Q&A: Private Shopping Tips for the Holidays
Added 2024-10-30 17:00:12 +0000 UTCQ&A201: Tips to shop privately online with the holidays approaching, private investment funds entering the Monero space, and is your SSID trackable?
Video Version: https://youtu.be/FsOeABnuzOQ
00:00 Introduction
00:24 Privacy Tips for Online Shopping
05:55 Investment Funds Entering the Monero Space
07:35 WiFi SSID Concerns
---
π Go ahead and leave some questions below for us to look at for SR202 this weekend! (Note: We record on Friday nights in the US, so it's highly recommended to leave all questions by noon on Friday in the US)
It can be about a specific story, a general question about privacy/security, a question about the world, a question you tried last week, or anything else. Due to time restraints we can't promise that we'll get to yours, but we appreciate all of them!
To receive these posts via RSS, get your own custom link using these instructions.
Comments
I can phrase this as a question at the end, but really, it's just something your listeners might be interested to hear. I have a Facebook account (not good, I know, but I have my reasons), and recently I discovered that they had randomly removed all my Yubikeys from my account, and 2FA was no longer enabled. For now I'm putting it down to a technical error as I saw no evidence of unauthorised access, although I've obviously changed my password just in case, and re-registered the keys. I've written to their support, but I'm not expecting a reply. So, if you want it as a question: have you ever heard of this happening before? It's a good reminder that 2FA is no protection against screw-ups by the provider.
Esquilax
2024-11-01 10:43:31 +0000 UTCA few questions in top-3 format: In the livestream, Nate mentioned that a major reason people feel overwhelmed and despair when pursuing personal cybersecurity/privacy is because they have not done proper threat modeling. It seems that an important part of doing effective and accurate threat modeling is having solid knowledge of the underlying technologies. Not superficial, TLDR-level knowledge that one might gain in an hour, and not career-professional level of knowledge that one might gain from a lifetime of experience, but maybe from tens of hours: enough to really internalise/"grok" the information. Basically, knowledge deep enough that you can feel confident in your own judgment/assessment of threats and risks and be able to accurately distinguish unlikely and hyped/overblown threats from more realistic ones. Perhaps knowledge of cryptographic algorithms and computer networking would be a couple of examples relevant to the computer privacy field. In this context, what are the top 3 hardware/software/platforms/technologies that each of you took the time to learn that have made the most difference to your privacy and security adroitness, and what are the top 3 that you are keenest on learning in expectation of obtaining the same benefit? People often say that in some ways stock Android is more secure, albeit less private, than custom Android-based mobile OSs. "Supply-chain" malware in the form of lookalike apps is probably no less prevalent in the Play Store, if for no other reason that more people use it than say F-droid and Aurora store. Also, let's say we are only looking at OSs that can run with a re-locked boot loader on the phone in question. In this context, what do you think would be the top 3 security concerns when, say, using GrapheneOS with F-droid and Aurora Store instead of Google's stock android on a Pixel, and what are the best ways to mitigate that? You have referred to Darknet Diaries several times on the show. What are each of your top 3 favorite episodes of that podcast series?
David Johnson
2024-10-31 10:36:41 +0000 UTC
![J.A.X [Ai art]](https://xaiju.com/istorage/100248.jpg)
