Rick has been getting text messages and his friends are getting text messages from him with a link to a YouTube video on phone hacking. The Apple Geniuses say that's impossible. How can that happen? Has his cellphone been hacked?
Cisco has found a vulnerability similar to the Android text exploit, which could take control of your mobile phone through a text message. Leo says that Apple has released a patch to close the hole before anyone else had discovered it. This affects iOS, watchOS, macOS, and tvOS. Mavericks and Yosemite users don't have a fix yet, though, so those users should disable iMessage until they do. If you can't get past Mavericks because your desktop is too old, turn off iMessages permanently.
Michele bought a Motorola mobile phone and she's worried about the security of it, with Stagefright and other exploits. She wants to return it. But they're resisting the return unless there's a hardware or software issue. Leo says that an opinion that it isn't secure is not a provable fact, even if it comes from an expert.
Greg is worried he's going to be nailed by Cyptowall. If he were to be infected, would he have some warning? Leo says you can sometimes see it happening, but it doesn't give you a warning. It's not instant though, in that it takes time to encrypt the data and if he has a hot backup, always backing up, the encrypted files can infect the backup. Having an offline backup will guard against that.
Google has published news of a new vulnerability in Windows 8 that will allow hackers to create an administrator account and take control of the computer. Google let Microsoft know about it months ago and told them they would announce it after three months if Redmond didn't do anything. There's been no fix, so Google leaked the story as promised. Now Microsoft says they have a fix in the works. Meanwhile, hackers all over the world not only know about it, but Google has provided them with the suspect code to use. Swell.
James just bought a new computer and he's concerned that Microsoft Security Essentials won't be good enough. Leo says that Microsoft Security Essentials works just fine, but he will have to keep it updated and constantly patch Windows. If he's not patching Windows with updates, even Essentials won't be able to protect him completely. Other things he can do is:
Root Pipe and Wire Lurker are two new vulnerabilities hitting computers. Root Pipe is hitting OS X but Leo says it can only be activated by someone sitting at your computer, so it shouldn't really be a huge cause of concern. Meanwhile, the Nigerian scam has been reported to have caused over $12 Billion in loses last year.
Meanwhile, a new report says that consumers are reaching "breach fatigue" over all the security breaches that have happened of late.
Kathy thinks her Mac got hacked. She gave a support line remote access to her Mac and she's worried she got hacked. Leo says that if she didn't give them her credit card, chances are she's OK. But if she wants to be sure, she can download Little Snitch. It'll observe her computer activity and let her know if it does phone home or let someone remotely access it again. She should also turn on her software firewall.
OpenSSL is a widely used protocol for providing secure internet traffic. The "Heartbleed" bug takes advantage of a hole in OpenSSL to peer into the memory of SSL servers. It can allow a hacker to ping 64K of random memory repeatedly, thereby allowing them to glean usernames and passwords, and even fake a server certificate.
Mark hears that XP will stop being supported. Leo says yes, on April 8th Microsoft will release it's last security update. So what would be his options after that? He's on a budget and can't buy a new computer. Leo says that Linux is a good option, and it's often more secure. Leo says that Mark could also just continue to use XP if he takes steps and knows what he's doing.
Here's what Mark can do: