Gordon is in the hospital, and wants to know if their public wifi is safe or should he use a VPN? Leo says that if it's using a wide-open network, then anyone can log in. It's a shared, public network. There are some risks, but your banking is safe because it's encrypted. The one thing to worry about is a "man in the middle" attack. Hospitals with public wifis could give the hospital the ability to watch what you do. That's when a VPN can come in handy. It will encrypt all traffic, by burrowing an encrypted tunnel to the internet.
If you are scanning important, sensitive documents with your cell phone and sending those files over the internet, make sure to use an app from a reputable, reliable company. Do not use apps from relatively unknown developers, where images could potentially be intercepted. On Android phones, use Google Drive's scan option. On iPhone, open the Notes app and hit the + sign, then tap the "Scan Documents" option. Evernote Scannable is also a legitimate high-quality (free) scanning app.
When you want to find out if you should stay away from typing in a suspicious and possibly fake web address, check the URL's TLD (top-level domain) which should imply whether the site is legitimate or not. For example, if a web address reads Google(dot)com/blahblah then it is a legitimate Google page. However, bad guys can spoof Google and create an address like Google(dot)badguy(dot)com which may easily deceive many victims at first glance. Always be cautious of deceptive URLs and links that can infiltrate your device if clicked.
There's a huge security flaw in WINRAR, that will enable hackers to take over your computer. So Leo advises that if you use WINRAR to zip/unzip your files, that you should update to the latest beta version. But you have to go to the WINRAR site and manually download the update. There is no automatic update.
Joey wants to know if the new Net Neutrality bill will pass. Leo says probably not. The Senate is controlled by one party that isn't in favour of Net Neutrality and the president wouldn't sign it if it did. Their view is that the government shouldn't regulate the internet. But Leo says that while that's true, it's a good idea to have a check and balance on the internet service providers.
Should you use 2-factor authentication? Leo says yes, but Leo isn't a fan of 2FA over SMS text messaging. It's too easy to spoof, but it's better than nothing.
If you're going to use antivirus software, you may want to choose something other than Kaspersky. While Leo believes Eugene Kaspersky, the CEO of Kaspersky Lab, is a great person, his company is Russian and may be prone to manipulation or seizure by the Russian government/military. In any case, Leo simply recommends excellent alternatives with less baggage. While we don't know for sure what goes on with companies like Kaspersky or Huawei, it's best to err on the side of caution.
Robert is wondering if he needs to get an Antivirus for his smartphone. Leo says it would be unnecessary since the phones' Operating Systems are already quite secure thanks to Apple and Google's efforts. An Android device, for example, will scan apps downloaded from the Play Store (which is the best a 3rd-party app can do anyway).
Ron hears that he won't be able to use Windows 7 after 2020. Does that mean he can't use his computer? Leo says no. The so-called "end of life" phase, Microsoft won't be updating the operating system with security patches. So he uses it at his own risk online. But if there's something really bad, Microsoft usually puts out a fix. And Leo has a hunch that the 2020 end of life date will be extended.
Leo also says most infections come from out-of-date browsers. So keep the browsers updated. Practice safe online computing. Update the AVS.
Neil bought a Helm email server on Leo's advice. He also bought a domain through Hover to use with it. This is a home email service, and the idea is that you put your email on a server that runs in your own house instead of trusting a service like Google to handle it. Neil is wondering how to back the device up. Leo says one of the things he gets for $99 per year is that Helm backs it up over the internet. What's cool is that the contents of the email on the local server is encrypted with a key that only Neil has access to. Helm even provides a secure USB key to decrypt the backups.
Yesterday's story about Collection #1 - a package of hacked email passwords, is actually now reported to be a few years old, so the damage is not as great as previously believed. But Leo still says that it's a wise idea to go to HaveIBeenPwned.com/passwords and see if your account has been hacked. And then change your password. In fact, it may be a good idea to change it anyway, and turn on 2 factor authentication while you're at it.