Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Is my computer infected?

Episode 1515

Tom from Montana
Keyboard

Tom has a friend who gave a technician remote access after calling a number in a popup ad for his Echo. Leo says he fell victim to a scam and there's a good chance that his computer is infected with malware, a key logger, remote access trojans, the works. At this point, the only safe thing to do is backup the data, format the hard drive, and reinstall Windows from a known, safe source, then update. Only then can he be sure his computer is safe.

Amazon's Face Recognition Mistakenly Identifies Congress Members as Felons

Episode 1510

Amazon logo

Amazon's "Rekognition" face recognition software, which is being rented to police, has identified members of congress as felons. When the ACLU ran the software, designed to match people to a database of mugshots, it identified a total of 28 congressional members as felons. Amazon claims that the software was used incorrectly, and should have been set to a 99% confidence level instead of the 80% that was used.

Read more at arstechnica.com.

Is it safe to keep my passwords in a spreadsheet?

Episode 1508

Bob from Tulsa, OK
LastPass Vault

Bob has all his passwords inputted in a spreadsheet. Is that secure? Leo says if it works for him, that's one step better than just using the same password over and over. But if someone gets ahold of that file, they have the keys to his kingdom. That's why using LastPass, which generates complicated and secure passwords is a good idea. Bob agrees, but he doesn't know how to use it to change his passwords. Leo says if he goes to LastPass's help desk, they describe step by step how to do it.

What's the best mesh router?

Episode 1506

Paul from Louisville, KY
Plume Wi-Fi

Paul is concerned about internet of things and security. He wants to know if Plume would be a good, secure mesh router that can protect his network from the outside hacking his IoT. Leo says that Plume requires a yearly subscription to keep it up to date. Leo says it's somewhat justified because it can keep his network more secure. He's paying for security on his network, but his IoT devices may not be getting updated, so they're not secure. And his internet is only as secure as his weakest device.

Does my Mac have ransomware?

Episode 1505

Justin from San Diego, CA
MacBook Pro

Justin's mother-in-law has a MacBook Pro that has ransomware on it. She just gets a blue screen. Leo says that Macs don't get blue screens, they kernel panic. It's likely an exploit in Javascript that is locking up her cursor to make her think the computer is frozen. She can press ALT + TAB to get out of the browser and she'll probably be fine. Then, she should turn off Javascript. Leo says it will not happen after that.

Is my computer safe?

Episode 1501

John from Temecula, CA
Virus image on monitor

John's friend got bit by the popup that said she had a virus and then when she called "Microsoft support" they wanted $300 to fix it. Leo says it's a phishing scam. And once you give someone access to your computer, not only will they not fix anything, but they make the infection even worse by installing other malware. The only way forward now is to backup the data, format the hard drive, and then reinstall Windows.

How safe is the password protection on my computer?

Episode 1501

Robert from Southern California
Windows 10

Robert is concerned with password security. How secure is his Windows login? Does it have to be really crazy difficult? Leo says that it's safe enough for his own use. Networks are protected by the router, which has a separate password. The more unique, the better. But his Windows password is fine unless someone gets physical access to the computer. Leo prefers to use a password manager, though. It's secure everywhere. What about a browser password vault? Leo says that all browsers now use encryption, so they're safe. But he should have 2 factor authentication setup just in case.

We Now Know How the FBI Cracked the iPhone

Episode 1499

Apple iPhone X

Researchers have figured out that if you connect your iPhone to a computer, you can keep doing a brute force password attack to unlock it and that it should take about a day to open it. Leo says that this is with a four digit passcode, and a six digit passcode is a lot harder to crack.

The Supreme Court has also ruled that law enforcement cannot get cell phone location data without a warrant. The decision said that day to day movement data on a mobile device provides an intimate look at someone's activities, even to the point of violating privacy without a warrant.