Ted put Linux on an old Vista Machine, but when he went to use the app Turbo Tax online, it said that it wouldn't support Linux. Leo says to try the Chromium browser in Linux. It's more open source. But being a standard web app, it should work regardless. Is it secure? Leo says it is, but it's not 100% flawless. It does have the benefit of being obscure, though. Hackers want to go after the most people, and open source is such a small segment that it's relatively off their radar. Certainly more secure than Windows Vista.
Brad accidentally downloaded some malware, but he can't find it to remove it. Leo says downloading a file is only half the equation. He then would have to run it. Since he can't find it, even in his download log, it's likely it was a failed download. On top of that, Brad runs a Mac, so he's even more secure than Windows. But he should always make sure he keeps his computer updated, just in case.
Kasperky AntiVirus was caught in the middle of a battle between the company's owners, and the Russian Security Services government agency. The company lost and now the Russians are now in charge of the Kaspersky Security Network. Leo says that he hasn't recommended Kaspersky for awhile now and even the US Federal Government recommends not using it because of the potential for spying. But it's more than a potential espionage tool, as there's a hole in the Kaspersky Network that would allow an employee of the company, or a hacker to snoop into your system.
With the now infamous Spectre and Meltdown processor flaws affecting every intel based computer for the last ten years, Intel pushed out a fast fix to plug the holes. Now they're saying not to use it. It seems that some computers will get stuck in a reboot loop. So the cure is worse than the disease. To date, there's been no evidence that the Spectre and Meltdown flaws have been exploited, so Leo is wondering if the right advice is to do nothing at all. At least until a new fix has been released, or that malware shows up that will take advantage of it.
According to a recent study funded by Google, 15% of users have reported that their email or social media account was taken over due to phishing scams. Leo says that over 25 million users were bit by an email phishing scam, while about 35,000 were victim to keystroke loggers. Leo says that this is the season for scams and that users may get emails from the "IRS" or even phone calls demanding personal information. It's always a scam and users shouldn't fall for it.
Bernie wants to know about antivirus. What does he need? Leo says that Microsoft's free version that comes with Windows will do the job just as good as any other, and it's free. But it can't stop zero day exploits. So his number one line of defense is his own behavior online.
Lex uses Windows Defender, but he came across a thumb drive and wants to check it to see if it's safe to use. Leo says he really can't. If he plugs it in, and it's infected, it will compromise his system. Firmware can be modified on a thumb drive to contain malware as a payload, and it's undetectable. The worse part is not one USB drive manufacturer has done anything to correct the bug. Wired has a story on it.
Tony wants to know how to check to be sure the ISO of open source software is legit. Leo says that an ISO is found to be legit by signing. A hash has to be generated in order to provide proof of a legitimate ISO. If the ISO has changed, then the hash would be modified. There's also a signing key, which is based on GPG encryption. It has to be authenticated by the developers of the software.
Anne got an HP Envy wireless printer. Can she use it with an XP Machine? She keeps getting a popup asking for a driver update for something called "Slim Cleaner." Leo says that XP is a security issue because Microsoft has stopped supporting it. There are no fixes for it, and newer hardware won't work quite right with it because manufacturers don't expect people to use it with such old computers. Leo would not recommend banking on an XP machine. When she bought Slim Cleaner, someone actually took over her computer as well. So now there's no way to know exactly what they may have done.
Cheryl wants to know if she can get infected by HTML email. Leo says yes. That's why she has to be careful what links she clicks on. But since she's using an iPad, she's protected. She can't get infected on that. Apple's iOS is very secure. But it's always a good idea to train herself not to click on links. If she gets an email from her bank for instance, she should just go to her browser and go directly to the bank's website.