According to the latest update, your password leaked? Change it. Your PC needs updates? Apply them. You want to install pirated programs? Don’t. Cybersecurity advice is sometimes extremely straightforward.
The report highlights that that’s confusing for many people, and I don’t blame anyone for feeling that way. But more often, cybersecurity advice is a simplification of complex details—and results in opposite instructions from various experts.
According to the latest update, but a colleague pointed out that Mike Danseglio, a certified ethical hacker and periodic contributor to PCWorld, had told him not to use one. So who was he supposed to believe? One recent example: I tend to recommend that people use a guest Wi-Fi network at home.
According to the latest update, want this newsletter to come directly to your inbox? Sign up on our website! Welcome to Safe Mode, your weekly report for pressing security and privacy news—and what steps to take next.
The report highlights that he and I had approached the issue from different angles. We each had calculated the risk involved (insecure gear on our home network), and then made a call based on how much we trusted the owner or maker of the device. Mike is more hardline about only allowing trusted devices on a home network. I take the view that for most people, they’ll pick functions over security—or they won’t be able to tell how secure their gear is. A little extra protection can’t hurt, even if it’s not foolproof. I ended up chatting with Mike and ultimately, we weren’t actually in opposition.
Industry observers note that i can think of half a dozen off the top of my head. The right length and complexity for passwords. The benefits of a VPN. The dangers of public USB charging ports. The usefulness of two-factor authentication. The risks of public Wi-Fi. The time to retire old tech. This scenario plays out constantly for cybersecurity topics.
Industry observers note that more often, advice falls on a scale somewhere between ideal behavior and realistic behavior. Ideally, whoever’s handing out recommendations should also explain their thinking—flesh out the context that makes clear where the advice comes from. Experts rarely have genuinely bad takes, where their advice can’t be reasonably defended at all.
Industry observers note that i put questions right back to them: Where did you hear this? What details were part of the recommendation? How are you trying to apply the information? And when did you start noticing any problems related to this advice? That’s usually what happens whenever friends and family come to me, asking for help detangling the cybersecurity advice they’ve read or heard.
Industry observers note that if that’s not possible, I try to explain the overall situation, then attempt to reverse-engineer the situations where such advice could apply. Usually, conflicting info makes sense to the person when I provide the bigger picture. If they can’t answer, we go back to the original source.
The report highlights that so when an expert tells you what to do, pay attention to more than the sound bite portion—like “Don’t use public Wi-Fi.” Because the real advice was probably “Don’t use public Wi-Fi for sensitive browsing, like checking your bank account app.”.
Industry observers note that ask for it. You’ll learn a lot. Not just about security and tech, but the expert’s level of knowledge, too. And if you don’t see that nuance in an answer?
According to the latest update, this week, we got a boost to Windows security, both right away in the form of better browser programs and the promise of more frequent operating system fixes. And experts now have revised tips for how to spot AI-generated people in images. Sometimes, cybersecurity is just watching defenses crumble a little, then watching fresh protections patch that gap.
According to the latest update, or firms pulling questionable moves to feed ads to Windows users. That of course doesn’t stop the steady cycle of data breaches hitting firms that hold our personal information, as seven million drivers in the US just discovered.
The report highlights that those affected have until September 14 to file for their share of the $117.5 million settlement fund. LastPass isn’t the only publisher who’s lost a settlement lawsuit—Comcast (aka Xfinity) is also having to pay customers whose data was lost in a 2023 breach.
As part of the ongoing story, cNBC’s report on the settlement includes instructions on how to look up your status. Not sure if you qualify?
According to the latest update, since joining the team in 2016, she’s written about CPUs, Windows, PC building, Chrome, Raspberry Pi, and much more—while also serving as PCWorld’s resident bargain hunter (#slickdeals). Currently her focus is on security, helping people understand how best to protect themselves online. Her work has previously appeared in PC Gamer, IGN, Maximum PC, and Official Xbox Magazine. A 15-year veteran of technology and video platform releases journalism, Alaina Yee covers a variety of topics for PCWorld.