On June 15, 2015, password manager LastPass made an announcement that its password database was hacked and some user account information had been stolen. Since LastPass has uses encryption and many layers of protection to slow down hackers, the damage will be minimal for LastPass users. While the hackers may have obtained the database of master passwords, they still don't have immediate access to everyone's passwords. That information has been encrypted, salted, and hashed, so it would take quite a bit of effort to break into it.
Vicky works out of her house in California, while her office is back East. Since they've added McAfee on her computer, her passwords aren't being saved in her browser. Leo's not a fan of McAfee, but since Vicky has no choice, she should check her settings to see if there's something triggered that's preventing it. Can she use post it notes? Leo says sure, because she works at home and that's not going to hurt. She can also keep a notebook.
Arelia is having issues with her browser and she thinks it may be due to a plugin she installed. Leo says she's probably right. Plugins like Flash, Shockwave or Java are easily hackable and dangerous if not kept up to date.
Bob is interested in home automation, but he's concerned with security. Can it run amuck? Leo says that it's such a new thing, we don't really know all the downsides yet. Keyless entry is the challenge, especially with a car. A car uses keyless entry with the keyfob signal by proximity. You can actually buy a booster to send it out further. But that's a security flaw. Anything with a computer can have flaws and bugs in programming. So it is possible and Bob's right to pay attention to it. But we're in the very early days. Just remember that a lock is an illusion, not a security feature.
Vladimir has a BMW i3 and wonders if he can integrate his smartphone with it. On his previous car, he had to manually enter all his contacts and it was tedious. Leo says that his car copied over his contacts so it was pretty easy. Vladimir got the numbers, but not the addresses, though. Leo says that Audi's do addresses. Vladimir used a phone with KitKat and it worked just fine, so that's a workaround. Leo says that's very odd. But at least he got the data in. But it sounds like maybe a Lollipop security feature prevented it from doing addresses.
If you've had your email account hacked, then it may be time to take further security measures to keep it from happening in the future. Here are some simple steps you can take right now to better secure your account:
Robin is getting those emails that seem to be bounced from her own Yahoo email account. Leo says that's likely a "spoofed" return email address, but it's always wise to change the password just in case. She should use a password vault so it can generate long passwords which can't as easily be hacked. But Leo also says there's something fundamentally wrong with Yahoo's email security and Leo advises getting off it. Go with Gmail instead.
Brad hears that you don't have to use your fingerprint for Apple's Touch ID -- you can actually use other body parts. Knuckles, palms, and even noses can work. Some guitar players or construction workers who have callouses on their fingers may not be able to use fingerprints. So for those people, they need to think outside the box.
Derek wants to know how secure cellphones are today versus 20 years ago. Leo says that they are secure because of digital networks that are encrypted. Back in the 90s, cell phones were analog, making them really easy to eavesdrop and "snarf." It was even possible to clone them. But just because you have digital security, doesn't mean you're completely secure. Law enforcement can pay a small fee and get the meta data from your wireless company via a pen register request. Also, there's GPS data, super cookies, and social interaction.
Joe just got a router and wants to know if he really needs firewalls anymore. Leo says no. Joe could turn on the Windows firewall, but any third party firewall isn't really needed because the router is essentially a "dumb box" that prevents attacks from incoming traffic.