In the third part of my series on securing your home network, we’ll assess your security and privacy vulnerabilities. In prior weeks, we’ve exhaustively listed our network devices (Scan) and removed any devices that we no longer need or don’t need to be “smart” (Simplify). Now it’s time to investigate the remaining devices and think about what we need to do to secure them.

In other news: an old Mac malware info stealer is back; thousands of Android apps are evading detection using an interesting technique; Illinois just passed a law allowing doxing victims to sue perpetrators for damages; Meta plans to roll out end-to-end encryption for Messenger by year’s end; LinkedIn accounts are being targeted for takeover; Intel’s GPU driver collects personal info by default; Tesla suffers data breach of 75,000 current and former employees; police are accessing DNA databases even for people who opted out of this access; Pennsylvania court says police been to be transparent about social media monitoring; Kansas newspaper raid by police teaches us how better to encrypt our data; hackers are selling credit report info on just about any American; NSA director tells employees to spy “with dignity and respect”.

1. [TechRadar] One of the worst Mac malware strains is back and hiding as a productivity app – so beware https://www.techradar.com/pro/security/one-of-the-worst-mac-malware-strains-is-back-and-hiding-as-a-productivity-app-so-beware
   
2. [Tom’s Guide] Thousands of Android malware apps use stealthy APKs to bypass security, study finds https://www.tomsguide.com/news/thousands-of-android-malware-apps-use-stealthy-apks-to-bypass-security-study-finds
   
3. [Ars Technica] Illinois just made it possible to sue people for doxxing attacks https://arstechnica.com/tech-policy/2023/08/illinois-just-made-it-possible-to-sue-people-for-doxxing-attacks/
   
4. [TechCrunch] Meta plans to roll out default end-to-end encryption for Messenger by the end of the year https://techcrunch.com/2023/08/22/meta-plans-to-roll-out-default-end-to-end-encryption-for-messenger-by-the-end-of-the-year/
   
5. [TechRadar] LinkedIn user accounts have been taken over in huge hacking campaign https://www.techradar.com/pro/security/linkedin-user-accounts-have-been-taken-over-in-huge-hacking-campaign
   
6. [extremetech.com] Intel’s GPU Drivers Now Collect Telemetry https://www.extremetech.com/gaming/intels-gpu-drivers-now-collect-telemetry-including-how-you-use-your-computer
   
7. [TechCrunch] Tesla says data breach impacting 75,000 employees was an insider job https://techcrunch.com/2023/08/21/tesla-breach-employee-insider/
   
8. [BBC] Why US tech giants are threatening to quit the UK https://www.bbc.com/news/technology-66304002
   
9. [The Intercept] Police Are Getting DNA Data From People Who Think They Opted Out https://theintercept.com/2023/08/18/gedmatch-dna-police-forensic-genetic-genealogy/
   
10. [The Associated Press] A Pennsylvania court says state police can’t hide how it monitors social media https://apnews.com/article/pennsylvania-police-aclu-social-media-monitoring-1508189aba86cc776e19892b4a2b358a
    
11. [freedom.press] What a newsroom police raid teaches us about encrypting our devices https://freedom.press/training/blog/marion-record-police-raid/
    
12. [404media.co] The Secret Weapon Hackers Can Use to Dox Nearly Anyone in America for $15 https://www.404media.co/the-secret-weapon-hackers-can-use-to-dox-nearly-anyone-in-america-for-15-tlo-usinfosearch-transunion/
    
13. [The Intercept] NSA Orders Employees to Spy on the World “With Dignity and Respect” https://theintercept.com/2023/08/25/nsa-spy-dignity-respect/
    
14. Tip of the Week: Securing Your Network 3: Assess: https://firewallsdontstopdragons.com/secure-your-network-3-assess/ 
    

• Dragon Challenge Coin promotion: https://fdsd.me/promo823
  
• Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 
  
• Give the gift of privacy and security: https://fdsd.me/coupons 
  
• Send me your questions! https://fdsd.me/qna 
  
• Support our mission! https://fdsd.me/support 
  
• Subscribe to the newsletter: https://fdsd.me/newsletter 
  
• Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 
  
• Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest 
  
• Generate secure passphrases! https://d20key.com/#/ 
  

Use these timestamps to jump to a particular section of the show.

• 0:00:52: News rundown
  
• 0:03:09: One of the worst Mac malware strains is back
  
• 0:06:15: Android malware apps use stealthy APKs to bypass security
  
• 0:09:17: Illinois now allows you to sue for doxxing attacks
  
• 0:13:59: Meta to roll out default E2EE for Messenger by year’s end
  
• 0:17:06: LinkedIn accounts taken over in huge hacking campaign
  
• 0:19:39: Intel’s GPU Drivers Now Collect Telemetry
  
• 0:23:34: Data breach impacting 75,000 Tesla employees was inside job
  
• 0:26:39: Why US tech giants are threatening to quit the UK
  
• 0:29:26: Police Are Getting DNA Data From People Who Think They Opted Out
  
• 0:34:58: PA court says state police can’t hide how it monitors social media
  
• 0:37:13: What a newsroom police raid teaches us about security
  
• 0:42:58: The Tool Hackers Can Use to Dox Nearly Anyone in America
  
• 0:49:14: NSA Orders Employees to Spy “With Dignity and Respect”
  
• 0:51:40: Need more Dear Carey questions!
  
• 0:52:01: Tip of the Week
  
• 0:57:01: Wrap up