Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Facebook Stored Millions of Passwords in a Simple Text File

Facebook

Episode 1576

Facebook admitted that for years, they have been storing up to 600 million member passwords in a single text file that was unencrypted.  The text file was also searchable by thousands of Facebook employees. Facebook claims nobody had abused the ability and will notify users if their accounts are compromised. So you may want to change your password anyway.

What is a Good Dashcam?

Owlcam

Episode 1575

Sundip from Orlando, FL

Sundip wants to know if he should get a Dashcam. Leo recommends a Garmin, and it's always recording in high def while giving an instant record if there's an accident. It has GPS and WiFi as well! The Owlcam, another product, also has LTE so it's always connected and instantly uploads in case of an accident or break-in. It connects to the OBD2 port for power. 

Should I use 2-Factor Authentication?

 Net Neutrality

Episode 1572

Joey from San Diego, CA

Joey wants to know if the new Net Neutrality bill will pass. Leo says probably not. The Senate is controlled by one party that isn't in favour of Net Neutrality and the president wouldn't sign it if it did. Their view is that the government shouldn't regulate the internet. But Leo says that while that's true, it's a good idea to have a check and balance on the internet service providers.

Should you use 2-factor authentication? Leo says yes, but Leo isn't a fan of 2FA over SMS text messaging. It's too easy to spoof, but it's better than nothing.

How can I Make Sure my Passwords are Kept Secure?

Krebbs

Episode 1572

Nathan from Spearfish, South Dakota

Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.

Why are VPNs slower?

DashLane

Episode 1570

Tom from Tustin, CA

Tom uses DashLane for his password vault, and wants to know if their new VPN service slows him down. Leo says it can. He's essentially running a computer remotely, and it works with an encrypted tunnel. So, it can cause some latency as it works its way in and out of the tunnel. Not all VPNs are alike either. Some are faster than others, so he should check with DashLane to see how many servers they run. He also wants to be sure they don't log his use. Tom also doesn't like that he doesn't have the option to opt-out after they raised his monthly fee.

Is Kaspersky AVS Software Safe?

Kaspersky

Episode 1570

Mark from Panama City, Florida

Mark wants to know if it's safe to use Kaspersky antivirus software. Leo says that Kaspersky is a great AVS utility, but it has fallen under a cloud of concern because the Russians may have used the software as a spying tool. The US Gov't has banned the use of it as a result. So it's probably best to err on the side of caution and avoid it.

If you need an AVS, Leo recommends using Windows Defender. It's free and comes with Windows 10.

Is backing up to the cloud secure?

VeraCrypt

Episode 1569

Jose from Modesto, CA

The caller wants to know if backing up data to DropBox is secure? He's worried that backup companies have access to his sensitive data. Leo says he can encrypt the data, and he alone has the keys to that. So if he loses it, he's out of luck. DropBox will accept secure encrypted data. If he's looking for a cloud-based encryption backup option, SpiderOak is an option, though it's a bit clunky. VeraCrypt is another.

How do I set up my Helm email server?

Helm

Episode 1565

Neil from Phoenix, AZ

Neil bought a Helm email server on Leo's advice. He also bought a domain through Hover to use with it. This is a home email service, and the idea is that you put your email on a server that runs in your own house instead of trusting a service like Google to handle it. Neil is wondering how to back the device up. Leo says one of the things he gets for $99 per year is that Helm backs it up over the internet. What's cool is that the contents of the email on the local server is encrypted with a key that only Neil has access to. Helm even provides a secure USB key to decrypt the backups.