June 27, 2025 • 36 mins
Helpful episodes to listen to firstQuestions we answer in this episode
What are the 6 layers in the Bulletproof Stack Formula?
How are they grouped?
What are the most neglected layers?
Episode summaryThere are 6 types of layers we can review to help us build a Security Stack. They help us build redundancy into our Security Stack. Yes, that's a good thing! We want as many layers of defense as we can to keep the bad guys out.
We divide the 6 layers into 2 groups of 3. We have the solo layers: knowledge, skills, and habits.
And the team layers: people, tools and services.
Call to actionHelp me build a system that is going to work for you by sharing your thoughts. What layer do you feel like you depend on the most? The layers are: knowledge, skills, habits, people, tools, and services. Let me know on the forum.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Welcome to Super Simple Security Principles. I'm Nick Jackson and I want to love computers.
(00:07):
They don't love me back. I'm learning how to stay safe online from my good buddy and master
guardian Makani Mason. He wrote his first computer program at the age of six, sealing his fate as a
(00:28):
computer geek. That's it. He knows his stuff, folks. Now he spends his time teaching people
like me and you how to stay ahead of the digital threats we face and those bad guys.
He keeps it simple and we love it. Learn along with me each week. I'll ask the questions
(00:53):
and make sure he keeps it super relevant and super simple for us. If I can do it, you can do it too.
This is episode 69, Security Stacks, Six Layers. Okay, we've been given the four phases,
the five questions we need to ask ourselves today or we need to ask ourselves. Today,
(01:20):
we're going to be jumping into our Security Stacks and we're going to talk about teasers.
Some of the most neglected layers of Security Stacks. I'm teasing them. Pay attention to some
of these questions I'm about to read you for today's episode that we're going to be going
(01:40):
over because most neglected layers. This is the story. I'm going to share a quick story.
Can I geek out, Makani? Absolutely. Okay, so let me share a story of why I feel like layers
and especially when it comes to protection and security and things like that are so vital.
(02:07):
So, Makani, you know I'm a big skier, right? You know this.
Yep. And look, for those out there that have some of those
struggles mentally, you know like, man, I have to ski. Seasonal depression is brutal for me.
(02:27):
So, winter times, I got to get it in the mountains. I got to get some sunshine in.
Like, it's rejuvenating for me. So, that said, when it comes to skiing,
you have lots of layers to put on. Lots of layers, right? Like, dude, you have everything from
(02:48):
the additional clothes you're wearing. Like, I'm so lame. I'm getting
older. Like, I've got socks that have batteries in them that are actually heated.
I've got soles in the boots that are heated as well, you know. So, like, I've got multiple layers
that keep me warm, keep me safe from protected from the elements. But also, as you know,
(03:11):
I tend to get a little bit crazy skiing. Like, not a little bit, a lot of it. Like,
the crazier, the better, right? The bigger. Right?
Right? So, I wear a couple of braces and I also wear an impact little vest, right?
(03:34):
And a couple years ago, I was hitting a thick, sick drop. Like, this drop was gnarly. Like,
not only did I have time to think about what was happening while I was falling,
but, like, it took time to fall. Right? And I loved it. It was such a big drop that it took
(04:03):
a lot of energy out of my legs, right? So, I could only ski this run about three times and then
literally, even though I'd skied countless times that season, my legs would be exhausted. So,
my third run where I was skiing, I lost a ski in the air, dude. Right? You know the outcome.
(04:23):
I landed, made the decision to try and keep skiing. I did, but I couldn't slow down. Couldn't
slow my speed at that point in time. Just one ski. I'm not a good enough skier to slow myself down
with just the one ski. And I was head straight for a tree. So, I used my leg that had lost the ski
to try and brace for that impact. I literally drove my femur through my tibia plateau and split
(04:48):
it in half. Plate screws holding my leg together now. Right? It was brutal. Yes. The doctors
were amazed. They were blown away that, A, I didn't have a compound fracture. B,
that I was on the side of a mountain to where most people never go. Right? And the fact that
(05:16):
somehow, I'd gotten out of this canyon and gotten down to the hospital for help. And they're like,
how did you do this? And you must have been sitting there forever. And I was. Like,
when I was hurt, luckily, I was skiing with a buddy. So, I did have what I considered a layer
of protection. I went with someone else. I had a ski buddy there. Right? He was able to help me
(05:42):
at least try and put my leg at an angle that didn't make me so nauseated. Because I was
looking at the backside of my boot at this point in time. Because I had worn my braces that day,
it literally held those bones that quite honestly shattered. Held them together in a
(06:07):
way that none of them went flying, protruding from my skin. Leaving me with what would have
been an open compound fracture for quite honestly hours waiting for help. So, because I had worn
that layer, shout out to Bracelayer. Like, hey Bracelayer, you make a crazy awesome product.
(06:32):
Crazy awesome product. It held everything in place. Not only did it hold it in place,
but it was a neoprene one. It was warm enough that I knew that I was hurt pretty bad. So,
I was like, I gotta make sure I try and keep some of the inflammation out so that I don't start to
lose blood flow. So, this might sound like I know injuries too well. Maybe I do. So, I started
(07:01):
packing the outside layer, the most outer side layer of my ski pants with snow. Started packing
it. So, I packed my whole knee, surrounded it with snow and packed that snow in nice and tight.
So, I had this cold compress sitting on my knee, right? Yeah. It was all these layers that literally
(07:27):
A, saved my leg. B, quite honestly could have saved my life because I was protected in a way
that quite honestly, had I not had a brace on, different story, right? So, it took all these
layers of protection to survive the impact that I took. And so, we kind of toyed with some words
(07:57):
last episode and I wanted to bring those back. Make sure, hey, make sure we're remembering the
five questions and just those simple things. If you need to refresh, jump on, listen to them again.
We'd love to, you know, get your thoughts. But today, we're going to be talking about the six
(08:18):
layers and to me, this is going to be really, really important. So, Makani, where do we begin?
Long intro. Long story. Sorry, folks. Hope you enjoyed it. I can share pictures.
No worries. No, I appreciate it. Yeah, it is a good story and it's definitely a good illustration
of what we're trying to accomplish. Not only with today's episode, really, but I think about
(08:39):
the four phases as well because, you know, you wanted to avoid the problem, but you had a problem,
you had some good things to help you when the problem did happen and that sort of thing. And
that's kind of related to four phases. So, yeah, there's a lot of good things. But
what I'd say is, let's just start with naming them. Knowledge, skills, habits, people,
(09:03):
tools, and services. And, you know, these hopefully are mostly pretty familiar words. We'll, you know,
we'll walk through what they mean in the context of online security, but mostly they're the same
meanings and things you're going to be, you know, familiar with for the most part. And the idea is,
(09:24):
just like with the four phases, that, you know, as you walk through, you consider each of these
layer types. Because, again, you don't necessarily always have one in them, but I would think for
for most security stacks of any significant scope that you're going to have some in all six layers.
(09:46):
So, we'll see as we actually get into specifically building them with this
kind of, you know, framework in mind, right? Right. Right.
So, you know, one of the things, and this is, you know, you talk about geeking out earlier,
so that in the online security world, in the geek world, one of the main purposes
of multiple layers is what they call redundancy. Yeah. You know, in some settings, redundancy
(10:15):
you know, is wasteful, like a bad thing, you want to avoid it, right? Right. But,
obviously, there are some scenarios, and in the case of online security, when bad things are
happening, redundancy is your best friend, right? Yeah. Yeah. You know, in the real world, like if
one road is closed, it's nice to have another road that's open, right? And so, anyway, in online
(10:41):
security, redundancy is absolutely one of the best things that you can strive for. Right. Okay.
So, okay. So, then we break up the six layers into two groups of three. Okay. What I call the
solo layers and the team layers. Okay. Okay. Right. The solo layers are knowledge, skills,
(11:05):
and habits, and, you know, I call them that because they're changes that you make to yourself,
things you know, things you do, like, and I won't say that they're, you know, go back to our opening
question, the neglected, like they're, I wouldn't say they're necessarily the most important layers,
(11:25):
but I do feel like... They're just the overseen. Yeah. I tend, I feel like they tend to be the
most overlooked, right? Neglected. And I was thinking about this in terms of,
like, exercise and physical health. Okay. Yeah. Yeah. Yeah. Yeah. And that's where my brain
initially went. Okay. Because, you know, there's lots of tools or lots of things available to us,
(11:51):
dumbbells, treadmills, right? And all those are important, right? But it's also clear that
sleep, nutrition, good habits are also critical to physical health and, right? Nobody's really
going to argue that, obviously, overall. Right. Right. I think with online security, the personal
(12:12):
ones are overlooked because compared to physical health, it's obvious that, like, nobody can, like,
do the exercise for you. Nobody can eat right for you, get good sleep for you. Wouldn't that be nice?
Right. Well, exactly. I don't see, even in that, you know, your brain's like,
yeah, if somebody could just do it, right? And so, that's exactly where our brain goes with
(12:36):
online security. And the thing is, with online security, it can happen to some degree.
Right. Right. Like, there is some degree of protection that other people can just do for you.
Right. So, that's the other part of the allure to just the other things outside of yourself.
But, at the end of the day, there's also a lot that's just dependent on you. You're the one using
(13:00):
your device. You're the one, you know, clicking on things on your phone, reading it, doing, you know,
all these things. So, they're critical as well. Right. Right. Your knowledge, skills, and habits
are critical. Right. Yeah. So, type one, knowledge, layer, or type one, I'm kind of
(13:28):
calling them both, either layer or type, but they're layer types anyway. Yeah. With home networks,
we had a lot of these. And in general, you're going to have a lot of these. Okay. Right. Like,
there's just always a lot of basic things to understand about, you know, like with home
network, we talked about how, you know, a computer network functions, what a router is, what a
(13:53):
firewall is. And you just got to kind of start with some of these basic core concepts that once
you understand them, okay, that's our foundation, we can move on. And again, it's kind of obvious,
but I feel like it's a critical starting point to actually really acknowledge that there are
(14:13):
a few things we have to learn because our tendency is just give us the thing that'll fix it. Just,
you know, give me the piece of software on there. Don't tell me how it works. Don't tell me why I
need any of these things. Right. Like, I know this from teaching people over years. Just give me the
thing at the end. You might have just barely read my brain. I was like, yeah, exactly. I know.
(14:44):
But yeah, but it's vital. You know, often, again, you know,
can we say this one is kind of one that's overlooked?
Yeah, I think so a lot. I mean, you go look at guides. Yeah. And I mean, obviously,
teaching things, but when you look at guides of like, okay, here's the steps you walk through
(15:07):
to secure a device or to do, you know, here's the 10 most important security steps. Yeah,
there's almost never anything about like, actually learning anything, understanding anything built,
you know, developing the right skills, establishing the right habits. Right. And,
and that's a core part of what we're going to focus on is, is actually identifying, okay,
(15:30):
if you want to stay safe from phishing or whatever, these are the specific things,
you know, we're not going to leave it open. Like it's going to be a very, very tight,
specific chestlet. You need to understand this concept. You need to develop this skill. You need
to have this habit and, you know, try to have as small as possible. Right. We do want to help
people do it fast and effectively. But, you know, that doing and actually, in fact, in my opinion,
(15:56):
because there are things that you develop within yourself, these are the most, like they're the
biggest bang for your buck in the long term. Yeah. You know, because you learn something,
you develop a skill, you develop a habit. And even if things have to change a little bit,
technology changes, those are going to be the most persistent, the most sticky, you know,
(16:18):
have the most value long term. Tools are going to change. Other things are going to change.
You know, as we know, our software and hardware, I mean, they're constantly changing.
Constantly. Yeah. So anyway, yeah. And I'll just, I'll close with this part on the knowledge is
(16:39):
like, I mean, I've never considered myself much of a car guy. Okay. Right. And I've been the,
oh, I'm not going to bother learning anything. And I've, I mean, I've over the years, I regretted
that, you know, right. And like, I've seen the cost, like, and I still don't aspire to be a
mechanic. Right. I'm not expecting anybody to desire to be a computer programmer like I am,
(17:01):
but there's definitely kind of this, you know, 80, 20 sort of thing where I could, you know,
I could learn a little bit more and it would have been a really good investment of my time. Like I
would have gotten back more time and money than I invested up front. And that is definitely what
my goal here is with, with all that we do is yes, you're going to invest a little bit up front,
(17:23):
but even if you evaluate it in terms of your overall time, money, effort, headache, frustration,
pains, like it's going to actually be a net positive. It's going to save you time. It's
going to save you money. It's going to save you headache, but it's including this redundancy.
Right. Yeah. And here's where my brain went, just to digress a little bit, to go back to redundancy
(17:50):
and to emphasize the importance of all of this is, you know, my son is a very, very talented
pitcher, right. Very, very talented pitcher, plays a lot of baseball. That said,
he throws a lot. Like, and you'd think at this point in time, you know, having thrown
(18:13):
thousands upon thousands upon thousands of balls, it'd be pretty redundant, but there's still some
nuances he's still learning and working on and wanting to hone and get better at consistently.
Yeah. And, and I think that's one of the things that when you mentioned this, first mentioned it,
(18:33):
I thought, man, yeah, it really does. It helps you polish and hone your craft and hone those skills
and having that repetitive nature in there. Yeah. So, but that said, like, I like all of them. Like,
that's, you know. Yeah. Well, and one of the things that redundancy accomplishes in online security
(18:57):
is if they get through one layer of defense, there's still another layer that they have to
get past, you know. Oh, I like that. I like that. So, you know, if you got, if you got a castle,
say, and you got guards, you know, if you sneak past the guards, but the door's locked, you still
gotta lock, you know, pick that lock or scale the wall or whatever, you know, you had to get over
(19:18):
the moat first, whatever, right? Like that's another way to look at it. So, okay. So move on to
number two skills. Okay. And again, this is just a skill like in anything else, no special meaning
here. But if we look at home networks, the main skill that we discussed there, I would kind of
(19:41):
boil down to how do you make changes to your router? Yeah. Yeah. Right. And if you think about
it, like how many people out there, you know, listening, I don't know, I hope most do now,
but anyway, it's just an important skill. And, you know, one of the things is as technology
becomes more and more prevalent in our life, it's not like there's a lot of great basic computer
(20:07):
literacy education out there. Sure about that? Yeah. Well, and I know this is something like
you've been talking about for a long time, years. And, you know, when I help people, sometimes
it's some of these basics that, I mean, in order to stay safe, you've really got to,
(20:27):
you've got to understand some of the basics. And so we, you know, definitely part of what we want
to do is, is go, you know, as low down, so to speak, as fundamental skills in computer skills,
even stuff that doesn't necessarily feel really like online security exactly, but supports our
overall objectives of staying safe online. And, you know, sometimes anyway, so we'll be getting
(20:54):
into that as needed. Yeah. Okay. So type three habits. Okay. And we didn't really talk about
how it's a whole lot in our home network episodes that I can remember or find, but the way I would
phrase it here is like a habit worth having is when you add a new device to your home network
(21:18):
is, you know, considering the security implications. Okay. And that, and just for example, I mean,
this isn't the focus, this is just an example to give you, but like review the security settings,
for example, on any new device, because sadly the default ones are on us are often not the safest.
(21:39):
Right. I was going to say that kind of makes sense, right? Like default ones are not always
the safest. We've learned that through. Yeah. How many episodes now? I don't know if it makes sense.
It's sad to me, but yeah. It is sad. I should say that, but we've had a few of these episodes
now. Yeah. As much as I would love to say differently, hopefully even our listeners
(22:06):
know that unfortunately the default settings aren't always the safest settings. Yeah. Another
habit is, well, and related to this, when you do bring a device into your home or, you know,
if you have the guest network, can you, you know, restrict it to the guest network?
(22:27):
And another kind of, I kind of put this in the habit is anytime, you know, something's needed
where you have to make a change to your router because of, you know, bringing an Xbox into your
home or an Apple TV or, and it's needing something, like make sure you don't just make changes to your
router without understanding what the risks are to your home network in doing so. Gotcha. Right.
(22:53):
So that's kind of a habit of questioning. And that one's, that one is hard because,
you know, it could lead to more work or whatever, right? Like you don't want to put the blinders on
sometimes or whatever. Right. Does that make sense? We just want it to work. You want to
get to the end. You just want the thing to work and you shouldn't have to worry about, so to speak,
(23:18):
the security implications. Right. Right. Yeah. At least we wish we wouldn't have to, right?
I wish that was the case. Yeah. But things just aren't built enough with security in mind yet.
We're, we're so far from that. Right. So anyway, so that's the first, that's the first group of
(23:40):
skills or knowledge, skills, and habits. Those are the solo layers.
So the second group is the team layers, people, tools, and services. And this is,
I call these team layers because, you know, you're dependent on someone or something else.
(24:01):
Okay. Okay. That make sense? It makes total sense. Team layers is something that works as a team.
Yeah. And people, you know, is kind of my favorite one. It's the most fundamental,
most powerful. You know, you mentioned in your story, having a buddy with you.
And we talk about this one a lot. I will be forever talking about this one a lot
(24:25):
of having a protection partner. Yeah. Everybody needs one. The other kind of big one that I,
I humbly recommend for everyone is a guardian. People like me, but not just me. There are a lot
of other people who are trying to help, you know, other people stay safe online. Yeah. And so,
(24:48):
you know, for protection partner, it can be non-technical like we've talked about, whatever,
but you also need somebody who, for the technical questions, for that help, you need, you need that
resource as well. They don't have to be as immediately available, you know, but you need
somewhere that you can go to ask these questions. And I, and I want to be that for as many people
as I can. So yeah. And that's why we have the free online forum where anybody can come ask questions.
(25:16):
And then the last kind of people example is having a community, right. And I'm doing my
best to build a, ultimately it's not huge right now, but a huge diverse community of people
that can support each other in this journey. We can test out more services that way and give
(25:36):
feedback. There's just, there's a lot of really awesome things that with a big group of like-minded
people who all want to stay safe, like we can really make some impact in making
things safe for each other and for even all the people outside of the community.
(25:57):
Yeah. You know, so I'm really excited about, about that as well. And of course, back in the context
of SecuritySec, I get a little distracted about the big picture there, but you know,
they play important roles in each of these things where, well, we'll talk about the specifics in the
(26:21):
home network, but the most obvious one comes to mind, scams. Like when we've talked about
protection partner, you know, they're really, really good protection in that context of just
anytime you have a question, anything feels a little bit off, you run it by your protection
partner and that instantly, just talking to somebody else about it. You have somebody you
(26:41):
can talk about who's not going to judge you or think you're stupid for asking the question or
whatever is going to be huge protection. And that applies to so many places in online security.
So that's an example anyway. Well, and I think one important part of that too, is also to
take time to question, you know, is this valid, right? Like, or is this what you wanted, right?
(27:08):
Take, take some time to question that. Yeah. Oh, absolutely. Well, and so it's kind of
interesting because one of the key ideas with the protection partner is right. Obviously a
protection partner is not very useful if you don't have a habit of talking to that protection partner.
(27:28):
Right, right. So it's kind of a combination. You've got to have a habit, you've got to have
the protection partner. And so they're kind of synergistic, but part of the reason why I focus
so much on the protection partner itself is because doing that ahead of time and knowing
that you have that, that is going to make that habit so much easier to develop because you're
going to, your brain's going to be okay. I actually have somebody to reach out to because if you don't,
(27:52):
then you're just going to ignore that. You're not going to be as likely to question because you
don't have any place to go get that answer. So why bother asking the question? Yeah. And so that's
where I feel like you've got to start, but you've got to do it ahead of time before you have the
questions and help and work towards building that habit. So yeah. So I'm glad you interjected
(28:17):
there. So moving on to layer five, tools. And this is probably the most talked about
layer in general. This is your devices, your apps, software, security software.
And I think worth mentioning on their own is the settings, because this is a huge one. Settings
(28:41):
within those devices, within those apps are also, I put under the whole tool category, having
since we just finished talking about how default security settings are often lousy, you know? Right.
And usually the good news is there are a lot of tool options available to us.
(29:03):
With home networks, we talked about the settings on your router, the seven
specific ones, the inbound firewall, the outbound firewall, the guest network. I'd call all those
tools. Okay. That make sense? Yeah. Yeah. Makes sense. So I don't have to, I don't really
(29:26):
have anything else to say about that. I was going to say, I think tools even the lay
person gets, like me, you know, like my first thought was, oh, this is what we always hear about.
Get Norton. It'll save you from everything, you know? Yeah. Yeah. Well, and so closely related
is the final layer, type number six, services. And I kind of made this distinction because,
(29:49):
so one way to think about it is a service is like a tool, but it's in someone else's hands
beside your own. Okay. That's how I'm thinking about it. So for example, and we didn't talk
about this, I don't think we talked about any services with your home network, but
an example might be a VPN. Right. So a VPN is going to be both a tool and a service because,
(30:14):
you know, you have an app installed where you enable the VPN, right? So that's the tool part,
but it's also dependent on computers that are controlled by the VPN provider. And that's kind
of the service aspect. Gotcha. Right. Yeah. And then one that's just a service only that's really
common is like identity theft protection service, like from LifeLock or something, right? I mean,
(30:41):
you don't do anything, right? Right. You just get alerts. You pay them money and yeah, exactly. You
are still dependent on you. It's kind of like, anyway, and services are just, yeah, anyway.
Okay. So, and they, yeah, I don't know what else to say about that. There's just,
(31:03):
there's, I feel like it's helpful to break it down. Again, the whole point of all of these
is just to help us kind of explore and find all the different options. And so that's why I break
it down, I guess, actually stepping back is just, it's just to help us explore. Okay. So yeah. And
(31:27):
out of all of them, you know, services are probably going to be my least recommended in general,
simply because, you know, they're the most outside of your control, you know, just like we want to
focus on building on ourselves. We'd like to have as few dependencies on other external as we can,
obviously we're going to need some, so we don't avoid them entirely, but they're, I wouldn't say
(31:50):
a last resort exactly, but something akin to that. Right. Right. You know? Yeah. Yeah. So
one of the reasons why we haven't, you know, talked about recommending that protection service
yet either, you know, you've got to be really careful. The farther removed it is from you too,
(32:12):
the more you want to vet it and be sure that it really is a trustworthy, high quality service.
So that's the other aspect. So anyway, that's all, that's the six layers, the
knowledge, skills, habit are the sole layers, people, tools, and services are the team layers,
(32:36):
and those are the six. Nice. Let's go. That wasn't too bad. Okay. Good. Okay. What's our
call to action, man? What do we want to hear back? What's some good feedback we can solicit?
Yeah. So, right. This is the last one, probably. I anticipate doing this one, a call for help for now.
(33:01):
I think, you know, obviously, again, feedback on anything, but what I'm most kind of curious about
is which of these kinds of layers do you feel like you depend on the most? I'm just curious
which one different people go to, because I know that, you know, trends on the internet and stuff,
but I know individuals are going to look to different things in different ways. So I'm
(33:26):
just curious to see what that looks like. Yeah. Awesome. Come to the forum, share your thoughts
with any of this stuff with me, and I'd be very grateful. Dude, that's doable. Come to the forum.
(33:47):
Dude, do I get a tease in about next episode? Absolutely. Okay, look, you know me,
and you know, if I had my druthers, I would go back to a flip phone,
and, you know, literally have texts take forever, so you had to call for a phone call.
(34:11):
Right. But there is one thing about online that I really, really like,
and this is the one thing that I think everybody kind of likes, and that's online shopping. Dude,
I don't know what it is about me. Like, my wife and I love just window shopping
(34:36):
homes. Like, we're not buying them. We're just, like, looking at them. You know, we'll spend
plenty of time sending each other phones, you know, or sending each other texts.
Dude, check out this home. Whoa. You know, so I love online shopping, and so the question is,
(35:00):
where we begin, and your master guardian, Makani, he loves you so much that he decided
he's going to start our next series with none other than, that's right,
building an online shopping security stack. Yeah. Yeah. Let's go. Okay. This is big for me,
(35:25):
because I do, we purchase a lot online, so I'm excited to hear this. Guys, if you do any shopping
online, don't miss this next episode. You're going to want to hear it. Yeah, amen. I know,
one, you know, I'm with you on the online shopping, mostly because I hate going, you know,
driving to the stores and stuff, and yeah, I think it's pretty common these days that,
(35:49):
I mean, I've heard the stats on, like, how many people have an Amazon Prime,
you know, membership in America, and it's pretty high. Like, there's a lot, so
yeah, we'll see how many episodes we make this, because there is, there's a lot of stuff that
we could cover, and so we'll just see how much we decide to dive into, but I'm excited.
(36:17):
Yeah, me too. I'm super excited. So, dude, that was a great episode.
Are you ready to take action and wondering where to start? Get my Bulletproof My Identity
Starter Kit for free. The seven most vital layers of protection everyone needs. I'll send you one
(36:38):
step at a time and help you if you get stuck. Just go to bulletproofmyid.com and enter your
name and email, and I will send you the first step. Again, that's bulletproofmyid.com.
Welcome to Super Simple Security Principles. I'm Nick Jackson and I want to love computers.
(00:07):
They don't love me back. I'm learning how to stay safe online from my good buddy and master
guardian Makani Mason. He wrote his first computer program at the age of six, sealing his fate as a
(00:28):
computer geek. That's it. He knows his stuff, folks. Now he spends his time teaching people
like me and you how to stay ahead of the digital threats we face and those bad guys.
He keeps it simple and we love it. Learn along with me each week. I'll ask the questions
(00:53):
and make sure he keeps it super relevant and super simple for us. If I can do it, you can do it too.
This is episode 69, Security Stacks, Six Layers. Okay, we've been given the four phases,
the five questions we need to ask ourselves today or we need to ask ourselves. Today,
(01:20):
we're going to be jumping into our Security Stacks and we're going to talk about teasers.
Some of the most neglected layers of Security Stacks. I'm teasing them. Pay attention to some
of these questions I'm about to read you for today's episode that we're going to be going
(01:40):
over because most neglected layers. This is the story. I'm going to share a quick story.
Can I geek out, Makani? Absolutely. Okay, so let me share a story of why I feel like layers
and especially when it comes to protection and security and things like that are so vital.
(02:07):
So, Makani, you know I'm a big skier, right? You know this.
Yep. And look, for those out there that have some of those
struggles mentally, you know like, man, I have to ski. Seasonal depression is brutal for me.
(02:27):
So, winter times, I got to get it in the mountains. I got to get some sunshine in.
Like, it's rejuvenating for me. So, that said, when it comes to skiing,
you have lots of layers to put on. Lots of layers, right? Like, dude, you have everything from
(02:48):
the additional clothes you're wearing. Like, I'm so lame. I'm getting
older. Like, I've got socks that have batteries in them that are actually heated.
I've got soles in the boots that are heated as well, you know. So, like, I've got multiple layers
that keep me warm, keep me safe from protected from the elements. But also, as you know,
(03:11):
I tend to get a little bit crazy skiing. Like, not a little bit, a lot of it. Like,
the crazier, the better, right? The bigger. Right?
Right? So, I wear a couple of braces and I also wear an impact little vest, right?
(03:34):
And a couple years ago, I was hitting a thick, sick drop. Like, this drop was gnarly. Like,
not only did I have time to think about what was happening while I was falling,
but, like, it took time to fall. Right? And I loved it. It was such a big drop that it took
(04:03):
a lot of energy out of my legs, right? So, I could only ski this run about three times and then
literally, even though I'd skied countless times that season, my legs would be exhausted. So,
my third run where I was skiing, I lost a ski in the air, dude. Right? You know the outcome.
(04:23):
I landed, made the decision to try and keep skiing. I did, but I couldn't slow down. Couldn't
slow my speed at that point in time. Just one ski. I'm not a good enough skier to slow myself down
with just the one ski. And I was head straight for a tree. So, I used my leg that had lost the ski
to try and brace for that impact. I literally drove my femur through my tibia plateau and split
(04:48):
it in half. Plate screws holding my leg together now. Right? It was brutal. Yes. The doctors
were amazed. They were blown away that, A, I didn't have a compound fracture. B,
that I was on the side of a mountain to where most people never go. Right? And the fact that
(05:16):
somehow, I'd gotten out of this canyon and gotten down to the hospital for help. And they're like,
how did you do this? And you must have been sitting there forever. And I was. Like,
when I was hurt, luckily, I was skiing with a buddy. So, I did have what I considered a layer
of protection. I went with someone else. I had a ski buddy there. Right? He was able to help me
(05:42):
at least try and put my leg at an angle that didn't make me so nauseated. Because I was
looking at the backside of my boot at this point in time. Because I had worn my braces that day,
it literally held those bones that quite honestly shattered. Held them together in a
(06:07):
way that none of them went flying, protruding from my skin. Leaving me with what would have
been an open compound fracture for quite honestly hours waiting for help. So, because I had worn
that layer, shout out to Bracelayer. Like, hey Bracelayer, you make a crazy awesome product.
(06:32):
Crazy awesome product. It held everything in place. Not only did it hold it in place,
but it was a neoprene one. It was warm enough that I knew that I was hurt pretty bad. So,
I was like, I gotta make sure I try and keep some of the inflammation out so that I don't start to
lose blood flow. So, this might sound like I know injuries too well. Maybe I do. So, I started
(07:01):
packing the outside layer, the most outer side layer of my ski pants with snow. Started packing
it. So, I packed my whole knee, surrounded it with snow and packed that snow in nice and tight.
So, I had this cold compress sitting on my knee, right? Yeah. It was all these layers that literally
(07:27):
A, saved my leg. B, quite honestly could have saved my life because I was protected in a way
that quite honestly, had I not had a brace on, different story, right? So, it took all these
layers of protection to survive the impact that I took. And so, we kind of toyed with some words
(07:57):
last episode and I wanted to bring those back. Make sure, hey, make sure we're remembering the
five questions and just those simple things. If you need to refresh, jump on, listen to them again.
We'd love to, you know, get your thoughts. But today, we're going to be talking about the six
(08:18):
layers and to me, this is going to be really, really important. So, Makani, where do we begin?
Long intro. Long story. Sorry, folks. Hope you enjoyed it. I can share pictures.
No worries. No, I appreciate it. Yeah, it is a good story and it's definitely a good illustration
of what we're trying to accomplish. Not only with today's episode, really, but I think about
(08:39):
the four phases as well because, you know, you wanted to avoid the problem, but you had a problem,
you had some good things to help you when the problem did happen and that sort of thing. And
that's kind of related to four phases. So, yeah, there's a lot of good things. But
what I'd say is, let's just start with naming them. Knowledge, skills, habits, people,
(09:03):
tools, and services. And, you know, these hopefully are mostly pretty familiar words. We'll, you know,
we'll walk through what they mean in the context of online security, but mostly they're the same
meanings and things you're going to be, you know, familiar with for the most part. And the idea is,
(09:24):
just like with the four phases, that, you know, as you walk through, you consider each of these
layer types. Because, again, you don't necessarily always have one in them, but I would think for
for most security stacks of any significant scope that you're going to have some in all six layers.
(09:46):
So, we'll see as we actually get into specifically building them with this
kind of, you know, framework in mind, right? Right. Right.
So, you know, one of the things, and this is, you know, you talk about geeking out earlier,
so that in the online security world, in the geek world, one of the main purposes
of multiple layers is what they call redundancy. Yeah. You know, in some settings, redundancy
(10:15):
you know, is wasteful, like a bad thing, you want to avoid it, right? Right. But,
obviously, there are some scenarios, and in the case of online security, when bad things are
happening, redundancy is your best friend, right? Yeah. Yeah. You know, in the real world, like if
one road is closed, it's nice to have another road that's open, right? And so, anyway, in online
(10:41):
security, redundancy is absolutely one of the best things that you can strive for. Right. Okay.
So, okay. So, then we break up the six layers into two groups of three. Okay. What I call the
solo layers and the team layers. Okay. Okay. Right. The solo layers are knowledge, skills,
(11:05):
and habits, and, you know, I call them that because they're changes that you make to yourself,
things you know, things you do, like, and I won't say that they're, you know, go back to our opening
question, the neglected, like they're, I wouldn't say they're necessarily the most important layers,
(11:25):
but I do feel like... They're just the overseen. Yeah. I tend, I feel like they tend to be the
most overlooked, right? Neglected. And I was thinking about this in terms of,
like, exercise and physical health. Okay. Yeah. Yeah. Yeah. Yeah. And that's where my brain
initially went. Okay. Because, you know, there's lots of tools or lots of things available to us,
(11:51):
dumbbells, treadmills, right? And all those are important, right? But it's also clear that
sleep, nutrition, good habits are also critical to physical health and, right? Nobody's really
going to argue that, obviously, overall. Right. Right. I think with online security, the personal
(12:12):
ones are overlooked because compared to physical health, it's obvious that, like, nobody can, like,
do the exercise for you. Nobody can eat right for you, get good sleep for you. Wouldn't that be nice?
Right. Well, exactly. I don't see, even in that, you know, your brain's like,
yeah, if somebody could just do it, right? And so, that's exactly where our brain goes with
(12:36):
online security. And the thing is, with online security, it can happen to some degree.
Right. Right. Like, there is some degree of protection that other people can just do for you.
Right. So, that's the other part of the allure to just the other things outside of yourself.
But, at the end of the day, there's also a lot that's just dependent on you. You're the one using
(13:00):
your device. You're the one, you know, clicking on things on your phone, reading it, doing, you know,
all these things. So, they're critical as well. Right. Right. Your knowledge, skills, and habits
are critical. Right. Yeah. So, type one, knowledge, layer, or type one, I'm kind of
(13:28):
calling them both, either layer or type, but they're layer types anyway. Yeah. With home networks,
we had a lot of these. And in general, you're going to have a lot of these. Okay. Right. Like,
there's just always a lot of basic things to understand about, you know, like with home
network, we talked about how, you know, a computer network functions, what a router is, what a
(13:53):
firewall is. And you just got to kind of start with some of these basic core concepts that once
you understand them, okay, that's our foundation, we can move on. And again, it's kind of obvious,
but I feel like it's a critical starting point to actually really acknowledge that there are
(14:13):
a few things we have to learn because our tendency is just give us the thing that'll fix it. Just,
you know, give me the piece of software on there. Don't tell me how it works. Don't tell me why I
need any of these things. Right. Like, I know this from teaching people over years. Just give me the
thing at the end. You might have just barely read my brain. I was like, yeah, exactly. I know.
(14:44):
But yeah, but it's vital. You know, often, again, you know,
can we say this one is kind of one that's overlooked?
Yeah, I think so a lot. I mean, you go look at guides. Yeah. And I mean, obviously,
teaching things, but when you look at guides of like, okay, here's the steps you walk through
(15:07):
to secure a device or to do, you know, here's the 10 most important security steps. Yeah,
there's almost never anything about like, actually learning anything, understanding anything built,
you know, developing the right skills, establishing the right habits. Right. And,
and that's a core part of what we're going to focus on is, is actually identifying, okay,
(15:30):
if you want to stay safe from phishing or whatever, these are the specific things,
you know, we're not going to leave it open. Like it's going to be a very, very tight,
specific chestlet. You need to understand this concept. You need to develop this skill. You need
to have this habit and, you know, try to have as small as possible. Right. We do want to help
people do it fast and effectively. But, you know, that doing and actually, in fact, in my opinion,
(15:56):
because there are things that you develop within yourself, these are the most, like they're the
biggest bang for your buck in the long term. Yeah. You know, because you learn something,
you develop a skill, you develop a habit. And even if things have to change a little bit,
technology changes, those are going to be the most persistent, the most sticky, you know,
(16:18):
have the most value long term. Tools are going to change. Other things are going to change.
You know, as we know, our software and hardware, I mean, they're constantly changing.
Constantly. Yeah. So anyway, yeah. And I'll just, I'll close with this part on the knowledge is
(16:39):
like, I mean, I've never considered myself much of a car guy. Okay. Right. And I've been the,
oh, I'm not going to bother learning anything. And I've, I mean, I've over the years, I regretted
that, you know, right. And like, I've seen the cost, like, and I still don't aspire to be a
mechanic. Right. I'm not expecting anybody to desire to be a computer programmer like I am,
(17:01):
but there's definitely kind of this, you know, 80, 20 sort of thing where I could, you know,
I could learn a little bit more and it would have been a really good investment of my time. Like I
would have gotten back more time and money than I invested up front. And that is definitely what
my goal here is with, with all that we do is yes, you're going to invest a little bit up front,
(17:23):
but even if you evaluate it in terms of your overall time, money, effort, headache, frustration,
pains, like it's going to actually be a net positive. It's going to save you time. It's
going to save you money. It's going to save you headache, but it's including this redundancy.
Right. Yeah. And here's where my brain went, just to digress a little bit, to go back to redundancy
(17:50):
and to emphasize the importance of all of this is, you know, my son is a very, very talented
pitcher, right. Very, very talented pitcher, plays a lot of baseball. That said,
he throws a lot. Like, and you'd think at this point in time, you know, having thrown
(18:13):
thousands upon thousands upon thousands of balls, it'd be pretty redundant, but there's still some
nuances he's still learning and working on and wanting to hone and get better at consistently.
Yeah. And, and I think that's one of the things that when you mentioned this, first mentioned it,
(18:33):
I thought, man, yeah, it really does. It helps you polish and hone your craft and hone those skills
and having that repetitive nature in there. Yeah. So, but that said, like, I like all of them. Like,
that's, you know. Yeah. Well, and one of the things that redundancy accomplishes in online security
(18:57):
is if they get through one layer of defense, there's still another layer that they have to
get past, you know. Oh, I like that. I like that. So, you know, if you got, if you got a castle,
say, and you got guards, you know, if you sneak past the guards, but the door's locked, you still
gotta lock, you know, pick that lock or scale the wall or whatever, you know, you had to get over
(19:18):
the moat first, whatever, right? Like that's another way to look at it. So, okay. So move on to
number two skills. Okay. And again, this is just a skill like in anything else, no special meaning
here. But if we look at home networks, the main skill that we discussed there, I would kind of
(19:41):
boil down to how do you make changes to your router? Yeah. Yeah. Right. And if you think about
it, like how many people out there, you know, listening, I don't know, I hope most do now,
but anyway, it's just an important skill. And, you know, one of the things is as technology
becomes more and more prevalent in our life, it's not like there's a lot of great basic computer
(20:07):
literacy education out there. Sure about that? Yeah. Well, and I know this is something like
you've been talking about for a long time, years. And, you know, when I help people, sometimes
it's some of these basics that, I mean, in order to stay safe, you've really got to,
(20:27):
you've got to understand some of the basics. And so we, you know, definitely part of what we want
to do is, is go, you know, as low down, so to speak, as fundamental skills in computer skills,
even stuff that doesn't necessarily feel really like online security exactly, but supports our
overall objectives of staying safe online. And, you know, sometimes anyway, so we'll be getting
(20:54):
into that as needed. Yeah. Okay. So type three habits. Okay. And we didn't really talk about
how it's a whole lot in our home network episodes that I can remember or find, but the way I would
phrase it here is like a habit worth having is when you add a new device to your home network
(21:18):
is, you know, considering the security implications. Okay. And that, and just for example, I mean,
this isn't the focus, this is just an example to give you, but like review the security settings,
for example, on any new device, because sadly the default ones are on us are often not the safest.
(21:39):
Right. I was going to say that kind of makes sense, right? Like default ones are not always
the safest. We've learned that through. Yeah. How many episodes now? I don't know if it makes sense.
It's sad to me, but yeah. It is sad. I should say that, but we've had a few of these episodes
now. Yeah. As much as I would love to say differently, hopefully even our listeners
(22:06):
know that unfortunately the default settings aren't always the safest settings. Yeah. Another
habit is, well, and related to this, when you do bring a device into your home or, you know,
if you have the guest network, can you, you know, restrict it to the guest network?
(22:27):
And another kind of, I kind of put this in the habit is anytime, you know, something's needed
where you have to make a change to your router because of, you know, bringing an Xbox into your
home or an Apple TV or, and it's needing something, like make sure you don't just make changes to your
router without understanding what the risks are to your home network in doing so. Gotcha. Right.
(22:53):
So that's kind of a habit of questioning. And that one's, that one is hard because,
you know, it could lead to more work or whatever, right? Like you don't want to put the blinders on
sometimes or whatever. Right. Does that make sense? We just want it to work. You want to
get to the end. You just want the thing to work and you shouldn't have to worry about, so to speak,
(23:18):
the security implications. Right. Right. Yeah. At least we wish we wouldn't have to, right?
I wish that was the case. Yeah. But things just aren't built enough with security in mind yet.
We're, we're so far from that. Right. So anyway, so that's the first, that's the first group of
(23:40):
skills or knowledge, skills, and habits. Those are the solo layers.
So the second group is the team layers, people, tools, and services. And this is,
I call these team layers because, you know, you're dependent on someone or something else.
(24:01):
Okay. Okay. That make sense? It makes total sense. Team layers is something that works as a team.
Yeah. And people, you know, is kind of my favorite one. It's the most fundamental,
most powerful. You know, you mentioned in your story, having a buddy with you.
And we talk about this one a lot. I will be forever talking about this one a lot
(24:25):
of having a protection partner. Yeah. Everybody needs one. The other kind of big one that I,
I humbly recommend for everyone is a guardian. People like me, but not just me. There are a lot
of other people who are trying to help, you know, other people stay safe online. Yeah. And so,
(24:48):
you know, for protection partner, it can be non-technical like we've talked about, whatever,
but you also need somebody who, for the technical questions, for that help, you need, you need that
resource as well. They don't have to be as immediately available, you know, but you need
somewhere that you can go to ask these questions. And I, and I want to be that for as many people
as I can. So yeah. And that's why we have the free online forum where anybody can come ask questions.
(25:16):
And then the last kind of people example is having a community, right. And I'm doing my
best to build a, ultimately it's not huge right now, but a huge diverse community of people
that can support each other in this journey. We can test out more services that way and give
(25:36):
feedback. There's just, there's a lot of really awesome things that with a big group of like-minded
people who all want to stay safe, like we can really make some impact in making
things safe for each other and for even all the people outside of the community.
(25:57):
Yeah. You know, so I'm really excited about, about that as well. And of course, back in the context
of SecuritySec, I get a little distracted about the big picture there, but you know,
they play important roles in each of these things where, well, we'll talk about the specifics in the
(26:21):
home network, but the most obvious one comes to mind, scams. Like when we've talked about
protection partner, you know, they're really, really good protection in that context of just
anytime you have a question, anything feels a little bit off, you run it by your protection
partner and that instantly, just talking to somebody else about it. You have somebody you
(26:41):
can talk about who's not going to judge you or think you're stupid for asking the question or
whatever is going to be huge protection. And that applies to so many places in online security.
So that's an example anyway. Well, and I think one important part of that too, is also to
take time to question, you know, is this valid, right? Like, or is this what you wanted, right?
(27:08):
Take, take some time to question that. Yeah. Oh, absolutely. Well, and so it's kind of
interesting because one of the key ideas with the protection partner is right. Obviously a
protection partner is not very useful if you don't have a habit of talking to that protection partner.
(27:28):
Right, right. So it's kind of a combination. You've got to have a habit, you've got to have
the protection partner. And so they're kind of synergistic, but part of the reason why I focus
so much on the protection partner itself is because doing that ahead of time and knowing
that you have that, that is going to make that habit so much easier to develop because you're
going to, your brain's going to be okay. I actually have somebody to reach out to because if you don't,
(27:52):
then you're just going to ignore that. You're not going to be as likely to question because you
don't have any place to go get that answer. So why bother asking the question? Yeah. And so that's
where I feel like you've got to start, but you've got to do it ahead of time before you have the
questions and help and work towards building that habit. So yeah. So I'm glad you interjected
(28:17):
there. So moving on to layer five, tools. And this is probably the most talked about
layer in general. This is your devices, your apps, software, security software.
And I think worth mentioning on their own is the settings, because this is a huge one. Settings
(28:41):
within those devices, within those apps are also, I put under the whole tool category, having
since we just finished talking about how default security settings are often lousy, you know? Right.
And usually the good news is there are a lot of tool options available to us.
(29:03):
With home networks, we talked about the settings on your router, the seven
specific ones, the inbound firewall, the outbound firewall, the guest network. I'd call all those
tools. Okay. That make sense? Yeah. Yeah. Makes sense. So I don't have to, I don't really
(29:26):
have anything else to say about that. I was going to say, I think tools even the lay
person gets, like me, you know, like my first thought was, oh, this is what we always hear about.
Get Norton. It'll save you from everything, you know? Yeah. Yeah. Well, and so closely related
is the final layer, type number six, services. And I kind of made this distinction because,
(29:49):
so one way to think about it is a service is like a tool, but it's in someone else's hands
beside your own. Okay. That's how I'm thinking about it. So for example, and we didn't talk
about this, I don't think we talked about any services with your home network, but
an example might be a VPN. Right. So a VPN is going to be both a tool and a service because,
(30:14):
you know, you have an app installed where you enable the VPN, right? So that's the tool part,
but it's also dependent on computers that are controlled by the VPN provider. And that's kind
of the service aspect. Gotcha. Right. Yeah. And then one that's just a service only that's really
common is like identity theft protection service, like from LifeLock or something, right? I mean,
(30:41):
you don't do anything, right? Right. You just get alerts. You pay them money and yeah, exactly. You
are still dependent on you. It's kind of like, anyway, and services are just, yeah, anyway.
Okay. So, and they, yeah, I don't know what else to say about that. There's just,
(31:03):
there's, I feel like it's helpful to break it down. Again, the whole point of all of these
is just to help us kind of explore and find all the different options. And so that's why I break
it down, I guess, actually stepping back is just, it's just to help us explore. Okay. So yeah. And
(31:27):
out of all of them, you know, services are probably going to be my least recommended in general,
simply because, you know, they're the most outside of your control, you know, just like we want to
focus on building on ourselves. We'd like to have as few dependencies on other external as we can,
obviously we're going to need some, so we don't avoid them entirely, but they're, I wouldn't say
(31:50):
a last resort exactly, but something akin to that. Right. Right. You know? Yeah. Yeah. So
one of the reasons why we haven't, you know, talked about recommending that protection service
yet either, you know, you've got to be really careful. The farther removed it is from you too,
(32:12):
the more you want to vet it and be sure that it really is a trustworthy, high quality service.
So that's the other aspect. So anyway, that's all, that's the six layers, the
knowledge, skills, habit are the sole layers, people, tools, and services are the team layers,
(32:36):
and those are the six. Nice. Let's go. That wasn't too bad. Okay. Good. Okay. What's our
call to action, man? What do we want to hear back? What's some good feedback we can solicit?
Yeah. So, right. This is the last one, probably. I anticipate doing this one, a call for help for now.
(33:01):
I think, you know, obviously, again, feedback on anything, but what I'm most kind of curious about
is which of these kinds of layers do you feel like you depend on the most? I'm just curious
which one different people go to, because I know that, you know, trends on the internet and stuff,
but I know individuals are going to look to different things in different ways. So I'm
(33:26):
just curious to see what that looks like. Yeah. Awesome. Come to the forum, share your thoughts
with any of this stuff with me, and I'd be very grateful. Dude, that's doable. Come to the forum.
(33:47):
Dude, do I get a tease in about next episode? Absolutely. Okay, look, you know me,
and you know, if I had my druthers, I would go back to a flip phone,
and, you know, literally have texts take forever, so you had to call for a phone call.
(34:11):
Right. But there is one thing about online that I really, really like,
and this is the one thing that I think everybody kind of likes, and that's online shopping. Dude,
I don't know what it is about me. Like, my wife and I love just window shopping
(34:36):
homes. Like, we're not buying them. We're just, like, looking at them. You know, we'll spend
plenty of time sending each other phones, you know, or sending each other texts.
Dude, check out this home. Whoa. You know, so I love online shopping, and so the question is,
(35:00):
where we begin, and your master guardian, Makani, he loves you so much that he decided
he's going to start our next series with none other than, that's right,
building an online shopping security stack. Yeah. Yeah. Let's go. Okay. This is big for me,
(35:25):
because I do, we purchase a lot online, so I'm excited to hear this. Guys, if you do any shopping
online, don't miss this next episode. You're going to want to hear it. Yeah, amen. I know,
one, you know, I'm with you on the online shopping, mostly because I hate going, you know,
driving to the stores and stuff, and yeah, I think it's pretty common these days that,
(35:49):
I mean, I've heard the stats on, like, how many people have an Amazon Prime,
you know, membership in America, and it's pretty high. Like, there's a lot, so
yeah, we'll see how many episodes we make this, because there is, there's a lot of stuff that
we could cover, and so we'll just see how much we decide to dive into, but I'm excited.
(36:17):
Yeah, me too. I'm super excited. So, dude, that was a great episode.
Are you ready to take action and wondering where to start? Get my Bulletproof My Identity
Starter Kit for free. The seven most vital layers of protection everyone needs. I'll send you one
(36:38):
step at a time and help you if you get stuck. Just go to bulletproofmyid.com and enter your
name and email, and I will send you the first step. Again, that's bulletproofmyid.com.
Popular Podcasts
United States of Kennedy
United States of Kennedy is a podcast about our cultural fascination with the Kennedy dynasty. Every week, hosts Lyra Smith and George Civeris go into one aspect of the Kennedy story.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com