Some news came out recently of computer security firms that there's an unfixable security flaw in Intel Processors.
security and privacy
Tom wants to know how a VPN can be secure or even fast if it has to cross ISPs. Leo says that is a good question. Leo says that a good VPN will have little latency, but the larger question is, who is running your VPN? That's who you're trusting with your privacy and security.
Ding got a notification recently about a Zelle transaction and wants to know if his bank account has been hacked. Leo says that unless they have your bank information, they can't. Signing up with an email account won't really do anything. But if one suspects something has happened, it may have been a keystroke logger or someone that stole information, but it's unlikely. If he is running Windows 10, then he should run Windows Defender, updating it regularly. There's no need for a third party AntiVirus. And he may want to change the bank account, demanding 2-factor authentication.
Mark is concerned that Motorola mobile phones aren't secure since Lenovo, a company from China, now owns it. Leo says that while China has raised the standard of living of most of its people, it's been at a terrible cost of freedom. Also, China has stolen much intellectual property in the last few years. But the ability to manufacture electronics cheaply in China has been beneficial to everyone. But if you're going to use a mobile phone, it's going to be made in China, no matter what brand it is.
Jeff is concerned with the current state of online security. So many companies are taking security for granted. They send software passwords in an email and other foolish acts online. Leo says that the CTO should know better. But Leo also admits that security is hard, and there's no such thing as perfect, bulletproof software when it comes to security. Inevitably, the software will get flaws, as they get updated. But a lot of the software has dumb mistakes that slip through due to arbitrary deadlines.
Bruce can't get the latest Windows Update 1903 on his HP laptop. Microsoft says that this BIOS is too out of date and as such, it'll fail and roll back. Is there a way to block it so it won't keep doing it? The problem is, that Microsoft has stopped supporting 1803, which is where Bruce is stuck, and as such, he won't get security updates starting at the end of the year. That's a real concern. He tried putting it on a metered connection and that does stop it, but he's worried about security. He still wants the security updates.
The mobile app called FaceApp is causing concern with privacy advocates, and even members of Congress because people are concerned that their photos are being uploaded to servers in Russia. But the developer, who worked for Microsoft when he got the idea, assures that all photos are uploaded to Amazon cloud servers. The bigger concern is that the terms of service grant FaceApp the ownership of your likeness forever. Leo says, though, that it's just legal-speak that's written in the broadest possible terms.
Jim ran GRC Shields Up scanner on his router and he discovered that port 443 was open, not stealth. Is he vulnerable? Leo says you have to have port 443 to run on the internet, but it should be in "stealth mode." You'll also want to find out what's using it. NetStat will help you determine that. Wireshark will also do that. His fan is also running a lot. Leo says that may mean your computer is getting hotter. Probably needs to have the dust cleaned out of it.
Hackers somehow got ahold of a malware exploit that was developed by the NSA and used it to attack the city of Baltimore. The malware, a ransomeware exploit known as Eternal Blue, was taken home by an NSA contractor, and Leo says that Kaspersky antivirus quarantined the malware and then sent it to the home office in Russia.
Marie wants to know an alternative to Gmail. Leo stopped using Gmail because of their invasive ads, but the other side of the coin is that Gmail has the best spam filters of all. Leo moved to FastMail, so Marie can use Gmail to initially filter her emails, and then forward the rest to FastMail. Then she can run the secondary SPAM Sieve there.