In the latest "Pwn2Own" hacking competition, a Korean hacker was able to crack secured versions of all the latest browsers. He not only took home a quarter million dollars, but also the laptops that the browsers and operating systems were installed on. Leo says that all these hackers save up exploits all year long in order to Pwn2Own. And a lone security researcher was able to own IE11, Chrome, and Safari, and he took the whole thing. All the browsers were 64 bit too. This was the largest payout in the history of the competition.
Calling it the first example of state sponsored Cyber Warfare, the FBI says that North Korea was behind the Sony Hack that prompted the studio to drop The Interview from it's release schedule. Leo's not buying it, though. First off, the US has been doing Cyber Warfare for years, as did Israel with the Stuxnet virus that broke centrifuges in Iran's Nuclear program. So it's far from the first.
Leo called in and said his work computer got a virus. Everytime people log onto his website now, they get that FBI symbol. Leo says that hacking websites is the number one way hackers can get onto home computers. It's possible that his work website has been hacked because it isn't up to date and has security vulnerabilities.
NBC's Richard Engle did a story that mobile phones and computers were hacked the second people arrived in Russia for the Olympic Games. Leo says that the NBC story was completely false, and had been faked to get the audience looking at Russia in a particular way. Leo says that they would get hacked if the reporter deliberately went to a malicious site and downloaded the software that would infect the computer or mobile phone. Engle was a thousand miles away in Moscow when he did it.
There's a report that someone sitting at your Mac can fiddle with the clock in OS X and gain access to your system. Leo says that having physical access to a computer can create a lot of security issues. It's something to be concerned about if you're going to lunch and leaving your computer open, but 99.99% of the time, this is much ado about nothing. Just create a screen saver password that's really good, and you're golden. Even better, turn on full disc encryption (called "file vault" on the Mac) and everything is safe until you log in.
Brian has an HD TIVO Series III. Sometimes the show that's listed on the program guide isn't the show that gets broadcast, and it gets recorded. How can he change the name of the program in the metadata? Leo says he may not be able to. TIVO has locked down their DVR to the point where very little, if any, hacking can be done. It's a piracy issue and TIVO is very paranoid about it.
This week, Evernote announced on their blog that they've been hacked. Fortunately, all hackers were able to get was usernames and passwords. So Evernote too the step of resetting everyone's passwords so that they would have to change their password to get online. (this is called hashing and salting).
Leo's favorite information and note taking app, Evernote, has been hacked in what appears to be a coordinated attack. According to the Evernote Blog, "The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption.
Rob was ripped off at a hotel in Arizona and lost several thousand dollars after thieves hacked the electronic lock to get into his hotel room. Fortunately, he was able to get some of his stuff back when the thieves were arrested. Leo says that's why the hotel safe is the best place.