In this week's episode we dive deep into both the psychological and privacy implications of social media apps. I reflect on my observations during recent travels, and explore how social media platforms are distorting human connections while simultaneously collecting vast amounts of personal data.

The episode also tackles the technical aspects of email systems to the limitations of encrypted messaging apps, providing practical advice for maintaining privacy.

In this week's episode:

1. Listener Questions - Deep dive into pfSense vs OPNsense, mobile VPN usage, and dealing with license plate readers
2. Social Media Privacy - Analysis of social media's psychological impact and privacy issues with data collection practices
3. Proper Account Deletion - Step-by-step guide for securely deleting social media accounts
4. Sock Puppet Accounts - Maintaining anonymous online identities
5. Email Privacy - Historical perspective and current state of email security
6. WhatsApp Security - A discussion on encryption and device security

Show Links:

• Support the Show on Patreon - https://patreon.com/TheLockdown
• GrapheneOS - https://grapheneos.org
• The Neuroscience of Engagement - https://medium.com/design-bootcamp/the-neuroscience-of-engagement-b50531a9313b
  
  

"The right information at the right time is deadlier than any weapon."

- Dolores Abernathy (Westworld)

This week on The Lockdown, The Practical Privacy & Security Podcast, we’re kicking off the new year with reflections, updates, and a deep dive into key privacy issues that are shaping 2025. From privacy settings on iOS and GrapheneOS, to AI assistants and their potential privacy pitfalls, this episode covers practical advice, insights, and solutions for everyday users. Additionally, I explore new state-level privacy laws across the U.S. and what they mean for both businesses and individuals.

In this week’s episode:

1. Reflecting on personal privacy practices and professional projects.
2. A look at U.S. state privacy regulations taking effect in 2025.
3. Privacy and security implications of voice assistants like Siri, Alexa, and Google Assistant.
4. Detailed privacy settings for iOS and why GrapheneOS is the better alternative.
5. AI assistants like ChatGPT and Claude, and their risks.
6. Privacy concerns with vehicles, focusing on data leaks and constant surveillance.
7. The intersection of cybersecurity and OSINT in modern attacks.

Show Links:

• Apple offers $95 million in Siri privacy violation settlement
• Amazon to pay $31 million in privacy violation penalties for Alexa voice assistant and Ring camera
• Nulide / FindMyDevice · GitLab
• British journalist could face years in prison for refusing to hand over his passwords to the police - Il Fatto Quotidiano
• Volkswagen EV data leak exposes personal information of 3.3 million people
• Tesla data helped police after Las Vegas truck explosion, but experts have wider privacy concerns

Support this show: https://www.patreon.com/c/TheLockdown
Official website: https://psysecure.com/podcast/

"If you want to keep a secret, you must also hide it from yourself."
-George Orwell

Podcast music: The R3cluse 

In this episode I speak with Luke Mulks, who is the VP of Business Operations at Brave Software. We discuss the privacy concerns over traditional web-based ads, and why Brave is offering a privacy-first alternative.

Show Links:

• Brave Software:  https://brave.com/podcast/ 
• The Brave Technologist Podcast: https://brave.com/podcast/

"Well who's gonna monitor the monitors of the monitors?" - Carla Dean (Enemy of the State)

Podcast music: Recluse by Ray Heffer  

In this episode, we go back to the basics as I discuss what I would do today if I were starting from scratch. It begins with deleting social media accounts, especially Facebook. Additionally, we have an update from Optery in response to listener feedback.

We discuss tools like LibreWolf, Brave, and GrapheneOS, and compare privacy approaches for mobile devices, including Pixel and iPhone. A segment is dedicated to starting a privacy-first journey, from deleting social media accounts to adopting secure communication and password management practices. The episode also touches on how AI, including large language models (LLMs), is reshaping privacy concerns by building highly accurate profiles of users.

In this week’s episode:

• Don't overthink privacy, especially web browsers with Brave, Firefox, and LibreWolf
• Back to the basics starting with deleting social media
• Pixel vs iPhone (GrapheneOS)

Show Links:

• Self-hosting Nextcloud: https://psysecure.com/self-hosting-nextlcoud
• LibreWolf: https://librewolf.net/
• GrapheneOS: https://grapheneos.org/
• Meta fined $1.3b: https://www.nytimes.com/2023/05/22/business/meta-facebook-eu-privacy-fine.html
• Surveillance Watch: https://www.surveillancewatch.io/

"The world outside, the world that you know, it’s gone. It doesn’t exist."
– Christof

Podcast music: Recluse by Ray Heffer  

In this episode, recorded on October 10, 2024, I dive into privacy and security during natural disasters, highlighting essential tools like iOS 18’s satellite messaging and Starlink for maintaining communication when traditional systems fail. Next I dive into self-hosting in depth, particularly focusing on Nextcloud for privacy-conscious file sync. The episode concludes with a detailed analysis of a critical vulnerability in Firefox and the merits of switching to LibreWolf for enhanced privacy and security.

In this week’s episode:

1. Privacy During Natural Disasters. Using of iOS 18’s satellite communication features for emergency contact, Starlink for off-grid internet access, and the importance of internet and Sudo phone numbers for safety without compromising privacy.
2. Bug out bags for emergency preparedness, the utility of Starlink and satellite phones for privacy in disaster zones.
3. Overview of the blog post on hosting Nextcloud, importance of cloud backups using Backblaze B2 and Restic, encrypting backups and maintaining data privacy within home networks.
4. Other Privacy Tools and Practices, including Blue Iris for managing surveillance cameras without internet access, use of Proxmox for virtual machines and running DNS servers with PiHole.
5. Analysis of the Firefox vulnerability (CVE 2024-9680), discussion on the benefits of LibreWolf as a more private alternative to Firefox.

Show Links:

• Self-hosting Nextcloud - https://www.psysecure.com/self-hosting-nextlcoud
• Starlink - https://www.starlink.com/
• Backblaze B2 - https://www.backblaze.com/cloud-storage
• Restic FAQ - https://restic.readthedocs.io/en/latest/faq.html
• Nextcloud End-to-End Encryption - https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html
• Firefox Users Fingerprinted via Cached Intermediate HTTPS Certificates - https://www.bleepingcomputer.com/news/security/firefox-users-fingerprinted-via-cached-intermediate-https-certificates/
• Certificate issue causing add-ons to be disabled or fail to install - https://discourse.mozilla.org/t/fixed-certificate-issue-causing-add-ons-to-be-disabled-or-fail-to-install/39047
• Firefox CVE 2024-9680 - https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
• LibreWolf - https://librewolf.net/

All warfare is based on deception.

- Sun Tzu

Podcast music: Recluse by Ray Heffer 

In this episode, we have a special guest, Tyler Murphy, co-founder of EasyOptOuts, a data removal service focused on helping people remove their personal information from publicly accessible people search sites. Tyler discusses the inspiration behind EasyOptOuts, the challenges of maintaining privacy in a world of constant data breaches, and offers insights into data removal from various brokers. This conversation is packed with advice for anyone looking to regain control over their online privacy.

In this week’s episode:

1. Tyler shares how EasyOptOuts was founded, the challenges faced, and their mission to make data removal accessible.
2. Discussion on the widespread availability of personal data on people search sites and the complexities of removing it.
3. Insights into how EasyOptOuts automates data removal, and comparisons with manual removal processes.
4. The challenges posed by bot detection, CAPTCHAs, and deceptive removal processes that often require membership or payment.
5. The potential implications of data breaches, evolving bot detection, and the future of digital identity verification.
6. Tyler shares his own privacy techniques, including the use of VPNs, alias names, and minimizing data exposure online.
7. EasyOptOuts approach to scaling their service, future plans for business and family tiers, and their commitment to remaining a two-person operation.

Show Links:
EasyOptOuts - https://www.easyoptouts.com/

Imagine, then, this situation where we have the huge electronic intercommunication so that everybody is in touch with everybody else in such a way that it reveals their inmost thoughts, and there is no longer any individuality. No privacy. Everything you are, everything you think is revealed to everyone. - Alan Watts

Podcast music: Recluse by Ray Heffer

In today’s show, I discuss the National Public Data (NPD) breach, which contains 2.7 billion records, including the social security numbers of US residents. I cover how to check if your SSN is part of the breach and emphasize the importance of setting up a credit freeze for yourself and your kids. I also explore some useful tools for searching large datasets and share my thoughts on a Reddit post.

In this week's episode:

1. On the brink of giving up!
2. Using OnlyOffice as a Google Docs alternative
3. National Public Data (NPD) breach
4. Ripgrep (rg) and Silver Searcher (ag) tools for searching massive datasets
5. Credit freezes
6. Best efforts for Windows 11 privacy
7. ElevenTray, a useful utility to always show Windows 11 tray icons

Show Links:
Simplewall - https://github.com/henrypp/simplewall
ElevenTray - https://github.com/locksec/eleventray
OnlyOffice - https://www.onlyoffice.com/
LibreOffice - https://www.libreoffice.org/
Credit Freeze Guide - https://inteltechniques.com/freeze.html

Credit Freeze for Kids:
Equifax - https://www.equifax.com/personal/education/identity-theft/articles/-/learn/freezing-your-childs-credit-report-faq/
(800)685-1111
Equifax Security Freeze, PO Box 105788, Atlanta, Georgia 30348

Experian - https://www.experian.com/help/minor-request.html
(888)397-3742
Experian Security Freeze. PO Box 9554, Allen, TX 75013

TransUnion - https://www.transunion.com/credit-freeze/credit-freeze-faq#freeze-other-minor-0
(888)909-8872
TransUnion, P.O. Box 380, Woodlyn, PA 19094

https://www.transunion.com/credit-disputes/child-identity-theft-inquiry-form

> I know why you're here, Neo. I know what you've been doing... why you hardly sleep, why you live alone, and why night after night, you sit by your computer. - Trinity (The Matrix)

Podcast music: Recluse by Ray Heffer 

This week I respond to a few listener questions, primarily around the use of social media as a privacy enthusiast. Love it or hate it, you can guess which camp I'm in, social media like LinkedIn has almost become a requirement for job searches, employers, and connecting with other professionals. I also touch on OPSEC for OSINT, a new talk track I am planning to present in the future. It's important for all of us to maintain better Operational Security (OPSEC). Finally, I share my latest blog post: Venturing into AI Security with Locally Hosted LLMs, and why locally hosted AI is essential for privacy.

In this week's episode:

1. Redacting  ███ in your social media profiles
2. Minimizing the use of profile photos
3. Always assume private profiles are NEVER private
4. Addiction to social media and down regulation of the dopamine receptors
5. More on custom domains
6. Operational Security for OSINT professionals
7. Locally hosted LLMs for private AI
8. Data (PII) leakage with ChatGPT

Show Links:

• ChatGPT Privacy Issue - https://www.nytimes.com/interactive/2023/12/22/technology/openai-chatgpt-privacy-exploit.html
• Brain anatomy alterations associated with Social Networking addiction - https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5362930/
• AI Security with Locally Hosted LLMs - https://lockdown.media/ai-security-with-llms
• Expired Domains - https://www.expireddomains.net/
• SimpleLogin - https://simplelogin.io/

Because you made a phone call.

- Brill (Enemy of the State)

Podcast music: Recluse by Ray Heffer 

In this week’s show, I take a deeper dive into Apple’s iCloud Private Relay, discussing who should and who shouldn’t use it. I then discuss my latest article, “The Complete Setup Guide to pfSense for Privacy and Security,” and the benefits of an always-on VPN. Lastly, for those who are parents, I offer a discussion on privacy for kids and some non-invasive techniques for protecting them online.

In this week's episode:

1. Intro
2. iCloud Private Relay
3. Complete Guide to pfSense
4. Privacy for Kids
5. Listener questions

Show Links:

• The Complete Setup Guide to pfSense for Privacy and Security: https://lockdown.media/complete-setup-guide-to-pfsense
•  NextDNS: https://nextdns.io/
•  Cron package for pfSense: https://docs.netgate.com/pfsense/en/latest/packages/list.html
•  Private Relay Outage: https://www.tomsguide.com/phones/iphones/having-browsing-trouble-on-apple-devices-youre-not-alone-apples-private-relay-system-is-having-problems
•  iCloud Private Relay Overview: https://www.apple.com/privacy/docs/iCloud_Private_Relay_Overview_Dec2021.PDF

“You never had a camera in my head.”

- Truman Burbank

Podcast music: Recluse by Ray Heffer

This week we go back to the basics of privacy and security for the average Joe or Jane, and discuss the latest iPhone settings for privacy. I also discuss the Twilio Authy API abuse that resulted in 33 million phone numbers for Authy accounts being exposed. Huge thank you to the Patreon supporters!

In this week's episode:

1. Back to the basics
2. Advice for the 'average Joe'
3.  The Twilio Authy API breach
4.  iPhone privacy settings
5.  Listener question on doorbell cameras

Show Links:

• 1Password Security Audits: https://support.1password.com/security-assessments/
• Bitwarden Security Audits: https://bitwarden.com/help/is-bitwarden-audited/
• Twilio Breach: https://www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/
• MySudo: https://mysudo.com/
• ProtonMail: https://protonmail.com/
• StrongBox: https://strongboxsafe.com/
• KeepassDX: https://www.keepassdx.com/
• Amcrest Cameras: https://www.amazon.com/gp/product/B07ZJS3L5Y

"I don't want to live in a world where there's no privacy, and therefore no room for intellectual exploration and creativity."

- Edward Snowden

Podcast music: Recluse by Ray Heffer

After escaping to the mountains and living like a recluse for the past few months, I am back. In this week's show, I discuss my latest experiences in purchasing a home and titling in a living trust, along with the potential obstacles with title deeds and mortgage lenders, and avoiding data breaches with utility companies. I also revisit GrapheneOS after using it daily for the past year, and answer listener questions.

In this week's episode:

1. Living in the mountains
2. Buying a house with a living trust
3. Potential pitfalls with title deeds and mortgage lenders
4. Balancing privacy and security
5. The 'All or Nothing' approach
6. Why I still use Obsidian over Standard Notes
7. Revisiting GrapheneOS and the Play Integrity API
8. Baby Reindeer
9. Listeners Questions

"Privacy is rarely lost in one fell swoop. It is usually eroded over time, bit by bit."

- Daniel J. Solove

In this week's show, I discuss CLEAR's intrusive privacy policy and highlight alternatives to Authy using KeePass, with a privacy friendly solution for scanning QR codes. I also address the common mistakes people make when backing up their MFA codes. Additionally, I share some of the highlights from attending the SANS OSINT Summit in Washington, D.C., and explore various uses for custom domain names. Finally, I touch on the Starbucks app and the benefits of using Tello for pre-paid SIM cards.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on March 14, 2024

In this week's episode:

1. CLEAR Privacy and Selling Souls
2. Authy discontinues the desktop app from March 19th, 2024
3. Alternative MFA solutions using KeepassXC and KeepassDX
4. Storing backup MFA codes in a Veracrypt container
5. Make sure you keep scanned copies of your credit cards and ID!
6. Update on the SANS OSINT Summit
7. Alternative to Mint Mobile with Tello
8. Using the Starbucks app privately
9. Custom domain names

Show Links:

• CLEAR Security Breach: https://www.youtube.com/watch?v=i0I0BTtnMC4
• OSINT Combine Free Tools:  osintcombine.com/freetools
  • Whatsmyname: https://whatsmyname.app/
• Tello:  https://tello.com/
• QR Scanner (PFA) by Secuso Research Group: https://secuso.aifb.kit.edu/english/QR_Scanner.php
• Skull Games: https://skullgames.io/
• Trace Labs: https://www.tracelabs.org/
• Expired Domains: https://www.expireddomains.net/deleted-domains/

"The right to be left alone is indeed the beginning of all freedom."

- Supreme Court Justice William O. Douglas

In today's show, I have a conversation with Lawrence  Gentilello, the CEO and Founder of Optery, a personal data removal service. Lawrence shares his own experiences with identity theft and what motivated him to start Optery. We also discuss the future of privacy in the United States, Utah's new privacy law, the Utah Consumer Privacy Act (UCPA), and the bare minimum you should be doing to protect and secure your private data.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on March 6, 2024

Follow Ray on Twitter @privacypod

In this week's episode:

1. Lawrence's experience with identity theft highlights the importance of a credit freeze
2. The need for disinformation
3. A reminder on hunting apps
4. The future of data privacy and the need for services like Optery
5. Data privacy in the UK and the existence of search sites like 192.com
6. Update on next weeks show

Show Links:

• Optery website: https://www.optery.com/
• PC Magazine Editors Choice Award for Optery: https://www.pcmag.com/reviews/optery
• PC Magazine's list of the best personal data removal services: https://www.pcmag.com/picks/the-best-personal-data-removal-services
• Utah Consumer Privacy Act (UCPA): https://attorneygeneral.utah.gov/utah-consumer-protection-act-a-new-law-to-protect-online-privacy/

"If privacy is outlawed, only outlaws will have privacy."

- Philip R. Zimmermann, creator of PGP encryption

In this weeks show I discuss some of the concerns of using TOR over a VPN, and take another look at data removal from people search sites, including a look at Mozilla Monitor, a new service for data removal from the makers of Firefox. I'll also discuss the importance of freezing your credit and putting the title of your home into a revocable living trust, prior to removing your records from people search sites.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on February 16, 2024

In this week's episode:

1. I'm still on the road!
2. Anonymity with TOR and VPN
3. Get that Credit Freeze and Revocable Living Trust
4. Data Removals from people search sites
5. Mozilla Monitor, a new data removal service
6. Quick update on the Complete pfSense Setup Guide

Show Links:

• Mozilla Monitor: https://monitor.mozilla.org
• Tor Browser: https://www.torproject.org/download
• DeepCorr: https://dl.acm.org/doi/pdf/10.1145/3243734.3243824
• Foundations of Digital Privacy, Part One: https://lockdown.media/the-foundations-of-digital-privacy

“If you want to keep a secret, you must also hide it from yourself.”

-George Orwell

In this Friday Field Notes episode of The Lockdown, I share my experience with imposter syndrome, and compare practical privacy approaches with extreme measures, inspired by my move to the USA.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on January 31, 2024

In this week's episode:

1. Using alias names with food apps
2. More on practical privacy vs the extreme
3. My motivations for privacy after my move to the USA
4. Simplewall for Windows 10
5. Using Virtual Machines
6. Dual boot Windows for gaming vs productivity
7. Micro-segmentation strategies
8. Windows 10 LTSC for privacy?
9.  I'm the Imposter! 

Show Links:

•  qView Image Viewer: https://interversehq.com/qview
• GPG4Win: https://www.gpg4win.org/download.html
• Windows 10 LTSC: https://www.cdw.com/search/?key=Windows%20LTSC
• Simplewall: https://github.com/henrypp/simplewall

"Be yourself; everyone else is already taken."

-Oscar Wilde

Music: The Lockdown 

This week, I introduce Defensive OSINT, address privacy concerns while on the road, and examine the intricacies of alias usage and AI-based face morphing for photo alteration. Sharing insights from my recent travels, I highlight the need for vigilance and innovative strategies for maintaining privacy on the go. The episode explores the pros and cons of using alias names for hotel bookings, including the challenges of identity verification during check-in, while I discuss smart, alternative solutions for these scenarios. Join me as we navigate the complexities of preserving privacy in an era rife with survlleiance and data breaches, providing practical tips and advice for privacy-conscious travelers and digital citizens.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on January 27, 2024

In This Week's Show:

1. Privacy on the road with hotels, VRBO rentals, and Uber
2. Why we do this, and the reasons behind our privacy lifestyle
3. A look at Defensive OSINT strategies
4. Face morphing our real photos for privacy
5. Location tracking on your phone
6. MySudo and pre-paid burner numbers
7. A surprise guest?

Show Links:

• Black Portable Hotel Door Lock: https://www.amazon.com/Portable-Security-Additional-Traveling-Apartment/dp/B0CFVS6NRN
• Python Script for ThisPersonDoesNotExist: https://github.com/locksec/tpdne_py
• Facemorph.me: https://facemorph.me
• Upscayl: https://www.upscayl.org
• File Optimizer: https://nikkhokkho.sourceforge.io/static.php?page=FileOptimizer

Intro voice-over: IRLRosie - Creative Commons Attribution license (reuse allowed)
Music: The Lockdown 

“Give me six lines written by the most honest man, and I will find something in them to hang him.” - Cardinal Richelieu

In this week's episode, it's time to wrap up 2023 with another look at Privacy.com, and my strategies for avoiding bank account lockout. I delve into the CIA Triad, breaking down its relevance to everyday privacy concerns. The episode also takes a practical turn with a guide on using FindMyDevice on GrapheneOS, and the FindMyDevice feature on the Garmin Instinct 2 watch for tracking lost phones.

I also tackle the debate between biometric authentication and passcodes, taking our threat model into consideration. For those interested in storage synchronization solutions, I discuss using Nextcloud for a variety of purposes, including photo backups, syncing Keepass, and markdown notes, highlighting its versatility for privacy.

Join me for an episode packed with valuable insights and tips for enhancing your digital privacy and security as we welcome in 2024!

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on January 03, 2024

In this week's episode:
1. Closing 2023 with Privacy.com
2. How the CIA Triad Relates to privacy
3. Tracking Lost Phones with FindMyDevice on GrapheneOS and a Garmin watch
4. Biometric authentication vs Passcodes
5. Using Nextcloud for photo backups, Keepass Sync, and taking notes in Markdown
6. Backups with Backblaze B2 and Restic

Show Links:
https://www.privacy.com
https://strongboxsafe.com
https://www.keepassdx.com
https://grapheneos.org
https://gitlab.com/Nulide/findmydevice
https://obsidian.md
https://www.backblaze.com/cloud-storage
https://restic.net
https://www.garmin.com/en-US/p/775697

Ray Ban Meta News: https://san.com/cc/investigation-into-new-meta-smart-glasses-brings-privacy-concerns

Music: The Lockdown

"We suffer more often in imagination than in reality." - Seneca

In this week’s show, Ray Heffer gives a farewell to Michael Bazzell's Privacy, Security, and OSINT show. Also, speculation about living in a faraday cage continues, and the reasons Firefox is still better than Brave for privacy and security. Ray also talks about when privacy techniques go wrong, with his lockout from Privacy.com.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on  November 22nd, 2023 

This week's episode:

1. Introduction
2. Notable mention for Michael Bazzell
3. New website and Twitter account
4. Why I don't use Brave and the reasons Firefox is still the best option
5. When Privacy Techniques Go Wrong

Links mentioned in the show:
MITRE ATT&CK (Credentials from Web Browsers): https://attack.mitre.org/techniques/T1555/003/
MITRE ATT&CK (Password Managers): https://attack.mitre.org/techniques/T1555/005/
Tor Project Recommendations: https://support.torproject.org/tbb/tbb-9/
Brave (VPN Services) Issue: https://github.com/brave/brave-browser/issues/33726
Citi Virtual Credit Cards: https://www.cardbenefits.citi.com/Products/Virtual-Account-Numbers
Citi (True Name) Card: https://banking.citi.com/cbol/updatemyname/default.htm
IronVest (Formerly Abine Blur): https://ironvest.com/pricing/
Wise Virtual Card (UK): https://wise.com/gb/virtual-card/

Intro music: The Lockdown

"Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius

In this week’s FRIDAY FIELD NOTES, Ray Heffer discusses the Zero Trust security model, a framework that's revolutionizing how organizations protect their critical systems and data. Diving into the depths of cybersecurity, we clear up common myths and misinterpretations surrounding Zero Trust, illuminating its role as not just a defensive strategy but a comprehensive approach to modern threats.

Zero Trust operates on the principle of "never trust, always verify," but what does this mean in practice? Zero Trust doesn't just look outward; it recognizes that threats also come from the inside. By assuming that a breach is not just possible, but has already happened, Zero Trust strategies are uniquely positioned to mitigate damage by insiders, whether malicious or accidental.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on November 09, 2023

This week's episode:

1. Introduction and Brill is living in a Faraday cage
2. How we got to Zero Trust by understadning the Cyber Kill Chain
3. The Principals of Zero Trust
4. Recommended Zero Trust Frameworks

NIST Zero Trust Architecture (SP 800-207): https://csrc.nist.gov/pubs/sp/800/207/final
CISA Zero Trust Maturity Model: https://www.cisa.gov/zero-trust-maturity-model
Cyber Kill Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

Intro music: The Lockdown

"Security is always seen as too much until the day it is not enough." — William H. Webster

Welcome to episode four of The Lockdown - The Practical Privacy and Security podcast.

Follow on Twitter (X): @privacypod
Support the show: https://www.patreon.com/TheLockdown

This episode was recorded on November 06, 2023

This week's episode:
1. I'm back!
2. Traveling to London and Los Angeles
3. A major privacy invasion for Jennifer Lawrence
4. The Psychology of social engineering

Intro music: The Lockdown

"To be yourself in a world that is constantly trying to make you something else is the greatest accomplishment." - Ralph Waldo Emerson