Brian's doctor is sending him emails that are encrypted. He's supposed to click on a link and then log into GoDaddy to see it, but it doesn't really work. Leo says the doctor is sending the additional security to maintain HIPPA compliance and he's using a third party encryption to do it. Since it's not really accessible to Brian because he's blind, Leo says he should advise them that it isn't working. Leo advises GPG, public key crypto. It uses one key to encrypt, and another to decrypt. Once it's set up, it's outstanding and safe.
Mark finally got a Google Pixel XL, which was on back order. Leo says it's been widely known that they're only available in limited quantities right now. It's likely that the demand exceeded Google's expectation. Mark says he likes the Wi-Fi assistant because it'll automatically connect via VPN. Does it really work? Leo says yes. Phones can be a bit promiscuous with random hotspots. So Google adds an encrypted connection via VPN to protect users. Leo says he doesn't really like joining Wi-Fi access points automatically, so he's turned it off.
Brian is concerned that the more data he creates with his phone and computer, the more data is out there for people to know about him. How can he be more private online? Leo says his mobile phone leaks data in a wide variety of ways, and not even the iPhone is invulnerable anymore. The best way is to just get off the internet. Since that isn't practical, he'll have to compromise and just be careful how he shares data. He should avoid social media. He should remember that his ISP knows everything he does online.
Telegram is an encryption system that many use to keep messages secure. The news is that Russians have cracked it, though. That could impact other apps like WhatsApp, but Open Whisper Systems says that WhatsApp, Signal, and even Facebook are still secure in encrypted mode. Leo also says that if you want to encrypt your email, PGP and GPG are still solid.
Read more at Mashable.com.
James has heard about the Dark Web. What is it? Leo says the "Dark Web" is part of the internet that isn't available to search engines. It's websites that can't be picked up. This includes Tor websites that don't allow for identity on the net. Originally it was used by universities to protect academic and research information. Now it's become a bit more nefarious with use for criminal activities via Tor. How can the Dark Web be accessed? By knowing the web address of the location that is hidden.
Russ is having trouble buying things online. The site he's using won't take his payments. Leo says that's likely due to the browser Russ is using that doesn't support the current SSL encryption standards. Leo recommends using another browser like Chrome. Since Russ is using Vista, Chrome doesn't support it either. It may be time to get a new computer if he wants to shop online.
Chris doesn't know what to do since his Apple GPG tools don't work with macOS Sierra. Leo says that GPG is Gnu Privacy Guard, which is the open source version of Pretty Good Privacy email encryption. You can use any email client with it to encrypt your email. The other side has to be able to decrypt it, though.
David upgraded to Windows 10 and now he can't open any spreadsheet attachment without entering a key. Leo says it sounds like Outlook is blocking the opening of attachments to protect him. This is because of ransomware, which has been triggered by opening an attachment. Ransomware, once opened, encrypts all user data and then asks for money to unlock it. So it's a security feature that it doesn't let him open those attachments. He may be able to disable that in settings, but the IT Department where he works probably has that enabled for a reason.
Rich wants to know how to transfer large files like audio books. Leo says that audio books aren't that big. But Rich still wants to know how he can he securely transfer them to his publisher without them being corrupted or pirated. Leo says that's a common issue. He shouldn't attach it in an email. Rich should send a link to the file that's located on a drive like Google Drive, ShareFile, or DropBox.
Russian President Vladimir Putin signed anti-terrorism legislation, including increased electronic surveillance of Russian citizens. This effectively removes all privacy as telephone companies and internet providers will save and store private communications of its customers and make it available to the government upon request. Phone calls, text messages, and emails will be kept for 6 months, and all metadata will be kept for up to 3 years. This also will outlaw encryption.