Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
This week, Senators sent a letter to Facebook telling them to respect user privacy, especially when they request not being tracked. Turns out, even if users opt-out of being tracked, Facebook has been doing it anyway. Leo says that while he chooses to opt-out of having his online activity tracked, he understands that Facebook is a free service and they do have to pay the bills with targeted ads. But shouldn't they respect when someone doesn't want to be included?
Dave has a Windows 10 PC running Windows Defender as his antivirus. Is that a good idea? Leo says yes. Defender does everything you need it to do, as long as you keep it updated. But AVS software can also give you a false sense of security. The last line of defense is your online behavior. That means avoiding clicking on links or opening attachments.
This is creepy. A hacker managed to hack into a ring camera placed in the bedroom of an 8-year-old girl, and then pretended he was Santa Claus talking to her. RING said it wasn't a breach in Ring's security, but was due to the parent not using a unique user name and password. She used the same one as for other things, making it really easy to breach. Leo says that hackers can read a unique signature for internet enabled cameras and then can use that login to brute force it open. Leo says to stop reusing the same password. That's a recipe for calamity.
Brett is worried he's been hacked. He used UNRAID to create his own Network Attached Storage. But he recently got a message that he had 114 login attempts on his network. Leo says that it is very common. Any server that is online and attached to the internet will be attacked. Mostly by a bot that is programmed to look for servers online. Make sure you have security features that only allow logins from approved regions, IP addresses, or from your work. There should also be a feature that will lock out an IP address that keeps trying to log in.
Looking at Internet of Things phenomenon, the Portland FBI issued a blog post talking about how connecting your computer to the same network as your internet-enabled refrigerator could pose a security risk. They advise changing the device password settings from the default, make them as long as possible and unique. Leo says that it's not practical to have a separate connection for your IoT devices. But regularly updating your devices and giving them a good password is a good idea.
Joesph is getting popups. Leo suspects that there's adware installed on his computer, and you can go through add/remove programs to uninstall whatever you don't recognize. Look for browser extensions, as well. You can also run the Windows Malicious Software Removal Tool and Windows Defender to get rid of any malware.
Jeff is concerned with the current state of online security. So many companies are taking security for granted. They send software passwords in an email and other foolish acts online. Leo says that the CTO should know better. But Leo also admits that security is hard, and there's no such thing as perfect, bulletproof software when it comes to security. Inevitably, the software will get flaws, as they get updated. But a lot of the software has dumb mistakes that slip through due to arbitrary deadlines.
Leo says that many are complaining that big tech is far too intrusive and is destroying our privacy. But Leo says that this is largely overblown with people acting like "privacy puritans." A lot of it can be mitigated by Big Tech keeping our data secure and coming out with an accurate and truthful privacy statement for all to see. If we give up some data privacy for free services, Big Tech should treat it as a public trust, and give customers the right to opt-out.
Jay is being bothered by third party cookies and notifications. Is that still a security risk? Leo says that websites don't want to wait for you to come to them, they want to push their content to you. Leo always says no by default, and he also recommends browsers like Firefox and Brave, that will globally say no to notifications. It's in their app settings. Cookies, by contrast, get a bad wrap. Cookies aren't really dangerous. They basically save settings so when you return to a site, you don't have to enter your password again.
José would like to be anonymous online. How can he minimize his online footprint with Mac addresses? Rich says that most systems are encrypted now, and Google is pushing all websites to update to https. So your traffic gets more encrypted. If that's not enough for you, then randomizing your Mac address is a good way to do it. In iOS 13, for instance, Apple devices generate randomized Mac addresses while online. That's a good way to keep yourself protected. You may try using a VPN, or you can browse privately.