Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Mint is a website and app that was bought by Intuit, the makers of the popular Quicken program. Instead of having to enter in every transaction manually, Mint can automatically categorize your transactions and show account information. It's secure and safe, but sometimes Mint's notifications are late. Bennie doesn't have to worry though, Mint is secure.
Bob says thanks to iFix it, he's been able to fix his own iPhones when they've broken. Leo says that what iFixIt does is great because they believe in the "right to repair," and will show how to do it. (Disclaimer: iFixIt is a sponsor).
Chris has a Dell laptop that got hit by the CyptoWall Ransom Ware. He was able to use ShareExplorer to recover some of his files, but he lost a lot of them because he refused to pay the ransom. So he has a bunch of files that are encrypted. Can he use something to unencrypt it? Leo says no. CryptoWall uses strong encryption and there would be no guarantee it could be fixed. This is why he should backup all of his data. Sometimes, an uneraser can recover data since CryptoWall erased the original and encrypted a copy. But outside of that, he's out of luck.
Teri bought a Mac a few years ago and needs to know if she's subject to the recall. Leo says go into 'About This Mac', and on the fourth tab, she can click on it and check to be sure she's available for the recall.
Last week, Chinese hackers targeted GreatFire.org in a DDoS attack, and now are attacking GitHub. DDoS stands for "Distributed Denial of Service," and this attack brings down a website by hitting it with lots of bogus requests from thousands or even tens of thousands of computers distributed all over the world. GreatFire.org was spending $30,000 a day in bandwidth trying to keep up with the excess traffic.
The way they are getting this to be a distributed attack is by commandeering users of Baidu, a popular search engine in China.
Anthony wants to know if someone can track his email address to where he lives. Leo says no. It can list the servers it's been through, but not the physical location. If the server was in his house, then maybe. But if he's not running his own mail server, then he's OK. Unless he's broken the law and the authorities can find him through his internet address.
Steve is worried he's being spied upon online. He gets a popup on his 4G data connection that says "network may be monitored by a third party." Leo says that's exactly what Superfish has been doing. Certificates get issued by various browser authorities like Google. If he doesn't like it, then he should try another browser.
Although they promised customers that they would protect private information, Radio Shack has announced that they will be selling off customer information as part of the Fire Sale portion of their Bankruptcy. State governments and even AT&T have announced lawsuits to stop it. AT&T says that the privacy information should remain confidential through the sale and that Radio Shack should only sell to companies in the same business. But the lesson is clear, if you gave Radio Shack your information, they're now considering it an "asset." So much for privacy policies.
Leo had talked to Mark Goodman, the author of a book called "Future Crimes," who is a former LAPD officer that got roped into computer forensics early on. This book is a good look at where we stand right now in global security and what we can do about it. One of the reasons Leo wants to recommend the website, FutureCrimesBook.com, is because there's a really good section of it called "The UPDATE Protocol." This echoes things Leo has said for a long time on the show, and it's all in one place.
Elizabeth got an email from her friend that included suspicious links, and she's wondering if his email account was spoofed. She looked in the header, but didn't see anything. How can she find out if it was spoofed? Leo says the tale is the CCs. They would only be able to put so many addresses in a field, and if they are using multiple fields, then she'll know the person has cracked the account. Yahoo has always had security issues. So the account has been hacked and there's all kinds of ways to do it. First thing to do is change the password, and make it a difficult one.