privacy

Celebrity Nude Data Breach Underscores Need for Second Factor Authentication

Episode 1116

With the breaking news that several celebrities who had their cloud accounts hacked and nude photos published on the internet, Leo says that this underscores the need for second factor authentication. Companies use secret questions so that you can answer them and get your password or reset it. But Leo says that people make the mistake of answering these questions truthfully. And for a celebrities, that's very easy to discover. Leo uses pneumonics and puts in bogus answers that only he knows and nobody can guess.

Microsoft Refuses to Turn Over Emails to Government

Episode 1114

Microsoft

Pending appeal, Microsoft has refused to turn over emails stored in Ireland to the US government. If Microsoft loses on appeal, it'll have to turn over the emails however. This is a scary thing because it could mean that the reach of the US courts extend beyond our shores, and around the world. In the view of Microsoft and many legal experts, federal authorities have no jurisdiction over data stored in a foreign country, and this would violate the sovereignty of Ireland.

Leo thinks that companies like Microsoft and Apple will see this as an opportunity to fight for user privacy.

Facebook Messenger Invades Privacy, Kills Battery Life

Episode 1108

Facebook Messenger

Leo decided to try out Facebook Messenger this week since Facebook has decided to force users to use it instead of the regular Facebook app for private messages. Leo says that not only does the app deplete your battery by constantly monitoring your activity and location, but you also can't turn off notifications on messages for longer than 8 hours in the app. As a result, Leo was more than happy to delete both the Messenger app and the Facebook app from his phone. He'll just continue to use Facebook on the desktop instead.

Can I be anonymous online?

Episode 1104

Louis from Hollywood, CA
Guy Fawkes Mask

Louis says that cookies or tokens are a violation of privacy. Leo says they're pretty benign, though. The cookie only exists to allow him to keep from logging in to a site every time he visits. It reads the token and knows who he is. He could turn them off or prevent third party cookies. The browser leaks enough information about him to identify him, though. He could surf privately and delete all of his cookies, but even with all that, his ISP knows everything he does online. So if he really wants to be anonymous, he'd have to pretty much give up being online.

Why am I getting warning messages on websites after having installed browser extensions?

Dan from Northridge, FL

Episode 1089

Dan recently began using Google Chrome, and when he tries to use some extensions, he gets a warning box that says it can access his data on all websites along with browsing activity. Leo says this is true of any browser anyway, and is probably a little overzealous. Leo says his browser and internet service provider knows everything he does. This means that if he installs an extension, it will also know everything. It's important to only get browser extensions from the browser's extension store. He should only get them from well known and credible companies.

Google's Sergey Brin Admits His Involvement in Google+ was "a Mistake"

Episode 1089

Violet Blue from ZDnet put out a very strongly worded opinion piece blaming Google's Sergey Brin about the woes of the world. She says that in 2011, Brin was telling all of us that Google+ was the future of Google. But just earlier this week, Brin confessed that his involvement in anything tangentially related to social media was a mistake to begin with. She goes on about how Google sees the users as a "little more than webs of flesh spun over packages of salable data."

Should I get a VPN for my Android phone?

Bob from Walnut Creek, CA

Episode 1087

Leo says that a security guru would say that under no circumstances should he use a public Wi-Fi network unless all traffic on that network is encrypted, and the best way to do that is with a VPN. It encrypts all the traffic coming from a phone or computer all the way to a VPN server, which could be something he runs in his home, or a provider runs for him. At some point, everything he does is on the public internet, but at least his traffic wouldn't be broadcast to the entire coffee shop.

'Whisper' and 'Secret' Apps Aren't So Private After All

Episode 1084

It's probably not a good idea to use Whisper or Secret to reveal secrets about your company, or as a platform for whistleblowing. An article in Wired this weekend says that if you read the privacy policies, all of these apps say they will reveal all identifying information if subpoenaed.

Whistleblowers Beware: Apps Like Whisper and Secret Will Rat You Out (Wired)…
http://www.wired.com/2014/05/whistleblowers-beware/