If you're looking for a way to track your Android phone or tablet in the event that it's lost or stolen, Google has a free service that will come to the rescue. It's called Android Device Manager, and it will work with all Android devices associated with your Google account. You can find your device on a map, lock it with a new password, or erase it securely, from anywhere in the world.
At the "Hackers On Planet Earth" (HOPE) Conference in New York this week, forensic scientist and security expert Jonathan Zdziarski identified several holes and back doors currently on the iPhone. There's even a packet sniffer that's running all the time. Apple has yet to respond to it. It's important to understand that whenever you're using a connected device, whether intentionally or unintentionally, it could reveal information to interested parties. In his presentation, Zdziarski revealed some of the data that is constantly leaked out by the iPhone.
Mike is wondering if he should do anything to protect himself while using these public hotspots though. Leo says this is an important question because he's on the same network with other people, so there are risks. Other people could see traffic sent to and from his computer, and could use hacker tools that are widely available to get that data. This is mostly an issue when accessing email, but since he uses gmail, it's encrypted and won't be a problem. If the sites he's on use 'secure http' (https), then he should be ok.
Dan has installed LastPass on his computers and his mobile phone. Leo says it's an excellent password vault. But Dan wants to have all devices time out after 15 minutes to lock it down. Leo says that's a good idea. There's a way to do this in the settings. Leo says it may be that the automatic password option has been checked and that's why he can't get it to time out and demand the password to reactivate.
Sandra wanted to know if Leo recommended using Google Chrome instead of Internet Explorer. Leo says he doesn't really like Internet Explorer, and uses Chrome instead. If she's using Internet Explorer, she should make sure to have version 11 or later to stay secure. Leo prefers Google Chrome because it has Flash built in, it sandboxes each tab, and is generally a more secure browser.
Leo says that a security guru would say that under no circumstances should he use a public Wi-Fi network unless all traffic on that network is encrypted, and the best way to do that is with a VPN. It encrypts all the traffic coming from a phone or computer all the way to a VPN server, which could be something he runs in his home, or a provider runs for him. At some point, everything he does is on the public internet, but at least his traffic wouldn't be broadcast to the entire coffee shop.
Daryl wants to know if Linux is 100% secure. Leo says no, that standard isn't possible, but it is more secure than Windows. Why does Windows have so many vulnerabilities? Leo says that Windows has gotten better over time, but because Microsoft supports legacy code for older machines, it leaves Windows users vulnerable. Linux was written from the ground up to be more secure and it doesn't carry the burden to be "all things to all people." Since it's based on UNIX's permissions system, it's more secure.
Ken is wondering if he should use Watchguard on his Wi-Fi network for added security. Leo says he doesn't need this. These are internet security devices, or firewalls, that he'd run in his house. Routers are not very well designed and are commodity products, so they tend to have security flaws. Getting a better router would be a better way to increase security. Leo suspects Watchguard would be more than he actually needs.
The 'Heartbleed' bug that has affected most of the internet's popular websites has exposed usernames and passwords along with other secure certificate data. Even after a site has fixed this bug, it's still essential for everyone to change their passwords because the data could have been intercepted before the site was patched. This is a great opportunity to create more secure passwords, and to start using a password vault like LastPass.