030 - Info Stealers, GrapheneOS Drama, and Why Video Games and Anti-Virus Are Spyware
In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple’s private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it’s not hackers with Wireshark), and share my approach with aliases.I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google’s strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.In this week’s episode:Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias managementMAC address randomization: GrapheneOS vs Apple’s implementationThe real threats of public Wi-Fi in 2025Info stealers and video games can be a privacy nightmareGrapheneOS controversy: Developer conscription, Google’s lockdown, and the future of custom ROMsWhy antivirus software might be the malware you’re trying to avoidMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:MAC Address Lookup - https://maclookup.app/OUI Lookup - https://oui.is/33mail - https://www.33mail.com/OpenSnitch - https://github.com/evilsocket/opensnitchPrivacy.com - https://privacy.comLithic - https://lithic.comKaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_governmentGoogle Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544“Social engineering bypasses all technologies, including firewalls.”- Kevin Mitnick
★ Support this podcast on Patreon ★
--------
52:42
--------
52:42
029 - Minimize not Militarize and Avoiding Surveillance with GrapheneOS
In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robots.txt. I discuss why the “assume breach” mentality just leaves the doors wide open, using examples from Kevin Mitnick’s 1981 Pacific Bell infiltration to modern ransomware groups like Scattered Spider who breached MGM and Marks & Spencer through social engineering.I also cover practical tactics for using public Wi-Fi, data curation techniques, the invisible surveillance net including Stingray devices, and provide a deep dive into GrapheneOS covering user profiles, app sandboxing, network controls, sensor permissions, and the proper use of sandboxed Google Play services.In this week’s episode:Ghost in the Source Capture the Flag challenge resultsThe military mindset problem in cybersecurityStrategic use of public Wi-Fi for account creation and privacy techniquesData curation tactics, and “Minimizing What Can Be Known”Invisible surveillance net and Stingray devicesGrapheneOS discussion on user profiles, app sandboxing, network controls, sensors permissions, sandboxed Google Play services, and security architectureMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Noam Chomsky on Internet Privacyhttps://www.youtube.com/watch?v=QIWsTMcBrjQNoam Chomsky on Advertising - https://www.youtube.com/watch?v=PfIwUlY44CMTryHackMe Platform - https://tryhackme.comHack the Box - https://hackthebox.comWired Article on DNC Stingray Surveillance - https://www.wired.com/story/2024-dnc-cell-site-simulator-phone-surveillance/IntelTechniques Data Removal Guide - https://inteltechniques.com/workbook.htmlOptery Data Broker Removal - https://optery.comGraphene OS - https://grapheneos.org“We’re dragons. We’re not supposed to live by other people’s rules.”- Hajime Ryudo
★ Support this podcast on Patreon ★
In this episode, I discuss three key strategies for maintaining privacy and security across your physical mailbox, email, and phone. I discuss the growing Matrix community, explore alternative mailing solutions using co-working spaces, detail a four-tier email strategy, and examine the concerning spread of Flock ALPR cameras. I also share insights on anonymous eSIM options and answer listener questions about dealing with Know-Your-Customer requirements.In this week’s episode:Joining the Matrix community with ElementPhysical mailbox strategies: UPS stores, virtual CMRA addresses, and co-working spacesFour-tiered email approach using ProtonMail, Fastmail, SimpleLogin, and Gmail sock puppetMobile phone privacy with Mint Mobile and anonymous eSIM optionsThe Flock ALPR camera threat and how to protect yourselfListener questions: Australian SIM card strategies with KYC requirementsCapture the Flag challenge details for June 21stMatrix Community RoomsIt seems on Element X, it doesn’t list the rooms associated with the Matrix space, so you can click on each of these links to join the rooms:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Matrix Clients - https://matrix.org/clientsMatrix Community - https://matrix.to/#/#psysecure:matrix.orgSmarty Address Lookup - https://www.smarty.com/products/single-addressExpired Domains - https://www.expireddomains.net/Stealths.net (Anonymous eSIMs) - https://stealths.net/DeFlock.me (ALPR Camera Map) - https://deflock.me/Flock Safety Privacy Policy - https://www.flocksafety.com/privacy-policyEFF Article on DeFlock - https://www.eff.org/deeplinks/2025/02/anti-surveillance-mapmaker-refuses-flock-safetys-cease-and-desist-demandCTF Challenge Rules - https://psysecure.com/ctf“Imagine this situation where we have the huge electronic intercommunication so that everybody is in touch with everybody else in such a way that it reveals their inmost thoughts, and there is no longer any individuality. No privacy. Everything you are, everything you think, is revealed to everyone.”- “Future of Communications” Alan WattsOfficial Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
--------
45:28
--------
45:28
027 - Stop Playing the Game, Join The New Matrix Privacy Community
In this episode, I discuss breaking free from the Apple ecosystem, the dangers of social media oversharing, and introduce our new Matrix community. I also cover the upcoming capture the flag challenge, share thoughts on the OSINT Defense & Security Framework progress, and rant about security theater at airports and online services that block VPNs.In this week’s episode:Apple’s $95 million lawsuit and the ecosystem lock-in problemWhy people overshare on social media and how OSINT can exploit itIntroduction to the Matrix communityCapture the Flag challenge launching June 21st!Progress update on the OSINT Defense & Security Framework (ODSF)Security theater: VPN blocking and other pointless security measuresAlternative YouTube clients for privacy (GrayJay and NewPipe)Show Links:Matrix Community - https://matrix.to/#/#psysecure:matrix.orgCTF Challenge - https://psysecure.com/ctfGrayJay (by Futo) - https://grayjay.appNewPipe - https://newpipe.netWiFi Pineapple - https://shop.hak5.org/products/wifi-pineappleSystem76 Laptops - https://system76.com/laptopsLittle Snitch (macOS Firewall) - https://www.obdev.at/products/littlesnitch/“I hope for nothing. I fear nothing. I am free.”- Nikos KazantzakisOfficial Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
--------
44:16
--------
44:16
026 - Ghost in the Source (Announcement)
In this brief episode between travels, I announce the “Ghost in the Source” capture the flag challenge, a cryptographic hunt on my website starting June 21st, 2025. At the end of June I will pick 3 lucky winners which will receive a 6-month TryHackMe subscription voucher. I also provide an update on our new Matrix community.In this week’s episode:Announcing the “Ghost in the Source” CTF challengeChallenge details and rulesPrize information: 3 x 6-month TryHackMe vouchers!Matrix community update for listener interactionFuture plans for OSINT CTF challengesShow Links:CTF Challenge Page - https://psysecure.com/ctf/“When I float weightless back to the surface, I’m imagining I’m becoming someone else.”- Motoko KusanagiOfficial Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
Welcome to The Lockdown. Privacy doesn’t have to be all-or-nothing. The inability to attain extreme levels of privacy shouldn’t deter one from taking any protective measures at all. The show is hosted by Ray Heffer, an expert in the field of privacy and cybersecurity, with each episode touching on a range of topics such as data privacy, password management, and secure browsing habits. Tin-foil hats are optional!
Ouça The Lockdown - Practical Privacy & Security, Miss Honey: Slow English Podcast e muitos outros podcasts de todo o mundo com o aplicativo o radio.net
Brasil