Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Charles and his family are going on a cruise and want to know if his devices need to run through a VPN. Leo says there are some risks, but not as much on an iPad. Google has been pushing for https everywhere, meaning that your search activity is encrypted. But that's not stopping someone from using a wifi sniffer called a Pineapple or Wireshark to figure out what your access point name is. From that, he can spoof it. A wise thing to do would be to forget your home network before you go. Another option is the Tiny Hardware Firewall.
David wants to know if he can do a VPN on his tablet. Leo says that TunnelBear is a good one to look at. But what Leo uses is Hotspot VPN with a hardware dongle called the Tiny Hardware Firewall that you plug into the tablet and it creates a WiFi access point that you surf through. It's secure and easy to use.
WannaCry is ransomware that can lock up your data unless you pay up to the hacker who created it. But what WannaKiwi does, is find the crypto key in your PCs RAM to undo the damage. But it doesn't work all the time, only about 1/3. That's why Leo says to make sure you don't get it by altering your behavior, or making sure you have current backups of your data to restore should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse installed. ,
Todd has heard that iCloud is going to require two factor authentication for third party apps. Is that true? Leo says yes, and it's a good idea. But the problem is that not all apps have a 2 factor authentication scheme, so Apple has a work around by requiring an app specific password as well. And starting June 15th, if you don't have 2 Factor then you'll be forced to. And from there, you'll have to relog in with a second unique one time password.
Last weekend, the WannaCry Ransomware bit several hundred thousand computer systems, including sixteen hospitals in the UK. The ransomware infected the systems and encrypted all data. The reason this one was really bad is that it was a "worm," or a "network aware virus" that would spread out over the local area network to find other computers to infect, and bring the whole establishment to its knees.
Alan wants to know if an antivirus utility is any good anymore for malware. How about on a mobile device? Leo says that all too often, an antivirus leaves people more vulnerable because most malware is a zero day exploit. Antivirus can't stop users from themselves, either. All antivirus utilities have to hook themselves into the OS at a very low level and the virus can actually use that as a door to more exploits. So at the end of the day, an antivirus really is only of limited benefit.
Billy is about to make the switch to Windows. As an old timer, he feels that Apple has abandoned his demographic. So he bought a Lenovo X1 Yoga to replace his aging Mac laptop. Leo says that the latest Mac laptops with Touch Bar are annoying and the Touch Bar gets in the way more than it helps. Lenovo is doing a lot of creative hardware on the Windows side, as are other manufacturers.
George is using a Tiny Hardware Firewall and he sees that it would let him customize the settings. Can it be made more secure? Leo says that the Tiny Hardware Firewall is pretty darn secure as is. Leo hasn't played with the configurations, but he wouldn't want to, either. He just uses it in default mode and he's completely safe.
Grover has a popup that says to call Microsoft Support. Has he been bit by ransomware? Leo says no, probably not. It's a phishing attack, but it's to try and get him to call in and then they charge him and access his computer. It's Scareware, really. He can ignore it, but it keeps popping up and he has to reboot his system to get rid of it. He even replaced the hard drive, but it didn't help.
The latest ransomware attack is called WannaCry and it's spreading via phishing email attacks. The ransomware not only encrypts your data — it also has a built-in kill switch on websites. Security researchers may have crafted a fix to it, but there's a catch. The encryption is done using Microsoft's bit locker, and the fix is to take advantage of a flaw in the cryptographic memory that keeps the keys in RAM so it can harvest them and unlock your data.