Have you noticed Google getting really pushy lately with offers to “sign in with Google”? You’re not alone. Many websites offer the ability to create a free account so that you can “personalize your experience”, but lately Google has been popping up an very annoying window to prompt you to create this account by signing in with your Google account. First of all, you almost never need to create an account to view the site. But second, even if you do want to create an account, you shouldn’t be linking that account with Google. You’re creating a data sharing arrangement that is completely unnecessary and not in your best interests. I’ll explain how to block these irritating popups (and many like them) for good.

In other news: 1Password was not hacked, but recent messages might have worried you; new macOS malware stealer app; five things scammers hope you search for; Microsoft Edge is recording your web surfing data; Windows 10 will never receive another feature update; Microsoft is rewriting core Windows software in a memory-safe language; study claims 83% of passwords can be hacked in one second; Google adds support for passkeys; Apple issues first Rapid Security Response with confusing messages; NYPD hands out 500 free AirTags to combat auto thefts; Apple and Google partner on industry spec to thwart unwanted tracking devices; Google adds cloud backup for 2FA without end-to-end encryption; Amazon Clinic requires you to sign away privacy rights; Washington State pass health data privacy law; my take on recent efforts to undermine encryption and restrict access to social media.

1. [Digital Trends] No, 1Password wasn’t hacked – here’s what really happened https://www.digitaltrends.com/computing/1password-secret-keys-not-hacked/
   
2. [9to5mac.com] PSA: ‘Atomic macOS Stealer’ malware can compromise iCloud Keychain passwords, credit cards, crypto wallets https://9to5mac.com/2023/04/28/atomic-macos-stealer-malware-steal-passwords/
   
3. [Lifehacker] Five Things Scammers Are Hoping You Google https://lifehacker.com/five-things-scammers-are-hoping-you-google-1850405964
   
4. [The Verge] Microsoft Edge is leaking the sites you visit to Bing https://www.theverge.com/2023/4/25/23697532/microsoft-edge-browser-url-leak-bing-privacy
   
5. [Lifehacker] Microsoft Will Never Update Windows 10 Again (But You Can Keep Using It) https://lifehacker.com/microsoft-will-never-update-windows-10-again-but-you-c-1850386188
   
6. [theregister.com] Microsoft is busy rewriting core Windows code in memory-safe Rust https://www.theregister.com/2023/04/27/microsoft_windows_rust/
   
7. [9to5mac.com] Study reveals top 20 most used passwords; 83% can be cracked in a second https://9to5mac.com/2023/05/02/most-used-passwords-report/
   
8. [The Hacker News] Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts https://thehackernews.com/2023/05/google-introduces-passwordless-secure.html
   
9. [AppleInsider] Apple issues Rapid Security Response update for iOS 16.4.1, macOS 13.3.1 https://appleinsider.com/articles/23/05/01/apple-issues-rapid-security-response-update-for-ios-1641-macos-1331
   
10. [AppleInsider] New York hands out 500 AirTags in car theft crackdown https://appleinsider.com/articles/23/05/01/new-york-hands-out-500-airtags-in-car-theft-crackdown
    
11. [Apple] Apple, Google partner on an industry specification to address unwanted tracking https://www.apple.com/newsroom/2023/05/apple-google-partner-on-an-industry-specification-to-address-unwanted-tracking/
    
12. [Gizmodo] Google’s New Two-Factor Authentication Isn’t End-to-End Encrypted, Tests Show https://gizmodo.com/google-authenticator-two-factor-not-end-encrypted-1850377102
    
13. [The Washington Post] To become an Amazon Clinic patient, first you sign away some privacy https://www.washingtonpost.com/technology/2023/05/01/amazon-clinic-hipaa-privacy/
    
14. [The Verge] Washington passes law requiring consent before companies collect health data https://www.theverge.com/2023/4/28/23702246/washington-health-data-law-consent-collect-sell
    
15. [Yahoo] India has blocked 14 mobile messenger apps on security fears https://www.yahoo.com/lifestyle/india-blocked-14-mobile-messenger-074000711.html
    
16. [CNN] Arkansas governor signs sweeping bill imposing a minimum age limit for social media usage https://www.cnn.com/2023/04/12/tech/arkansas-social-media-age-limit/index.html
    
17. [act.eff.org] The “Earn It” Act is Back, Seeking To Scan Us All https://act.eff.org/action/the-earn-it-act-is-back-seeking-to-scan-us-all
    
18. Tip of the Week: Block Google Sign-In Popups: https://firewallsdontstopdragons.com/how-to-block-google-popups/  
    

• TP-Link software update: https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware 
  
• Install uBlock Origin: https://ublockorigin.com/ 
  
• Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 
  
• Give the gift of privacy and security: https://fdsd.me/coupons 
  
• Send me your questions! https://fdsd.me/qna 
  
• Support our mission! https://fdsd.me/support 
  
• Subscribe to the newsletter: https://fdsd.me/newsletter 
  
• Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 
  
• Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest 
  
• Generate secure passphrases! https://d20key.com/#/ 
  

Use these timestamps to jump to a particular section of the show.

• 0:00:25: Follow-up on previous stories
  
• 0:02:01: Security updates
  
• 0:02:37: News preview
  
• 0:05:02: 1Password was NOT hacked
  
• 0:06:57: New Atomic macOS Stealer malware discovered
  
• 0:09:56: Five things scammers are hoping you’re googling for
  
• 0:13:53: Microsoft Edge is leaking the sites you visit to Bing
  
• 0:16:27: Microsoft to stop updating Windows 10 features
  
• 0:19:21: Microsoft is rewriting core Windows code to be memory-safe
  
• 0:22:07: 83% of passwords cracked in one second! (not really)
  
• 0:25:17: Google introduces passkey support
  
• 0:30:56: Apple’s first Rapid Security Response was confusing
  
• 0:36:05: NYPD hands out free AirTags to crack down on car theft
  
• 0:37:58: Google, Apple propose standard to address unwanted tracking
  
• 0:40:31: Google’s new 2FA sync is not end-to-end encrypted
  
• 0:44:51: Amazon Clinic requires you to give away your privacy
  
• 0:48:51: Washington State passed heath data protection law
  
• 0:51:17: My take on recent efforts to restrict social media, strong encryption
  
• 0:57:00: Tip of the Week: Blocking Popups
  
• 1:07:13: Wrap up