Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
T-Mobile has admitted to a recent security breach that compromised the personal information of millions of its customers. The hacker who did it told the Wall Street Journal that their online security was awful and gave him unlimited access for over a week to customer data, including social security numbers and credit card information. Leo recommends every TMobile customer put a fraud alert on their credit account. It's free. The other option is a credit freeze, which will prevent any new credit from being taken in your name. The downside is, it'll prevent you from getting credit either.
Tom is concerned about contract tracing through his mobile phone. Leo says that he has no problem with contact tracing, but what Apple and Google use through mobile devices doesn't really work. But they're also not turned on by default, they don't do anything unless a contract tracing app is downloaded and installed. So don't worry. They don't invade privacy.
Lisa hears that her company Wi-Fi is monitored. Leo says that her company has a legal right to monitor her online activity, so it's not private. But if she can use a VPN or is on an encrypted site, they can't see specific data, they can just know she's online. Be sure to be familiar with company policy when using the company's internet network and what potential consequences are. Can they put software on her phone or laptop? Leo says only if they own it. They don't have the legal right to put it on her personal property.
Penny keeps getting a popup that is warning them she has a virus and should update McAfee AntiVirus software, which she says she doesn't have. Leo says never click on a link from those popups. Leo says that Penny may have McAfee on her computer as trialware and not know it. So make sure to remove it, if it's there. Use the official McAfee Uninstaller here. It could be malware since it wants her to click on a link. That's a red flag.
The classic router botnet virus Mirai is back, and it's infecting routers to create a denial of service attacks with 17.1 server requests per second. The fix is to reboot your router. But even then, it's easy to get reinfected. Thus, Leo says to reboot it regularly.
John is getting a message asking for his BitLocker key. He's never turned it on. Leo says that BitLocker is a Windows encryption app, and it uses certificates to unlock and lock it. It sounds like John may have turned it on during setup without realizing it. If he didn't make a backup copy of the certificate, and he loses it, he may be in trouble. But it does offer to save the certificate to a Microsoft account, so look there to see if the cert is there.
Billy has suddenly been having issues with his printer/scanner since the latest macOS Big Sur update. Basically, he gets an error that he doesn't have permission to run the app. Leo says that's Apple's new Gatekeeper security feature that will only allow him to run apps only from the App Store or approved by Apple. There is a workaround though until Apple puts out a fix. Here are the steps:
Cindy thinks her computer has been hacked by someone she knows. She sees the mouse move around on its own. Leo says if you've given someone physical access to your computer, then it's time to start over by backing up the data, then reformatting your hard drive. Then you can reinstall the operating system and start over. Leo also recommends resetting your phone if they had access to that as well.
Rick wants to know what's the best password vault to use for the money. Is there really a difference security wise? Leo says that LastPass is the one he has used in the past. But his current favorite is an open-source one called BitWarden (a sponsor of the TWiT network). There's also OnePassword, RoboForm. No matter what you use, let the password manager generate the new password.
Hackers are bragging that they have breached the servers of T-Mobile and have managed to grab the customer data of over 100 million customers, including social security numbers, driver's license numbers, IMEI data, and more. And they are selling it. T-Mobile says they have plugged the break and are "investigating" it, but Leo says this is a mess for T-Mobile if proven true. And according to experts who have seen samples of the data, it looks legit.