Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Louis travels with his iPad and would like to know if there's a VPN for iOS. Leo says you have a few ways to go. Leo says that 18.104.22.168 is an app that isn't strictly a VPN, but it changes the DNS to give privacy from an ISP. The benefit is that it doesn't slow users down. But if customers want something to completely protect them at a public space, Leo says to purchase ones like ExpressVPN, or NordVPN. Both are offshore and don't log user activity. There's also Tiny Hardware Firewall as another option.
David wants to know about securely sending attachments to clients with Exchange. Leo says that he prefers to send a link to the file saved in the cloud. It's secure, HIPPA compliant, and much easier than sending attachments, which can be notoriously insecure. Leo recommends ShareFile from Citrix. David can also set it to expire, use a password, and other security guarantees. It makes email smaller and more secure.
Free options include FireFox Send by Firefox, where David can send files up to 2.5gb.
Facebook admitted that for years, they have been storing up to 600 million member passwords in a single text file that was unencrypted. The text file was also searchable by thousands of Facebook employees. Facebook claims nobody had abused the ability and will notify users if their accounts are compromised. So you may want to change your password anyway.
Sundip wants to know if he should get a Dashcam. Leo recommends a Garmin, and it's always recording in high def while giving an instant record if there's an accident. It has GPS and WiFi as well! The Owlcam, another product, also has LTE so it's always connected and instantly uploads in case of an accident or break-in. It connects to the OBD2 port for power.
There's a huge security flaw in WINRAR, that will enable hackers to take over your computer. So Leo advises that if you use WINRAR to zip/unzip your files, that you should update to the latest beta version. But you have to go to the WINRAR site and manually download the update. There is no automatic update.
Joey wants to know if the new Net Neutrality bill will pass. Leo says probably not. The Senate is controlled by one party that isn't in favour of Net Neutrality and the president wouldn't sign it if it did. Their view is that the government shouldn't regulate the internet. But Leo says that while that's true, it's a good idea to have a check and balance on the internet service providers.
Should you use 2-factor authentication? Leo says yes, but Leo isn't a fan of 2FA over SMS text messaging. It's too easy to spoof, but it's better than nothing.
Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.
Tom uses DashLane for his password vault, and wants to know if their new VPN service slows him down. Leo says it can. He's essentially running a computer remotely, and it works with an encrypted tunnel. So, it can cause some latency as it works its way in and out of the tunnel. Not all VPNs are alike either. Some are faster than others, so he should check with DashLane to see how many servers they run. He also wants to be sure they don't log his use. Tom also doesn't like that he doesn't have the option to opt-out after they raised his monthly fee.
Mark wants to know if it's safe to use Kaspersky antivirus software. Leo says that Kaspersky is a great AVS utility, but it has fallen under a cloud of concern because the Russians may have used the software as a spying tool. The US Gov't has banned the use of it as a result. So it's probably best to err on the side of caution and avoid it.
If you need an AVS, Leo recommends using Windows Defender. It's free and comes with Windows 10.
The caller wants to know if backing up data to DropBox is secure? He's worried that backup companies have access to his sensitive data. Leo says he can encrypt the data, and he alone has the keys to that. So if he loses it, he's out of luck. DropBox will accept secure encrypted data. If he's looking for a cloud-based encryption backup option, SpiderOak is an option, though it's a bit clunky. VeraCrypt is another.