Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Signatures Will No Longer Be Required on Credit Cards

Episode 1479

https://pixabay.com/en/credit-card-signature-credit-card-1211408/

Now that pin numbers have been associated with credit cards via the chip, the major credit card companies have announced that effective today, they will no longer require a signature when using a credit card. Leo says that's not only not surprising, but merchants rarely check anyway. But those who do, can still require it for their own records.

Credit card signatures are ending in the US on April 13th

Has my iMac been compromised?

Episode 1478

Adam from Pasadena, CA
Apple iMac

Adam bought an iMac from a private seller. It still had Apple Care and he had it transferred to his name. He's worried that there was a keylogger on it and his credit card was compromised. Leo says that unless he wiped the computer himself, he won't know if it's compromised or not. Leo says that it's probably not the Mac, but just in case, Adam should wipe the drive himself. It's really easy to wipe an iMac drive and reinstall the OS. It could be that Adam's iCloud account has been compromised.

Is it safe to use Amazon's Alexa?

Episode 1478

Julie from Santa Clarita, CA
Amazon Echo

Julie wants to get an Echo, but her husband is worried about privacy and eavesdropping. Are they safe? Leo says it's about as safe as a smartphone. Anything that has a microphone that's connected or broadcasts with a radio can be listened to quite easily. Alexa is always listening, that's true, but it's only listening for the wake word "Alexa," and then whatever follows that for up to 2 minutes. It won't widen the scope until the magic word is uttered. Then it sends the request to the home office for an answer. Can it incidentally record?

How can I reset my Windows 10 password?

Episode 1476

Steve from Radondo Beach, CA
PCunlocker

Steve forgot the password on his all-in-one Windows 10 machine. Leo says that can be a serious problem in Windows 10. But since Steve used his Microsoft account to log in, he can change the Microsoft password and he should be able to make it work. Microsoft also has a utility called MSDaRT, which has a feature called Locksmith Wizard that will reset his Windows 10 password. Third party utilities include PC Unlocker.

How can I securely erase an SSD?

Episode 1476

David from Hollywood, CA
Hard drives

Dan's computer was damaged and Acer is going to replace it, but he's worried about the data on it. How can he wipe the data? Leo says that there's a program called DBAN - Darik's Boot and Nuke that can wipe the drive pretty thoroughly. But Dan should understand that an SSD doesn't format the way a spinning hard drive does, and there can and will be some data leak, where someone could grab the data if they're really motivated.

Why doesn't my password vault input the right password?

Episoide 1473

David from Florida
LastPass

David uses a bunch of different browsers and everyone wants to save his passwords. It seems easier, but he says that it fills in the wrong password often. Leo says that's probably because David has multiple password managers and they are fighting. It's like antivirus software. It's best to have just one. Relying on the browser saving passwords isn't safe because that's not their main business and many have security flaws. David should use one password manager like LastPass, and it will input the right password.

How can I email files securely?

Episode 1471

Fred from Fort Worth, TX
Email

Leo says that Fred is right to be concerned about the security of sending emails because the contents of the messages can be read along the way. If the email is going from one Gmail address to another, however, it would be secure. Ultimately, though, Leo doesn't recommend sending attachments at all. Opening attachments is how most people end up getting infected, and it doesn't just affect that person either. It will spread to all of that person's contacts, affecting their family, business, and the internet as a whole.

How does 2-factor authentication work?

Episode 1472

Taylor from Cincinnati, OH
LastPass

Taylor is talking about using LastPass and its 2-factor authentication. How does that work? Leo says that 2-factor can be a biometric thing, like his thumbprint, or it can be an authenticator which will text him a code to his phone that he would input into the prompt. It's secret and only good for about 30 seconds before he would have to input a new code. It's a great way to protect online data.

How can I protect my email account in Outlook?

Episode 1472

Nathan from Canada
Email

Nathan gets a lot of "sketchy emails," and he wants to know how he can avoid that. Leo says he really can't avoid it, but most email programs can render any malware written into an HTML formatted email neutral. If he's using his mobile device, there's really no exploits that can hijack the phone. It's possible, but not at all likely. Malware emails are more dangerous in a browser rather than an email client. He can turn off HTML in the settings if that worries him, though.

Are encryption services really secure?

Episode 1467

Gary from Cheektowaga, NY
Encryption

Gary is an attorney and has heard of a business product called LockBin that promises to encrypt his data. Is it legit? Leo says that there are limits of privacy with an encryption service. If the service can give him his password, then it has access to all his data and it's not really reliable. If they can't give him the password because only he knows it, then he's in good shape. The downside, though, is that if he forgets it, he's out of luck.