Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Bob has been seeing that the Microsoft scam is targeting seniors. Seniors are getting calls from "tech support" at Microsoft saying they're infected. Bob says that he tells all his clients that it's a scam, but they find it's very authoritative. Leo says that's why seniors are much better off with tablets instead of computers. Leo says that he believes the same technicians that actually handle tech support overseas are moonlighting making these calls.
Dennis has an older Windows XP machine with two drives - one for programs, one for data. Lately, Malware Bytes has been finding "suspicious files." Could they be malware? He quarantined the files and now he can't access his data. When he unquarantined them, they were deleted. Leo says it could be a false positive.
Chris has heard about the "Black Phone," which claims to be the most secure and private phone on the market. Leo says that it claims to prevent spying on by not sharing any GPS data. But Leo says that it's safe only if he trusts the company. Leo says the bottom line is, if he lives his life online, it's not possible to be 100% private. The specs aren't state of the art either. It has 16GB storage and a low power processor. And who's to say that it isn't really a front for the feds trying to nab people with things to hide?
Security expert named Alex Holden published a report this week saying that a Russian gang has stolen 1.2 Billion email passwords. Leo was initially skeptical, but he knows insiders who have seen the data and he's now convinced it's real. The reason he was skeptical at first was because he was charging $250 for people to check to see if they're on that list. The news was announced at the annual DefCon Hacker convention in Las Vegas.
Leo decided to try out Facebook Messenger this week since Facebook has decided to force users to use it instead of the regular Facebook app for private messages. Leo says that not only does the app deplete your battery by constantly monitoring your activity and location, but you also can't turn off notifications on messages for longer than 8 hours in the app. As a result, Leo was more than happy to delete both the Messenger app and the Facebook app from his phone. He'll just continue to use Facebook on the desktop instead.
JC has been requiring his customers to do off site backup. But the problem is, they're all backing up to him and his network! That's getting a bit pricey. He's been thinking about using BitTorrent Sync. Leo says it's an interesting technology which allows data syncs across all bittorrent users. But it's a leap of faith because nobody knows how it really works.
Louis says that cookies or tokens are a violation of privacy. Leo says they're pretty benign, though. The cookie only exists to allow him to keep from logging in to a site every time he visits. It reads the token and knows who he is. He could turn them off or prevent third party cookies. The browser leaks enough information about him to identify him, though. He could surf privately and delete all of his cookies, but even with all that, his ISP knows everything he does online. So if he really wants to be anonymous, he'd have to pretty much give up being online.
At the "Hackers On Planet Earth" (HOPE) Conference in New York this week, forensic scientist and security expert Jonathan Zdziarski identified several holes and back doors currently on the iPhone. There's even a packet sniffer that's running all the time. Apple has yet to respond to it. It's important to understand that whenever you're using a connected device, whether intentionally or unintentionally, it could reveal information to interested parties. In his presentation, Zdziarski revealed some of the data that is constantly leaked out by the iPhone.
Mike is wondering if he should do anything to protect himself while using these public hotspots though. Leo says this is an important question because he's on the same network with other people, so there are risks. Other people could see traffic sent to and from his computer, and could use hacker tools that are widely available to get that data. This is mostly an issue when accessing email, but since he uses gmail, it's encrypted and won't be a problem. If the sites he's on use 'secure http' (https), then he should be ok.
John wants to know if there's a cross platform alternative to TrueCrypt since development of it ended. Leo says that BitLocker is Microsoft's file vault, and Apple's is called FileVault. Both work great, but they aren't cross platform. Leo says that TrueCrypt is still around, but that the writer of it allegedly took to the Internet and said it wasn't safe anymore. It's been audited and so far seems to still be legit. So who knows? Leo doesn't know of any open source options anymore. BitLocker is a good alternative.