Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Should I use a VPN while on a cruise?

Charles from Sugarland, TX

Episode 1391

Charles and his family are going on a cruise and want to know if his devices need to run through a VPN. Leo says there are some risks, but not as much on an iPad. Google has been pushing for https everywhere, meaning that your search activity is encrypted. But that's not stopping someone from using a wifi sniffer called a Pineapple or Wireshark to figure out what your access point name is. From that, he can spoof it. A wise thing to do would be to forget your home network before you go. Another option is the Tiny Hardware Firewall.

WannaCry Ransomware Has a Possible Solution

Episode 1391

WannaCry is ransomware that can lock up your data unless you pay up to the hacker who created it. But what WannaKiwi does, is find the crypto key in your PCs RAM to undo the damage. But it doesn't work all the time, only about 1/3. That's why Leo says to make sure you don't get it by altering your behavior, or making sure you have current backups of your data to restore should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse installed. ,

How do I use 2 factor authentication on iCloud?

Todd from New Jersey

Episode 1390

Todd has heard that iCloud is going to require two factor authentication for third party apps. Is that true? Leo says yes, and it's a good idea. But the problem is that not all apps have a 2 factor authentication scheme, so Apple has a work around by requiring an app specific password as well. And starting June 15th, if you don't have 2 Factor then you'll be forced to. And from there, you'll have to relog in with a second unique one time password.

WannaCry Ransomware Mostly Affected Windows 7

Episode 1388

WannaCry

Last weekend, the WannaCry Ransomware bit several hundred thousand computer systems, including sixteen hospitals in the UK. The ransomware infected the systems and encrypted all data. The reason this one was really bad is that it was a "worm," or a "network aware virus" that would spread out over the local area network to find other computers to infect, and bring the whole establishment to its knees.

Does Antivirus Software keep PCs safe?

Episode 1389

Alan from Los Angeles, CA
Antivirus symbol

Alan wants to know if an antivirus utility is any good anymore for malware. How about on a mobile device? Leo says that all too often, an antivirus leaves people more vulnerable because most malware is a zero day exploit. Antivirus can't stop users from themselves, either. All antivirus utilities have to hook themselves into the OS at a very low level and the virus can actually use that as a door to more exploits. So at the end of the day, an antivirus really is only of limited benefit.

How can I keep my Windows PC secure?

Episode 1389

Billy from New York, NY
Lenovo ThinkPad X1 Yoga

Billy is about to make the switch to Windows. As an old timer, he feels that Apple has abandoned his demographic. So he bought a Lenovo X1 Yoga to replace his aging Mac laptop. Leo says that the latest Mac laptops with Touch Bar are annoying and the Touch Bar gets in the way more than it helps. Lenovo is doing a lot of creative hardware on the Windows side, as are other manufacturers.

Have I been bit by ransomware?

Episode 1389

Grover from California
Google Chrome

Grover has a popup that says to call Microsoft Support. Has he been bit by ransomware? Leo says no, probably not. It's a phishing attack, but it's to try and get him to call in and then they charge him and access his computer. It's Scareware, really. He can ignore it, but it keeps popping up and he has to reboot his system to get rid of it. He even replaced the hard drive, but it didn't help.

WannaCry is the Latest Phishing Ransomware Attack

Episode 1389

WannaCry

The latest ransomware attack is called WannaCry and it's spreading via phishing email attacks. The ransomware not only encrypts your data — it also has a built-in kill switch on websites. Security researchers may have crafted a fix to it, but there's a catch. The encryption is done using Microsoft's bit locker, and the fix is to take advantage of a flaw in the cryptographic memory that keeps the keys in RAM so it can harvest them and unlock your data.