Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
There's a bug in iOS14 that notifies everyone in your contact list what is in your clipboard. 56 apps are getting the data from your iOS clipboard and then passing it along to others. Leo says it's a common tool in app development to access the clipboard, but the bug is making it sharable.
Meanwhile, LinkedIn is getting sued for sharing the contents of the clipboard as a violation of California's new privacy law. Linked in claims it was all done unintentionally, and Leo believes that's the case.
Jim wants to know if Windows Defender is sufficient to protect his Windows machine against malware. Leo says yes and now. You are your own last line of defense and your online behavior can undo the hard work Defender does to protect you. Don't click on links in an email. Only get your software from original vendors. Keep DEFENDER and Windows 10 up to date.
Defender is as good as any other antivirus, but safer since it's designed specifically for Windows.
Ed is worried because he got a warning that his data has been found on the dark web. What can he do about that? Leo says you can't really do anything. Data breaches happen all the time. You can change all your passwords, and Leo recommends doing that with your bank, and if your credit card number has been compromised, you can change that. But in most cases, the dark web compromise is mostly your email address, and that's it.
Check out HaveIBeenPwned.com to see if your email information has been grabbed.
John has LastPass, but he's lost his master password. He's sent a password reset to LastPass, but is he screwed? Leo says that LastPass (a sponsor of the TWiT Network) can't reset your master password or give it to you, they don't know it. But there is a way to recover your lost master password.
Pete heard about a device to keep his iPad private called NextDNS. Does it use a VPN? Leo says that DNS is essentially the internet address system in IP numbers. DNS is the phone book for it. NextDNS bypasses your ISP so that they don't know what you're browsing on. It will encrypt the traffic to NextDNS and back. But your browser is still visible. The thing about VPNs is that they are a tunnel that encrypts everything and slows things down. Leo uses NextDNS on all his devices, but you'll go through the free tier pretty quickly. But it's not very expensive.
Daisy is a teacher, who is now doing distance learning with her kids and she's having issues logging into her district Gmail account. She gets a google sign-in page that opens when she goes to Google Hangouts. She now can't get into her account. Leo suspects that is a phony phishing scam that has gotten her credentials and then locked her out. Leo suggests contacting the district IT office and have the password reset and 2-factor authentication set up so that it won't happen again.
Dino uses a label program to create address labels. But after an update, it stopped working. Support wants him to uninstall the Adobe Flash Security option. Leo says that's a problem because flash is a security issue itself and turning off the security app makes you vulnerable. Leo also recommends exporting out data and then finding a better label program.
Dave is moving his password vault to LastPass (who is a sponsor of the TWiT Network & TWiT Studios). Is there a way to import it? Leo says that if you can export your vault to a CSV file, then LastPass can import that. But he aware that once you export that vault into a CSV file, it's unencrypted. But that's the way to do it.
Bill noticed his cable bill was higher than it should be. So he tried to use the online chat feature to get support. About an hour later, he discovered that his password had been changed by the support people, and he also learned that his account was hacked by the support person. Leo says that Bill should report them right away. He did and has not received any reply. What's his next step? Leo says that what Bill will want to do is go to all his accounts that use that email and reset passwords. It's a hassle to be sure, but a must.
Falling by one vote, Congress failed to pass protections that would prevent government officials from accessing your personal browser history without your knowledge or consent. And there is no warrant required. Now they can just go straight to your provider and ask for it. Leo says time is ideal to start using a virtual private network (VPN).