Mark hears that Public Wifi may not be safe. Is that true? Leo says yes and no. When we're on a public network, people can see our connection. We can see other people's computers in our browser. We may not be able to see everything, but a hacker can use what's called a "WiFi pineapple." So there is a potential risk. But with a secure connection via HTTPS, they can't really see anything. That's why Google is pushing hard for every website to be https. That's why it's Leo's opinion that we're mostly safe. When in doubt, just use a virtual private network while on a public wifi.
Gordon is in the hospital, and wants to know if their public wifi is safe or should he use a VPN? Leo says that if it's using a wide-open network, then anyone can log in. It's a shared, public network. There are some risks, but your banking is safe because it's encrypted. The one thing to worry about is a "man in the middle" attack. Hospitals with public wifis could give the hospital the ability to watch what you do. That's when a VPN can come in handy. It will encrypt all traffic, by burrowing an encrypted tunnel to the internet.
Bobby encrypted his backup, and he uploaded it to Carbonite. But he couldn't because it was encrypted. He used Mac's FileVault. Leo says that encrypting is a good idea, but after you've uploaded it, it's encrypted, so it's redundant, actually. The thinking is that if you encrypt it, and need one file, you'd have to download the entire backup in order to get it. But Leo says that if you're logged in, then it's unencrypted through the Mac. Carbonite needs an unencrypted backup in order to do incremental backups. And in doing so, they keep your data encrypted on their end.
The caller wants to know if backing up data to DropBox is secure? He's worried that backup companies have access to his sensitive data. Leo says he can encrypt the data, and he alone has the keys to that. So if he loses it, he's out of luck. DropBox will accept secure encrypted data. If he's looking for a cloud-based encryption backup option, SpiderOak is an option, though it's a bit clunky. VeraCrypt is another.
Australia has recently passed a bill that would require companies like Signal and 1Password to provide the government with user messages and data upon request. Many companies that offer encrypted communications, however, don't have access to that information themselves because it uses end-to-end encryption. But now that sort of encryption technology is illegal in Australia without a 'back door' being put in. If there is a back door, then access to that data isn't just available to the government, it could be available to any hacker as well.
Parliament in Australia is pushing through an anti-encryption law that will make it not only illegal to use encrypted communications, but will also give law enforcement and other government authorities the power to use malware to crack an encrypted network. Leo says it will endanger the security of anyone using an online service and obvious violates an individual's privacy rights. Russia has a similar law, as does England.
John is worried about security on his new Windows laptop. Leo says to follow the archonym "UPDATE":
Leo says whenever he's on communal Wi-Fi, as he will be on the cruise, a hotel, or a coffee shop, everyone's on the same network. Nowadays, places like these are getting better about making it more secure, and it isn't as risky as it used to be. But there is a potential risk that someone else on that network could snoop on him. Whenever he's using email, shopping on Amazon, or banking, all of that traffic is already encrypted. Leo thinks using a VPN on cruise ship Wi-Fi would probably slow his connection down to a point where he wouldn't be able to stream content online.
When you get a new router, there are a few things you can do to make sure it's set up securely.
The first thing you'll do is connect it to your computer and check the manual to find out how to configure it.
Once it's connected to your computer, you'll use the browser to navigate to a special address as instructed in the manual. It should be something like 192.168.1.1. This will take you to the login screen for the router.
Does Richard have to create a VPN to set up his DNS settings? Leo says no. DNS is essentially the phone book that the internet uses to look your address up. You don't use a VPN for that. VPNs are for encrypted net traffic. OpenDNS is the best DNS that Leo likes. CloudFlare is another. Quad Nine. Google even has a secure DNS. All are great if you're concerned about privacy, as it allows you to filter traffic at the router level. Log into your router, look for the DNS settings, and input the DNS address of your DNS server.