In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple’s private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it’s not hackers with Wireshark), and share my approach with aliases.

I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google’s strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.

In this week’s episode:

1. Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias management
2. MAC address randomization: GrapheneOS vs Apple’s implementation
3. The real threats of public Wi-Fi in 2025
4. Info stealers and video games can be a privacy nightmare
5. GrapheneOS controversy: Developer conscription, Google’s lockdown, and the future of custom ROMs
6. Why antivirus software might be the malware you’re trying to avoid

Matrix Community Rooms

• Matrix Community Space - https://matrix.to/#/#psysecure:matrix.org

Individual Room Links:

• https://matrix.to/#/#lockdown-general:matrix.org
• https://matrix.to/#/#lockdown-podcast:matrix.org
• https://matrix.to/#/#lockdown-intro:matrix.org

Show Links:

• MAC Address Lookup - https://maclookup.app/
• OUI Lookup - https://oui.is/
• 33mail - https://www.33mail.com/
• OpenSnitch - https://github.com/evilsocket/opensnitch
• Privacy.com - https://privacy.com
• Lithic - https://lithic.com
• Kaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_government
• Google Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/
• GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718
• GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807
• GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916
• GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544

- Kevin Mitnick

In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robots.txt. I discuss why the “assume breach” mentality just leaves the doors wide open, using examples from Kevin Mitnick’s 1981 Pacific Bell infiltration to modern ransomware groups like Scattered Spider who breached MGM and Marks & Spencer through social engineering.

I also cover practical tactics for using public Wi-Fi, data curation techniques, the invisible surveillance net including Stingray devices, and provide a deep dive into GrapheneOS covering user profiles, app sandboxing, network controls, sensor permissions, and the proper use of sandboxed Google Play services.

In this week’s episode:

1. Ghost in the Source Capture the Flag challenge results
2. The military mindset problem in cybersecurity
3. Strategic use of public Wi-Fi for account creation and privacy techniques
4. Data curation tactics, and “Minimizing What Can Be Known”
5. Invisible surveillance net and Stingray devices
6. GrapheneOS discussion on user profiles, app sandboxing, network controls, sensors permissions, sandboxed Google Play services, and security architecture

Matrix Community Rooms

• Matrix Community Space - https://matrix.to/#/#psysecure:matrix.org

Individual Room Links:

• https://matrix.to/#/#lockdown-general:matrix.org
• https://matrix.to/#/#lockdown-podcast:matrix.org
• https://matrix.to/#/#lockdown-intro:matrix.org

Show Links:

• Noam Chomsky on Internet Privacyhttps://www.youtube.com/watch?v=QIWsTMcBrjQ
• Noam Chomsky on Advertising - https://www.youtube.com/watch?v=PfIwUlY44CM
• TryHackMe Platform - https://tryhackme.com
• Hack the Box - https://hackthebox.com
• Wired Article on DNC Stingray Surveillance - https://www.wired.com/story/2024-dnc-cell-site-simulator-phone-surveillance/
• IntelTechniques Data Removal Guide - https://inteltechniques.com/workbook.html
• Optery Data Broker Removal - https://optery.com
• Graphene OS - https://grapheneos.org

- Hajime Ryudo

In this episode, I discuss three key strategies for maintaining privacy and security across your physical mailbox, email, and phone. I discuss the growing Matrix community, explore alternative mailing solutions using co-working spaces, detail a four-tier email strategy, and examine the concerning spread of Flock ALPR cameras. I also share insights on anonymous eSIM options and answer listener questions about dealing with Know-Your-Customer requirements.

In this week’s episode:

1. Joining the Matrix community with Element
2. Physical mailbox strategies: UPS stores, virtual CMRA addresses, and co-working spaces
3. Four-tiered email approach using ProtonMail, Fastmail, SimpleLogin, and Gmail sock puppet
4. Mobile phone privacy with Mint Mobile and anonymous eSIM options
5. The Flock ALPR camera threat and how to protect yourself
6. Listener questions: Australian SIM card strategies with KYC requirements
7. Capture the Flag challenge details for June 21st

Matrix Community Rooms

It seems on Element X, it doesn’t list the rooms associated with the Matrix space, so you can click on each of these links to join the rooms:

• https://matrix.to/#/#lockdown-general:matrix.org
• https://matrix.to/#/#lockdown-podcast:matrix.org
• https://matrix.to/#/#lockdown-intro:matrix.org

Show Links:

• Matrix Clients - https://matrix.org/clients
• Matrix Community - https://matrix.to/#/#psysecure:matrix.org
• Smarty Address Lookup - https://www.smarty.com/products/single-address
• Expired Domains - https://www.expireddomains.net/
• Stealths.net (Anonymous eSIMs) - https://stealths.net/
• DeFlock.me (ALPR Camera Map) - https://deflock.me/
• Flock Safety Privacy Policy - https://www.flocksafety.com/privacy-policy
• EFF Article on DeFlock - https://www.eff.org/deeplinks/2025/02/anti-surveillance-mapmaker-refuses-flock-safetys-cease-and-desist-demand
• CTF Challenge Rules - https://psysecure.com/ctf

- “Future of Communications” Alan Watts

Official Website: https://psysecure.com

Podcast music: The R3cluse

In this episode, I discuss breaking free from the Apple ecosystem, the dangers of social media oversharing, and introduce our new Matrix community. I also cover the upcoming capture the flag challenge, share thoughts on the OSINT Defense & Security Framework progress, and rant about security theater at airports and online services that block VPNs.

In this week’s episode:

1. Apple’s $95 million lawsuit and the ecosystem lock-in problem
2. Why people overshare on social media and how OSINT can exploit it
3. Introduction to the Matrix community
4. Capture the Flag challenge launching June 21st!
5. Progress update on the OSINT Defense & Security Framework (ODSF)
6. Security theater: VPN blocking and other pointless security measures
7. Alternative YouTube clients for privacy (GrayJay and NewPipe)

Show Links:

• Matrix Community - https://matrix.to/#/#psysecure:matrix.org
• CTF Challenge - https://psysecure.com/ctf
• GrayJay (by Futo) - https://grayjay.app
• NewPipe - https://newpipe.net
• WiFi Pineapple - https://shop.hak5.org/products/wifi-pineapple
• System76 Laptops - https://system76.com/laptops
• Little Snitch (macOS Firewall) - https://www.obdev.at/products/littlesnitch/

- Nikos Kazantzakis

Official Website: https://psysecure.com

Podcast music: The R3cluse

In this brief episode between travels, I announce the “Ghost in the Source” capture the flag challenge, a cryptographic hunt on my website starting June 21st, 2025. At the end of June I will pick 3 lucky winners which will receive a 6-month TryHackMe subscription voucher. I also provide an update on our new Matrix community.

In this week’s episode:

1. Announcing the “Ghost in the Source” CTF challenge
2. Challenge details and rules
3. Prize information: 3 x 6-month TryHackMe vouchers!
4. Matrix community update for listener interaction
5. Future plans for OSINT CTF challenges

Show Links:

• CTF Challenge Page - https://psysecure.com/ctf/

- Motoko Kusanagi

Official Website: https://psysecure.com

Podcast music: The R3cluse

In this episode, I explore the privacy implications of using AI apps like ChatGPT and Claude on mobile devices. I discuss why ChatGPT’s requirement for Google Play Store login and audio recording storage led me to Claude on my GrapheneOS device. I also cover my daily app setup, Windows telemetry blocking with SimpleWall, macOS privacy with Little Snitch, and the potential of System76 Linux laptops.

In this week’s episode:

1. Privacy comparison between ChatGPT and Claude AI apps
2. ChatGPT’s audio recording storage and data export concerns
3. GrapheneOS setup without Google Play Store login
4. Using FUTO Keyboard and FUTO Voice for local transcription
5. Essential privacy tools: SimpleWall for Windows and Little Snitch for macOS
6. Windows Subsystem for Linux (WSL) for developers
7. System76 Linux laptops as a privacy-focused alternative

Show Links:

• Anthropic Claude.ai Encryption - https://privacy.anthropic.com/en/articles/10458704...
• Duck.ai - https://duck.ai
• Futo Keyboard & Voice - https://futo.org/
• Aurora Store - https://auroraoss.com/aurora-store
• SimpleWall (Windows Firewall) - https://github.com/henrypp/simplewall
• Little Snitch (macOS) - https://www.obdev.at/products/littlesnitch/
• GeoSpy (OSINT Tool) - https://geospy.net
• System76 Linux Laptops - https://system76.com/
• Mental Outlaw YouTube Channel - https://www.youtube.com/@MentalOutlaw
• DaVinci Resolve - https://www.blackmagicdesign.com/products/davinciresolve
• OSINT Defense & Security Framework - https://psysecure.com/services/odsf/

- █████████

Official Website: https://psysecure.com

Podcast music: The R3cluse

In this episode, I discuss what has been keeping me away from the mic, the Open Source Intelligence Defense and Security Framework (ODSF), and share updates on privacy topics including browser security, autonomous taxis, airport security cameras, and managing cryptocurrency. I also address listener questions about anonymous SIM cards and creating separate online identities.

Official Website: https://psysecure.com

In this week’s episode:

1. Introducing the Open Source Intelligence Defense and Security Framework (ODSF)
2. Browser privacy comparisons (Firefox, LibreWolf, Brave, Mulvad)
3. Experiences with Waymo autonomous taxis and privacy considerations
4. TSA security cameras and opting out of facial recognition
5. Listener questions about anonymous SIMs in Australia and creating sock puppet accounts
6. Using cryptocurrency

Show Links:

• BIP39 Generator - https://github.com/iancoleman/bip39
• Phoenix Wallet - https://phoenix.acinq.co
• Zeus Wallet - https://zeusln.com
• LibreWolf Browser - https://librewolf.net/
• OSS Document Scanner (GrapheneOS) - https://github.com/Akylas/OSS-DocumentScanner
• Mullvad Browser (randomDataOnCanvasExtract) - https://github.com/mullvad/mullvad-browser/issues/358
• Mullvad Browser (Letterboxing) - https://github.com/mullvad/mullvad-browser/issues/152

- Me

Official Website: https://psysecure.com

Podcast music: The R3cluse

In this episode, we dive into Apple’s latest privacy retreat with the removal of Advanced Data Protection (ADP) for iCloud in the UK. We break down why Apple made this move, how ADP works, and what it means for users who care about encryption and data security. If you’re in the UK and using Apple’s ecosystem, this episode is a must-listen as I cover strategies to keep your data secure despite Apple’s decision.

In this week’s episode:

1. The UK’s Investigatory Powers Act
2. A technical breakdown of how iCloud ADP was supposed to protect user data.
3. Alternatives to iCloud, including Nextcloud, GrapheneOS, and secure backups.
4. Threat Modeling & The Privacy Spectrum
5. Listener Questions, addressing concerns about online privacy, social media exposure, and what to do when friends dismiss security risks.

Show Links:

• Apple pulls data protection tool (BBC News) - https://www.bbc.com/news/articles/cgj54eq4vejo
• Apple Intelligence - https://www.macrumors.com/2025/02/11/apple-intelligence-re-enabled-in-latest-updates/
• pfSense Guide - https://psysecure.com/complete-setup-guide-to-pfSense
• Nextcloud Guide - https://psysecure.com/self-hosting-nextlcoud
• Möbius Sync - https://mobiussync.com/
• Obsidian - https://obsidian.md/

- Anonymous

Podcast music: The R3cluse

Official Website: https://psysecure.com

Podcast music: The R3cluse