We have a great show today filled with simple things you can do to avoid the major hacks and attacks happening on the internet right now. No computer science degree necessary – just do it yourself!
Our guest is Shahid Buttar of the Electronic Frontier Foundation, speaking about net neutrality and privacy issues.
Also, we answer questions from our listeners. Plus, we have a packed list of news items, including:
– Meltdown and Spectre – a problem that could effect practically every computer, tablet and smartphone
– Problems with WD My Cloud products issue that are easy to fix
– an issue preventing Windows updates for people who don’t use Microsoft Defender
– an unusual hack involving SONOS and Bose
– A new product that Facebook is testing that everyone should avoid
– Something you need to know if you let your internet browser remember store your passwords
– a new low in personal data collection.
TARGET – everyone
FIX – update software and OS
Much bigger problem for big companies, and IT people. You will hear IT people use ‘catastrophic.’ Don’t panic – just follow these steps. Home users, student, small business – you can handle this.
Fix – find updates for your software (not hardware) Will discuss how to safely update soon.
Priority – Stop what you are doing and update your browsers now. Then update other programs you use (word, adobe, everything)
Cost – expect your computer to run slower – approximately 5% to 30% slower.
What’s the problem.
Good news: It was discovered by researchers, not because anyone found active virus attacking computers (yet).
More good news: Software vendors were notified back in July, 2017, public announcement was January 3, 2018. Most OS vendors (apple, Microsoft, Linux) and browsers (chrome, explorer, firefox, and safari) used the time in between to fix most software.
WARNING: older products (Linux kernel, 4.14.1 or earlier) have not all updated as of this recording, so look for updates and run them as soon as you can. This link tells you how to check: https://www.howtogeek.com/338801/how-to-check-if-your-pc-is-protected-against-meltdown-and-spectre/
Next segment – how to update.
Breaks down barriers between programs – one program could be tricked into divulging its memory and activity to a virus. It is harder for a hacker to use (good news) but it is also much harder to fix (bad news).
How to (safely) update your software:
FIX: update your software – update to version 2.30.174 or later
Hard-coded backdoor – unchangeable username and password written into the software that runs the device.
MUST make sure you are on version 2.30.174 or later
Google: “update wd my cloud”
If you are using windows without any antivirus software other than Security Essentials or Defender (default) – you will not get the updates. And you need the updates due to regular security patches. Disable 3rd party software.
FIX: Update the firmware from app
Can steal log-in details for your internet music accounts
Firefox quantum – in settings you can change Tracking protection AND Do Not Track Signal to “always;” Chrome can’t/
Effectively an ad blocker for sites that honor do not track. Note: this will reduce advertising revenue.
Don’t do it.
Change one pixel, and plan fails.
What if pic is compromised in transit?
If you have a pic, delete it. If you have a backup, delete that. If you boyfriend, girlfriend, spouse – anyone – has a pic of you that you don’t want to show up on Google images, do the best you can to delete all copies and backups.
Anyone who uses their browser to store passwords.
More Info: Google “freedom tinker login”
Really disturbing profiles at AudienceInsights.net, which is run by Adthink.com. Using the password manager flaw.
On their website, they say they collect info like,
BUT – according to
On audience insights.com, about halfway down the page, click “check my status” then “click to opt out.”
To learn more about third party online advertising and to withdraw from this type of advertising, visit the following Web sites:
Digital Advertising Alliance: http://www.aboutads.info/choices/
Network Advertising Initiative: http://www.networkadvertising.org/managing/opt_out.asp