Lex uses Windows Defender, but he came across a thumb drive and wants to check it to see if it's safe to use. Leo says he really can't. If he plugs it in, and it's infected, it will compromise his system. Firmware can be modified on a thumb drive to contain malware as a payload, and it's undetectable. The worse part is not one USB drive manufacturer has done anything to correct the bug. Wired has a story on it.
Tony wants to know how to check to be sure the ISO of open source software is legit. Leo says that an ISO is found to be legit by signing. A hash has to be generated in order to provide proof of a legitimate ISO. If the ISO has changed, then the hash would be modified. There's also a signing key, which is based on GPG encryption. It has to be authenticated by the developers of the software.
Anne got an HP Envy wireless printer. Can she use it with an XP Machine? She keeps getting a popup asking for a driver update for something called "Slim Cleaner." Leo says that XP is a security issue because Microsoft has stopped supporting it. There are no fixes for it, and newer hardware won't work quite right with it because manufacturers don't expect people to use it with such old computers. Leo would not recommend banking on an XP machine. When she bought Slim Cleaner, someone actually took over her computer as well. So now there's no way to know exactly what they may have done.
Cheryl wants to know if she can get infected by HTML email. Leo says yes. That's why she has to be careful what links she clicks on. But since she's using an iPad, she's protected. She can't get infected on that. Apple's iOS is very secure. But it's always a good idea to train herself not to click on links. If she gets an email from her bank for instance, she should just go to her browser and go directly to the bank's website.
Last week, Samsung turned off Windows Update because they were unable to bring new drivers to the party. Leo says that is a horrible idea and that Samsung is causing serious security issues in doing that in their Windows machines.
Read more at theguardian.com.
Calling it a "high threat to its computer security," Microsoft's antivirus software will now scan for and remove the ASK toolbar, should you get stuck with it. In other news, Yahoo has entered into an exclusive agreement with Oracle to make Yahoo the default browser for any computer that has Java installed. Leo calls that Malware since users are fooled into installing it. Even worse is that Java is a security flaw as well. Yahoo's CEO Melissa Meyer should know better.