Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Amazon's Face Recognition Mistakenly Identifies Congress Members as Felons

Amazon logo

Episode 1510

Amazon's "Rekognition" face recognition software, which is being rented to police, has identified members of congress as felons. When the ACLU ran the software, designed to match people to a database of mugshots, it identified a total of 28 congressional members as felons. Amazon claims that the software was used incorrectly, and should have been set to a 99% confidence level instead of the 80% that was used.

Read more at arstechnica.com.

Is it safe to keep my passwords in a spreadsheet?

LastPass Vault

Episode 1508

Bob from Tulsa, OK

Bob has all his passwords inputted in a spreadsheet. Is that secure? Leo says if it works for him, that's one step better than just using the same password over and over. But if someone gets ahold of that file, they have the keys to his kingdom. That's why using LastPass, which generates complicated and secure passwords is a good idea. Bob agrees, but he doesn't know how to use it to change his passwords. Leo says if he goes to LastPass's help desk, they describe step by step how to do it.

What's the best mesh router?

Plume Wi-Fi

Episode 1506

Paul from Louisville, KY

Paul is concerned about internet of things and security. He wants to know if Plume would be a good, secure mesh router that can protect his network from the outside hacking his IoT. Leo says that Plume requires a yearly subscription to keep it up to date. Leo says it's somewhat justified because it can keep his network more secure. He's paying for security on his network, but his IoT devices may not be getting updated, so they're not secure. And his internet is only as secure as his weakest device.

Does my Mac have ransomware?

MacBook Pro

Episode 1505

Justin from San Diego, CA

Justin's mother-in-law has a MacBook Pro that has ransomware on it. She just gets a blue screen. Leo says that Macs don't get blue screens, they kernel panic. It's likely an exploit in Javascript that is locking up her cursor to make her think the computer is frozen. She can press ALT + TAB to get out of the browser and she'll probably be fine. Then, she should turn off Javascript. Leo says it will not happen after that.

Is my computer safe?

Virus image on monitor

Episode 1501

John from Temecula, CA

John's friend got bit by the popup that said she had a virus and then when she called "Microsoft support" they wanted $300 to fix it. Leo says it's a phishing scam. And once you give someone access to your computer, not only will they not fix anything, but they make the infection even worse by installing other malware. The only way forward now is to backup the data, format the hard drive, and then reinstall Windows.

How safe is the password protection on my computer?

Windows 10

Episode 1501

Robert from Southern California

Robert is concerned with password security. How secure is his Windows login? Does it have to be really crazy difficult? Leo says that it's safe enough for his own use. Networks are protected by the router, which has a separate password. The more unique, the better. But his Windows password is fine unless someone gets physical access to the computer. Leo prefers to use a password manager, though. It's secure everywhere. What about a browser password vault? Leo says that all browsers now use encryption, so they're safe. But he should have 2 factor authentication setup just in case.

We Now Know How the FBI Cracked the iPhone

Apple iPhone X

Episode 1499

Researchers have figured out that if you connect your iPhone to a computer, you can keep doing a brute force password attack to unlock it and that it should take about a day to open it. Leo says that this is with a four digit passcode, and a six digit passcode is a lot harder to crack.

The Supreme Court has also ruled that law enforcement cannot get cell phone location data without a warrant. The decision said that day to day movement data on a mobile device provides an intimate look at someone's activities, even to the point of violating privacy without a warrant.

Do I need antivirus software?

Windows Defender

Episode 1498

Al from Vista, CA

Al's antivirus software is up for renewal. Does he really have to pay for another year? Leo says no. Windows has its own antivirus called Windows Defender, and it's free. It does a really good job. There's also a possibility that third party antivirus software could make him more vulnerable to hackers, not less. Al will need to download their standalone uninstaller to get rid of that third party app. Then enable Windows Defender and keep it up to date. But he should remember, no antivirus can protect him from himself.

Am I safe from the VPN Filter hack?

Asus AC3200 Router

Episode 1497

Neil from Phoenix, AZ

Neil is worried that the VPN Filter hack will affect his Asus router because his model isn't protected. Should he be worried? Leo says first thing he can do is update his firmware. Asus keeps their firmware up to date regularly and uses open source DD-WRT firmware. So if there isn't one, he can patch it himself. But Asus routers are great because they update them constantly. Neil should reload the most current firmware, even if he has already updated it. That will wipe out any additional problems.