Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Top Security Tips Prioritized by Regular Users Vs. the Experts

Episode 1205

A recent study done by Google on its security blog comparing the security practices of regular users versus the security experts. Regular users said antivirus topped their list of security priorities, followed by using strong passwords, changing passwords frequently, only visiting websites they know, and not sharing personal information.

Security experts' say installing software updates is the number 1 priority, followed by using unique passwords, use two-factor authentication where its available, use strong passwords, and use a password manager.

Is there an alternative to 2nd factor authentication?

Ben from Omaha, NE

Episode 1206

Ben wants to know if we can ever move beyond second factor authentication. Can we move on to fingerprint reading? Leo says that is also second factor authentication. It's not just something you have, it's also something you are.

Windows Hello is a new type of two factor authentication, which uses a special depth sensing webcam for facial recognition and will log you in based on your face. But we can surely get rid of passwords, it's really a terrible system.

Why can't I turn on automatic encryption on my Windows PC?

Mark from Los Angeles, CA

Episode 1206

Mark is having trouble encrypting his hard drive in Windows 8.1. He's told it's encrypted by default, but Leo says if he can't get it turned on, then his hardware probably doesn't support it. Mark should look for TPM 2.0 support. Users also need support for Windows connected standby feature. So if he doesn't have all that, he'll have to get a third party encryption utility. TrueCrypt is free and open source, but unfortunately, they've given the government a back door.

How can I store my passwords securely?

Paul from San Bernardino, CA

Episode 1205

Paul has trouble remembering all of his passwords. Leo says that the best password is one that's long, random, and filled with letters, numbers and punctuation. But that makes it impossible to remember and a hassle to always type. This is why Leo relies on a password vault, or wallet, that has all the passwords in it. Then he'll only have to remember one master password. But he'll have to choose carefuly because the downside of a vault/wallet is that it has a single point of failure. So when he has one, he should make sure the master password is one that only he knows.

How can I wipe my mobile device completely?

Episode 1204

Jonathan from Ohio
Samsung Galaxy Tab

Jonathan wants to know if there's an Android equivalent to DBAN (Derek's Boot and Nuke). He wants to be sure to wipe his older phones and tablets completely. Leo says that the problem is that solid state discs can't really be erased effectively. It's because of the wear leveling software that SSDs use. Leo says one thing he can do is turn on encryption. That way, it's just word salad across the entire drive.

Is encryption illegal?

Gary from Mission Viejo, CA

Episode 1203

Gary is concerned with being able to encrypt his data. Is it secure? Leo says it is, but law enforcement can get the keys if asked by Microsoft. Leo says that using BitLocker is a good solution for keeping his data secure, though. What about TrueCrypt? Leo says he can use it, but it will stop working down the line.

Microsoft's Antivirus Software Now Removes the ASK Toolbar

Episode 1201

Calling it a "high threat to its computer security," Microsoft's antivirus software will now scan for and remove the ASK toolbar, should you get stuck with it. In other news, Yahoo has entered into an exclusive agreement with Oracle to make Yahoo the default browser for any computer that has Java installed. Leo calls that Malware since users are fooled into installing it. Even worse is that Java is a security flaw as well. Yahoo's CEO Melissa Meyer should know better.