Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Should I use 2-Factor Authentication?

 Net Neutrality

Episode 1572

Joey from San Diego, CA

Joey wants to know if the new Net Neutrality bill will pass. Leo says probably not. The Senate is controlled by one party that isn't in favour of Net Neutrality and the president wouldn't sign it if it did. Their view is that the government shouldn't regulate the internet. But Leo says that while that's true, it's a good idea to have a check and balance on the internet service providers.

Should you use 2-factor authentication? Leo says yes, but Leo isn't a fan of 2FA over SMS text messaging. It's too easy to spoof, but it's better than nothing.

How can I Make Sure my Passwords are Kept Secure?

Krebbs

Episode 1572

Nathan from Spearfish, South Dakota

Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.

Why are VPNs slower?

DashLane

Episode 1570

Tom from Tustin, CA

Tom uses DashLane for his password vault, and wants to know if their new VPN service slows him down. Leo says it can. He's essentially running a computer remotely, and it works with an encrypted tunnel. So, it can cause some latency as it works its way in and out of the tunnel. Not all VPNs are alike either. Some are faster than others, so he should check with DashLane to see how many servers they run. He also wants to be sure they don't log his use. Tom also doesn't like that he doesn't have the option to opt-out after they raised his monthly fee.

Is Kaspersky AVS Software Safe?

Kaspersky

Episode 1570

Mark from Panama City, Florida

Mark wants to know if it's safe to use Kaspersky antivirus software. Leo says that Kaspersky is a great AVS utility, but it has fallen under a cloud of concern because the Russians may have used the software as a spying tool. The US Gov't has banned the use of it as a result. So it's probably best to err on the side of caution and avoid it.

If you need an AVS, Leo recommends using Windows Defender. It's free and comes with Windows 10.

Is backing up to the cloud secure?

VeraCrypt

Episode 1569

Jose from Modesto, CA

The caller wants to know if backing up data to DropBox is secure? He's worried that backup companies have access to his sensitive data. Leo says he can encrypt the data, and he alone has the keys to that. So if he loses it, he's out of luck. DropBox will accept secure encrypted data. If he's looking for a cloud-based encryption backup option, SpiderOak is an option, though it's a bit clunky. VeraCrypt is another.

How do I set up my Helm email server?

Helm

Episode 1565

Neil from Phoenix, AZ

Neil bought a Helm email server on Leo's advice. He also bought a domain through Hover to use with it. This is a home email service, and the idea is that you put your email on a server that runs in your own house instead of trusting a service like Google to handle it. Neil is wondering how to back the device up. Leo says one of the things he gets for $99 per year is that Helm backs it up over the internet. What's cool is that the contents of the email on the local server is encrypted with a key that only Neil has access to. Helm even provides a secure USB key to decrypt the backups.

How can I prevent popup ads when I visit websites?

LastPass

Episode 1564

John from Los Angeles, CA

John is finding that when he goes to a website, he gets an additional window open with an advertisement. Leo says that's called a browser hijack and it's usually caused by an extension he doesn't recognize. John should look in his browser settings and extensions, and then see if there's anything in there he doesn't recognize. Chances are, there is.

Can I use NFC with Yubikey to unlock my data?

YubiKey

Episode 1563

Laverne from Not the Bronx

Laverne made a secondary Yubico key on her network. She wants to know if her Galaxy Note 9 Android phone will unlock via NFC since it has a chip. But she gets an error message. Is it the key, or the phone? Leo suspects the phone isn't seeing the code as it needs to. She could try the YubiKey app that is available through the Google Play store.

Do password managers off shared passwords?

Episode 1560

Ron from Payson, AZ

Ron does some things online where his wife and he have separate passwords, and some where they share passwords. Is there a password manager for that? Leo says that it's called shared passwords and almost every password manager supports that. Basically, you send an invite and share it over as long as they are using the same password manager. LastPass has a Family Password manager. One Password is also a good one.