanning of students’ rooms during remote tests
      • 1:00:43: Cyberflashing nearly grounds flight
      • 1:05:35: Notes on upcoming interviews and shows
        • ...more
        View all episodesView all episodes
        Download on the App Store
        Firewalls Don't Stop Dragons PodcastBy Carey Parker
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        64 ratings

        More shows like Firewalls Don't Stop Dragons Podcast

        View all
        Hidden Brain by Hidden Brain, Shankar Vedantam

        Hidden Brain

        43,622 Listeners

        Global News Podcast by BBC World Service

        Global News Podcast

        7,711 Listeners

        Hacked by Hacked

        Hacked

        191 Listeners

        This Week in Tech (Audio) by TWiT

        This Week in Tech (Audio)

        3,063 Listeners

        Security Now (Audio) by TWiT

        Security Now (Audio)

        2,009 Listeners

        The Daily by The New York Times

        The Daily

        112,225 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,059 Listeners

        FT News Briefing by Financial Times

        FT News Briefing

        646 Listeners

        Surveillance Report: Weekly News For Digital Freedom by Techlore

        Surveillance Report: Weekly News For Digital Freedom

        109 Listeners

        Hard Fork by The New York Times

        Hard Fork

        5,560 Listeners

        The Ezra Klein Show by New York Times Opinion

        The Ezra Klein Show

        16,339 Listeners

        Closed Network Privacy Podcast by Simon Walsh

        Closed Network Privacy Podcast

        20 Listeners

        Watchman Privacy by Gabriel Custodiet

        Watchman Privacy

        75 Listeners

        The Weekly Show with Jon Stewart by Comedy Central

        The Weekly Show with Jon Stewart

        10,853 Listeners

        The 404 Media Podcast by 404 Media

        The 404 Media Podcast

        392 Listeners