Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
The Senate has voted to overturn an FCC regulation that was designed to protect customer privacy. The regulation that was put out in October of last year said that internet service providers would have to ask for customer permission before selling personal data, such as browsing history, current location, and more.
Read more at WashingtonPost.com
Mark wants to know if password vaults are safe and what the best one is to get. Leo says yes, they are best because they generate impossible to remember passwords and keep track of them, so Mark would only have to remember the one password to open his vault. Leo uses LastPass. There's also 1Password. It's a valuable tool that everyone should use.
Mike is worried about the Turkish Crime Family's iCloud hack. If he changes his password, couldn't they just hack it again to get them? Leo says that Apple has said it hasn't been hacked, and even if it had been, the hackers would have to "rehack" the system to get them. If Mike has turned on two factor authentication, they can't use his password anyway.
It's annoying to use two-factor, but it's the best last line of defense to prevent his account from being compromised. Also, he can use his TouchID on a new MacBook Pro and his iOS devices to insure verification.
The Turkish Crime Family is threatening to release hundreds of millions of iCloud account names and passwords if Apple doesn't pay them a ransom of millions of dollars. To prove it, they gave ZDNet 54 samples to confirm it. Apple, however, says they have never been hacked. But Leo says it's important for iCloud users to change their passwords just in case. While you're at it, if you haven't turned on two factor authentication, it would be a good idea to do that as well.
Larry has been asked to submit his tax returns electronically, which has a clickable link to electronically sign. He's hesitant, especially since a similar attempt was a phishing scam a few years back. Leo says that Right Signature, Docu Sign, and others give you a secure link to digitally sign. The problem is, how do they verify it's him that clicks on the link and digitally signs? They should be requiring a PIN code, or second factor authentication.
The police department in Edina, MN has secured the right to look at people's Google Search history to look for information about a fraud case they were investigating. The legal brief is to cover anyone who searched for the name of the suspect and case, and it could be the entire community.
Leo says it's crazy and that Google should fight this tooth and nail. It's classic government overreach. Leo says he doesn't mind Google's algorithm putting custom ads on his search results, but for a government to ask who searched for something and to get a list is frightening.
Kirk created an administrator password and has forgotten it. Leo says that if he created it with his Microsoft account, he can recover it. But if he didn't, then there are ways to crack a Windows 10 login. He can use OphCrack or ConBoot to get around it. Here's a few articles to can show him how:
Wikileaks has announced Vault 7, a massive collection of documents that show how the CIA uses malware and other hacking techniques to spy online. Some of the techniques includes using smartTVs as a spying device since they use cameras and microphones built into the TVs. Samsung warned of this in their terms of service for their TVs last year. But Leo says that the CIA doesn't really have a switch to turn on all TVs, and if they did, the data they'd receive would be so massive and 99.9% of it would be useless. It could be used for targeted eavesdropping, though.
Scott got bit by ransomware on all his work computers. Since the data is backed up, the course of action is to wipe the drives, reinstall the OS, and restore from the backup. Always keep yourself backed up and updated to prevent things like this from happening.
Here's what you can do to protect yourself:
1. Keep all software and OS updated on your machine.
2. Run as a limited user. NEVER an Admin.
3. Do not click on links from strangers. Do not accept unexpected attachments.
Jimmy wants to know if the Fix Me Stick can remove viruses from his computer. Leo says don't get since it won't provide you with anything additional that you can already download from the internet. The most important thing to look for in antivirus software is the frequency of updates. You can also make your own "fix me stick". Antivirus software gives you a false sense of security. Windows existing security software is adequate and updated often. It's best to practice safe computing. Don't click on links and don't take candy from strangers. Be smart online.