Don't Get Caught With Your Drawbridge Down! Just how secure is your computer right now? My guess is that you probably don't really know. Computers and the Internet have revolutionized the modern world, but if you're like most people, you have no clue how these things work or what the real threats are. It's not your fault. Where would you have learned about this? Who would have taught you? While there are tons of technical books on 'cybersecurity' for people that already understand computers and networking, there are almost none for regular, everyday folks. That's why I felt the need to write this book.
Protecting your computer is like defending a medieval castle. While moats, walls, drawbridges and castle guards can be effective, you'd bankrupt the kingdom trying to build something dragon-proof. Security is never absolute, so it's about making the right trade offs and finding the defenses that offer the most bang for the buck. Just like we've learned over the years that we need to wear our seat belts, install smoke alarms, and put on sunscreen before we go to the beach, there are dozens of no-brainer things we should all be doing to protect our computers and safeguard our data.
I've structured this book to give you the maximum benefit with the smallest amount of effort. If you want to know the 'why', I explain how these things work in simple terms than even non-techies can follow; but if you're short on time, you can skip straight to the checklists at the end of each chapter. Each checklist comes with step-by-step instructions, including pictures showing you what you should see on your computer. Topics include: choosing and managing passwords, securely browsing the web and communicating with others, shopping and banking online, creating automated backups, locking down social media accounts, and even some tips for safeguarding your kids online. And if you want to go the extra mile, this book also explains some of the more interesting and important aspects of security such as encryption, password cracking, home networking, the Internet, VPN's, and more! This book covers most recent versions of Microsoft Windows and Mac OS X.
Educational and practical cybersecurity and privacy advice for consumers, covering computers, phones, networks, Internet usage, communication, and parental controls. The book contains over 180 tips, most of which are relatively simple and free. Parker explains concepts clearly, with helpful analogies.
Each chapter includes the "why," explaining the importance of the chapter's topic, and the "how," a checklist with specific steps and screenshots to increase your digital security and privacy. Each chapter also ends with a concise summary and recommended resources.
Parker is a former software engineer who's passionate about privacy. He's also raised children through high school age, so he's able to address digital parenting topics.
This is a review of the 5th Edition (2023). I've also read the 2020 and 2018 editions.
Notes Privacy Matters Difference between security and privacy is that if someone steals your stuff, you can generally replace it. If someone breaches your privacy, you can't get it back. Security failures can be fixed; privacy failures can't.
Raise the Drawbridge! Parker doesn't install anti-malware software on Macs. If you want it, he recommends Malwarebytes (free version), Objective-See software (e.g., Block Block, RansomWhere).
In Windows, enable Controlled Folder Access to limit risk of ransomware.
MacOS' Lockdown Mode can be useful for normal people when traveling abroad, attending a protest, or in any situation where you could be arrested.
Spies in Your Midst Parker is in favor of ad blockers because they protect against malvertising, but says that sites have right to refuse access to people blocking ads, because it prevents them from earning revenue that pays for the content.
Chrome, Firefox, Safari are "very secure." Firefox, Safari, and Brave are tied for most private browser, Edge is close to Chrome, and Chrome is worst. Parker recommends Firefox.
Assume everything you do in Chrome is tracked by Google. In 2020 Google was sued for tracking users even in incognito mode.
uBlock Origin is only privacy add-on Parker recommends for Firefox.
Google's "Results about you" tool lets you request removal of search results that contain your personal phone number, home address or email address.
Set your router to use a third-party DNS provider such as Cloudflare, Quad9, NextDNS. Manually change DNS server settings on laptops and mobile devices for when they're away from home. Encrypt DNS queries for additional privacy (set in OS and/or router). Note that using a privacy-respecting DNS provider, even with encrypted DNS queries, won't prevent ISP from seeing your traffic, because they can still see IP addresses on packets, and figure out the domains they match. Using a VPN will prevent this.
Coded Messages and Wax Seals Don't unsubscribe from spam unless you know sender; just mark as spam.
To create password-protected zip file on Windows, use 7-Zip; on Mac, use Keka.
Protect the Market and Town Square Private cloud storage: Sync.com, Proton Drive, pCloud
Watch over the Lads and Lasses Kids email services with parental controls: ZillaMail, KidsEmail, TocoMail
DNS filtering to block objectionable websites: OpenDNS, Cloudflare 1.1.1.1 for Families, CleanBrowsing
Armored Carriage: Your Mobile Castle Secure messaging: Signal, Session, Threema, Matrix
Odds and Ends Don't use insurance trackers. They can collect a lot of personal info, and possibly resell. Older devices that plug into vehicle computer may be less privacy-invasive than mobile app, but can still collect personal info.
Don't install vehicle manufacturer apps. They can collect data from car and phone, which can be shared or breached.
Prevent ID theft after someone's death
• Send copy of death certificate to IRS. • Send copy of death certificate to Social Security Administration. • Cancel driver’s license (and any other license). • Notify large credit bureaus: Equifax, Experian, TransUnion, Innovis. • Notify financial institutions. • Notify health insurance provider(s).
When I was still in school, I asked my parents if they could buy me a book as an early birthday present. But despite the fact that one of them has a degree in IT, both were confused when I pointed them towards this book in particular. But this is honestly one of the best gifts I’ve ever received from them — in the year or two since I’ve had it, I come back it often, and it has, without sounding like I’m on a soapbox, changed my life and the lives of those around me. I’ve written a lot of book reviews on here, but this is always going to the book that I’ll recommend the most.
If you use the internet at all, you probably don’t need me to tell you that the state of it is somewhat dire. Late stage capitalism and the slow (but now rapid) erosion of privacy and security for the sake of profit and data collection… despite the limitations of technology ‘back in the day’, I sometimes wish I could go back to my parent’s time, when technology had reach but was also less ‘evil’. The thing is, most of us know this. But our options are limited. Delete all social media? Not use our cellphones for everything? Yeah, there’s no easy fix, not even when avoiding the Internet entirely isn’t even enough to keep you off it. But this book is a REALLY good fix for many of the current issues surrounding the security and privacy of everything we do not only online, but also offline.
I’m going to assume you’re someone who already cares about this issue, but if not, head over to the author’s website — his blog outlines a lot of good reasons why you should care about this and what you can do about it. But this book is a culmination of that blog and more, and it’s incredibly helpful. I know my way around basic coding and have some above average software knowledge, but I didn’t need any of that for this book. It is so so user friendly, and will genuinely walk you through (or provide resources for) things like logging onto your computer, but also the more complex stuff.
So what exactly is this book? It’s a lot of things, and despite being nonfiction, is a book I’ve read for fun quite often, because the author’s passion for this topic and technology in general really shines through in a way that’s surprisingly endearing. This book is a guide to how to protect yourself and your data online, in all spheres, and why you should care to do so. It also helps to make those around you safer, simply by proxy or by your newfound knowledge.
It will help you to make simple changes for the betterment of your time online, from switching to a new browser, but provide resources to those who’d like to learn more and go on an even more thorough privacy journey, such as how you can buy ‘spy free’ hardware. It explains a variety of terms — from cybersecurity concepts to password based to open source — in simple language. And it’s also not a bore to read — the opposite, actually.
The reason this book is so revolutionary is because, in my opinion (and I’m someone who really cares about this issue, if you couldn’t already tell haha)… this is a one of a kind resource. Like, sure, a lot of the tips in this could be found (in less accessible language) somewhere else. But what do I mean by that ‘somewhere else’? Most online privacy guides are either misinformed, out of date, or make exaggerated claims for advertising revenue. If they don’t check any of those boxes, they’re probably written for and by people who are nerds about this sort of topic, so they’ll probably be really difficult for the average person to understand. This is no joke — I spent a good amount of time trying to find easy to understand information about a lot of the concepts in this book before I’d read it, and I’d be browsing multiple websites, forums, etc, having to question the validity of each and try to understand the information on them. This book eradicated the need for any of that.
The closest equivalent I’ve found for this book is Extreme Privacy (that’s the title of the book). That book is more user friendly than some things I’ve read on the topic, but also less approachable than this book, due in part to the focus — extreme privacy. It has suggestions on how to completely drop off the grid, and the like, which present an approach that is interesting to read about but which is impractical for most people. Firewalls, on the other hand, is written by someone who understands that the average person isn’t usually going to want to run their own VPN network or switch to the same version of Linux used by hackers. The focus of this book is to help you make changes to your daily life that won’t disrupt your online life massively, but will give you peace of mind, better security and more anonymity and autonomy. The author is also aware that these changes can be a lot, particularly because of how connected we all are to the internet, and so each one is broken down carefully, with checklists, extra information at the end of each chapter for those who’d like to go further, and there are also stars that point you to the most important steps in the book that you should take.
My mother was genuinely intent on doing one of those online DNA tests until I used this book to explain why she shouldn’t (it’s just a really, really bad idea for so many reasons). And sure, I could’ve read some articles and helped her arrive at the same conclusion, but when I was explaining to someone else why they shouldn’t buy a Ring doorbell, this book was also a godsend for that. When I wanted to install Firefox on my brother’s laptop, this book was why he did so with me and why he continues to use it even though it’s more popular to use Chome. When I wanted to set up a password manager for myself, this book led me through it. When I need to quickly and effectively pitch the argument that online privacy and security do matter, this book uses a lot of great analogies that I just slip into the conversion. When I left school and had to migrate to a new cloud service, this book helped me to choose one where I hold the encryption keys, as well as explaining why exactly that’s something that matters. When we had to replace a baby monitor, of all things, I used this book to determine which ones we would and wouldn’t buy, since some would make our home WiFi easier to hack but wouldn’t advertise that, obviously. I could go on and on, but you get the idea. This book is always — and I don’t use superlatives like this lightly tbh — going to be useful to you and those around you too :)
I’m aware this sounds like a marketing pitch lol, but this isn’t an ARC or anything. I just really, really love this book, and it’s changed my life in measurable ways (my data is all backed up with actual privacy, my younger brother has never had any of his accounts online hacked or lost and he’s an anomaly in his class for that, I don’t rely on products that could compromise my and my family’s security, and I’m knowledgeable enough about this subject to casually educate others about it in layman’s terms). I would genuinely recommend it to anyone who uses the internet or some sort of technological device. It’s just… *that* comprehensive and useful. If you’re reading this, you probably don’t rely on most things as much as you rely on the internet and your devices. This book is, imo, the best gift you can give yourself in order to ensure that you’re in control of those things and that they (and the companies behind them) aren’t in control of you and your data.
Variations on a Theme is a superb piece by Johannes Brahms. Borrowing on that, In Firewalls Don't Stop Dragons: A Step-by-Step Guide to Computer Security for Non-Techies, author Corey Parker has written an interesting variation on the theme of security awareness. This is a good thing, as you pretty much can’t have too many security awareness books.
Parker has written a very helpful security awareness guide that readers can use to come up to speed. As the title implies, this is a step by step guide, and can be used to gain an understanding of the core areas around computer security.
Early on, Parker makes a simple observation that far too many people involved in security awareness fail to appreciate. That being most people have no frame of reference for computer security. It’s often far too abstract and far too technical for them. With that, he decided to use the method of using a castle as an analogy for security awareness - thus the title. He is certainly not the first nor the last to use a castle analogy, but it works here.
The book covers all of the core areas, including passwords, patching, safe surfing, parental guidelines, and much more. The book makes heavy use of screenshots, and is good for the reader who needs a lot of TLC.
There’s a few bits of advice I disagree with in the book. Parker is not a fan of fingerprint biometric authentication. He thinks that if the fingerprint image is compromised, then the user will have the fingerprint compromised for life. As there is no standard biometric identifier, even if for example the Apple Touch ID image was comprised, it’s not like it could be used to authenticate into another system.
Parker is also not a fan of anti-virus software and astutely writes of its limitations. Even with all of those limitations, for most users, it’s still much more beneficial for them to have anti-malware software installed, rather than forgo it and base their security on the other tactics described in the book. With that, this is a very helpful and easy to read guide that get help users get up to speed with all of the fundamentals of computer security.
For those looking for a guide to help them secure their computer, laptop, smartphone and more, but are command line apprehensive, Firewalls Don't Stop Dragons should be their go-to guide. And like the castle analogy, for those who need such a guide, Parker will be their information security knight in shining armor.
I work in IT, and I love it when procedures and documentation explain the “why” as well as the “how to” for the process I am doing.
As a long-time fan of the podcast, I felt it was time to get and read the book. And I was not disappointed! I thought I would know all the settings to tweak and what the values should be, but I was wrong.
I would recommend this book to Windows, Mac iPhone and Android users who are wondering if they should do more to protect their privacy. (The answer is “yes”, by the way)
This book will walk you through finding and changing the settings on your devices to improve your control over how much information you are giving away every time you go onto the Internet. You don’t have to flip every switch listed in the book, but you will know what they are and whether you want to flip it.
Respecto al tema de la ciberseguridad, soy un ciudadano interesado, mas no informado. Este libro me pareció una introducción adecuada al tema, especialmente porque más que detallar mecanismos en forma técnica, da instrucciones sobre cómo estar más seguro en la internets. Se lo recomendaría a todo el mundo, a pesar de sentir que esta misma información se puede encontrar desperdigada en blogs, podcasts y otros medios de la web.
Firewalls Don’t Stop Dragons is a premier handbook on a topic that affects all of us equally; the right to privacy. Carey does a great job keeping things simple and easy to understand. The book is so informative and has definitely changed the way I think about privacy and how it intersects with technology and the digital and physical world.
I would implore everyone to purchase this book and read it and implement the techniques within. In this digital age that we find ourselves in with countless data breaches and mishandling of our personal data as well as cyber security threats it remains paramount that we protect ourselves and our families. We have everything to protect.
I read this book in conjunction with a class taught by the author and highly recommend it to everyone, especially anyone who thinks privacy is not that big a deal. It’s written for non-techies and not hard to understand and keep up with. The “tips”at the end of each chapter are actually tasks that, when completed, will increase security, and perhaps even more importantly, privacy.
The book was written very well, with lots of examples, and provided a couple of things for me to correct. The book was written for the non-tech minded, so you will find it written from that point of view, but it was still very informative for anyone not extremely security minded. Great book, and recommend it to anyone trying to increase their personal digital security.
A very good non-techie introduction to contemporary computer security. The only downside is that this is a book where the checklists will become obsolete quickly as new versions of Windows and OS come out.