Firewalls Don't Stop Dragons's Avatar

Firewalls Don't Stop Dragons

@firewalldragons.bsky.social

Podcast host, author, blogger, educator, advocate for computer #security & #privacy, software engineer (retired). fdsd.me/blog fdsd.me/book fdsd.me/podcast

639 Followers  |  78 Following  |  382 Posts  |  Joined: 30.08.2023  |  1.8941

Latest posts by firewalldragons.bsky.social on Bluesky

Preview
Why Does Have I Been Pwned Contain "Fake" Email Addresses? Normally, when someone sends feedback like this, I ignore it, but it happens often enough that it deserves an explainer, because the answer is really, really simple. So simple, in fact, that it should...

A little bit of Occam's Razor from @troyhunt.com - oftentimes the simplest explanation is the right one.

(In December, I often repost a fav interview from the archives - and this year, I picked my first podcast with Troy. Stay tuned...)

www.troyhunt.com/why-does-hav...

04.12.2025 17:11 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Podcast - Firewalls Don't Stop Dragons I have a weekly podcast called Firewalls Don't Stop Dragons. The show is a mix of cybersecurity news and interviews of prominent people in the industry. But like the book, the shows are targeted squar...

Tune in Monday when we'll be speaking with @guitmz.bsky.social and Skyper from @phrack.org, celebrating 40 years of its publication! They have some great stories to tell!

Subscribe here:
firewallsdontstopdragons.com/podcast/

04.12.2025 16:59 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Love this line...

"all of a LLM’s output is bullshit in the philosophical sense: statements that are divorced from whether or not they are true or false. The point of a LLM is to output text that looks right given the training data and query, not to produce text that is right."

04.12.2025 15:56 β€” πŸ‘ 9    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0
Preview
Google's December Security Update Fixes Two Zero-Day Exploits (and 105 Others) In its Android Security Bulletin for December, Google is pushing an especially large number of updates to address vulnerabilities across different componentsβ€”two of which may have been exploited in th...

Lots of Android security updates available - go get 'em.

lifehacker.com/tech/googles...

03.12.2025 04:25 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Give Thanks and Donate - Firewalls Don't Stop Dragons Let's give thanks to groups who fight for our rights, hold our governments and corporations accountable, and work to improve our democratic institutions.

(Apologies for posting this again so soon... but I keep forgetting that #GivingTuesday is a thing.)

Take some time to support the orgs who are fighting for your rights every day. Here are a few top notch orgs to consider...

firewallsdontstopdragons.com/give-thanks-...

02.12.2025 17:06 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Firewalls Don't Stop Dragons - Consumer Reports Firewalls Don't Stop Dragons CR membership discount

πŸ’΅Reminder: You can get $10 off your @consumerreports.org subscription until the end of the year!

πŸŽ™οΈ And be sure to check out my delightful interview with @yaelwrites.com @gigastacey.bsky.social and @jefflandale.bsky.social , too!

www.consumerreports.org/fdsd/

01.12.2025 16:24 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Be Wary of Holiday Scams - Firewalls Don't Stop Dragons Podcast With the holiday season come holiday scams – and honestly, just more scammer activity across the board, in general. People are busy and buying...

Today I have more tips on gifts & avoiding scams. Also: US scraps telco security regs; WhatsApp exposes 3.5B numbers; ClickFix update; US tracking 'suspicious' travel; several scams to watch for; cool tool for rogue IoT checks; ARC shut down; ++

podcast.firewallsdontstopdragons.com/2025/12/01/b...

01.12.2025 15:32 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Rights Organizations Demand Halt to Mobile Fortify, ICE's Handheld A coalition of privacy, civil liberties and civil rights organizations are demanding the Department of Homeland Security (DHS) shut down the use of Mobile Fortify, release the agency's privacy

ICE officers shouldn't be allowed to stick a phone in anyone's face to run face recognition without their consent. A coalition of privacy and civil rights advocates are telling DHS to end the program immediately.
www.eff.org/deeplinks/2...

29.11.2025 00:03 β€” πŸ‘ 230    πŸ” 87    πŸ’¬ 2    πŸ“Œ 1

Interesting tool to see if the potential zombie devives on your network (or simply poorly secured devices) are up to no good.

28.11.2025 19:02 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Give the Gift of Security & Privacy - Firewalls Don't Stop Dragons Nothing says "I love you" more than keeping someone safe and secure - particularly in ways that they may not be able to do themselves. Our data and devices are under attack today, now more than ever. ...

As you're doing your holiday shopping, consider giving the gift of your time and effort to make your loved ones more secure and protect their privacy. I've made some fun "dragon coupons" you can use to formalize your offer...

firewallsdontstopdragons.com/give-the-gif...

28.11.2025 15:56 β€” πŸ‘ 5    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Give Thanks and Donate - Firewalls Don't Stop Dragons Let's give thanks to groups who fight for our rights, hold our governments and corporations accountable, and work to improve our democratic institutions.

It's a great time to give thanks to the organizations working tirelessly to fight for your rights, hold those in power to account, and raise awareness of critically important issues. Help them to help all of us. Donate where you can. Share around.

firewallsdontstopdragons.com/give-thanks-...

26.11.2025 15:40 β€” πŸ‘ 5    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys Researchers uncovered 5GB of leaked credentials from JSONFormatter and CodeBeautify, exposing sensitive data across critical sectors.

And then there's leaks like these...

thehackernews.com/2025/11/year...

25.11.2025 20:06 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Very cool! Secrets management is tricky and it's so easy to accidentally commit secrets to a repo.

25.11.2025 20:00 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Best & Worst Gifts for 2025! - Firewalls Don't Stop Dragons Podcast Holiday shopping season is here! And that must mean that it’s time again for my annual Best & Worst Gift Guide! But this time...

So much fun talking holiday gifts alongside @gigastacey.bsky.social and @jefflandale.bsky.social for Carey Parker's podcast, @firewalldragons.bsky.social. And Bailey makes a guest appearance! podcast.firewallsdontstopdragons.com/2025/11/24/b...

24.11.2025 16:26 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1
Post image

Security & privacy tech is tricky - and it changes constantly. It's led to a lot of myths and accepted wisdom that has become stale. Check out this new site from @boblord.bsky.social and endorsed by dozens of other pros that debunks the "hacklore"...

www.hacklore.org

24.11.2025 16:56 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Stop Hacklore!

πŸ“’ Announcing hacklore.org πŸ“’

It’s time to retire outdated cyber advice! More than 80 cybersecurity veterans have signed an open letter urging a shift from folklore to guidance that actually helps people avoid the most common attacks. πŸ”

Blog: medium.com/@boblord/let...

Site: www.hacklore.org

24.11.2025 15:05 β€” πŸ‘ 102    πŸ” 63    πŸ’¬ 5    πŸ“Œ 14
Preview
Best & Worst Gifts for 2025! - Firewalls Don't Stop Dragons Podcast Holiday shopping season is here! And that must mean that it’s time again for my annual Best & Worst Gift Guide! But this time...

🎁 Holiday shopping season is upon us! 🎁

Today's podcast is chock full of top notch buying advice from THREE @ConsumerReports gurus: @yaelwrites, @gigastacey and @JeffLandale. (It also includes a $10 off coupon for CR! !πŸ”₯)

Listen and share!

podcast.firewallsdontstopdragons.com/2025/11/24/b...

24.11.2025 14:01 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Al development and training preferences

Is there ANY online service now that's not opting you in for AI training automatically? If you have an eBay account, you might want to turn this off.

accountsettings.ebay.com/ai-preferences

24.11.2025 13:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Dragon Hacks: Opt Out - Firewalls Don't Stop Dragons Data brokers are everywhere and trying to find them so you can request your data to be deleted is hard. But there's an easy button option: EasyOptOuts.

And heads up... I partnered with @EasyOptOuts for a coupon code, too... 25% off your first year! Info in this blog article:

firewallsdontstopdragons.com/dragon-hacks...

22.11.2025 19:29 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Oh... and I'll be announcing a special discount for a CR subscription on Monday, too! :-)

22.11.2025 19:24 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Gmail can read your emails and attachments to train its AI, unless you opt out A new Gmail update may allow Google to use your private messages and attachments for AI training. Here's how to turn it off.

This BS has to stop. It really should be illegal to opt you in for AI features without explicit, clear consent.

Here's another one you need to go and opt out of...

www.malwarebytes.com/blog/news/20...

21.11.2025 19:39 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Did Qualcomm kill Arduino for good? | Molecularist The maker community worried Qualcomm would kill the Arduino ethos. New T&Cs confirm the community's worst fears. Here's what's at stake, what Qualcomm got wrong, and what might still be salvaged.

GAAHHHH!! Why does Big Tech have to ruin everything?? I'm sick and tired of this pattern...

www.molecularist.com/2025/11/did-...

21.11.2025 18:05 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Podcast - Firewalls Don't Stop Dragons I have a weekly podcast called Firewalls Don't Stop Dragons. The show is a mix of cybersecurity news and interviews of prominent people in the industry. But like the book, the shows are targeted squar...

Don't miss Monday's amazing show: my annual Best & Worst Gift Guide! This year I collaborated with three amazing people from @consumerreports.org : @yaelwrites.com @gigastacey.bsky.social and @jefflandale.bsky.social

Subscribe here:
firewallsdontstopdragons.com/podcast/

21.11.2025 15:26 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1
Preview
Erasing Your Online Data - Firewalls Don't Stop Dragons Podcast Data brokers are amassing tons of our personal information, often from public sources. You can try to find all of these brokers and request...

Today I'll give you an easy option for deleting online data. Also: Meta AI to target ads; Google's AI shopper; OpenTable sharing your dining habits; Amazon sues Perplexity; automated AI hack; WI wants to ban VPNs; EU privacy rollbacks; more!

podcast.firewallsdontstopdragons.com/2025/11/17/e...

17.11.2025 15:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Disrupting the first reported AI-orchestrated cyber espionage campaign A report describing an a highly sophisticated AI-led cyberattack

I'm frankly shocked it took this long. Buckle up, folks. There's more where this came from.

www.anthropic.com/news/disrupt...

13.11.2025 23:30 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Get more from Firewalls Don't Stop Dragons on Patreon creating Firewalls Don't Stop Dragons Podcast & More

Just FYI... I have a whole other podcast just for my patrons. It features bonus Q&A with my guests, more technical topics and special behind-the-scenes info. There are over 200 episodes so far!

There are lots of other patron perks, too...
www.patreon.com/FirewallsDon...

13.11.2025 16:51 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

One of the most interesting recent privacy developments is the deployment of big two-hop IP blinding VPNs by companies like Apple and Google. These systems are designed to ensure that even those companies can’t link web requests to IP addresses.

13.11.2025 13:45 β€” πŸ‘ 84    πŸ” 26    πŸ’¬ 5    πŸ“Œ 3
Preview
US Cyber Resilience Corps Connecting community organizations with cybersecurity volunteer groups to strengthen America's cyber resilience.

Thanks to Carey for hosting us on @firewalldragons.bsky.social to talk about the #cyberresiliencecorps work to help critical orgs build #resilience!

Listen here: podcast.firewallsdontstopdragons.com/2025/11/10/b...

Get involved: www.cybervolunteers.us/en

#cybercivildefense #communitydefense

10.11.2025 22:11 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Fantastic group of public good leaders… I feel lucky to know/team w/ them & others across the #CyberResilienceCorps CRC

10.11.2025 17:30 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

@joshcorman.bsky.social #undisruptable27 @defcon.bsky.social @craignewmark.bsky.social

10.11.2025 15:54 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1

@firewalldragons is following 20 prominent accounts