Marketers are desperately trying to follow us as we traverse the web. Tracking where we go and what we do allows them to better target us with ads. Browsers have built in protections to block older tracking techniques like cookies and tracking pixels, and so ad companies have had find new methods for identifying us across websites. Unfortunately, they've settled on a technique that is extremely difficult to defeat: fingerprinting. I'll explain what is, how it works, and what you can do to mitigate it.
In other news: Google is warning Android users to update their devices right away in order to fix some truly nasty bugs; hackers are using malicious Chrome extensions to read your Gmail and potentially hack your Android device; popular fertility apps are collecting ridiculous amounts of highly personal data and sharing it with partners; scammers are using AI to simulate voices of people you know to steal your money; CISA has launched a great new ransomware vulnerability pilot program; I'll tell you why you should opt out of sharing your data with your mobile service provider; America's threatening to ban TikTok but this won't fix the real problem; the IRS is supposed to be moving away from ID.me authentication.
Article Links
[Naked Security] Dangerous Android phone 0-day bugs revealed – patch or work around them now! https://nakedsecurity.sophos.com/2023/03/17/dangerous-android-phone-0-day-bugs-revealed-patch-or-work-around-them-now/
[Tom's Guide] Hackers are stealing Gmail messages — delete this extension right now https://www.tomsguide.com/news/hackers-are-stealing-gmail-messages-delete-this-extension-right-now
[The Conversation] Popular fertility apps are engaging in widespread misuse of data, including on sex, periods and pregnancy https://theconversation.com/popular-fertility-apps-are-engaging-in-widespread-misuse-of-data-including-on-sex-periods-and-pregnancy-202127
[consumer.ftc.gov] Scammers use AI to enhance their family emergency schemes https://consumer.ftc.gov/consumer-alerts/2023/03/scammers-use-ai-enhance-their-family-emergency-schemes
[cisa.gov] CISA Establishes Ransomware Vulnerability Warning Pilot Program https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program
[briankrebs] Why You Should Opt Out of Sharing Data With Your Mobile Provider https://krebsonsecurity.com/2023/03/why-you-should-opt-out-of-sharing-data-with-your-mobile-provider/
[The Washington Post] America’s online privacy problems are much bigger than TikTok https://www.washingtonpost.com/technology/2023/03/24/tiktok-online-privacy-laws/
Dear Carey: IRS plans to approve use of Login-dot-gov as Tax Day nears https://www.fcw.com/it-modernization/2023/03/plans-approve-use-login-dot-gov-tax-day-nears/383934/
Tip of the Week: https://firewallsdontstopdragons.com/how-to-block-web-fingerprinting/
Further Info
Syncthing: https://syncthing.net/
KeePassXC: https://keepassxc.org/
IP address black list check: https://whatismyipaddress.com/blacklist-check
EFF on TikTok: https://www.eff.org/deeplinks/2023/03/government-hasnt-justified-tiktok-ban
Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch
Send me your questions! https://fdsd.me/qna
Support our mission! https://fdsd.me/support
Subscribe to the newsletter: https://fdsd.me/newsletter
Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book
Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest
Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
0:01:49: Local password vault sync solution
0:05:07: News preview
0:06:47: Dangerous Android Baseband Bugs Patched
0:18:19: Hackers stealing Gmail messages via browser plugin
0:22:29: Popular fertility apps are engaging in widespread misuse of data
In other news: Google is warning Android users to update their devices right away in order to fix some truly nasty bugs; hackers are using malicious Chrome extensions to read your Gmail and potentially hack your Android device; popular fertility apps are collecting ridiculous amounts of highly personal data and sharing it with partners; scammers are using AI to simulate voices of people you know to steal your money; CISA has launched a great new ransomware vulnerability pilot program; I'll tell you why you should opt out of sharing your data with your mobile service provider; America's threatening to ban TikTok but this won't fix the real problem; the IRS is supposed to be moving away from ID.me authentication.
Article Links
[Naked Security] Dangerous Android phone 0-day bugs revealed – patch or work around them now! https://nakedsecurity.sophos.com/2023/03/17/dangerous-android-phone-0-day-bugs-revealed-patch-or-work-around-them-now/
[Tom's Guide] Hackers are stealing Gmail messages — delete this extension right now https://www.tomsguide.com/news/hackers-are-stealing-gmail-messages-delete-this-extension-right-now
[The Conversation] Popular fertility apps are engaging in widespread misuse of data, including on sex, periods and pregnancy https://theconversation.com/popular-fertility-apps-are-engaging-in-widespread-misuse-of-data-including-on-sex-periods-and-pregnancy-202127
[consumer.ftc.gov] Scammers use AI to enhance their family emergency schemes https://consumer.ftc.gov/consumer-alerts/2023/03/scammers-use-ai-enhance-their-family-emergency-schemes
[cisa.gov] CISA Establishes Ransomware Vulnerability Warning Pilot Program https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program
[briankrebs] Why You Should Opt Out of Sharing Data With Your Mobile Provider https://krebsonsecurity.com/2023/03/why-you-should-opt-out-of-sharing-data-with-your-mobile-provider/
[The Washington Post] America’s online privacy problems are much bigger than TikTok https://www.washingtonpost.com/technology/2023/03/24/tiktok-online-privacy-laws/
Dear Carey: IRS plans to approve use of Login-dot-gov as Tax Day nears https://www.fcw.com/it-modernization/2023/03/plans-approve-use-login-dot-gov-tax-day-nears/383934/
Tip of the Week: https://firewallsdontstopdragons.com/how-to-block-web-fingerprinting/
Further Info
Syncthing: https://syncthing.net/
KeePassXC: https://keepassxc.org/
IP address black list check: https://whatismyipaddress.com/blacklist-check
EFF on TikTok: https://www.eff.org/deeplinks/2023/03/government-hasnt-justified-tiktok-ban
Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch
Send me your questions! https://fdsd.me/qna
Support our mission! https://fdsd.me/support
Subscribe to the newsletter: https://fdsd.me/newsletter
Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book
Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest
Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
0:01:49: Local password vault sync solution
0:05:07: News preview
0:06:47: Dangerous Android Baseband Bugs Patched
0:18:19: Hackers stealing Gmail messages via browser plugin
0:22:29: Popular fertility apps are engaging in widespread misuse of data
Activity