security

Is my Chromebook secure for online banking?

Samsung Chromebook Plus

Episode 1476

Ray from Homosassa, FL

Ray has a Chromebook and he wants to use it for online banking. When he logs into his account, though, it doesn't take his password. He has reset the password, but after one login, it locks him out. Leo says that Ray is probably not inputting the right password. He could be mixing up a few letters. Using the Chromebook's autofill feature would be a good idea. That way, the first time he logs in, it will remember it. And the Chromebook is very secure, so Ray shouldn't need to worry about security.

Is it more secure to have my devices connected to a separate guest network?

Plume Wi-Fi

Episoide 1473

Andre from Irvine, CA

Andre has a few Nest devices connected to his router, and one is connected to a guest network. Is that more secure? Leo says no. While guest access doesn't have access to passwords, they do have access to his entire network. Nest is secure, though. Plume offers a great feature - internet-only access to a guest network.

How can I email files securely?

Email

Episode 1471

Fred from Fort Worth, TX

Leo says that Fred is right to be concerned about the security of sending emails because the contents of the messages can be read along the way. If the email is going from one Gmail address to another, however, it would be secure. Ultimately, though, Leo doesn't recommend sending attachments at all. Opening attachments is how most people end up getting infected, and it doesn't just affect that person either. It will spread to all of that person's contacts, affecting their family, business, and the internet as a whole.

Why isn't Malwarebytes working for me?

Malwarebytes

Episode 1458

Don from Culver City, CA

Don is having issues with Malwarebytes. Leo says that if he's experiencing issues with Malwarebytes, there's a good chance that he's been infected. The first thing a malware creator will do is disable online security software and prevent access to those sites in the browser. That's one of the reasons why Leo doesn't like third party antivirus apps. Leo recommends using Microsoft Security Essentials/Windows Defender.

Is there an Android app that could simplify the process of logging onto public Wi-Fi?

LastPass on mobile

Episode 1457

Gary from Rancho Cucamonga, CA

Leo says there's a new feature in Android Oreo 8.1 — it will let you know how fast a Wi-Fi access point is before joining it. Leo says any password vault should enter his password into the web portal when he signs in. Leo prefers using password vaults to any mechanism offered by the browser or phone itself. Password vaults will remember all of his passwords, and on Android, it will actually fill in the password automatically.

Jackpotting Attack Hits US ATMs

ATM

Episode 1458

There's a new attack that has been affecting ATMs around the world, and it's called "Jackpotting." It causes ATMs to dispense all of its cash. Hackers are using endoscopes to gain access to the interior of an ATM in order to connect to it and hack into the ATM's Windows XP operating system. Then, the once the malware is installed, a remote command is given to spew out 40 bills every 23 seconds.

Read more at krebsonsecurity.com.

Do I really need an antivirus?

Windows Defender

Episode 1457

Joe from Long Beach, CA

Joe wants to know how effective antivirus software is. Leo says it can work, but it really does give users a false sense of security. Zero Day exploits can still nail people within 24 hours of discovery. They can also expose people to more flaws. That doesn't mean Joe shouldn't have one, though, but Leo recommends not buying anything third party. He should stick with Microsoft's own Defender that comes with Windows 10. Ultimately, though, his online behavior is his last, best line of defense.

How does Apple's two-factor authentication work?

Apple Two-Factor Authentication

Episode 1457

Ed from Clairemont, OK

Ed set up two-factor authentication on his Mac. But it when he logs into his Apple account, it sends the two-factor authentication code to his Mac. How can that be secure? Leo says it isn't. Apple's idea of two-factor authentication is kind of interesting. The argument is, if he has the password, and he controls the hardware the two-factor code is sent to, then there's a good chance that he is who he says he is. But it would be much better to send it to the smartphone.

Is my Mac infected with malware?

MacBook Pro

Episode 1457

Brad from Wells, NV

Brad accidentally downloaded some malware, but he can't find it to remove it. Leo says downloading a file is only half the equation. He then would have to run it. Since he can't find it, even in his download log, it's likely it was a failed download. On top of that, Brad runs a Mac, so he's even more secure than Windows. But he should always make sure he keeps his computer updated, just in case.

How strong is the encryption on Microsoft Office documents?

Microsoft Office

Episode 1456

Mike from Riverside, CA

Mike is wondering how good the encryption is in Microsoft Word and Excel documents. Leo says it's actually pretty good and that it's adequate, but not uncrackable. Leo says it's hard to crack stuff on the web when a service can slow the attacker down. But if someone can get a document that's locked and own it, there's nothing to stop them from trying a million passwords a second, and brute-force that document. Having said that, Microsoft has started using strong encryption on documents. The weak link will be the password.