George wants to know if he should update his Java? Is it OK to update? Jason says that it's often OK to ignore them, but if it's an important security update, or if it's required for him to use a website, then it's a good idea to stay updated. It's definitely safer security wise to do so. But Jason also recommends getting rid of Java altogether. When in doubt, though, always go directly to Oracle to get updates. That way he'll know it's always official.
Tom wants to add a security camera to his home. He wants to know which one to get and how secure they are. Can they be hacked? Leo says that there's a lot of concern over the "internet of things," which includes cameras. They don't get updated very often. Foscam made cameras that were easily hackable, so Leo suggests not getting them. He won't want to get the low end, off brand stuff either. It won't be secure.
Caleb wants to know if it's safe to use the same password across different web accounts. Leo says no, because once one site gets hacked, they can use that password information to guess the passwords for other sites. Many do this, and it's how the Turkish Crime Family was able to hack over a million iCloud accounts. Password vaults make different passwords for every site and you have only one password to open the vault. But that's not on the internet anywhere, he'd just remember that. It's much safer that way.
Brian has tried several password vaults and he finds them all inconvenient. His frustration is that using his mobile device doesn't always work so well. He ended up on LastPass. Is that a good choice? Leo says yes. It's the one he uses. 1Password is another one, and it has the advantage of being able to save the vault somewhere else.
Jim is about to go on a river cruise and he's concerned with security when using Wi-Fi on the ship. Leo advises using the Tiny Hardware Firewall. It's a hardware firewall that can protect up to five devices because it uses a built in VPN that protects him. It will slow it down a bit, and the internet is slow on those cruise Wi-Fi hotspots, but it will keep him clean from the last mile.
Tom wants to make sure his wireless router is secure. Leo says the only thing Tom really needs to do is turn on WPA2 encryption. It's in the router setup, which can usually be accessed at 192.168.1.1. He should turn on WPA2 and give it a password that isn't obvious. Once that's turned on, all the traffic is encrypted.
David wants to know about Tunnel Bear. Leo says that Tunnel Bear is a virtual private network or VPN, which essentially burrows a digital secure tunnel in the internet. Is it secure enough to bank with or should he just trust "https"? Leo says both are very similar. The difference is that https activity cannot be seen by anyone, but they can see that he's been online. It can also be probed, whereas VPNs are tunnels that encrypt all of the traffic. no one could see anything. It's more security, but similar security. It's up to David.
Jordan has a website and wants to be able to change servers without having to change his email address. Leo says that's what GMail is great for. All he has to do is go into settings and setup mail forwarding to a standard Gmail account from his domain name. That way if it changes domains, his email still goes to the same place.
Greg has "router paranoia" over the recent security flaws that have been found. Should he pay more for a router? Leo says no. It's not the price of the router -- it's a flaw in the router firmware that is rarely updated because they are so cheap.
Steve is worried he's being spied upon online. He gets a popup on his 4G data connection that says "network may be monitored by a third party." Leo says that's exactly what Superfish has been doing. Certificates get issued by various browser authorities like Google. If he doesn't like it, then he should try another browser.