Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
2018 brought about the news that every processor built in the last ten years have a flaw in them that could give hackers access to sensitive data. Initially believed to affect just Intel processors, the latest is that this affects every single processor made, regardless of platform.
The flaws utilizes a technique called "processor speculation," which enables the processor to speculate what the user will do next in order to accelerate performance. But the feature also gives hackers access to sensitive L2 cache data like passwords. It's especially true for networks.
The latest exploit "Spectre" affects every single chip made in the last ten years. At first, security researchers thought that the exploit only affected Intel processors, but it turns out this hack also effects ARM, AMD, and any other processor that uses speculative prediction. The white hat hackers who found the flaw discovered that you can use it to access valuable data including passwords and other information. Leo says that Microsoft has already pushed out a fix, and Apple's High Sierra has patched the vulnerability with a recent fix. Apple has also patched the iPhone and iPad.
According to a recent study funded by Google, 15% of users have reported that their email or social media account was taken over due to phishing scams. Leo says that over 25 million users were bit by an email phishing scam, while about 35,000 were victim to keystroke loggers. Leo says that this is the season for scams and that users may get emails from the "IRS" or even phone calls demanding personal information. It's always a scam and users shouldn't fall for it.
There's a botnet called "Reaper" that has been growing at an alarming rate. It's a network of compromised devices, mostly routers, that is likely in the millions. We don't know who is doing this, or who's controlling it, and we can't stop them from doing it. It's sophisticated enough that it could be a nation and not just an individual. We still have no idea what it could be used for, either.
Dean installed Norton but he's having trouble with it. Leo says that Windows 10 has Defender built in and it's probably running. Antivirus software won't work well when there's more than one antivirus installed. So Dean should remove the Norton one with the Norton Remove tool. If he has trouble using the removal tool, he should run in Safe Mode with Networking. That will prevent additional drivers from loading and should make it easier to remove it. He should also make sure he uses the right removal tool. Norton has several different ones depending on the utility it is.
Carlos wants to know about biometric behavioral passwords. Leo says that the idea has been around for awhile. Google uses gate analysis to know if you're the one holding the phone. It could be the future.
Tom wants to know where he can find a YubiKey, and whether or not it's accessible for the blind. Leo says they are accessible, and he can get it at yubico.com. This is a little USB device that plugs into a USB port, and the computer sees it as a keyboard. The YubiKey will light up, and then press the button on the key. Just make sure the cursor is in the correct field that it will need to fill, and it will fill in the password. This doesn't work for an iPhone, however, because it doesn't have a USB port.
Joe wants to know about the Tiny Hardware Firewall. Leo says it's a clever solution for those who want to use open Wi-Fi hotspots safely. Tiny Hardware Firewall will give him an additional layer of protection by encrypting all of his Wi-Fi traffic with a virtual private network. Leo adds that it also adds another layer called the Black Hole Cloud service which gives users their own cloud server. This makes it lightning fast. The Tiny Hardware Firewall is about $35, plus a fee for their VPN, which could be about $100 a year.
Avast/Piriform has confirmed that its popular CCleaner app has been infected with malware for the last several months and that users who have used it may have had their computer's compromised. Avast says they believe that they've fixed the problem and that no users have been harmed by the hack. But Leo says he worries about the term "we believe," and this is yet another reason why using these kinds of apps to protect yourself gives you a false sense of security.