Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Is my new router safe online?

Eero Mesh Routers

Episode 1658

Charlies from Virginia Beach, VA

Charles got a new Eero mesh router all set up (Eero is a sponsor of the TWiT Network), but now he gets a warning that his router can be seen online. Leo says that the best thing a router can do is be invisible by not responding to any online queries. It's called Stealth Mode. That's what GRC's Shields Up will test. Most routers have PING turn on by default. But you can turn it off in the security settings. Also, turn off universal plug n play and file sharing. 

Should I use a password manager?

LastPass

Episode 1658

Craig from Venice Beach, CA

Craig is looking for a password manager and wants to sign up with LastPass (A sponsor of the TWiT Network and Studio). But is there anything special he has to do? Leo says that a password manager will not only store all your passwords, but it will also generate them for you. All you need to remember is the master password. Other options are One Password, Dash Lane and Bit Warden. Once you get LastPass all setup, you want to turn on 2 Factor Authentication so that if someone tries to break into or have your password, there is a second way to authenticate that will protect you.

Has My Bank Account Been Hacked?

Zelle

Episode 1654

Ding from San Rafael, CA

Ding got a notification recently about a Zelle transaction and wants to know if his bank account has been hacked. Leo says that unless they have your bank information, they can't. Signing up with an email account won't really do anything. But if one suspects something has happened, it may have been a keystroke logger or someone that stole information, but it's unlikely. If he is running Windows 10, then he should run Windows Defender, updating it regularly. There's no need for a third party AntiVirus. And he may want to change the bank account, demanding 2-factor authentication.

Congress Tells Facebook to Respect User Privacy

Facebook

Episode 1654

This week, Senators sent a letter to Facebook telling them to respect user privacy, especially when they request not being tracked. Turns out, even if users opt-out of being tracked, Facebook has been doing it anyway. Leo says that while he chooses to opt-out of having his online activity tracked, he understands that Facebook is a free service and they do have to pay the bills with targeted ads. But shouldn't they respect when someone doesn't want to be included?

Is my computer safe with Windows Defender?

Windows Defender

Episode 1653

Dave from Crystal River, FL

Dave has a Windows 10 PC running Windows Defender as his antivirus. Is that a good idea? Leo says yes. Defender does everything you need it to do, as long as you keep it updated. But AVS software can also give you a false sense of security. The last line of defense is your online behavior. That means avoiding clicking on links or opening attachments.

Hacker Uses Ring Camera to Pretend he's Santa, Talking to a Child

Ring

Episode 1652

This is creepy. A hacker managed to hack into a ring camera placed in the bedroom of an 8-year-old girl, and then pretended he was Santa Claus talking to her. RING said it wasn't a breach in Ring's security, but was due to the parent not using a unique user name and password. She used the same one as for other things, making it really easy to breach. Leo says that hackers can read a unique signature for internet enabled cameras and then can use that login to brute force it open. Leo says to stop reusing the same password. That's a recipe for calamity.

Can my NAS be hacked?

Unraid

Episode 1651

Brett from Tacoma, WA

Brett is worried he's been hacked. He used UNRAID to create his own Network Attached Storage. But he recently got a message that he had 114 login attempts on his network. Leo says that it is very common. Any server that is online and attached to the internet will be attacked. Mostly by a bot that is programmed to look for servers online. Make sure you have security features that only allow logins from approved regions, IP addresses, or from your work. There should also be a feature that will lock out an IP address that keeps trying to log in.

FBI Office Determines Refrigerators are an Online Security Risk

FBI

Episode 1650

Looking at Internet of Things phenomenon, the Portland FBI issued a blog post talking about how connecting your computer to the same network as your internet-enabled refrigerator could pose a security risk. They advise changing the device password settings from the default, make them as long as possible and unique. Leo says that it's not practical to have a separate connection for your IoT devices. But regularly updating your devices and giving them a good password is a good idea.