Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Everyone is up in arms about the app FaceApp and it's privacy concerns. People are concerned because the app will upload your images to a third party server and use them whenever and however they want. Leo says that the server is not in Russia, but is actually Amazon Cloud Services. It also has a boiler plate terms of service that users should pay attention to, that transfers your likeness rights to them to do whatever they want. Period. While technically true, it's also probably true of Instagram, Facebook, and others.
Chris wants to know if he uses the professional version of Microsoft 365 at home, can his company see what he does? Leo says only if you use the corporate One Drive. Courts have upheld that if you use company resources, they have every right to look at your data without warning. So they can spy on you. So it's always best to keep your personal and business stuff separate. So it's wise to use a personal version of Office, just to be sure. Or go with Google Docs or an open source office like Libre Office.
Tucker wants to use a captive portal wifi hotspot, but is it secure? Some are poorly made and can leak your data, others can sell data or even input advertising into it. Is Opera a good one? Leo says it's not exactly a VPN, and by giving away the service, that costs money. So they have to be making money somehow. Also, it's not strictly a VPN, it's a proxy service. One thing that Leo recommends is the Tiny Hardware Firewall. It has a built-in webserver, dual wifi radios, and a built-in hardware firewall.
Ken wants to know if he should make Cortana his personal assistant in Windows. Leo says no. It's more hassle than it's worth and Leo turns it off on all his Windows devices. It's really only worth turning on if the user actually uses it. But it's a huge privacy leak because Windows sends data to Microsoft to make Cortana more useful - LOTS of data. So Leo isn't a fan of that.
Bonnie got an invoice from her travel agent via email, which she was expecting, and now she's having issues. Leo says that's not wise to do because she should never open attachments. But she had to update her PDF reader, and that's when the problem started. She downloaded a suspect version of Reader.
Don wants to use a Yubikey to keep his computer safe online. Leo says that the Yubikey is serious two-factor authentication that enables users to generate a code to offer an extra level of security. It's a physical USB device that spits out a code with a one time password. Leo uses it for his email, Twitter, and a host of other sites online. He wishes his bank would support it. He keeps it on his keychain, using a Type C connector. But he can get a Type A adapter as well.
There's even an open source version called SOLOKEYS, which Leo says is every bit as good.
Duke wants to replace his hard drive. How can he get wipe the drive securely before recycling it? Leo recommends Darik's Boot and Nuke (DBAN). It uses military-grade erasing techniques to completely wipe the drives. What about those computers that aren't running? Leo says to take them out of a non-working computer and use a universal drive adapter by Newertech. Then you can connect it to a working computer and wipe the drive.
Jim ran GRC Shields Up scanner on his router and he discovered that port 443 was open, not stealth. Is he vulnerable? Leo says you have to have port 443 to run on the internet, but it should be in "stealth mode." You'll also want to find out what's using it. NetStat will help you determine that. Wireshark will also do that. His fan is also running a lot. Leo says that may mean your computer is getting hotter. Probably needs to have the dust cleaned out of it.
Tom wants to set up a virtual private network at home. How can he do that? He's worried about getting bit by ransomware. Will a VPN prevent that? Leo says that no. If you click on something, a VPN can't help you. But a VPN will keep your traffic private, so no one can see where you're going. But even then, it has its limitations. While it burrows an encrypted tunnel to where you're going, once you get there, it's no longer encrypted. So you have to trust that where you're going will keep your privacy. And your provider still sees your traffic.
Alice wants to know which remote software to use. RemotePC or GotoMyPC? Leo says that they're very similar and both do the same thing. RemotePC is an advertiser but is half the price of GotoMyPC. And they have a free trial before you buy.
If you have Windows 10 Professional edition, it comes with its own remote access options, but there is a known security flaw in it, and Leo recommends waiting until Microsoft fixes it.