If you're wondering if TVs are secure, they are! Just don't connect them to the internet! It sounds simple, but the temptation can be real for those who want to use apps to go online. If you keep the television offline, it can't secretly watch you (assuming the company behind it is shady). Get an Apple TV or Roku device, which are kept up to date. If your TV gets infected, the issue can even bleed into your network...which would be a huge problem.
George is being billed hundreds of dollars by Apple that he didn't authorize. He tried changing the credit card, and they just resubmit the bill. But he doesn't get an email from Apple letting him know the charge is being made. Leo advises going to your iTunes store account settings and look at your purchase history. It will also show subscriptions. The itemized purchase history, though, will enable you to track down where the charges are coming from. It may also be in-app purchases that are causing it and you can remove those.
A new bipartisan bill will greatly expand the surveillance state by giving government the power to decrypt anything. Leo says that the Graham Blumenthal EARN IT Act will end any notion of privacy that we have. It's happened in Russia, Australia, Sweden, and now the US. It'll also be interesting how it will affect the new iPhone.
Gail is planning a trip for a family reunion using AirBnB. She ran into an issue where she needed to provide a copy of her ID in order to rent. Leo says that's due to issues of fraud and theft. Many online sites are now requiring proof of identity. And the information is public record. So it's not like they can't find out who you are. The question is, do you trust AirBNB to keep your information private. If you don't, then you shouldn't. But Airbnb doesn't want to damage their reputation. Then again, breaches of security happen often.
Andy wants to know really, what are the pluses and minuses to being so connected to the internet. Leo says there is a trade-off. The bonus is, we have access to just about every piece of data we need. The downside is, we sacrifice privacy as online services know everything about us. But just how invasive is that? They don't know everything about us, just activity. So while the privacy angle is complex, it's also overrated. Targeted ads aren't bad if they're useful
This week, Senators sent a letter to Facebook telling them to respect user privacy, especially when they request not being tracked. Turns out, even if users opt-out of being tracked, Facebook has been doing it anyway. Leo says that while he chooses to opt-out of having his online activity tracked, he understands that Facebook is a free service and they do have to pay the bills with targeted ads. But shouldn't they respect when someone doesn't want to be included?
Looking at Internet of Things phenomenon, the Portland FBI issued a blog post talking about how connecting your computer to the same network as your internet-enabled refrigerator could pose a security risk. They advise changing the device password settings from the default, make them as long as possible and unique. Leo says that it's not practical to have a separate connection for your IoT devices. But regularly updating your devices and giving them a good password is a good idea.
Jeff is concerned with the current state of online security. So many companies are taking security for granted. They send software passwords in an email and other foolish acts online. Leo says that the CTO should know better. But Leo also admits that security is hard, and there's no such thing as perfect, bulletproof software when it comes to security. Inevitably, the software will get flaws, as they get updated. But a lot of the software has dumb mistakes that slip through due to arbitrary deadlines.
Leo says that many are complaining that big tech is far too intrusive and is destroying our privacy. But Leo says that this is largely overblown with people acting like "privacy puritans." A lot of it can be mitigated by Big Tech keeping our data secure and coming out with an accurate and truthful privacy statement for all to see. If we give up some data privacy for free services, Big Tech should treat it as a public trust, and give customers the right to opt-out.
Jay is being bothered by third party cookies and notifications. Is that still a security risk? Leo says that websites don't want to wait for you to come to them, they want to push their content to you. Leo always says no by default, and he also recommends browsers like Firefox and Brave, that will globally say no to notifications. It's in their app settings. Cookies, by contrast, get a bad wrap. Cookies aren't really dangerous. They basically save settings so when you return to a site, you don't have to enter your password again.