security

Mario works at a government agency that has stiff security. He uses LastPass (a sponsor of the TWiT network) on his devices and wants to know if the government can see his data or his passwords? Leo says it's possible. They may have key loggers or screen readers that can see your activity and certainly monitor your online activity. He wouldn't be surprised if they have custom certificates that allow them to snoop, even if you're using encrypted security. But LastPass probably keeps Mario's activity safe. 

Michael's apartment WiFi network security is wide open, with logins based on the apartment numbers and the office phone number as the password. And they won't allow him to change his password. The best solution is to lobby the apartment management to allow him to change the login password.

Rick posted a few pictures on Facebook, and he sees one picture with a caption he didn't add to it. How did that happen? It also seems to come from a group he isn't a member of, rather than from himself. Leo says that Facebook makes a group of your account automatically so you can share images. So that's probably the group he's seeing. You can also add filters or frames that can be added. It's possible it was added by accident. Check the picture and see what the privacy settings are. If it's public, you may want to change it to friends only.

Caller allowed a third party that handles support for her company, to install ConnectWise on her private computer. Is that safe? Leo says that if your company has farmed out IT support to a third-party, it's unlikely that third-party is going to lose that business by compromising your personal data. But her devices are all connected. Can she revoke it? Leo says that you can uninstall ConnectWise and remove that access. 

After getting a phishing scam email, Karen ran a malware scan with Windows Defender and it found a "severe threat" called a Trojan-Downloader. Windows Defender blocked it, but is she still compromised? Leo says that everyone gets those, and it's not a side effect of a virus on your system. So if Defender found one and blocked it, you're safe from it.

John is worried that his identity will be stolen, along with his money, if he does online banking through his browser. Leo says that browsers are equally secure, as long as they keep getting patched on a regular basis. The issue isn't the browser, it's the system itself. The weak link in the chain is you. If you get an email that seems to be from your bank and you click on the links inside, it's likely a fake and your login has been stolen due to a phishing attack. That's the kind of thing that can happen. Banks will never email you. Keep that in mind.

Sundeep wants to know if GoToMyPC is better than Microsoft's own native remote desktop. Leo says that if you have Windows Pro, remote desktop is free. But Windows remote desktop has a number of significant flaws that represent a serious security issue for users. One magazine even said that "it's time to disconnect Remote Desktop from the internet. You also don't want to use it "bare" on the internet. You need to use a VPN or proxy server. So Leo advises not using Remote Desktop. Use a third-party service like GoToMyPC.