Profile avatar
firewalldragons.bsky.social
Podcast host, author, blogger, educator, advocate for computer #security & #privacy, software engineer (retired). fdsd.me/blog fdsd.me/book fdsd.me/podcast
192 posts 482 followers 65 following
Prolific Poster
Conversation Starter
Posts 39 Comments 11

Here are some resources for generating passphrases. Gotta say, though, I still think mine is the most fun. :-) www.eff.org/dice privacysafe.bot d20key.com

submitted 52 minutes ago • 0 comments

This is really cool! I need to try this. I remember talking with Cooper about the Crocodile Hunter a few years back and wishing then that there was a simpler, more portable option that could be easily crowdsourced. Tada! @eff.org www.eff.org/deeplinks/20...

submitted 2 hours ago • 1 comment

Oh, 2 #podcast episodes about the #L0pht released within a single day (by @firewalldragons.bsky.social and @darknetdiaries.bsky.social ). Great listening ahead! podcast.firewallsdontstopdragons.com/2025/03/03/back-... darknetdiaries.com/episode/155

submitted 11 hours ago • 0 comments

Weld Pond here, surfacing from the L0pht archives for this gem. Relive the chaos, the hacks, and the testimony that made history. Hit play—you won’t regret it!

submitted 2 days ago • 0 comments

Read this and share. Eliminating waste, fraud and abuse is a good thing. But we're not doing that. 18f.org

submitted 2 days ago • 0 comments

#Hacker groups like The L0pht have had significant impacts on modern tech life, improving #security, advancing digital rights, and even influencing pop culture. In today's show we have great stories & insights from @weld.bsky.social of The L0pht. podcast.firewallsdontstopdragons.com/2025/03/03/b...

submitted 2 days ago • 0 comments

So here’s a simple request to Apple. Apple iMessage needs to enable “disappearing messages.” And they need to do it soon. blog.cryptographyengineering.com/2025/03/01/d...

submitted 4 days ago • 4 comments

WOW. Just editing my podcast (as one does on a Saturday). @weld.bsky.social and I were talking about dumpster-diving for documentation... I had a flashback to my co-op days when I was doing ASW electronics for a DoD company, and I recalled my massive collection of "databooks"...

submitted 4 days ago • 1 comment

Tune in Monday when I'll be talking hacker history and culture with none other than Weld Pond @weld.bsky.social (Chris Wysopal) from the OG group L0pht Heavy Industries! Subscribe here: podcast.firewallsdontstopdragons.com

submitted 4 days ago • 0 comments

Epic Win: Qualcomm & Google are teaming up to offer 8 years of Android updates. arstechnica.com/gadgets/2025... Discuss with others in the Techlore community: discuss.techlore.tech/t/qualcomm-a...

submitted 7 days ago • 0 comments

Today I had the brilliant ideal to set a reminder for myself including a URL that I keep forgetting... and found that it was already there. The movie Memento is becoming less of a psychological thriller for me and more like a life hack video.

submitted 9 days ago • 0 comments

What is onion routing and how do you use it? Listen to find out! In other news: Bitly to show ads before routing URLs; pop-up ads in cars are here; tricky MS365 phish; Apple pulls ADP from UK; DOGE tactics creating huge national security risk. podcast.firewallsdontstopdragons.com/2025/02/24/o...

submitted 9 days ago • 0 comments

The privacy concerns I have around the Eightsleep have kept me from buying one, the security concerns make me want to warn people about buying one: trufflesecurity.com/blog/removin...

submitted 11 days ago • 3 comments

In 2025, how is it that web forms for login, password update, 2FA, and credit card info still don't work *flawlessly* when using a password manager plugin? We *have* standards for this. It's hard enough to convince people to use this stuff ... it should Just Work™️.

submitted 11 days ago • 1 comment

I have to wonder if HP is really the first company to do this, or just the first to get caught doing it. www.theregister.com/2025/02/20/h...

submitted 12 days ago • 1 comment

This is a travesty, though it was the best option Apple had in this case (better than complying). I hope the reaction to this by folks in the UK is swift and loud. www.washingtonpost.com/technology/2...

submitted 12 days ago • 0 comments

We're all worried about #security & #privacy, but where to start? @consumerreports.org Security Planner will give you a custom to-do list based on answers to simple questions. Yael Grauer @yaelwrites.com explains how it works and why you need it. podcast.firewallsdontstopdragons.com/2025/02/17/s...

submitted 16 days ago • 2 comments

Funny... but also sadly very real. www.mcsweeneys.net/articles/hap...

submitted 19 days ago • 1 comment

For Valentine's Day, consider giving the gift of #security and #privacy to your loved ones! firewallsdontstopdragons.com/give-the-gif...

submitted 19 days ago • 0 comments

On Monday, I'll be having an informative and fun chat with the wonderful Yael Grauer (@yaelwrites.com) about @consumerreports.org Security Planner tool and personal threat modeling. Subscribe here: podcast.firewallsdontstopdragons.com

submitted 19 days ago • 0 comments

Whatever your politics, this reckless approach is a massive boon for attackers. I'll bet foreign intelligence services are in overdrive trying to exploit these opportunities. www.schneier.com/blog/archive...

submitted 20 days ago • 0 comments

Okay... I just ordered a fancy, expensive one of these from the Royal Mint. But I would love to get a few regular, circulating coins somehow. DM me if you have ideas. I will trade a dragon challenge coin for this... somehow seems appropriate. www.smithsonianmag.com/smart-news/g...

submitted 22 days ago • 0 comments

This is just wrong. I'm sick and tired of ads being forced on me everywhere I go, interrupting everything I do. I want the right to NOT be advertised to - separate and apart from data privacy rights. Global, universal opt-out. Leave me ALONE. techstory.in/stellantis-i...

submitted 22 days ago • 2 comments

Interesting idea. Still doesn't defeat the xkcd $5 wrench vulnerability, though. It always comes down to knowing your threat model. www.schneier.com/blog/archive...

submitted 22 days ago • 0 comments

Important iPhone (iOS) security update - update ASAP. www.macrumors.com/2025/02/10/i...

submitted 22 days ago • 1 comment

The UK has secretly demanded that Apple undermine everyone's privacy. This is a big deal. Also: Netgear router bugs; the good & bad of DeepSeek AI; AngelSense breach; OCR iOS and macOS stealer malware; and a cool new Android security feature. podcast.firewallsdontstopdragons.com/2025/02/10/c...

submitted 23 days ago • 0 comments

Agree 100% with Bruce. I'll be discussing this on tomorrow's show. www.schneier.com/blog/archive...

submitted 23 days ago • 0 comments

This is wrong on so many levels, but let's start with the fact that the law here explicitly prevents discussing that it's even happening. That's not how democracy works. (FISA/FISC has a similar problem with transparency.) www.washingtonpost.com/technology/2...

submitted 26 days ago • 0 comments

If you have one of these Netgear routers, you should update it ASAP. www.bleepingcomputer.com/news/securit...

submitted 27 days ago • 0 comments

Marketers & scammers love to target us based on unique identifiers: phone numbers, email addresses and even credit card numbers. But you can compartmentalize your ID, decentralize it. Anonyome Labs CTO Paul Ashley explains how in today's show. podcast.firewallsdontstopdragons.com/2025/02/03/c...

submitted 30 days ago • 3 comments

On Monday, I'll be talking to Dr. Paul Ashley, CTO of Anonyome Labs (makers of MySudo), about the notion of decentralized identity and how aliases can help compartmentalize and protect your digital life. Subscribe here: podcast.firewallsdontstopdragons.com

submitted 33 days ago • 0 comments

Another fun look at how people choose crappy (ie, predictable) PIN codes. It gives credit to another classic analysis at the bottom of the article, which is also worth checking out. www.abc.net.au/news/2025-01...

submitted 36 days ago • 0 comments

Update your Apple devices to the latest OS versions to fix a bunch of security bugs. However, note that Apple Intelligence is also now on by default - if that bothers you, go to Settings > Apple Intelligence & Siri to disable. www.macrumors.com/2025/01/27/i...

submitted 36 days ago • 0 comments

This is a fantastic guide from @privacyguides.org if you're in really any situation where your freedom or wellbeing may be at risk due to a lapse in OpSec. It also makes it abundantly clear that our smartphones have serious #privacy problems. www.privacyguides.org/articles/202...

submitted 37 days ago • 0 comments

Browser plugins are like apps - I'll explain why. Also: TikTok is back; US gov't fires cyber experts; opting out of Apple Intelligence; tricky Apple smish campaign; PowerSchool breach; new AI photo locator; fuzzing attacks; some victories, too. podcast.firewallsdontstopdragons.com/2025/01/27/t...

submitted 37 days ago • 0 comments

Love this podcast. Give @firewalldragons.bsky.social some love open.spotify.com/episode/7zZL...

submitted 42 days ago • 1 comment

#Privacy policies in the US are a joke. Without strong legal protections, our data will be hoovered up, repackaged and sold - not only to marketers but to gov'ts. We'll discuss how to protect your data w/ Sukhi from @consumerreports.bsky.social. podcast.firewallsdontstopdragons.com/2025/01/20/r...

submitted 44 days ago • 0 comments

Long, but well worth a read. It raises important questions that we need to answer. (I would love to get @matthewdgreen.bsky.social on the show to dig deeper on this.) blog.cryptographyengineering.com/2025/01/17/l...

submitted 44 days ago • 0 comments

Fed up with Meta? Avoiding Instagram or Facebook isn’t enough to stop Meta from harvesting and profiting from your private information. Here’s how to limit Meta’s ability to monetize your personal data.

submitted 47 days ago • 776 comments