Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Jeff is getting strange random key strokes appearing in his browser bar. Leo says to try a different browser. Windows comes with both Edge and Internet Explorer. If it happens in both browsers, it could be a failing keyboard. Jeff should unplug his keyboard and try a new one. If he still has the issue, then it's a Windows problem, which could be malware or a browser hijack. He could try resetting his browser first. If that solves the problem, then he's fine. If not, then it may be that he'll need to reinstall Windows from a known good source.
Alan wants to know if an antivirus utility is any good anymore for malware. How about on a mobile device? Leo says that all too often, an antivirus leaves people more vulnerable because most malware is a zero day exploit. Antivirus can't stop users from themselves, either. All antivirus utilities have to hook themselves into the OS at a very low level and the virus can actually use that as a door to more exploits. So at the end of the day, an antivirus really is only of limited benefit.
2018 brought about the news that every processor built in the last ten years have a flaw in them that could give hackers access to sensitive data. Initially believed to affect just Intel processors, the latest is that this affects every single processor made, regardless of platform.
The flaws utilizes a technique called "processor speculation," which enables the processor to speculate what the user will do next in order to accelerate performance. But the feature also gives hackers access to sensitive L2 cache data like passwords. It's especially true for networks.
The latest exploit "Spectre" affects every single chip made in the last ten years. At first, security researchers thought that the exploit only affected Intel processors, but it turns out this hack also effects ARM, AMD, and any other processor that uses speculative prediction. The white hat hackers who found the flaw discovered that you can use it to access valuable data including passwords and other information. Leo says that Microsoft has already pushed out a fix, and Apple's High Sierra has patched the vulnerability with a recent fix. Apple has also patched the iPhone and iPad.
According to a recent study funded by Google, 15% of users have reported that their email or social media account was taken over due to phishing scams. Leo says that over 25 million users were bit by an email phishing scam, while about 35,000 were victim to keystroke loggers. Leo says that this is the season for scams and that users may get emails from the "IRS" or even phone calls demanding personal information. It's always a scam and users shouldn't fall for it.
There's a botnet called "Reaper" that has been growing at an alarming rate. It's a network of compromised devices, mostly routers, that is likely in the millions. We don't know who is doing this, or who's controlling it, and we can't stop them from doing it. It's sophisticated enough that it could be a nation and not just an individual. We still have no idea what it could be used for, either.
Dean installed Norton but he's having trouble with it. Leo says that Windows 10 has Defender built in and it's probably running. Antivirus software won't work well when there's more than one antivirus installed. So Dean should remove the Norton one with the Norton Remove tool. If he has trouble using the removal tool, he should run in Safe Mode with Networking. That will prevent additional drivers from loading and should make it easier to remove it. He should also make sure he uses the right removal tool. Norton has several different ones depending on the utility it is.
Carlos wants to know about biometric behavioral passwords. Leo says that the idea has been around for awhile. Google uses gate analysis to know if you're the one holding the phone. It could be the future.
Tom wants to know where he can find a YubiKey, and whether or not it's accessible for the blind. Leo says they are accessible, and he can get it at yubico.com. This is a little USB device that plugs into a USB port, and the computer sees it as a keyboard. The YubiKey will light up, and then press the button on the key. Just make sure the cursor is in the correct field that it will need to fill, and it will fill in the password. This doesn't work for an iPhone, however, because it doesn't have a USB port.