With the 113th Congress winding down at the end of 2014, members have decided to do nothing to revise the privacy provisions of the Patriot Act, allowing the National Security Agency to collect data on Americans. Leo says that tech companies are no better. There are a few companies that are going with open source encryption of messages, like Facebook, WhatsApp, and the Google Nexus 6 is encrypted by default.
Dennis is vacationing and he's concerned about privacy on the public hotel Wi-Fi. Leo says that's when a Virtual Private Network, or VPN can come in handy. It's like a tunnel through the internet that is encrypted and nobody can see his traffic. But it will be a little bit slower. He uses TalkaTone and wants an encrypted phone line. Leo says it's a good option, but he also recommends RedPhone. It has end to end encryption.
News broke this week of the U.S. Marshals Service program that's been ongoing since 2007 to gather information from Americans' cellphones. It uses small fixed-wing Cessnas equipped with 'dirtboxes' that imitate cell towers to get identifying information from citizens. According to those familiar with the program, these planes make regular flights and can scoop up data from tens of thousands of phones in densely populated areas. The program is meant to locate individuals under investigation and fugitives, but it collects information from all cellphones.
David wants to talk about privacy of his cellphone. He's worried that Uncle Sam can snoop on him. Leo says that he has good reason to worry because government can get metadata from phone calls with a simple pen registry request that only costs $1.50 and doesn't require a warrant. Can Google Voice be a better option? Or encryption?
Leo says that behavior that gets the NSAs attention will motivate them to follow him more closely. The problem is, legislation like the Patriot Act encourages government to do whatever they can to live up to the spirit of "never again."
James just bought a new computer and he's concerned that Microsoft Security Essentials won't be good enough. Leo says that Microsoft Security Essentials works just fine, but he will have to keep it updated and constantly patch Windows. If he's not patching Windows with updates, even Essentials won't be able to protect him completely. Other things he can do is:
Concerned Consumer is worried about his email being shown while he's using an ATM. He says that's a violation of privacy. Leo says there's no reason to show his email, but it's not the worst thing in the world to happen. The bank really shouldn't display it, though. They can easily asterix out most of the address. It's a very easy fix and it shows that the bank doesn't care that much about privacy.
Jessie says that bendgate reminds him of the HTC GFlex and it's hillarious that this is so much ado about nothing. Leo agrees, saying that this is the dark side of the internet to make folklore turn viral. And thanks to Consumer Reports who demystified the whole urban legend of Bendgate and showed that anytime you make millions of something, you're going to get a handful that are mistreated. The internet just amplifies that.
Leo says yes, this is true, but it isn't something to worry about. Both Apple and Android require that developers request permission to do things on the smartphone. Apps can request to have access to the phone dialer, texting, microphone and more. It does cause concerns among users primarily because they don't know why these apps are requesting such permissions. For example, in order to use Facebook Messenger to make a phone call or send out a text, the app needs access to the phone's operating system to do it. Otherwise the app won't have that functionality.
With the breaking news that several celebrities who had their cloud accounts hacked and nude photos published on the internet, Leo says that this underscores the need for second factor authentication. Companies use secret questions so that you can answer them and get your password or reset it. But Leo says that people make the mistake of answering these questions truthfully. And for a celebrities, that's very easy to discover. Leo uses pneumonics and puts in bogus answers that only he knows and nobody can guess.
Pending appeal, Microsoft has refused to turn over emails stored in Ireland to the US government. If Microsoft loses on appeal, it'll have to turn over the emails however. This is a scary thing because it could mean that the reach of the US courts extend beyond our shores, and around the world. In the view of Microsoft and many legal experts, federal authorities have no jurisdiction over data stored in a foreign country, and this would violate the sovereignty of Ireland.
Leo thinks that companies like Microsoft and Apple will see this as an opportunity to fight for user privacy.