security

Why are Yubikeys So Secure as an Authenticator?

Yubikey

Episode 1689

Kevin from Vancouver, BC

Kevin wants to know if the Yubikey is better than other hardware authenticators. Leo says probably not. Hardware is pretty ubiquitous now. And the mere presence of the hardware is key because it's a physical authenticator that generates a one time code that is tied to the physical key. So it's very secure. The worst is an SMS text authenticator. 

Was My Mac Hacked?

macOS

Episode 1687

Dave from Los Angeles, CA

Dave says his 10-year-old Mac got hacked, and his Apple ID password was changed. But he can't use his iPad until he verifies it. So he can't use it at all. Leo suggests wiping the old Mac drive and reinstalling the macOS. Also, change the User ID password. Dave will have to call up APPLE to reclaim it.

When should I replace my mobile phone?

Samsung Galaxy S5

Episode 1686

Richard from Grand Rapids MI

Richard has a Samsung Galaxy 5 and wants to know when he should replace it. He's gone through two batteries. Leo says that a smartphone will become good as new when you put a new battery in it. So that really isn't an issue. The real issue is when the updates stop. When the phone OS is no longer supported because of age, that may be the time to get a new phone. But if you're not installing anything new, you're probably fine for as long as you want. 

Google Bans Zoom on Employee Computers

Google

Episode 1685

Due to security issues, Google has banned the video conferencing software ZOOM from all employee computers.  While Zoom is much easier to set up and use for most people, it does install a web server on your computer, that ends up being left active after you uninstall it. Leo says that Zoom has hired some new security experts in order to shore up their security, and Leo says that's the right move. Until then, Leo recommends JITSI. It uses the browser's WEBRTC feature, so there's nothing to install 

Will my Windows 7 computer continue to work?

Windows 7

Episode 1684

Irene from Dana Point, CA

Is has a Windows 7 computer and is concerned that it will stop working due to the end of life. Leo says no. It'll keep working, and during the crisis, Microsoft continues to update security patches. So you'll be safe for at least the end of the year. It's important to keep your computer updated, especially Windows Defender. Set your updates to automatic. But all that won't protect you against your own behavior online. Be careful what you click on. Don't install a third-party version of flash. Go to Adobe and manually download the updates and use Firefox as your browser. 

Can I record my iPhone calls?

iPhone XR

Episode 1684

Bob from Garden City, MI

Bob wants to know to record his phone calls on his iPhone. Leo says you can't directly. Apple doesn't give you access to the phone app. Plus, there are larger legal issues that may be in play in your state that would require you to secure permission for recording. However, you can use a third-party app calls Record a Call, What's App, and others. There are plenty that requires merging the call. On Android, it's a lot easier. Call Recorder is one.

How can I secure my WiFi router?

TP Link Router

Episode 1684

Bruce from Carlin, NV

Bruce wants to know how he can secure his WiFi router. Leo says to first enter the router address (198.x.x.x) and then change the default password. Then, turn off Administer via WLan. This will prevent someone from the outside controlling your router. Step 3, turn off UPNP (aka universal plug-in play). This prevents a device inside of your network, like an Xbox, opening up your router to the internet when you don't want it to. Lastly, turn on WPA2 security encryption.

Are my older Hue Lights secure?

Philips Hue Lights

Episode 1684

Alan from Charlton, MS

Alan wants to know if Philips Hue Lights would work as lights for a video webcast. Leo says since they can change colors, they can look really good on camera. But he also hears that older Hue bridges are being placed into its end of life. Leo says they are depreciating the older models, but that doesn't mean they won't continue to work. But the problem is, any bulb that is connected to the Internet may result in a security issue for your network. That's the main thing. It's important to get all the patches you can. But in most cases, you'll likely be fine.