The Positive Network Podcast
The Positive Network, standing against Negativity, reminds us of the good in the world - kindness, breakthroughs, and unity. Here, your journey to a SOVRN Life begins, not in isolation, but within a community that empowers education and learning in the critical topics of self sufficiency and critical thinking. This is where we collectively rise, embracing personal and communal sovereignty and take back our world.
The Positive Network Podcast
SOVRN DATA: Protecting Your Privacy in the Digital Age
How much of your personal information are you unknowingly giving away, and what can be done to protect it? Join us for an eye-opening discussion on the Positive Network podcast all about data protection and privacy. Learn about the hidden risks of sharing your information online and how companies like Google might be exploiting your data. We dive into actionable strategies for safeguarding your personal information, such as using end-to-end encryption, avoiding the reuse of passwords, and being mindful of your social media activities.
Discover why data has now surpassed oil as the world's most valuable resource and the implications this has for your privacy and autonomy. We explain what data truly encompasses—everything from your digital footprint to health metrics—and the dangers of companies controlling and selling this information without your consent. Hear about the notorious Cambridge Analytica scandal and how it underscores the necessity of maintaining ownership over your data to prevent manipulation. The conversation further explores the power of AI in leveraging data, raising significant privacy concerns.
Finally, gain insights into the importance of data sovereignty and personal security. Understand the risks of extensive data collection and how AI can manipulate this information. We'll provide you with practical tips on securing your data, such as using password managers like Bitwarden and opting for end-to-end encrypted services like ProtonMail and Signal. The episode also touches on the benefits of Network Attached Storage (NAS) for personal data storage, ensuring you have privacy and control. Equip yourself with the knowledge and tools needed to protect your data and maintain personal sovereignty in today's digital age.
Join Mike and Andrew in the Positive Network as they embark on a journey to shift the world from fear to positivity, encouraging each listener to become a proactive agent of change and positivity.
Join the Movement
www.positivenetwork.info
https://www.youtube.com/@The_Positive_Network
Everything you say in your Google email is definitely read by Google. The client can see it. It's not just you and the person you sent it to who reads it, it's the service as well. When it's end-to-end encrypted, it means only you and the person who you're sending the data to explicitly has access to it. The more people know about you, the more you're trusting them that they won't exploit what they know for any personal gain. And what do we know about human behavior? Well, people tend to do things for their own benefit. Yeah, like on average. So do you think a company is, you know, only looking out for your best interests? Of course not.
Speaker 2:They're looking out for profit.
Speaker 1:You'd have to be super naive to believe that yeah. So who's looking out for your best interest?
Speaker 2:Them, no, you need to, you have to. It is so important for us to keep our data secure because none of us want to be manipulated and man like I used to be in that camp of like I don't care, I got nothing to hide. It's not about hiding anything. It's about not being controlled or not doing something against your will.
Speaker 1:Ownership of your own data is super important because, again, if you give up ownership of all of your data, what happens Then? Tech companies have more leverage and can basically strong arm you more and more and more. Big thing you need to do is you don't want to be reusing the same login and password everywhere. That's too much of a vulnerability. And why that has to do with data is because if someone knows your data your email password combination, one of the sites then they can replicate and put those login credentials on other platforms where you've reused it and then now they have access to everything.
Speaker 2:Stop posting your vacations. While you're on vacation, save those vanity clicks, check the ego, get a whole bunch of pictures and then, when you get home, slowly post them so you can feel cool about yourself or whatever the reason is, or if you want to share it with family, you know. For whatever, do not tell people you're not in your home. That's easy to mine.
Speaker 1:If you know someone's weakness, it's up to you whether you're going to exploit that for their benefit or your benefit. The basic thing here is like okay, people, when they have information on you, when they have your data, they can use that to manipulate you into doing the things that they want you to do that you might not even have done yourself. So if you think of it this way, it's sort of like stealing your free will from you.
Speaker 2:So, if you think of it this way, it's sort of like stealing your free will from you. Welcome to the Positive Network podcast, your lighthouse in the dark, where we talk about real world solutions for real world problems. I'm your host, mike Volz, and I'm your co-host, andrew. Welcome to the podcast, everybody. So today we're going to be talking about sovereign data. This is something that is very misunderstood. We hear about you know you got to protect your data. Your data is being mined, identity theft we hear these things all the time, but it doesn't quite make sense to everyone. So we're going to endeavor to talk through it today and make it make a little bit more sense and offer some sensible tips on protecting your data that are very important.
Speaker 1:So I'm going to jump in and I'm going to start by explaining that data is. We've changed eras. So we used to live in the era where oil was the most valuable resource in the world that everyone fought over, and it still is very valuable. But several years ago, data actually surpassed the value of oil Wow, becoming the world's most valuable resource and people would be like well, why is like numbers, like, why would numbers be so valuable? You have to think about what data really is. So let's talk about framing what that actually is so you have a better understanding. So today we think of data as like a digital thing Right, but it's not. Today we think of data as like a digital thing, but it's not. It's actually any type of information about any, anything or someone or something, anything like that. So it's basically some sort of recording of anything.
Speaker 2:Okay, so like how many steps I took today? That's data. Okay, what are some other examples?
Speaker 1:Where you're, where you spend most of your time, like the geographic place you're in Right, because our phones are tracking every spot we go to Could be your financial data, like how many houses do you own. It could be what your heart rate is on average.
Speaker 2:How much?
Speaker 1:breathing you take. It could be how many kids do you have? It could be how many hours of sleep do you get? When do you get irritable? What's your purchasing behavior?
Speaker 2:I saw something about if you had enough smart devices on you one or two they could have a bit of an idea of some medical conditions that you're dealing with.
Speaker 1:Yeah, and don't get me wrong, there's definitely legitimate reasons that that would be useful to have for your own purposes. The danger becomes when that information becomes the property of another company and they're the ones that can control it, mine it, sell it, do whatever they want with it, because the data is supposed to be ours.
Speaker 2:Yeah, our health, our finances, our physical activity, our travel, our pictures, that should be ours.
Speaker 1:Yeah. So if you go back, even like 100 years ago, we weren't recording all this data. No, it didn't exist because it wasn't feasible to do so. We only recorded, like our tax information, for example, for our financials probably had some records of like what property you owned. You know like you might have a deed or title to your house. You would have some you know like a title to your vehicle. That was mostly about it. You'd have a birth certificate, maybe some healthcare number, social security number, so like some basic stuff, right. But now, instead of just having you know half a dozen or a dozen points, now you have maybe tens of thousands of points.
Speaker 2:I'd read somewhere during the Cambridge Analytica trials that and this was back when Trump got elected they had something like a quarter million data points on half of the Americans in the US. A quarter million separate points of data.
Speaker 1:Without their knowledge or consent. Yes, they had no idea it was even happening to them.
Speaker 2:Yeah, and it boggles the mind of how you would have that many data points. Yeah, and it boggles the mind of how you would have that many data points, but if you think about all the recording devices in the world today and all the different things we're doing, that can add up quick.
Speaker 1:And think about that. That was almost 10 years ago, so think of how much worse it's gotten since then.
Speaker 2:But AI just came into my brain.
Speaker 1:I'm like oh, yeah, when you have context lengths that are so massive that they could know everything you've ever read, right Like they have enough ability to.
Speaker 2:Right, the books you buy, what shows you're watching.
Speaker 1:that's a whole framework of who you are, as a person, actually remember every single character you've ever typed on social media, on email, everywhere, even your private messages to your friends and your family, and it knows all of your inner thoughts, of everything all in one.
Speaker 1:You're freaking me out. I'm sure you're freaking the listeners out. The main point here is that we're recording many, many, many orders of magnitude more data than we have in the past. What is known about you is scary accurate. There was actually a thing, I think about 15, 20 years ago, where Target was able to predict whether people were pregnant before they even knew they were pregnant.
Speaker 2:I heard something about that.
Speaker 1:There's a famous story where there's, like this, teenage girl who gets a flyer about her new baby she didn't tell her parents that she was pregnant. Her dad gets really mad, goes over to Target, blah, blah, blah, and then finds out oh wait, my daughter actually is pregnant. Whoops.
Speaker 2:And I hope that was a coincidence, because that's too terrifying.
Speaker 1:No, it definitely was not a coincidence that this is them knowing stuff about you anyways. So the whole point was like oh, we got to get to these new moms before they even know their mom. So that way, all of their purchases are going to be at our store and we'll build that habit in. It's very valuable, so anyways. So the point is, is companies like this?
Speaker 1:They make these complex models because once they have this information, they can exploit that information to use it for their own benefit generally sales, but it could be political stuff, like we saw with Cambridge Analytica, and it could be many other things down the line as well. There's really no limit, Like if you know someone's weakness, it's up to you whether you're going to exploit that for their benefit or your benefit. The basic thing here is like okay, people, when they have information on you, when they have your data, they can use that to manipulate you into doing the things that they want you to do that you might not even have done yourself. So if you think of it this way, it's sort of like stealing your free will from you.
Speaker 2:Yeah, I can see that.
Speaker 1:Another good example is like imagine you have a close friend, they know a lot about you, like, yeah, I can see that blah, blah, blah, blah, blah. So because they know so much about you, if they had nefarious like intentions, do you think that they could have a plan to do something to rob you or exploit you or manipulate you?
Speaker 2:well, yeah, if they knew you weren't home, they could come into your home and they could take some of your stuff. If they knew something that was maybe deep and shameful to you and they shared that with someone else, someone else could manipulate you. But the point the data points were given without your consent. I mean, have you ever had someone betray you or tell a secret behind your back? You, you trusted someone with a secret, yeah, and they went and told someone else and it embarrassed you. Maybe it got out and there's no difference here. Like, these are your data points and you should have the choice of who to share them with, absolutely.
Speaker 1:So the point here is okay. Well, the more someone knows about you, the more they can manipulate you for good or bad. Like they could also use those, those tools, to basically push you in a positive direction, right, right. Like they could blackmail you into going to the gym every day.
Speaker 2:Well, if anyone's ready to blackmail me into that. I'm signing up anyway.
Speaker 1:So the point is is like versus someone who doesn't know much about you. Let's say you're walking down the street and you bump into someone. They're working with much limited data on you, so they don't know how to exploit you. Yeah, so someone who's a really good manipulator, they'll ask probing questions to get a little bit of data. Then they, once they have that small amount of data, then they can influence you to do what they want and they can build upon that. So this is a very slippery slope. It seems mundane like oh, they just slip into a casual conversation where did you go to, uh, university? Oh, when were you born? When? When did this blah blah blah happen? Once they have those details, they can now extrapolate and they could pretend to be you. I went to this university, I went to do this, I know this about you, and so this can turn into something very bad very quickly with the wrong person.
Speaker 2:Right, yeah, that makes a lot of sense.
Speaker 1:So that's the risks, but then there's also the dependency risks.
Speaker 2:So when you so just one second here, because this is I love the way you're framing this and I want to ask you know, for those of you listening to the podcast right now, when I used to think about data security, I'd be like who cares? Like I have nothing important, that I have nothing to hide. You're reframing this for me in a beautiful way that I have nothing to hide. You're reframing this for me in a beautiful way, like it. It is so important for us to keep our data secure because none of us want to be manipulated and man like I used to be in that camp of like I don't care, I got nothing to hide. It's not about hiding anything. It's about not being controlled or not doing something against your will Without even knowing a lot of the times.
Speaker 2:Yeah, the subconscious stuff, that'll be happening.
Speaker 1:Yeah, so when you take into account all that data that people build up on people, and then you take into account, like AIs, who can basically convince you of things, it can get pretty scary, pretty quickly. Yeah, so this is a huge risk for not just me or you, but it's for every single breathing person on this planet. The more people know about you, the more you're trusting them that they won't exploit what they know for any personal gain. And what do we know about human behavior? Well, people tend to do things for their own benefit, like on average. So do you think a company is only looking out for your best interests? Of course not.
Speaker 2:They're looking out for profit.
Speaker 1:You'd have to be super naive to believe that. Yeah. So who's looking out for your best interest? Them no. You need to. You have to. So the only way to look out for your best interests is to have data sovereignty, meaning you have control and access and ownership of your own data and you know how it's being used. You can revoke access to it if you do grant access. This is extremely important stuff.
Speaker 2:I just had this sinking feeling of this push to bring the last few billion people online and into the internet and get everybody connected. When these people come into this ecosystem, they're not coming into the ecosystem that we were born into. They're going to be coming into a uh, an extraction system and they're not going to know what's going on for a long time Like that's terrifying. That's why they're so excited about these new markets is because it's, let's say, virgin people getting online and they won't have the ability or the means to even enact what Andrew and I are going to talk about today as some of our suggestions. It's a terrifying thought.
Speaker 1:It's funny enough. There's lots of easy steps you can take that will make you a much harder target, and obviously you can go to great lengths, but there is a sort of diminishing returns as you go. Much harder target, and obviously you can go to great lengths, but there is sort of diminishing returns as you go further and further. So data sovereignty is really about reducing your dependency on service providers, and the reason you want to do that is because, if you're dependent on them, they can dictate the terms of how you set data, like share data, to them. So if you're not self-sufficient, they can just dictate like oh, you're going to give us access to everything, we're going to know everything about you. Then we're going to sell that data to whoever we want and they're going to do whatever they want with that data to manipulate you.
Speaker 1:So that's obviously not a good position to be in. So you want to have some negotiating power, and if everyone had more data sovereignty, big tech companies would have a lot less power. They wouldn't be able to be able to be so strong armed because people would have options. So this is a thing that you can do, not to the benefit of yourself, but also to the benefit of everyone. So it creates less of a data monopoly and we do have a data monopoly right now. It's just a few top people at the top with all of the data and the data centers controlling everything, and it's absolutely critical that we we don't have that happen. It needs to level the playing field.
Speaker 2:So let's, let's talk a little bit about this extraction process. So, um, love it or hate it, I mean, the world is set up for us to go to work. You know we trade our time for, you know, dollars. We trade our labor so that labor creates something more valuable for whoever we gave our labor to, whoever we gave our time to, and that's been the way that the world has worked for, I mean, long before any of us were around, for for thousands of years. So that labor is an extraction and data is another layer of extraction of value from us. That is like I think it was 2016. It became data, became more valuable than oil. So now, now, data is that second layer of extraction. They're taking all of our labor. They're taking our time and compensating us with money little or some and now it's data.
Speaker 2:And you know this is kind of in the way that this works in the world is. You know they're taking it, as Andrew had said, to convince you to buy something. So, once they know what you think, they know what ads to serve to you, to influence you. They know what stories will show up that are actually ads. They'll know what articles to put in front of you that aren't articles. They're really well-written ads to convince you to get something, and they can do this with 30 little drips over a period of three to four to six months to form an opinion for you or to make you feel like you're without something or needing something or your life's not good enough without something. And then you go buy something or maybe getting a little more gray, they're convincing you to lean a certain direction, to vote.
Speaker 2:How many data points are hitting you about how bad things are and who's responsible, and then who's going to save you? Right, and that's a whole other conversation in governance. But data is used and it's been proven in court that it's been used to influence outcomes in elections in voting systems. Then you get over into like the nefarious shit and this is the stuff that's really important to the listener, if you're listening like it's the identity theft, right, it's blackmail. It's holding your accounts or your visa or your whatever your identity hostage while you have to pay money to a party you'll never meet. So it can be used in ways to stimulate the economy. It can be used in ways to steal and hurt people.
Speaker 1:Yeah, and you can even go further down the nefarious route. I think we might see more of this in the future as criminals become more sophisticated, but it can also be a matter of who's a good target to rob their house or maybe kidnap their children and sell them? Yeah, so this can get pretty. Who?
Speaker 2:has the psychological profile to not fight back right, that will be able to be mapped, yeah and so. So the sophistication of the crimes that will be able to be gotten away with will be able to be dialed in as these models get stronger and stronger.
Speaker 1:So yeah, if I know that one house has, you know, like six german shepherd dogs, because the guy is a huge, phenomenal thing, works out all the time. He's like a black belt in jujitsu, uh, and he owns a lot of guns mentally strong he's gonna fight back. He's gonna, you know, like let's cross him off, it's not waste our time, or I can go over to this other house which has an elderly lady who has arthritis and two cats and lives alone and they're not very tough cats, yeah.
Speaker 1:So which one are you going to pick? Yeah, that's data that a criminal can use to target what their goal is is to do a robbery, which was never available before, and then you could cross reference. So that's like the risk. But then there's the reward ratio. So then you could target people who are more wealthy, who might not be at home because of vacations they're on Um. You can put all of these factors into a matrix and then you could create a hit list of what is my best risk for reward ratio.
Speaker 2:Imagine just seeing like a whole bunch of houses in suburbia on an overlay and then you have all these like green houses pop up and be like those are good places to go, Like that could be a future. Yeah, that's terrifying to me Right Like someone. Someone rolls in with a van like, hey, we've got five houses to hit, we've got an hour to do it. These are all. Everyone's in Jamaica, dominican. They're all, they're all out of here. There's no security systems or it's easy to take it down.
Speaker 1:I mean, we're making some fantasy here, but that's not far from the truth. Well, if you were a criminal, which one would you choose? To go in blind or know what you're going into? Go for the easy one? Yeah, every time.
Speaker 2:So I mean, the rule is like, hey, we should probably be all like deep faking our social media profiles and pretending to be like. So here's for the listeners here If something has happened to you in your sovereign data, have you had your identity stolen, or have you had your house broken into while you were on holidays, please comment below this video. Let us know if that's happened to you. It is so common and a lot of people don't talk about it because you know it's. It's either embarrassing or you know whatever the reasons are, but please comment below this is. It's going to get worse. So again, we're not on the negativity podcast here. This is a positive podcast. So let's switch some gears and talk about solutions.
Speaker 1:One of the solutions you brought up before talking about the vacation thing. You're talking about not posting your pictures when you're on vacation.
Speaker 2:Yes, that's a rule for my family business trips, vacations, anything, whether it's just me going or if it's all of us going, I don't post anything until I'm home with my family, or if I, my whole family is home. If we went on a vacation now. Now here's why I post that I'm in Phoenix and someone thinks my whole family's in Phoenix and someone goes into my house to steal stuff and my family's home. Uh, stop posting your vacations while you're on vacation. Save those vanity clicks, check the ego, get a whole bunch of pictures and then, when you get home, slowly post them so you can feel cool about yourself or whatever the reason is, or if you want to share it with family. You know, for whatever, do not tell people you're not in your home. Yeah, that's easily easy to mine.
Speaker 1:Yep, and now that you've said that there's data that tells you your strategy, so now we know that when things are posted, you're definitely home, right Right. And when you're not posting, you might not be home. Might not be home, but that's a much broader spectrum right it is. That's a better better. For sure it's a better one, yeah.
Speaker 2:Or don't post at all, right, just send a text message to your family hey, these are the pictures from the holiday. So that that's a big one for me. Stop screaming from the rooftops. Everything that you're doing and everything you've done in social media. Limit the pictures that you put on there. Um, I know that my family is starting to really scale that back Now, the number of pictures that we put of our kids on there. Um, we'll just send them directly to family members.
Speaker 2:Just make a habit of it, just be careful, and maybe, maybe we can talk about that dark side of putting pictures of your kids and your family online, because it is, you know, as people are starting to wake up in society to the, the trafficking of humans, which is just disgusting. And now people are like oh, is this? This has happened, this has been happening forever. It's just more people are becoming aware of it now. Well, where do you think people are getting? You are getting targets. If you're creating a smorgasbord of pictures and your profile page is public, you're creating an advertising platform for the most disgusting humans on the planet.
Speaker 1:So it's like, let's say, they have a shopping list of the types of people they're looking to kidnap. Well, now they just have to go through all of the different posts. They could use AI to scrape that, potentially, and then whittle it down to okay, here's the geographic location, the social profile of the targets. Who's not going to fight back? Here's the children of the ages we're looking for. Okay, boom, now we have a narrowed down list of like 16 houses we're going to hit. Boom, boom, boom, boom, boom, done. Protect your kids.
Speaker 2:Protect your kids at all costs. Yeah, so be very cautious of that. What other risks are on social media?
Speaker 1:Group think is a huge one, okay, so where you get into echo chambers and you stop seeing a more balanced world. So in previous times before we had hyper social groups, and this actually, I think fits more into not the data but more like the relationships point we made in the previous video. Okay, but it's worth touching really quick here.
Speaker 2:It's basically like you run the risk of your data pairs you with other people who think the same Right, but you could start to be distorted about what true reality actually is, because you're not bumping into any other people that are different, so you're getting a reinforcement of their cognitive bias and you're just it's reinforcing how you believe and what you think, and it's just pushing and pushing and pushing. The algorithm is delivering to you exactly what you want, because and that's not necessarily nefarious it's if you get what you you want, you come back and then more ads can be served to you yeah, and it.
Speaker 1:It can be nefarious in the sense that it polarizes every direction so it separates people from each other of humanity because if, yes, exactly if you ever felt like, hey, my friends seem to be getting really into the thing that they're into and drifting further away from me and I'm getting really into the thing I'm into Now we don't really get along, I've lost that friend. Now I have less friends. So it's like this isolationist point, and then you get two opposing polarities and you fight, you put them against each other and now they're fighting each other rather than working together.
Speaker 1:In the olden days, in the olden days, you know, you'd bump into people who had opposing viewpoints all the time and you, if you believe something that wasn't true, there's a pretty good chance you'd bump into someone who could refute your belief. Right, and you'd be like, oh actually, yeah, that was stupid. Why did I think that way? That wasn't true. Now we just bump into the people who think the same thing and instead of challenging our beliefs, we don't challenge each other's beliefs. So it's almost like we went from a society where we were all like MMA fighters, fighting each other for our ideals, to now everyone is just like in WALL-E they're just lying down and they've gotten fat and lazy and they don't fight their ideas anymore. Instead they just collect.
Speaker 2:They just kind of bunch together around those ideas so your data can be used to put you into those groups through the algorithms, which then fundamentally changes how you think, how you behave, how you view the world one more thing I want to introduce to people on social media a concept that I don't think they realize is so prevalent is have you ever noticed that if you ever get into a post argument and you know it might be on some of these larger posts that are swaying public opinion, and there are so many something that might seem like it makes sense and how could this not make sense? But there's so many people who are posting against it and it can be downright rude, like horrid stuff, like I want people to think about something. There is an estimate that there could be up to 30% of the users on social media or more, are not real people.
Speaker 1:I've heard lately that that's been boosted to 50% now that's very likely the new number with AI.
Speaker 2:I haven't got an update since the last time I talked to a data expert in the intelligence community, which we'll have on as a as an expert guest in future episodes. You'll love this one. But remember, when someone's trying at an organization or a group is trying to sway opinion, they can hire firms that will mass post intelligent seeming posts but very, very like one-sided in an ideal or an or or a position and they spam. They spam posts to try to beat people down, to silence them, and a lot of people, just like most people, don't want to fight, especially online. What a waste of time. So anyone that is speaking up and you have all these people posting against you, always keep this in mind. It might not be real people.
Speaker 1:Yeah, it's a really important point, mike you brought up, because if you're forming opinions based on comments, it's a really important point, mike you brought up, because if you're forming opinions based on comments, that's a really slippery slope because it's not real people anymore.
Speaker 1:Yeah, you can't believe any comments are real. So what you pretty much can only do is, if you're trying to form opinions about how people see the world, only do that with either people you can see in the meat space of reality. Meat space, that's my favorite, yeah, because they're just bags of meat with blood and stuff, okay.
Speaker 2:Okay, you're getting a little too, that's gross.
Speaker 1:All right, I'll stop it there, but there's people you see in real, real life. And then the people that you know are real people, like your close friends and family, who you've met in real life um, no one that you have only ever seen online yeah, should always be people that. No one that you have only ever seen online should always be people that you know personally that you trust those as opinions that could shape how you think society is viewing the world. And that also goes for the news, because camera angles get turned in directions that aren't reality. I've seen this before. I think everyone or most people have seen that. You know, covering stuff on the news, there's a spin put on almost all the articles, so I wouldn't even trust those anyway. By the close, of this year.
Speaker 2:With AI, image generation and language models and video generation video generation a news broadcaster won't be a real human being anymore, and you'll have a heck of a time trying to figure out if they are or are not. So just remember that data spreads to a lot of things. We're getting a little into the weeds, but this is such a fun topic, so let's leave social media at that for now. So just think about what you're posting. Think about the timing that you're posting and who it could be putting at risk either your assets or your family. Protect what you're putting on there and don't worry about the bullies on there. They probably aren't real. Don't get caught up in the quagmire of social media. It used to be a beautiful thing that was ours. It's just been lambasted in the last couple of years.
Speaker 1:Yeah, all right. So let's jump into some new topics of solutions that we can apply here. So what are some simple ways to increase your data sovereignty, protect yourself, basically just improve your life in general? There's so many easy solutions out there to implement, but a lot of people don't know the simple things to look for. So the first one is you need to be looking for end-to-end encrypted services. Yes, now, encryption. Oh my God, it's so scary. What is that? It's numbers and things and jargon. It's actually pretty simple, okay. So let me explain end-to-end encryption in the form of a letter. Okay, okay. So if I sent you a letter in the mail and it's sealed and it's addressed to you, and it shows up to your door and it hasn't been opened and there's no signs of tampering, and you open it, are you pretty confident that no one else saw what you wrote? Yes, yeah, what if you sent a postcard?
Speaker 2:No, I would not. I would, someone would have read it.
Speaker 1:Yes, yeah, so when you're not using intended encryption, encrypted services, you're sending postcards, so you're saying the envelope shielding the contents is the encryption.
Speaker 2:Yeah, makes sense.
Speaker 1:Yeah, so the encryption hides what's in there from anyone else who wants to look around. Now we could definitely get into the more specifics of like HTTPS and blah, blah, blah. We're not going to do that because it's going to overcomplicate it. The main thing is that if you're using end-to-end encrypted services, end-to-end means I'm one endpoint, you're the other. Okay, so it means only the endpoints can see it. You see it, I see it. Nobody in the middle. That means even the service provider. Like the mail, like the mail, like the US Postal Service or whatever. They don't get to read what's in your letter, right? They could potentially read a postcard if they find it interesting. Any employee who's handling it can look at. Oh, look at this, oh, wow, that sounds like a nice message.
Speaker 2:Yeah, and that's fine.
Speaker 1:Oh look, Sally's on vacation. You'd be kind of a moron to disclose personal information on a postcard, yes or hey? Here's my social insurance number on my postcard. Oh, this is my banking password, by the way. Well, guess what People are doing that all the time? Okay, tell us. Well, most messaging services aren't end-to-end encrypted. They offer it sometimes as an upgrade feature you can have and they call it like secret chats and stuff. So WhatsApp is supposed to be end-to-end encrypted? Oh, yeah, because I trust Zucky. Well, the thing is with that is, if the software itself isn't open sourced, they could make a claim that it's uh and then encrypted so what is, what is open source?
Speaker 1:let's explain that quickly yeah, open source basically is like show us your code, show us how it's all built, show us the blueprint, how you're constructing this, because if you hide those details, you could claim one thing and do another.
Speaker 2:Yes, so it's kind of like a trust me, bro, I'm definitely not looking at you bro I got this yeah, so it should be open source if possible, and then it should also be end-to-end encrypted so someone can go in, look at the code, verify that it's end-to-end encrypted because it's open source.
Speaker 1:And that is the two check marks you want yeah, and you don't necessarily have to verify it yourself, because other people do that and there's still other caveats that get too technical. It's not worth your time. Like you can do checksums on the data and validate, blah, blah, blah. Don't worry about that. The main thing is use end-to-end encrypted services whenever possible. Always try to stay away from non-encrypted services, or sorry, end-to-end encrypted, because people say, hey look, my service is encrypted. It's only encrypted between you and the client, right, right. So let's say, you're using Gmail, right? It's not like Google can go in and read all of your messages and they do. Yeah, they feed it to AI and then they make recommendations.
Speaker 2:Translator models. That's how you get ads.
Speaker 1:That's well known by everyone. So when you do that, just realize like everything you say in your Google email is definitely read by Google, the client can see it. It's not just you and the person you sent it to who reads it, it's the service as well. When it's end to end encrypted, it means only you and the person who you're sending the data to explicitly has access to it.
Speaker 2:So what are the main things people use to communicate? Probably texting, yeah.
Speaker 1:Email, email and then sending pictures and video or video calls.
Speaker 2:And then maybe where they store their videos, pictures files, all that sort of stuff.
Speaker 1:There's more and more services today that are improving this, so one that is pretty well known is ProtonMail For email.
Speaker 2:Yes.
Speaker 1:So it's an end-to-end encrypted email service, which also includes VPNs and other docs. It has a drive that's encrypted as well, so all of this is really great stuff. It's not the only one out there, but it's a great. It's very easy to use. It's not any harder than Gmail. They also have free accounts, accounts. There's paid accounts that have more features, but it's it's end-end encrypted. Okay, as long as you trust the company, which I think generally, I do another one. So for messenger, that would probably the best contender.
Speaker 1:There is signal so this is for texting texting, video calls, sending small files, images, so Signal is absolutely great. It's also open source, so that's, that's another positive there.
Speaker 2:And we're talking about this for the average user, like Signal has. You know, there's there's a lot of comments out there that it is viewable by intelligence agencies. For most people, big deal like whatever as long as it's end-to-end encrypted by, you know, corporations, that sort of stuff.
Speaker 1:I think that's probably the most important the goal here is not like a hundred percent. You know, data leak protection good point, because you'll never get there, you can't. You can't because every time you implement something, the attacking team is already probably thinking of two steps ahead on the next thing.
Speaker 2:But if you take over Google chat and you're chatting with all your friends on Google chat, well, all that is data monetized to get you to do something, or sold to a third party. So what we're talking about is just taking out the sale or distribution of your data points and keeping them to yourselves. That's what we're reinforcing.
Speaker 1:It's the 80-20 rule. It's like you couldn't stop someone from killing your whole family in your house if you wanted to. If they want to do it, there's always going to be someone more powerful that can do it. But what you can do is make your house decently secure, like have a front door.
Speaker 2:That's probably a good idea.
Speaker 1:You really went dark on me there with that example, sorry sorry, okay, I didn't mean to like talk about specifically, you just talking about in general. You're never going to be able to to stave off all risks, yeah, unless you're like superman. Yeah right, you just can't.
Speaker 1:There's no sovereign time to get that done yeah, yeah, exactly, or money and all these things, but so? But there's easy things you can do, like hey, it's a good idea to have a lock on your front door. Yeah, great, you can do that. Right now people don't. A lot of people are running around with their doors wide open Right, or they're just sitting in the middle of a field, like there's literally no steps are taking.
Speaker 2:Okay, Okay. So we got ProtonMail for email. We've got Signal for messaging pictures, videos, small files, video conferencing. Yeah.
Speaker 1:And there's some other alternatives too. I'm going to make you guys aware, so it's not just one. So an alternative to ProtonMail is things like MailChain, which is email owned by you. And then there's Orion Messenger, a new startup as well that is similar to Signal. Its main difference is it has quantum proof. Now why that's important is because as soon as quantum computing comes out, you'll be able to crack all the encryption on non-quantum safe encryption. Meaning now all of that is wide open, okay.
Speaker 2:But for now we're safe.
Speaker 1:For now we're safe, but the thing is, all the stuff we've said now today could be cracked later, 10 years from now. So being on quantum safe stuff is actually a pretty good benefit now, even if you don't have quantum computers yet, because you can always go back in time. So Orion Messenger is a new startup. That one looks pretty cool. There's other services like Skiff, and it has encrypted docs so kind of like Google Docs. There's a bunch of services out there there, way more than I could list in this podcast.
Speaker 2:We'll probably get into a larger topic another time for the listeners out there, maybe put in the comments below what you use for email and what you use for your messaging service and your your video call service. These are easy things to switch to um and they're not expensive. I know signal is free Um and it's proton charge anything?
Speaker 1:Uh, it does If you get the paid features right.
Speaker 2:So if you just use the free features, then you're good to go, so that that'll take care of most people. So comment below what you use and if you found this helpful, all right. So we've got email, we've got messenger. That's great. Now what about?
Speaker 1:passwords, yeah, so big thing you need to do is you don't want to be reusing the same login and password everywhere.
Speaker 2:Yeah.
Speaker 1:That's too much of a vulnerability. And why that has to do with data is because if someone knows your data, your email password combination, one of the sites then they can replicate and put those login credentials on other platforms where you've reused it and then now they have access to everything. Yes, so let's say you sign up for I don't know some eBay account, right, or some other account in some other platform, anywhere it could be a small site that you've never seen before and account in some other platform, anywhere. It could be a small site that you've never seen before and you put in the same login email and password and let's say that just so happens to be the same password you use for your own email.
Speaker 2:Yeah, that's how your email gets hacked, they break into that database and then they try that against all other places.
Speaker 1:Then they can search your email for all other accounts that you know. Hey, you signed up for this account. Oh great, I just found another one, and I found another one, and that's how it unravels. That's how it unravels. So all you have to do one is keep all your passwords unique, so that way, if they do find out one, only that, one single account is compromised.
Speaker 2:Okay, let me let me cut in here, because Andrew gave me so much shit over this about a year and a half ago, maybe two years ago, and I am one of those people comment below, if you're one of these people. I didn't want to have to come up with a unique password for the 40, 50, 60, and now in business, hundreds of sites that I have access to for various personal, professional, business things. It's like how? There's no way, I'm I'm just not going to do this, and so I was one of those people. Comment below, if you are. I had one of those people that had maybe three passwords, because I was trying to be fancy and they were all variations of the same thing, and I was that guy typing in is it this one? Is it this one? Is it this one, is it?
Speaker 1:oh, the third or fourth one worked, and so that's what my poor monkey brain was doing until Andrew introduced me to the concept he's about to talk about. Yeah, so there's password managers, and I resisted password managers for a while. You did too. That makes me feel good. Yeah, okay, I actually used my own uh private, uh spreadsheet, uh encrypted on my computer's hard drive. Okay, I don't feel so good anymore. And then I would, but it was a pain in the butt to use because it was only locally available there, and then I'd have to decrypt it and then unmount it, blah, blah, blah, anyways. So I was using that because I didn't trust regular password managers, right, because they were closed source. So again, it was like trust me, bro, I'm not actually looking at your passwords, right, and to me that was too much of a risk. But then I found out about and this sounds like a freaking sponsorship, to be honest. But then I found out about Bitwarden.
Speaker 2:And this is not sponsored. We don't get anything from Bitwarden, it's just something that we use.
Speaker 1:Yeah, but Bitwarden, if you want to sponsor us.
Speaker 2:I would support that.
Speaker 1:Okay. So Bitwarden is a gem of a company, so they provide a password manager. They also give you those authenticator codes too, so you can actually have that as well. It's all open source, it's been tested to make sure that it's not penetratable and it's probably the best password manager you are going to find out there in the world. It's also probably the cheapest one too. I think it's like $ dollars a year for the premium version, but there's also a free version, but I love them so much I easily pay for it because it's amazing. So I absolutely love bitwarden.
Speaker 1:Now, how is it hard to set it up? Because you're thinking, oh my goodness, um, my whole like system will fall apart if I do this. Just do it incrementally. Start by creating your one master password. That's got to be long. There's actually websites you can go to like how fast can you crack this password? The password I was using before some of them. I found out later I was like man. This can be cracked in 16 seconds. Stuff that you think is secure can be cracked extremely fast, sometimes in less than two or three seconds, by just a normal computing device.
Speaker 1:So your passwords are probably not secure, and so what you want to do is use a password manager with a very long, hard-to-crack password to get in. This is your master password. It's the only password you ever remember from now on. Then, once you go in there now, every time you create a new account for something, all you have to do to change your workflow is, uh, you basically just create a new entry on your password manager for each one. So put in your email, put in the new password. It'll automatically generate you a new unique password of however many characters you want. So I usually recommend more than 25 characters if possible. Probably don't go beyond 40. It doesn't really make a difference. So 25 to 40 characters, with all the special character boxes checked, and then that will then be your new unique password for each new, each new unique service you have.
Speaker 2:So your, your locks are locked in a lock box essentially, and how Andrew convinced me to do this was, like you said earlier, just start one at a time, get your Bitwarden set up. Then the next time you're logging into your email, do that one, and the next time you're logging into Spotify, do that one. Next time you're logging into your banking, do that one. Just do one or two a day or one a week, depending on how many passwords you have. I actually have a great story about that.
Speaker 1:Okay, spotify spotify didn't have uh 2fa at the time and I had this two-factor authentication. Yeah, it's actually usually known now as multi-factor mfa, but I, old habits, die hard. Yeah, I'm an old dog at this point. Back in the day, I had two-factor authentication two canes uphill anyways, sorry old dogs. Yeah, sorry guys. Uh, we're getting there too, so we know the pain especially in the back.
Speaker 1:So I kept getting my spotify hacked, like people kept cracking it and I would create more, and this is before password manager days, okay, and so I had this in my spreadsheet. That was like locked.
Speaker 2:Was this back in your day of, like your half a million person YouTube channel teaching piano.
Speaker 1:Uh, yeah, Okay yeah. So it kept getting hacked and they would listen to music and I would have all this like rap music or other things that I don't listen to and I'm like why is this happening? I'd be listening to a song and it would stop and another song would start because someone else would be like fighting me for control of my own account.
Speaker 1:It was super frustrating. So I kept making new passwords longer and longer and then they get cracked. So once I got into um, you know, bitwarden, I cranked it to like 40 characters and then I threw everything at it and then I checked it. It was like I don't know 5 billion years to crack this password. I was like that's right. Once I did that, spotify was no longer a problem.
Speaker 2:Sure disappointed some bad person, yeah, yeah.
Speaker 1:So, anyways, that is just kind of of a an entry point. But password managers aren't as as scary and hard as you think they are, and what you invest in for time upfront you gain back by like a hundred X in productivity later, because now every site I go to I know exactly what I'm looking for.
Speaker 2:Here's another um, another advanced user tip, or a advanced user tip. You can put your entire family set of passwords for all sorts of things under one umbrella. Now, if you are the person controlling the finances of the home or you control the documents of the home and you have one password, you can share that with your spouse no-transcript master password you can just give them access to to get it in the event you're not able to be there.
Speaker 2:Great point. Uh, yeah, you heard that, right, bitwarden, yeah, we're, we're, yeah, pimpin yeah. Yeah, you heard that right, bitwarden, yeah, we're, we're, yeah, pimpin yeah. Another thing is if you have a business or if you have a group of people that you interact with and you need them to share passwords, you can set up little silos of certain passwords are available to certain users, all that sort of stuff. So there's a lot of flexibility in it. But end of the day, get your passwords onto a password manager. Don't be a mic. Don't have three passwords you rotate through. It's super insecure.
Speaker 2:I mean, yeah, you're fooling yourself. I'm the guy where I put an old one of my passwords and Apple says you know, this password's been cracked right. It's on a list, like they literally splash a screen up and say don't do this stupid. It's like, oh OK, I was trying to be lazy. I'll go back to BitOrdin again. Yeah exactly All right. So maybe one more thing to touch on before we wrap would be where would we put our photos, videos, music? Where's a good place to store that other than Facebook on their servers?
Speaker 1:Right. So this is going back to owning your own data rather than just trusting someone else to manage it for you, which is really convenient, but it comes at extremely great cost and it's not worth the cost. So one really easy way to do this is just get a NAS. So NAS stands for network attached storage. Basically it's just a hard drive that can plug into like an internet ethernet port. Yeah, so once it's plugged into the internet, now you can log into it from any device and it's your own personal cloud service. Yes, so once you have that running, now all your files are on your own device. They're not traced by anyone else. It's like you're not sending your secrets out by postcard to a bunch of people.
Speaker 2:Yeah, and this might seem like an intimidating step for people, but this might be where you use your sovereign time principles and you hire someone who has the knowledge and the time to do it and have them come in and set one up for you.
Speaker 2:You can get one off of um, off of Amazon, have it show up. You can have someone install it for you, make sure you're the person person putting the passwords into it, and what I love about mine is I can be down on a trip in the States and I can pull up my iPad or my iPhone and I can access my server from there. I have everything that I would normally have to, you know, lug around my laptop with, or I build my own computers, so I'm not going to be putting those into a suitcase, but I have all my files anywhere at any time. On top of that, we can record this podcast here, and I can give a link to our video editors and they can pull them just that one specific thing right off the NAS so that they can do that editing work. I don't have to send it out. It reduces my workflow. There's just so many benefits to it. The primary benefit for most people, though, is your files, your videos, your pictures are yours.
Speaker 1:Yes, Ownership of your own data is super important because, again, if you give up ownership of all of your data, what happens Then? Tech companies have more leverage and can basically strong-arm you more and more and more.
Speaker 2:There's this easy mindset that is, we shouldn't be doing this, that all my photos are on Facebook. I have all my albums organized on there. It's just wonderful and, yeah, it's just not the proper way to do it. So comment if that frustrates you what we just said, like I want to do it the easy way or if you're really starting to understand from this podcast how important it is for your data sovereignty. It's more important today than ever and in the next five years it's critical. We can't stress that enough.
Speaker 1:Yeah, and I want to address a pushback people would have. Who know, who know about data. Right, they'll say, well, you know what, I don't want to only have all my data on one NAS. What if it fails? Well, guess what? There's amazing services. Backblaze is one where you can basically have your NAS backed up off, like off your offsite. So if something happens to your NAS like, uh, you know, your kid picks it up and throws it across the room and it dies, or, you know, god, god forbid, there's a fire or something happens to destroy it physically, you wouldn't be like totally up the creek because then everything's gone. You would be able to then restore onto a new NAS from the backup.
Speaker 2:And so, with the backup, again, open source end-to-end encryption, tick off those boxes. That's important. Remember those two open source end-to-end encryption. Then you're dealing with something on the cloud that's safe for you and your family.
Speaker 1:And there's one third one as well. So there's end-to-end encryption, but then whenever you're giving data to someone, what you want is data encrypted at rest. What at rest means is, once the data gets there, is it still encrypted or is it only encrypted in transit? Right, because it's like the difference is, let's say, you're sending backup letters to like some service like the post office be like here, store all my letters that I, in case this other one gets lost. But if it's not encrypted at rest, they could open that letter and read it. Right, and then sell that data to whoever they want, okay. So if it's encrypted at rest, it means the envelope remains sealed at all times.
Speaker 2:Okay, and it still remains sealed when it's sent so that's an important third point when it comes to backup data services.
Speaker 1:Yeah, exactly. There's obviously a ton that we could get into and it can seem really overwhelming, but honestly it's just like use end-to-end encrypted services. Use a password manager. Be very thoughtful about how you're posting on social media, because that's open public data. Make sure that you start looking at, because that's open public data. Make sure that you start looking at. It doesn't have to be overnight, but start looking at how you can own more of your own data, transitioning over to a NAS, which is definitely worth it, and then the last thing you can do is start thinking about what types of data are leaking out of the operating systems you have. So generally, the best ones are the ones that are open source, like linux, like. Those tend to be the most secure. But the downside is is the more secure you get and the more private it gets, the harder it is to use.
Speaker 2:When you're talking about operating systems, you're talking about the windows windows, android, ios yeah, those types of things, the operating systems. So the more obscure you get, the more secure you get most of the time that's a good line yeah, keep that one. Yeah, and that's the thing is with the more obscure ones. They're not as familiar to use, um, they're, you know, they're not as handy or fast, and you made a good point about that the last time we spoke about this. If something is easy and convenient, it's usually more open and not safe.
Speaker 1:Yeah, generally. So the way that you can sell something that's not really good for you is if it's convenient, right, which actually, if you think about it, it's just like fast food. It's easy to sell people fast food if it's convenient to get. Yeah, it's easy to sell people fast food if it's convenient to get. Imagine if you had to assemble your own fast food, bought from the grocery store, versus by regular high quality ingredients. No one would do it Two very different things, Exactly so.
Speaker 1:This is very similar to that in the sense that quick, easy, convenient solutions are generally paired that way because their data processes, they can get away with more, because they can sell you the convenience. If they don't sell that convenience, you know they're not going to be able to push those aggressive things. Okay, so Windows not great. Yeah, so fundamentally, if you even just talk to security teams, right that Windows kernel itself is less secure than the Linux kernel, and Linux kernel is actually what runs Mac computers as well, I didn't know.
Speaker 2:they had military ranks in Windows.
Speaker 1:Kernel with a K. Okay, think of like popcorn kernels what I always think of. But the kernel is just basically how the software interacts with the hardware. Okay, thank you, but it's fundamentally, at the most concrete, lowest level, it's more secure to use a Linux kernel than a Windows kernel.
Speaker 2:There's fundamental flaws baked in there, and you said somewhere in the middle, would be like Mac OS, would be like the middle ground.
Speaker 1:Mac is a good middle ground because it provides more security and data ownership. That's part of their fundamental philosophy. If you look at the difference between how Google Pay and Apple Pay works, google knows every purchase you have. The purchases live on their servers. They know everything In Apple. Most of it's done and processed on device and they shield most of the information from themselves. So the philosophy of the design tends to be more privacy respecting on Apple. That doesn't mean all of your data is private on Apple, but in my view it's a step above Windows and that's a major selling point for an Apple device versus a Windows device. And if you think of it this way, the reason why, let's say, a Google phone can be cheaper than an Apple phone, it's because they're making up all that difference in the data they mine from you and then sell and monetize.
Speaker 2:Remember, data is more valuable than oil. So a cheaper product is because there's a hidden profit center. For those who are mining the data. It's worth so much. Now we're not saying go take all your Android and your Windows devices, throw them in the garbage. Those are expensive decisions.
Speaker 1:But as you go through your upgrade, these attacks automate the research of these things it's going to become more and more ubiquitous, so, and the data you're creating today can be used against you five years or 10 years from now, when things are more sophisticated. So it's important to be thinking about that. The best time to be upgrading is now, not later, because you're going to continue creating more data, all right.
Speaker 2:So those are five wonderful points. So, as a listener, I would think about which one or two that would be the lowest hanging fruit for you to implement right away. And feel free to go back and listen to the second half of this podcast on the things we recommend to implement. Go back and listen to them and be like, okay, I'm going to immediately take action on getting a password manager. That's not going to be hard, that can be free. I'm going to switch over. You know, facebook messaging people to signal. I'm going to get all my crew on the signal. I'm going to encourage them to do it.
Speaker 2:You know, start with something that makes sense to you and then add to it over time. So five things is a little overwhelming. There might be costs involved with some of them. Do what you can, but start now. That's right, and you will be working your way to becoming a data sovereign in no time. Sounds great, man. Love it All right. So thank you all for listening into the podcast today. Please go, follow us on all of our social media. Check us out on Facebook, instagram, tiktok, youtube all of that fun stuff. Subscribe, tune in for the next one. Love you all. Stay sovereign.