Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

What's the best password vault?

Episode 1136

Carla from Buena Park, CA
Lastpass Vault

Carla is overwhelmed by all of the passwords she has to remember. What can she use to help manage that? Leo says a password vault will generate a unique and strong password that's difficult to crack. The best passwords are long and random with a combination of upper and lower case, numbers, letters and punctuation. Leo advises using LastPass. She can download and use it for free on the desktop, or pay $12 for some additional features including mobile use.

Secret US Spy Program Targeting Americans' Cellphones Revealed

Episode 1135

News broke this week of the U.S. Marshals Service program that's been ongoing since 2007 to gather information from Americans' cellphones. It uses small fixed-wing Cessnas equipped with 'dirtboxes' that imitate cell towers to get identifying information from citizens. According to those familiar with the program, these planes make regular flights and can scoop up data from tens of thousands of phones in densely populated areas. The program is meant to locate individuals under investigation and fugitives, but it collects information from all cellphones.

How can I prevent the NSA from snooping on me?

Episode 1135

David from Los Angeles, CA
NSA

David wants to talk about privacy of his cellphone. He's worried that Uncle Sam can snoop on him. Leo says that he has good reason to worry because government can get metadata from phone calls with a simple pen registry request that only costs $1.50 and doesn't require a warrant. Can Google Voice be a better option? Or encryption?

Leo says that behavior that gets the NSAs attention will motivate them to follow him more closely. The problem is, legislation like the Patriot Act encourages government to do whatever they can to live up to the spirit of "never again."

How can I keep my new computer secure online?

James from Newberry Park, CA

Episode 1133

James just bought a new computer and he's concerned that Microsoft Security Essentials won't be good enough. Leo says that Microsoft Security Essentials works just fine, but he will have to keep it updated and constantly patch Windows. If he's not patching Windows with updates, even Essentials won't be able to protect him completely. Other things he can do is:

Home Depot Gets Hacked, 53 Million Customer Credit Cards and Emails Stolen

Episode 1133

After Home Depot was hacked and had to admit that over 50 million credit card numbers were stolen, they also had to report that an equal amount of email addresses were lifted. That means users are going to be subjected to potential phishing scams and it's important that they pay close attention to any email sent by their banks or Home Depot.

Should I run as standard user or administrator in Windows?

Episode 1132

Richard from Placentia, CA
administrator

Richard just bought a new Dell computer and he wants to know if he should change his settings from administrator to standard user. Leo says that a bad guy has the same level of permissions as he has. So if he's an admin, he's letting a bad guy potentially do whatever he wants. If he runs as a limited user, then they can't do anything that an administrator password is required for. He will need to authenticate with the admin password. That's what being just a standard user buys him -- an extra level of protection. Leo says that the kids should definitely be standard users.

Does Google backup my Wi-Fi Password?

Episode 1132

Max from Milpitas, CA
Google

Max found out that someone connected to his Wi-Fi network, which concerns him because he has a login key to prevent it. Leo says that Google backs up Wi-Fi passwords and other settings to its servers unless he disables it. It's meant for convenience, but it does mean that Google knows his Wi-Fi password. It's not likely that Google would do anything with it, though. It is important to note though that it would have to be stored unencrypted. But it's not really that much of a concern. It's more likely that someone got in with a brute force attack.

How do I get rid of the Conduit "Search Assistant" on my Mac?

Paul from Virginia Beach, CA

Episode 1130

Paul got nailed by a "search assistant" malware and he can't get rid of it. Leo says the good news is that it probably hasn't wormed it's way too deep. It's probably been installed as an extension into the Mac. He has to be careful because bad guys have made pages alleging to uninstall with a program, when it actually installs more malware.