Security and Privacy

Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.

Has my computer been hacked?

Episode 1382

Art from California
Hacker

Art opened his computer and something took control of Chrome and wouldn't let him shut down the app or his computer. Has he been hacked? Leo says not to panic. It's likely a javascript instruction that hacked a website. He can always force quit his browser to get out of it. He can do that by pressing Ctrl-Alt-Delete to open the task manager for Windows. On macOS, press Option-Command-Escape and Force Quit the app.

Are internet enabled security cameras secure?

Episode 1380

Tom from Madison, WI
Google Nest Cam

Tom wants to add a security camera to his home. He wants to know which one to get and how secure they are. Can they be hacked? Leo says that there's a lot of concern over the "internet of things," which includes cameras. They don't get updated very often. Foscam made cameras that were easily hackable, so Leo suggests not getting them. He won't want to get the low end, off brand stuff either. It won't be secure.

Shadow Brokers Group Release NSA Hacking Tools

Episode 1379

Hacking

A year ago, a hacking group called the Shadow Brokers claimed it had a treasure trove of NSA hacking tools that they would sell to the highest bidder. They asked for $7 million in Bitcoin, but didn't get any bids. They've now released the catalog of documents, which means it's a very busy day for security researchers. While these documents are old, they're still very interesting.

Read more at techcrunch.com.

Hackers Take Advantage of People's Tax Returns

Episode 1379

Hacker

Hackers have been stealing people's information, filing their returns, and getting the refund. Last year, the IRS noticed that the FAFSA online system could get enough personal information that it could be used by hackers. In October, the IRS sent a memo to the Department of Education saying that the system could be abused. But because up to 15 million people used the system out of convenience, they kept it online. In February, the IRS noticed a pattern of fraudulent activity, and shut it down last month.

PDoS Attack Bots Are Destroying Poorly Secured Devices

Episode 1378

We're familiar with DDoS attacks, which are "Distributed Denial of Service" attacks, but there's a new form of attack that's been happening online lately. It's called PDoS, or "Permanent Denial of Service," which actually bricks the device, destroying it permanently. The rationale is that if these devices weren't bricked, someone else would use it for a DDoS attack.

Should I call the 800 number on a popup?

Episode 1379

Lisa from Palo Alto, CA
Hacker

Lisa went to a website and she got a pop up notification that her computer was infected and to call an 800 number to Microsoft. Leo says not to ever call them -- just exit the popup and move on. It's not infected and those popups are designed to insnare users. It's called a phishing scam. Lisa did it anyway, though, and gave them control of a computer. Leo says that's bad news because she doesn't really know what the hacker's done. He can install viruses on her or turn it into a bot, a keystroke logger, and use remote access to turn on her camera.

What should I do about my data if I'm selling my computer?

Episode 1376

Jeff from Valley Village, CA
HDD

Jeff wants to do some spring cleaning by getting rid of some old computers, but is concerned about privacy and the data on the hard drives. Leo says that the easiest thing to do is to simply remove the hard drives. He could also use something like Darik's Boot and Nuke (DBAN) to completely wipe the drive. It erases everything by writing zeros across the drive, and then erases it again. If he does that several times, he'll be safe from everyone save the NSA. Solid State Drives, however, can be easier to get data off of.

ISPs Promise That User Data Is Safe in Spite of New Privacy Rules

Episode 1376

URL

It may not be an April Fool's Joke, but it sounds like one. Verizon, AT&T, and Comcast have moved to assure customers that while Congress has officially passed a law stripping privacy protections from internet users, their data will not be sold and they won't be spying on customers. This begs the question — why did they need the law passed in the first place?