Episode Transcript
[00:00:00] Speaker A: Naomi, it's great to see you on this side of the globe.
[00:00:04] Speaker B: Yeah.
Are you enjoying Australia? Because I left Australia, I love the idea of it, and everyone kind of looks at it like this anti authoritarian place where people are fighting for rights and individualism. And I did not find that to be my experience, experience there. And it breaks my heart. Although I did see something really heartening in the news today. Apparently, there was a mass organized movement of people pulling cash out of ATM's because they're doing, like, a big cash crackdown in Australia currently. And so people are fighting back against that, realizing that cash is really our most powerful tool for financial privacy that we have. And so there was, like, a mass movement of people pulling money out of ATM's. So that was, like, a cool thing that I saw today.
[00:00:56] Speaker A: Yeah, that was exciting. I will say at this conference again in Perth, you know, not the most heavily populated part of the country. There were 625 people who showed up for this conference. I think that similar to. Similar dynamic that you have with the United States, that it was, in fact, the liberal government, what we would consider more of, like, the republican equivalent of the United States that was in charge during the lockdowns and the mandates. And so, you know, that party and those leaders have lost a lot of credibility. And so, you know, I guess I wish I had seen a little bit more, like, everyone just wanted to say, just, like, wipe the memory banks. Didn't happen. Don't want to talk about it anymore.
And I know I'm a little obsessed with the whole issue of the policy interventions during the pandemic, everybody just universally referred to it over there as during COVID while it was like, no, during the authoritarian, totalitarian madness that took place. And I will say that I agree with you insofar as I did notice there is a difference. There did seem to be a big concern with safety and niceness. And, you know, that there was. I don't know if I'd say more of a meekness, but it definitely is not the cartoonish version that we have in our heads of people that are very ruggedly independent, you know? And then there was a lot of this. Everywhere you went, everybody was doing this kind of the equivalent of what we would do in the United States, where we start out and saying, well, first we want to thank the such and such tribe. What is that? You know, first nations or something that was everywhere.
[00:02:58] Speaker B: I think that this is a good segue into privacy talk, because I think one of the worst, most pernicious things to come along with pervasive surveillance is a kind of conformist culture that you're talking about. It is people wanting to really blend in with others, because I think that surveillance has become such a powerful totalitarian tool that people really can be singled out for their viewpoints and targeted and their kind of eyes all over what everyone is doing on the Internet. And this is actually really, really quite pronounced in Australia. So to walk people through what I see as a difference between Australia and America, in America, they pay lip service to privacy. At least they egregiously are overreaching into it all over the place. But at least there's kind of this idea of the Fourth Amendment, which is this curtailing of overreach when it comes to searches through people's private spaces lives. And so the United States kind of has that as a guiding principle. And then, you know, every time they try to ban and to end encryption, there's, like, a big fight against it. And people say, no, we have this fundamental right in Australia, they just kind of banned end to end encrypted and said, hey, we're going to surveil everything you do on the Internet. And everyone just went, okay.
[00:04:30] Speaker A: Shrug it off. Well, you know, I also, you know, as I mentioned, I'm still a bit jet lagged, so I forgot to, first of all, introduce myself, because I'm not usually doing these Twitter spaces for those people who don't know me. My name is Jennifer Anju Grossman. Naomi. And all of my friends call me Jag. I'm the CEO of the Atlas Society. We're the leading nonprofit organization introducing young people to the ideas of Ayn Rand in a whole bunch of ways, including animated videos, graphic novels, music videos. Of course, we have our summer conference and our esteemed faculty, one of which, Professor Stephen Hicks, I see in the audience. And today, I am talking to an old friend of mine, who, again, I think most of you will know. Naomi Brockwell. She is a tech journalist, a fan, film and tv producer, the creator of NBTV, teaching people how to reclaim control of their lives in this digital age.
Naomi and I first met, oh, gosh, it's probably about a decade ago, brought together by our shared love of Ayn Rand.
And Naomi was the very first emcee at our first gala Atlas Society gala and would have been doing a return role. But the lady is so much in demand that the day that we are having our gala, she is actually headlining at a conference on crypto technology and currency and commodities. So, given our shared appreciation of Ayn Rand, of course, Ayn Rand said, civilization is the progress toward a society of privacy.
Can you maybe start a little bit with your background and what inspired you to become a champion for digital privacy? And, of course, how you discovered Ayn Rand, for sure.
[00:06:40] Speaker B: And I'll expand on that quote, too, because it's one of my favorite quotes.
You said the first part, and I think that the whole thing is just great. Civilization is the progress toward a society of privacy. The savages whole existence is public, ruled by the lords of his tribe. Civilization is the process of setting man free from men. And I just love that. I love the idea of individuals being allowed to live their individualist lives by their own choices. If you're not hurting anyone, if you're not taking their stuff, they're just kind of live by your own values, and you have the right to be left alone. And I think that in a world where every private space is overreached into by people who have a monopoly on force, that becomes a really scary situation, because suddenly you no longer have the right to your own life anymore. You no longer have the freedom to make your own choices. Everything is monitored and hence controlled because the watch are never free. And I just think that privacy is such a fundamental pillar of a free society, and it's something we don't really think about, right? It's something that if you'd asked people 20 years ago, is privacy a fundamental, if people thought about it, they might agree with you, but it isn't something that probably really affected them. Until we enter this digital age where everything we do is online, and we start to see the ways that all of our private spaces are being encroached upon and controlled and censored, and then it suddenly becomes very personal and real, and we do start to see freedoms of operating with censorship and controls. And, I mean, just today, you had developers of samurai wallet being arrested because they contributed to code base of a tool that allowed people financial privacy on the bitcoin network. And so I just feel like we're really starting to realize how important privacy is if we want to have the freedom to live our own life as individuals, by our own moral code, by our own choices. And it's such a fundamentally important part of being human that I think it warrants protecting. So that's why I'm involved in this space.
I just want to help people learn how to reclaim their privacy. In a digital world. It is difficult. A lot of people don't understand it. There is a technological barrier to entry, and that people don't quite understand how pervasive surveillance works and how trucking mechanisms work. And so my aim is really just to try to demystify that so people can understand it better and hence make better choices that do help them reclaim their privacy.
[00:09:22] Speaker A: You have used a phrase that I had not come across before, and that is digital exhaust. What is it? What are some of the tips for cleaning it up?
[00:09:32] Speaker B: So, digital exhaust is that trail that we leave behind us in everything we do. So it's that metadata that gets leaked from everything we share. It's that information that is collected every site we visit with every tracking pixel that notices us on a web page. It's the digital footprints when we sign up for a service and we leave our unique identifiers, and then all of that stuff ends up in data breaches. It's all of that cumulative exhaust, as I like to call it, that we're leaving in our digital existence. And it's this fundamentally different world, right? Because pre Internet lives were kind of ephemeral. You know, you have an interaction with someone, you see them in the street, you wave hello, and that conversation disappears. It's transient. It was just this one off occurrence, and it only really continues to exist in the memory of the two people who witnessed that conversation. Now, when we interact with people, it's permanently etched on the Internet. It's permanently etched in databases that have collected records of everything we've liked, every person in our social graph, every interaction we have, every activity that we made on the Internet.
And so the digital exhaust kind of becomes this trail that we don't quite realize we're leaving behind, because our lives have become these permanent records of digital activities. And so I talk a lot about this because I want to teach people how to get rid of this digital exhaust.
How do you live a digital existence? I don't want people to throw away their devices. I want them to live a modern life where they get to interact and connect with people, people in a. In a global world. I love that. I love the interactive, like we're doing right now, like what we're doing right now. It's wonderful. So, like, how do you enjoy this wonderfully interconnected world while still kind of protecting yourself and not leaving this trail of digital breadcrumbs everywhere you go that people could potentially piece back together and use against you? And so some of the ways that, you know, I talk about cleaning up this digital exhaust is use a better browser. Are you using one like Google Chrome, that sends all of your information to Google, even keystrokes in your search engine that you haven't even clicked enter on Google's capturing everything you do. Are you doing that, or are you using a more private browser? Are you using Gmail, which is a free service? And you've got to think, why is Google giving away the service for free? Well, because they're an advertising company and they learn a lot about you through your email. So are you using this free service where they're capturing every email you send and receive and analyzing it, or are you using a private provider that is not collecting that information about you? Are you using something like SMS, which is a fundamentally insecure protocol that is not at all private, that people can see your messages and intercept calls? Are you utilizing that system, or are you using end to end encrypted messaging? All of these choices we do and we make in our daily lives make a huge difference to how much digital exhaust we leave behind us, because one of them literally leaves a trail, a log of our activities that someone can later sift through at any time. We have no control over who gets access to that data, and the other one encrypts it or doesn't collect it at all. And it's just a fundamentally more private way to live a digital existence. So that's kind of what I mean by digital exhaust. This trail we may not realize we're leaving behind, because we did come from this world where interactions and activities were ephemeral, but this digital exhaust is very real. People do need to be aware that times have changed, and they need to start to be mindful of this digital exhaust.
And the great news is that a whole lot of it is just in our own control. A whole lot of it is just up to us making better choices with the technology we use.
[00:13:40] Speaker A: So a lot of times we think about the need for privacy in terms of threats from the government. We saw what happened in Canada with the truckers who were protesting the mandates for vaccines and the government just being able to restrict their accounts. I mean, of course, we know the situation in China and the social credit scores and the fears that we could be going down that same path with things like central bank digital currencies or contact tracing. But when you talk about people, bad actors, that could piece things together, does having too much digital exhaust, does it also make you vulnerable to, you know, to thieves, to crooks? I remember I was just down in Australia, as I mentioned, and my, one of the people that works for the Atlas assistant sent me this exchange that somebody had said, oh, hey, carly, I'm in the meeting. I can't talk. Can you do me a favor. Can you go out and buy such and such? And the only way that this woman knew that it wasn't me talking to her was that I said, I used my name, Jennifer, and I never. I always go by Jag. So, I mean, you know, I was like, how would somebody have possibly not only gotten, you know, my number or the staff person's number, but known about the relationship between us? So to what extent does having too much digital exhaust also possibly increase your chances of hacking and those kinds of things?
[00:15:28] Speaker B: Yeah, it absolutely increases it. In a nutshell. I want to start rewind to what you said at the very start about China and the social credit system, and then work our way through to, you know, talking about hackers, etcetera. So it's kind of an interesting thing to compare China with the United States, because if you compare the surveillance systems of the two countries, they're not that dissimilar. America and the american government is collecting a huge amount of data about its citizens, just like it's insane how much data. And the question really comes down to how is that data being used? And currently in China, the data is being aggregated in a very centralized way where every facet of your life is kind of being tied together. And that is being used to determine what kinds of social services you have access to, whether you can ride the fast train or whether you have to ride the slow train, whether you're allowed to make hotel bookings, whether you're allowed to pass out of the area where you live, what school your children can go to. All of that information that's collected about whether or not you're a good citizen is just tied into this cohesive picture of who you are and what you're allowed to do in your life as a result. And in America, it hasn't quite been so cohesively tied together, and that doesn't mean it's not going to. All that data is available, all that data is collected. It just hasn't kind of seen this central cohesion of tying that together. But it started, right? And you can kind of look at that in terms of, well, all of the data that's kind of been collected from your social media and all the flags that Facebook might put on your account to shadow ban you or YouTube might put in your account. It got leaked a little while ago that YouTube was giving certain channels this secret kind of rating according to whether it was considered a good channel or a bad channel. And the good channels were all of the major news outlets and the bad channel where anyone that YouTube disagreed with, and they were kind of internally given this code. So, like, that kind of data is all being sold and aggregated. And the government is one of the largest clients of this data. So they're buying a huge amount of data about us from the private sector just through data brokers. And then you've got, like, you start to see the cohesion of this data and things like when you drive your car, you think about all of the data you're giving away, how fast you're driving, how well you're driving, and then you find out actually that data is being sold to insurance brokers. So you start to see this melding of, well, your behavior in your car is going to dictate what premium you pay on your insurance, and you've got that sort of cohesion working, and then you've got, you know, medical data, which is all being amalgamated in electronic health records and in these health exchange centers and that data, I mean, like, we're starting to see these little pockets of data kind of forming together where one sector of your life is informing what you can do in other sectors of your life. So we don't yet have this centralized cohesion of all this data, but we're seeing all of these pockets and it's starting to get there. It's definitely something we should be keeping an eye on because it starts to get pretty scary pretty quick as all this data is collated together. And then we get to what you're saying about the vulnerability aspect. Are we more vulnerable to hackers and malicious actors because of all of this data? Absolutely. So let's talk about some of the ways that different aspects of our lives are tied together by hackers.
Presume that every service that you have ever used has been breached. And that seems like a crazy statement to make, but there's a great quote by the former CEO of Cisco where he said, there are two types of companies in the world, those that have been hacked and those that don't yet know they've been hacked. And so you just kind of presume that there are people in every system. You know that if you use your telephone number and your email address to sign up to Twitter, there are people who know what that is. And there have been data breaches. If you've used any FAANG company, your data is on the dark web, your health data. I mean, they're just rife exploitation through people who are doing ransomware attacks and encrypting all the data. And basically they're taking that data first and they're distributing on the dark web a lot of the time. So just every facet of your life, every service you use, your Strava account that you've used, your Facebook account, your JP Morgan transaction details, like all of this stuff gets breached, the data gets exfiltrated, it ends up on the dark web. And so how is that data kind of used?
Well, there are just a ton of tools that allow you to sift through this kind of data. And so one of the things I tell people is like, be really careful of using different tools in your life and using unique identifiers that can tie these activities together. So, for example, I might sign up to Twitter and I use my cell number, but then I sign up for Facebook and I use the same cell number, and then I sign up for my medical provider, and I use that same cell number. And then I sign up for all these other services. I use that same cell number. And then one of the things that malicious actors might do is just go into these data breaches and just look for that cell number and start to see all of the different services that we've tied to that unique identifier or our email address or, you know, any of these, these things.
And you start to realize that unique identifiers like cell numbers and email addresses become these tools for tagging us and aggregating all of our online activity in a really easy way. That's a super dangerous thing that you don't want in your life, because you don't want someone knowing that you had a veterinarian appointment yesterday because of some data breach that tells you your client there. That makes you a target for a phishing attack if someone wants you to download, load something malicious. I think that people should really start to get into the habit of using aliases online, and those aliases should apply to your email address. So you should be using like, mail forwarders and aliases. Things like simple login are great. People should be using VoIP numbers instead of their cell number. So, you know, services like Mysudo is a great VoIP provider where you can get a number for a dollar and you could just use that and then use a different number and a different service. And then aliases in terms of your actual name. When you're shopping on Amazon or when you're shopping at some online retailer, do they need to know your actual name? And then you got things like credit cards, right? Because if you're buying something online, they need your actual credit card number, they need your name, they need to know your home address, and you start to think about how many merchants, how many thousands of people you purchase from a year who now have your personal home address and your real name name, or things like credit card masking services. You can give any name you want, and you can give a masked credit card, and you can give any address you want, and the payment will still go through. So just understanding that there are privacy tools at our disposal that can better protect our privacy and really protect us against being so vulnerable against attackers, I think it's just really great to be informed about what tools are available and to just try to start exploring them. Because if you can find a way to not have every online activity you participate in be able to be linked together through these unique identifiers, you're going to go a long way to protecting yourself online.
[00:23:48] Speaker A: So I want to encourage anyone who would like to ask a question to go ahead and raise your hand and we will bring you on up and have a chat. But I did see that there was this one question in the comments, and that's from Guardian, who asks any thoughts on the privacy implications and other implications of government mandated kill switches in cars? There's law attempting this in the US. So either that, Naomi, or anything else about privacy in your own car?
[00:24:23] Speaker B: Yeah, car privacy is terrible. I'm actually working on a piece right now. I've been writing a script for our next edition of our car privacy series. So if you guys want to learn about all of the egregious data collection happening from your car, we have a video that has a million views out there that kind of dives into the details. But you're going to be shocked because a lot of people think, well, my car is this private box that takes me from a to b, and it's this place where I could have a private conversation. Right? A lot of us think of it like that. No, the car is the worst place for you to take a private conversation, because in your car, it's not this box that takes you from a to b. It is a smartphone on wheels. Like, think about your phone. You've got this device, and on that device you have like 100 different apps that are all sending pieces of data back to all these different companies and developers. Your car's exactly the same. You have this box, and on it you have hundreds of computers bolted on top that are all sending data back to all of these different organizations. Whether it's your insurance provider, whether it is a data broker, it is just a data collection machine. It's insane. And no one really knows about it. No one's really talking about it, but this has been going on for a very long time because you started in the early years, you had things like Sirius XM, like satellite radio, and then people realized, oh, you know, through this, we get a certain amount of data, we could actually sell that. And that could be a revenue generating opportunity. Let's do that. And then they started to realize, oh, wait, all of this data is a revenue generating opportunity. Let's see what we can sell.
And so cars are just these abominations of things that. And you think about all the remote capabilities, right? These days you have an app and it tells you how much petrol is in the fuel tank, it tells you what the temperature of the car is, it tells you your exact gps location, it tells you the history of your travel movements. It tells you, you know, whether the car's unlocked or locked. You can probably unlock or lock it through the app on your phone for, you know, lots of these modern cars. It has cameras that you could just log into so you could see your car, you can see where it's parked, you can see all around it. If it's a remote capability, you're not the only one who can access that data. And none of this data is end to end encrypted. So immediately, that means that these companies obviously get access to it. So understand that companies can get access to your exact location and the activities you do, they get access to the microphones and cameras, and you're kind of just trusting on their honor policy that they're not going to be abusing those privileges.
And it turns out that cars are incredibly insecure. So all of these features I just mentioned, actually, it's not just the company that gets access to it is probably any half decent hacker who wants to get access to your car, because privacy and security are an afterthought for these companies, and a huge amount of work needs to be done to make these systems more robust and just start to protect people. I think this is a conversation people are only just starting to have. It's very early. The privacy conversation in general is pretty early, although now people are starting to use private messengers and private browsers and things like that. They're not yet looking for private cars because I don't think they quite realize how non private cars are. So I think that's coming, and it's an uphill battle. But things like kill switches, remote capabilities, all of that. Yeah, these are all things we should be mindful of and wonder, do we want to live in a world where someone else gets to control where we move in our vehicle and gets access to all the things we do in it, because that's the world we're in right now.
[00:28:34] Speaker A: Well, I drive a Tesla, so I guess I'm completely screwed, because any car is just a computer with some wheels. It's got to be that one. And what you're saying really resonates, because I was at Peter Diamandis's abundance 360 conference last year, and I didn't quite understand what they were talking about, but there was this big push because there are all of these tech companies there, and they were saying, look, you guys are probably ignoring your biggest potential revenue source. No matter whether you've got an app or whatever kind of tech company you have, you have data and you should be monetizing your data. And now I think we know exactly why, why they're doing that and what the dangers are.
[00:29:23] Speaker B: Yeah, I mean, just on that note, I'll just add, I read a brilliant book that all of you should read if you care about learning more about this stuff.
So, Byron Tao is a wonderful journalist, and he wrote this book that talks about the apps on our phone. And so when you're talking about opportunities for monetization and kind of leaving money on the table, he kind of lifts the veil on this insidious world of app monetization.
And you think about the random apps on your phone, and you've probably got hundreds of them and you probably shouldn't have.
There might just be some compass app, and it was free to download, right? And then that compass app turns out to be really popular and it gets like a million downloads because people are like, I want a compass for all of that navigating I need to do, and, you know, insert whatever app you want. So there's this whole underground world where app developers will have someone reach out to them under the guise of, oh, I work for a humanitarian organization, and I'd like to put this SDK in your app. So this, this little bit of code. And that's just going to allow me to collect some analytics from your app, and in exchange, I'll give you, you know, several thousand dollars a month. All you got to do is just put this little code in your app, and you have to imagine how many developers go from saying, like, well, this was just a side project. I wasn't making any money to suddenly I can make thousands of dollars a month just by putting this tiny little bit of code in my app. Sure, I'll do that. Just presume that every app on your phone has been infiltrated with code that even the developer doesn't understand what it's doing. And that humanitarian organization that inserted that code, they're probably a data broker, or perhaps they're a shell company for a government organization. It turns out that governments are heavily utilizing apps as a way to track people and their activities on their phone. And what kind of data are these apps collecting about you? Well, they might have access to your gps, so they're collecting all of your movements. They might have access to your sensors, so things like your accelerometer and gyroscope, so they can again, very precisely track your movements. Maybe they have access to your network and they can see what other devices on your network. And that way they're able to create a social graph of all the people you visit because they're able to correlate the people you see on this network. And then you can see them on this other network, could see where you travel. Maybe they get access to your contacts list. Another great way to just get a whole list of people's email addresses and telephone numbers, et cetera. So these apps in our phone that we're downloading, we need to be really mindful of not only what do we know about the company who created this app, but does the company know what's in this app? Or has the company actually been asked to put a small piece of code in there to allow some other company to collect data? And that's just the reality of that. So now our phone, with this monetization that that happens there, I recommend that people have as few apps on their devices as possible. Our phones are intensely personal things that we carry with us everywhere we go. They have microphones, they have cameras, they have all this location tracking tools on there. I don't think that we should be putting all of these apps on our phone where we don't really understand what they're doing when all of that data is just being harvested and we have absolutely zero control over where that data ends up. And governments, you know, some of the largest clients of purchasing this data. So just things to keep in mind about this connected world. We can absolutely engage with the technology around us, but I also don't think we need to be reckless about it. And I don't think we need an app for every social engagement that we have. Like, I'm going to this conference, let me download their app, or I'm going to this store, let me download their app. I want to know what this plant is. Let me download. This is leaf picture taking app. I mean, I just think we need to start being smarter about these very invasive tools that we put on our insanely personal devices.
[00:33:35] Speaker A: All right. Diana has been very patient, but it sounds like she agrees with some of what she's hearing. Diana, do you want to unmute? Ask a question. Observation.
[00:33:47] Speaker C: A hundred percent. And it required no patient at all to hear. To Naomi, it's just knowledge. Thank you.
So I actually have two questions. Let me introduce myself. I'm a journalist and communicator. I have my experience built into the blockchain industry and hearing about privacy both as a Latin American who comes from situations where definitely privacy has become some sort of necessity rather than a luxury, of course. And working at a space where certainly the use of words like privacy seem rather overused and not thoroughly explained as to how it's been actually applied really well, my boyfriend told me not to say this. Tickle my fancy. I still don't know what that means, but it's very interesting to me to talk about that. I think that that's how you use that phrase. Anyways. So I have two questions about privacy today.
So first, Naomi, I picked up your book on Amazon, and it's great job.
I have two questions when I read it at first, the first bit. Right. So I want to know thoughts on the problem related to fraud and scams using social engineering. I only ask this because, like you said in the book, usually most of us are not a particular focus for a hacker individually. Right. But scams will look to extract their personal data directly from us.
What should be the. What should we be on the lookout for?
What is not very obvious? What will be, what was? What will be something that the normal person that is getting their data extracted, maybe not through an app, but directly through, I don't know, like LinkedIn, for example. Someone coming up to you on the LinkedIn, and they show you, like, a web page, and, you know, what? What are they asking of us, and how are we doing a disservice to ourselves by handing out that specific data? Let's say, am I in trouble if I fall for one of these frauds and I give my phone number? Or, like, there's a lot of illiteracy when it comes to these, let's say, basic forms of personal data filtration or robbery, I guess, will be the word that is not as technical or technological as what it has been referred to. For example, we don't have quite that issue of not being safe in our own cars because many cars don't have the technology to hear us.
We do have cell phones, of course, different technology, different problem. But I would like to know first thoughts on this.
[00:37:37] Speaker B: So, if I understand the question correctly, you're talking about scams and us handing over information that could facilitate scams on places like LinkedIn. Is that correct?
[00:37:51] Speaker C: Correct. Yes.
[00:37:53] Speaker B: So I advise people to be very careful about ever handing over information if you don't have to.
We kind of talk about it as if I have nothing to hide, but I think a better reframing is I have everything to protect. And all of the information that you put out there, it is a potential tool that could be used against you. It doesn't mean that we can't share parts of ourselves and our lives, but I think that we can use more discretion with whom we share that data with. So some examples, people are quite often talking about their exact location and they're telling the whole of Twitter, is that something that we need to be doing, or can we reduce the scope of that? Can we use something like signal and use the stories on signal and just share it with a group of friends? If they're the people that we actually want to connect with, if we're using an online merchant and they ask for our name and telephone number and email address, do we have to give them the correct ones? Or can we use an alias? Can we use a VoIP number? Can we use a different alternative name? I think often companies get in the habit of just asking for information by default, and we just kind of hand it over by default. And I think that this is something we need to reframe because I don't think it's serving us. I think that it's potentially hurting us.
And I think we also need to get into the mindset of being far. Are more skeptical when people ask for information.
I had an interesting experience just to kind of show what my process is. So I got, I was in interactions with a company, and there was, like, a payment involved in these interactions. But then suddenly I got, like, this weird red flag where I'm thinking, wait, am I sure that I'm talking to this company? And I had to kind of retrace the steps of, well, how did I initiate communication? Was it them who initiated it? Was it me? And the reason I started to get red flags was, you know, I, first of all, my email tells me, oh, the person who sent this email, it didn't pass our verification. This might not have been correctly forwarded, or perhaps it was spoofed. And I was like, oh, was this email spoofed? Can I verify somehow that this is actually the person that I intend to be talking to. And then there's another red flag. They were like, okay, make this payment through this site. And, you know, I, first of all, I looked at the URL, and me being a particularly cautious person, I run it through a site that can kind of scan that address and see, is this a legitimate site? And it was all green. I could go ahead. So I go there, but then the site is asking for my bank details. And I'm thinking, why does the site need my bank details if I'm making a transaction that's sending them money? So all of these things kind of rushed over my head. I was like, okay, let me go through the steps. How do I verify that this person I'm interacting with is legitimate? So I go to this company's website. There's no contact information, right? It's a well known company, but there's no way to contact them directly. There's no email, there's no phone number. So I send them a message through their contact page, but I don't hear back from them. And so then I'm thinking, okay, well, how else can I verify that this is actually the company that I'm talking to and that this transaction is legitimate? So I ended up going through, like, a person I knew who knew a person who knew a person to get an email that I knew was someone who worked at that company. I email them directly. I get a response from the other person I'm talking to who says, yes, this is all me, but thank you for verifying. So it all ends up that this was a legit transaction. But the point of the story is that sometimes we can be talking to someone and we think that we're talking to a particular company or person and they ask something. But if you ever get any spider sensors that you're like, oh, wait a second, maybe I should just double check. I think you should absolutely listen to those instincts, because these days it is so easy for people to spoof email addresses, phone numbers, even voice cloning. These days, we're looking at video cloning. There have been scams where people will do, like, a video call with who they think is their CEO and who will authorize some sort of transaction, and it turns out to just be AI. And so we're entering this world where we have to be more skeptical than we've ever been of interactions that we have, and it seems like a bad way to live. Like, do we really want to be second guessing every interaction that we have? But unfortunately, that is the reality of the situation. In a world where we're giving out so much personal information about ourselves that it becomes very easy for someone to know things and very realistically replicate and fake. Being someone in our social circle, we need to apply some skepticism to our interactions and whether that's just verifying. Like, if a company calls you, don't hand over any personal details, don't answer your security question, don't do anything. Call them back, and call them back on a number that you know is the number of that company. You know, search for that company online and find their official contact details. Get back in touch with them through there, and then hand over your email information, because if someone just calls you, you have no way of verifying that they are who they say they are. And it's incredibly easy to spoof a number.
So just. I think we need to be applying a lot of skepticism in our online interactions because it is getting easier for people to get scammed and just start to protect ourselves a little more. We could be a little reckless with how much data we hand out there and how much information we willingly give away. Someone on the phone, like, I've had. I've had friends who've had their entire bitcoin account drained because someone called them and said, hi, I'm from Coinbase. And that's all it took for this person to say, oh, this must be legit. Let me give them my password. And so I just think we need better education. We need to remind people that verification is important, especially when we're doing. When we have interactions online or with people we haven't met or over the phone, verify, be skeptical, and just double check things, because the world is getting pretty crazy out there.
[00:44:21] Speaker A: Diana, did you have another follow up?
[00:44:25] Speaker C: Thank you so much, Naomi.
Crazy story, but I can do you one better, but I can do you, like, five better.
But I will be mindful of the time. And thank you so much.
So a second one will be a take right on how to better the privacy narrative in crypto. I think that many people don't understand how it actually works just yet and end up getting in a vulnerable spot, like understanding how a smart contract call works, for example. That's even a real for me to say right now.
You know, when you share a wallet with a sketchy person who says that they're going to send you money, but actually, precisely like your friend, like your friends had it, right, happen to have their funds trained or, you know, right now what I'm seeing personally.
So you can have people saying that they're going to pay you for a job and they're going to send you cryptocurrency, and they're going to take you by the hand for you to create a crypto wallet, and then you have to add funds to that crypto wallet so you can release the funds, you know, like, you know, for someone who already have, let's say, the mindset that you have talked about of having the doubt already establishing the I have everything to protect kind of mindset that you talked about, I think that that is very important.
It's very obvious that things are taking like a, like a dire torn. Right. It's getting weird. But I'm talking, you know, in the names of my parents. I'm talking in the name of, you know, my friends parents. People who are looking into this now, are getting into this ecosystem now, and they have absolutely no idea how they're screwing themselves. And then even for me, it's so difficult to teach them why.
So I don't know if you have had that experience, you know, in a way that perhaps can shed a new light for me in this matter.
[00:47:05] Speaker B: Yeah, I think there are two parts to your question there. One of them is about crypto privacy, how people can, everyday people, could just protect themselves if you're using smart contracts or different chains, how does privacy work there? And then the other side of things is protecting yourself from crypto scams. So I'll start with the second part. I think that especially if you're new to this space, if you're solicited by some good Samaritan on the Internet, who is going to walk you through setting up a crypto wallet for the first time, don't do it. If you're entering the crypto space for the first time, you should be doing your research from people who have not solicited your attention. If someone DM's you out of the blue and says, hey, I've got an investment opportunity, if someone says, hey, use this wallet and you just need to send funds to it, and then I'll send you a bunch more. If anyone reaches out to you and you don't know them and they're trying to walk you through setting this up, be highly, highly skeptical. Crypto scams are incredibly common. The main tactic people use is the scammers will try to first build a relationship with you so that they can gain your trust. And they're not going to scam you immediately. They're going to prove themselves over, you know, several different anecdotes that they'll provide. And then finally, when you have their trust, then they're going to scam you.
And so just be really, really skeptical of all that. If you want to learn about this stuff, do it in your own time. Watch videos from people that you trust. There's a ton of resources online from very popular channels that are kind of going to walk you through. How do I set up a wallet? What is a wallet? What is a cold wallet? What is a hot wallet? What are the different coins? You know, what is a blockchain? Just start slow with all of that. And if anyone piques your interest by saying, hey, I have a get rich quick scheme, or I have a free thing for you, or I have this incredible opportunity, absolutely. Be skeptical and just ignore that person and tell everyone that you care about to ignore solicitations like that. They don't end well. Again, the crypto space is filled with scammers who are trying to hoodwink unsuspecting people. So just tell the people you love to protect themselves and make them aware that this stuff is going on. The second thing that you were talking about is just crypto privacy in general. How do I use cryptocurrencies privately? And this is a whole rabbit hole. It depends on which coin you're using, and it depends on how you use it. So, for example, something like bitcoin has a public ledger that will show a transaction graph of all the movements of that cryptocurrency. So that's a very non private thing. When bitcoin first came around, people would look at it and say, oh, it's pseudonymous. As long as I can protect my identity and never have it linked to any of these transactions, no one will ever know that this movement of funds was me. But it turns out that maintaining a pseudonymous identity is way harder than people realized.
Privacy is really, really difficult, and all it takes is for you to slip up once, and then your identity is irrevocably tied to that movement of money and the complete history of how that money has moved for all time. So be careful of coins that have their entire history public on a blockchain.
There are tools that can try to make it more private, but it's very well known that a lot of coin mixes can be basically relinked to people's transactions the way that cryptocurrency transactions attract. And this gets into a very technical discussion, so I'll try to keep it as broad as possible.
And there are two main ways that cryptocurrency transactions attract one of them is with a transaction graph. So basically just a blockchain where you could literally see a complete history of the movement of funds. But another way is all that peripheral information we're handing out. So the timing of transactions. Did you move funds into a private coin and then exchange it back out again into, into bitcoin? Was the amount that you moved a similar amount? Was it similar in temporal proximity?
Those transactions? What kind of wallet address type are you using? Because that's a way to fingerprint. Basically, tracking crypto transactions comes down to finding patterns in transaction movements and using very advanced computers to pattern match and basically create clusters of possible identities you could tie together. And just, what's the word I'm looking for? Making that smaller and smaller until you can identify someone. So when people think that they can just move money into a privacy coin, wash it and move it back out again, it's not true. Privacy comes at rest. And if you want to be actually using cryptocurrency privately, you have to be aware of the pattern matching going on, be aware of the wallet types that you're using, the address types that you're using when you use it. Are there patterns in your behavior? All of that stuff comes into play when, when tracking crypto transactions. So actually, crypto anonymity is difficult. You're going to have the best time with it if you're using a privacy coin, with that privacy baked in from the start. But even then, you still need to be aware of how you're using the money. And is it private at rest, or are you moving it from a non private chain to a private chain? So a lot of people in this talk, they might not, might not be interested in this conversation, because it does get pretty technical. One thing I will say is that as difficult and technical as crypto privacy is, it is our only option for making private digital payments. Because if you.
[00:53:34] Speaker A: Sorry, I don't mean to interrupt, but we have about three minutes left. So I also. Oh, time flies.
[00:53:40] Speaker B: Time does.
[00:53:42] Speaker A: But, yeah, if you wanted to finish that thought, and then also if there were any other main points or tips or takeaways that you, you wanted to leave us with.
[00:53:52] Speaker B: Yeah, I'll leave that there. And if you want to learn more about crypto privacy, we've done a bunch of videos on them, but I would just say that privacy is not sprint. It is a marathon, it is a process. And don't feel overwhelmed if you can see areas of your life where information is leaking through. If you're making an effort to take back control of your data through making better choices with your browser, your search engine, your messenger, your email, all of that sort of stuff. You're actually doing a huge amount to improve your privacy. So just take it one step at a time. Just make one improvement at a time, and you're going to make a huge difference in the amount of digital exhaust you leave behind.
[00:54:31] Speaker A: And what about just one last question? Things like Alexa and Siri and all of these devices that we use for convenience and also how AI is going to be playing into all of this.
[00:54:45] Speaker B: Yeah. So just don't have these listening devices in your home. Honestly, I think they're awful. And if you think about it, I mean, Keith Alexander is now on the board of Amazon. He was a former head of intelligence. I believe he was the head of the NSA, and then he went and joined the board of Amazon. And so you'll have a, you just think about like the amount of data collection and the collaborations going on with data sharing. Just be mindful of the tech you're letting into your life and into your home. If you have a listening device that is listening at all times in sensitive areas of your home where you have private conversations or even in your bedroom, maybe you should be rethinking your tech strategies so I would get rid of those things entirely.
[00:55:30] Speaker A: All right, well, that's low hanging fruit, I think. Something that all of us can act on and think about how we are using our searches, reducing the number of apps on our phone, using aliases, not repeating our data in ways that make it easier for people to track us and governments ultimately to track us. But like you said, Naomi, important not to get overwhelmed because I can see how it can be overwhelming and to take small steps to reclaim your privacy and to learn more. So this has been terrific. I hope we can do another one of these.
[00:56:13] Speaker B: I would love to. I love chatting with you. So anytime, anytime you want to have a conversation, invite all about friends on Twitter to join. Please let me know.
[00:56:23] Speaker A: All right, thanks everyone, and hope that you will continue to follow the Atlas Society. If you are interested in learning more about objectivism, please also check out our Galts Gulch 2.0. It is a conference that we are having in Washington DC later this summer. We have subsidies and scholarships available for students, so check it out. It would be really fun to meet you in person. Thanks, everyone. Bye.