security

How do I set up my Helm email server?

Helm

Episode 1565

Neil from Phoenix, AZ

Neil bought a Helm email server on Leo's advice. He also bought a domain through Hover to use with it. This is a home email service, and the idea is that you put your email on a server that runs in your own house instead of trusting a service like Google to handle it. Neil is wondering how to back the device up. Leo says one of the things he gets for $99 per year is that Helm backs it up over the internet. What's cool is that the contents of the email on the local server is encrypted with a key that only Neil has access to. Helm even provides a secure USB key to decrypt the backups.

Collection #1 Password Hacks Prove to be Older than Believed

Episode 1559

Yesterday's story about Collection #1 - a package of hacked email passwords, is actually now reported to be a few years old, so the damage is not as great as previously believed. But Leo still says that it's a wise idea to go to HaveIBeenPwned.com/passwords and see if your account has been hacked. And then change your password. In fact, it may be a good idea to change it anyway, and turn on 2 factor authentication while you're at it.

Is 2 Factor Authentication by SMS secure?

Smartphone and computer

Episode 1555

Carmine from Chicago, IL

Carmine has 2 factor authentication on most of his systems, but some use SMS, and he thinks that's not very secure. Leo says that there will always be a trade-off between security and convenience. But SMS is far easier to crack than independent authentication through an authenticator. Leo says to contact the cellphone company and have them put their additional layer of authentication on her phone.

Find Out If Your Accounts Have Been Compromised

If you've seen a warning message or a popup online telling you that you've been hacked and that you need to take immediate action, chances are good that it's just a scam. These are nothing more than scare tactics designed to make you fall for something, whether it be giving your information or actually making a payment. But with all of the major security breaches happening, like the one at Marriott, there is some legitimate concern that your accounts could have been compromised. In other words, there is a chance you've been "pwned."

Australia Passes Bill to Defeat Encryption

Security

Episode 1550

Australia has recently passed a bill that would require companies like Signal and 1Password to provide the government with user messages and data upon request. Many companies that offer encrypted communications, however, don't have access to that information themselves because it uses end-to-end encryption. But now that sort of encryption technology is illegal in Australia without a 'back door' being put in. If there is a back door, then access to that data isn't just available to the government, it could be available to any hacker as well.

Is iPhone more secure than Android?

Apple iPhone XS

Episode 1550

Ed from Clairemore, OK

Ed thinks the iPhone is more secure than Android because malware always affects Android, not Apple. Leo says that Apple keeps the iPhone more sandboxed and doesn't allow users to install anything but apps approved by Apple. Google, by contrast, allows alternative Android stores, but they do require all apps in the Google Play to be approved. Apple is only marginally more secure. Bottom line, Apple will protect his information, and Google will sell it.

Is Android secure?

Android

Episode 1550

Gary from Buffalo, NY

Gary is about to get an Android phone and is concerned about security. Leo says that mobile phones have enhanced security with apps sandboxed from one another, and as such, are extremely secure. Android also has a mobile kill switch for apps, so if a bad app is installed, Google can kill it. So he doesn't really need an antivirus app for his smartphone. He should just make sure to only install apps from reputable sources.