029 - Minimize not Militarize and Avoiding Surveillance with GrapheneOS
In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robots.txt. I discuss why the “assume breach” mentality just leaves the doors wide open, using examples from Kevin Mitnick’s 1981 Pacific Bell infiltration to modern ransomware groups like Scattered Spider who breached MGM and Marks & Spencer through social engineering.I also cover practical tactics for using public Wi-Fi, data curation techniques, the invisible surveillance net including Stingray devices, and provide a deep dive into GrapheneOS covering user profiles, app sandboxing, network controls, sensor permissions, and the proper use of sandboxed Google Play services.In this week’s episode:Ghost in the Source Capture the Flag challenge resultsThe military mindset problem in cybersecurityStrategic use of public Wi-Fi for account creation and privacy techniquesData curation tactics, and “Minimizing What Can Be Known”Invisible surveillance net and Stingray devicesGrapheneOS discussion on user profiles, app sandboxing, network controls, sensors permissions, sandboxed Google Play services, and security architectureMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Noam Chomsky on Internet Privacyhttps://www.youtube.com/watch?v=QIWsTMcBrjQNoam Chomsky on Advertising - https://www.youtube.com/watch?v=PfIwUlY44CMTryHackMe Platform - https://tryhackme.comHack the Box - https://hackthebox.comWired Article on DNC Stingray Surveillance - https://www.wired.com/story/2024-dnc-cell-site-simulator-phone-surveillance/IntelTechniques Data Removal Guide - https://inteltechniques.com/workbook.htmlOptery Data Broker Removal - https://optery.comGraphene OS - https://grapheneos.org“We’re dragons. We’re not supposed to live by other people’s rules.”- Hajime Ryudo
★ Support this podcast on Patreon ★
In this episode, I discuss three key strategies for maintaining privacy and security across your physical mailbox, email, and phone. I discuss the growing Matrix community, explore alternative mailing solutions using co-working spaces, detail a four-tier email strategy, and examine the concerning spread of Flock ALPR cameras. I also share insights on anonymous eSIM options and answer listener questions about dealing with Know-Your-Customer requirements.In this week’s episode:Joining the Matrix community with ElementPhysical mailbox strategies: UPS stores, virtual CMRA addresses, and co-working spacesFour-tiered email approach using ProtonMail, Fastmail, SimpleLogin, and Gmail sock puppetMobile phone privacy with Mint Mobile and anonymous eSIM optionsThe Flock ALPR camera threat and how to protect yourselfListener questions: Australian SIM card strategies with KYC requirementsCapture the Flag challenge details for June 21stMatrix Community RoomsIt seems on Element X, it doesn’t list the rooms associated with the Matrix space, so you can click on each of these links to join the rooms:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Matrix Clients - https://matrix.org/clientsMatrix Community - https://matrix.to/#/#psysecure:matrix.orgSmarty Address Lookup - https://www.smarty.com/products/single-addressExpired Domains - https://www.expireddomains.net/Stealths.net (Anonymous eSIMs) - https://stealths.net/DeFlock.me (ALPR Camera Map) - https://deflock.me/Flock Safety Privacy Policy - https://www.flocksafety.com/privacy-policyEFF Article on DeFlock - https://www.eff.org/deeplinks/2025/02/anti-surveillance-mapmaker-refuses-flock-safetys-cease-and-desist-demandCTF Challenge Rules - https://psysecure.com/ctf“Imagine this situation where we have the huge electronic intercommunication so that everybody is in touch with everybody else in such a way that it reveals their inmost thoughts, and there is no longer any individuality. No privacy. Everything you are, everything you think, is revealed to everyone.”- “Future of Communications” Alan WattsOfficial Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
--------
45:28
--------
45:28
027 - Stop Playing the Game, Join The New Matrix Privacy Community
In this episode, I discuss breaking free from the Apple ecosystem, the dangers of social media oversharing, and introduce our new Matrix community. I also cover the upcoming capture the flag challenge, share thoughts on the OSINT Defense & Security Framework progress, and rant about security theater at airports and online services that block VPNs.In this week’s episode:Apple’s $95 million lawsuit and the ecosystem lock-in problemWhy people overshare on social media and how OSINT can exploit itIntroduction to the Matrix communityCapture the Flag challenge launching June 21st!Progress update on the OSINT Defense & Security Framework (ODSF)Security theater: VPN blocking and other pointless security measuresAlternative YouTube clients for privacy (GrayJay and NewPipe)Show Links:Matrix Community - https://matrix.to/#/#psysecure:matrix.orgCTF Challenge - https://psysecure.com/ctfGrayJay (by Futo) - https://grayjay.appNewPipe - https://newpipe.netWiFi Pineapple - https://shop.hak5.org/products/wifi-pineappleSystem76 Laptops - https://system76.com/laptopsLittle Snitch (macOS Firewall) - https://www.obdev.at/products/littlesnitch/“I hope for nothing. I fear nothing. I am free.”- Nikos KazantzakisOfficial Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
--------
44:16
--------
44:16
026 - Ghost in the Source (Announcement)
In this brief episode between travels, I announce the “Ghost in the Source” capture the flag challenge, a cryptographic hunt on my website starting June 21st, 2025. At the end of June I will pick 3 lucky winners which will receive a 6-month TryHackMe subscription voucher. I also provide an update on our new Matrix community.In this week’s episode:Announcing the “Ghost in the Source” CTF challengeChallenge details and rulesPrize information: 3 x 6-month TryHackMe vouchers!Matrix community update for listener interactionFuture plans for OSINT CTF challengesShow Links:CTF Challenge Page - https://psysecure.com/ctf/“When I float weightless back to the surface, I’m imagining I’m becoming someone else.”- Motoko KusanagiOfficial Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
--------
7:35
--------
7:35
025 - AI Privacy Concerns with ChatGPT and Claude
In this episode, I explore the privacy implications of using AI apps like ChatGPT and Claude on mobile devices. I discuss why ChatGPT’s requirement for Google Play Store login and audio recording storage led me to Claude on my GrapheneOS device. I also cover my daily app setup, Windows telemetry blocking with SimpleWall, macOS privacy with Little Snitch, and the potential of System76 Linux laptops.In this week’s episode:Privacy comparison between ChatGPT and Claude AI appsChatGPT’s audio recording storage and data export concernsGrapheneOS setup without Google Play Store loginUsing FUTO Keyboard and FUTO Voice for local transcriptionEssential privacy tools: SimpleWall for Windows and Little Snitch for macOSWindows Subsystem for Linux (WSL) for developersSystem76 Linux laptops as a privacy-focused alternativeShow Links:Anthropic Claude.ai Encryption - https://privacy.anthropic.com/en/articles/10458704...Duck.ai - https://duck.aiFuto Keyboard & Voice - https://futo.org/Aurora Store - https://auroraoss.com/aurora-storeSimpleWall (Windows Firewall) - https://github.com/henrypp/simplewallLittle Snitch (macOS) - https://www.obdev.at/products/littlesnitch/GeoSpy (OSINT Tool) - https://geospy.netSystem76 Linux Laptops - https://system76.com/Mental Outlaw YouTube Channel - https://www.youtube.com/@MentalOutlawDaVinci Resolve - https://www.blackmagicdesign.com/products/davinciresolveOSINT Defense & Security Framework - https://psysecure.com/services/odsf/“██████REDACTED███”- █████████Official Website: https://psysecure.comPodcast music: The R3cluse
★ Support this podcast on Patreon ★
Welcome to The Lockdown. Privacy doesn’t have to be all-or-nothing. The inability to attain extreme levels of privacy shouldn’t deter one from taking any protective measures at all. The show is hosted by Ray Heffer, an expert in the field of privacy and cybersecurity, with each episode touching on a range of topics such as data privacy, password management, and secure browsing habits. Tin-foil hats are optional!
Australia