Dan signed up for a VPN recently, and he can't use it with his banking, Netflix or other apps. Leo says that the bank is probably blocking it. VPNs can break IP-based authentication. BBC iPlayer, for instance, blocks VPNs, because you're not paying for the TV license fee. Netflix does it because it doesn't want another region to be watching content that isn't available for licensing reasons. Banking activity is encrypted, so you don't really need a VPN for it. Google has also been pushing for HTTPS encryption with every site, so if every site is encrypted, there's no real need for VPNs.
Ed is worried that his passwords can be read when he logs into a website. Leo says that's largely why Google is now requiring all websites to be updated with encryption via https. What about apps that use TouchID? Leo says that they are likely supporting encryption too. Leo says that with https everywhere, we are far safer than ever.
Michelle wants to know of a secure way to listen to podcasts and live audio streams. Leo says that if you're listening to TWiT, you can go to twit.tv/live. It's secure from every source. Leo says to check to be sure your browser is up to date. That could be the issue. But streaming should be very secure. In fact, Google is pushing for all sites to be https compliant. So if the site isn't https compliant, that could be an issue. Those certificates are based on dates, and if your computer's date is off, that could indicate a certificate is out of date when it really isn't.
Mark hears that Public Wifi may not be safe. Is that true? Leo says yes and no. When we're on a public network, people can see our connection. We can see other people's computers in our browser. We may not be able to see everything, but a hacker can use what's called a "WiFi pineapple." So there is a potential risk. But with a secure connection via HTTPS, they can't really see anything. That's why Google is pushing hard for every website to be https. That's why it's Leo's opinion that we're mostly safe. When in doubt, just use a virtual private network while on a public wifi.
Beginning in July, if your website isn't secure (with an https url), it will warn anyone coming to your site that it isn't. It'll start in Chrome with a warning that "this site is insecure." Leo says it will start with a shaming technique of just a warning, but eventually, it will start bouncing any site that doesn't comply.
Michele has an eCommerce site and she has to buy a secure encryption certificate for https. Leo says there's free certificates at a site called LetsEncrypt that can help with this. But her ISP will have to install them. Extensive or Wildcard certs are harder and have to be bought. Leo recommends DigiCert.
Bruce wants to know if his friend's website should be using a VPN for secure web access. Leo says that he can, but the first thing web sites should be doing is running a secure site with https. Amazon uses an extended SSL certificate which has a green bar so that it's even more secure for eCommerce. Using a VPN like HotSpot VPN or Tunnel Bear can give him a secure and ecrypted tunnel to a server.
David wants to know about Tunnel Bear. Leo says that Tunnel Bear is a virtual private network or VPN, which essentially burrows a digital secure tunnel in the internet. Is it secure enough to bank with or should he just trust "https"? Leo says both are very similar. The difference is that https activity cannot be seen by anyone, but they can see that he's been online. It can also be probed, whereas VPNs are tunnels that encrypt all of the traffic. no one could see anything. It's more security, but similar security. It's up to David.
John has been given some YouTube links that have "https" in their URL, and he can't view them. Leo says that those links are encrypted and Google has been pushing towards https for all video links to prevent hackers from taking advantage of it. Https uses a time-based certificate, and if his computer hasn't been updated or doesn't remember the date, he may not be able to read it because the certificate isn't valid according to the PC. John should check his clock. He should try logging into a different account and see if that changes things.
Ashley's having an issue signing up for Obamacare. His daughter signed up for the insurance through Covered California, and they sent her a letter saying they don't believe she really is who she says she is. They want her to scan her birth certificate and email it over the Internet. Leo says that authentication is one of the core problems with a lot of things, and is the target for identity thieves. Leo says that if it's being sent through the Covered California website, chances are it's encrypted and safe.