With the breaking news that several celebrities who had their cloud accounts hacked and nude photos published on the internet, Leo says that this underscores the need for second factor authentication. Companies use secret questions so that you can answer them and get your password or reset it. But Leo says that people make the mistake of answering these questions truthfully. And for a celebrities, that's very easy to discover. Leo uses pneumonics and puts in bogus answers that only he knows and nobody can guess.
Pending appeal, Microsoft has refused to turn over emails stored in Ireland to the US government. If Microsoft loses on appeal, it'll have to turn over the emails however. This is a scary thing because it could mean that the reach of the US courts extend beyond our shores, and around the world. In the view of Microsoft and many legal experts, federal authorities have no jurisdiction over data stored in a foreign country, and this would violate the sovereignty of Ireland.
Leo thinks that companies like Microsoft and Apple will see this as an opportunity to fight for user privacy.
Jeff has an iPhone 4 and wants to know if there's an app that will map his travels through his GPS. Leo says that Glympse is a great app that does that if he wants people to know when he's going to arrive. Google does it natively at Google.com/dashboard under Location History, but he'd have to enable it in Google Maps.
Leo decided to try out Facebook Messenger this week since Facebook has decided to force users to use it instead of the regular Facebook app for private messages. Leo says that not only does the app deplete your battery by constantly monitoring your activity and location, but you also can't turn off notifications on messages for longer than 8 hours in the app. As a result, Leo was more than happy to delete both the Messenger app and the Facebook app from his phone. He'll just continue to use Facebook on the desktop instead.
Louis says that cookies or tokens are a violation of privacy. Leo says they're pretty benign, though. The cookie only exists to allow him to keep from logging in to a site every time he visits. It reads the token and knows who he is. He could turn them off or prevent third party cookies. The browser leaks enough information about him to identify him, though. He could surf privately and delete all of his cookies, but even with all that, his ISP knows everything he does online. So if he really wants to be anonymous, he'd have to pretty much give up being online.
Netflix is testing a private viewing mode, which will prevent recommendations based on any content you view when in privacy mode. Anything you watch will not be logged into your history either. Leo says that's a good option for those who watch something out of curiosity or "guilty pleasure," and doesn't want it to affect recommendations.
Dan recently began using Google Chrome, and when he tries to use some extensions, he gets a warning box that says it can access his data on all websites along with browsing activity. Leo says this is true of any browser anyway, and is probably a little overzealous. Leo says his browser and internet service provider knows everything he does. This means that if he installs an extension, it will also know everything. It's important to only get browser extensions from the browser's extension store. He should only get them from well known and credible companies.
Violet Blue from ZDnet put out a very strongly worded opinion piece blaming Google's Sergey Brin about the woes of the world. She says that in 2011, Brin was telling all of us that Google+ was the future of Google. But just earlier this week, Brin confessed that his involvement in anything tangentially related to social media was a mistake to begin with. She goes on about how Google sees the users as a "little more than webs of flesh spun over packages of salable data."
Leo says that a security guru would say that under no circumstances should he use a public Wi-Fi network unless all traffic on that network is encrypted, and the best way to do that is with a VPN. It encrypts all the traffic coming from a phone or computer all the way to a VPN server, which could be something he runs in his home, or a provider runs for him. At some point, everything he does is on the public internet, but at least his traffic wouldn't be broadcast to the entire coffee shop.
It's probably not a good idea to use Whisper or Secret to reveal secrets about your company, or as a platform for whistleblowing. An article in Wired this weekend says that if you read the privacy policies, all of these apps say they will reveal all identifying information if subpoenaed.
Whistleblowers Beware: Apps Like Whisper and Secret Will Rat You Out (Wired)…