LOURDES GARCIA-NAVARRO, HOST:
Seamus Tuohy joins us now to answer your questions. He's a digital security consultant with Prudent Innovation.
Thanks for joining us in the studio.
SEAMUS TUOHY: You're very welcome.
GARCIA-NAVARRO: OK. Let's jump right in with this question from David Jackson (ph) in Hawaii.
(SOUNDBITE OF ARCHIVED RECORDING)
DAVID JACKSON: Is it possible for your Android phone, your iPhone, laptop or desktop to be infected by malware so you can be monitored over your microphone, camera or keyboard simply by clicking on a link?
TUOHY: Clicking on a link actually does download software onto your computer. It just does so in a protected environment, which is your browser. Now, luckily, because browsers are making this a major selling point, it's not as big of an issue as downloading an executable file off the internet and double clicking on it, which has a lot greater access to your computer. Browsers do what we call sandboxing, which is essentially they put all the codes that they run in a little sandbox so that it can play safely and not hurt the rest of your computer. And so by clicking on a link, you're far less likely to encounter some sort of virus getting on your computer, though it is possible.
GARCIA-NAVARRO: All right. Here's Sarah Kenword (ph) from Worcester, Mass.
SARAH KENWORD: While using a smartphone, either over mobile networks or public Wi-Fi, what data can be collected? And does clearing the app cache, the browsing history, your text conversations provide any protection?
GARCIA-NAVARRO: This is something that is always coming up. Why should you not be using public Wi-Fi?
TUOHY: Luckily, these days, most websites you're going to visit, if you're visiting major websites on the internet, will be protected with what's called HTTPS. And HTTP is the way you talk to all the websites through your browser. That S actually means secure. And in your browser, you can see a little green lock usually or some sort of green symbol in the URL bar that tells you you're browsing a secure website versus not. And that protects you from the Wi-Fi hotspot or from the mobile network seeing what you're going to. The challenge, though, is when you talk about your phone, a lot of those apps aren't actually putting in place HTTPS, and you can't really check unless you're an expert.
The second question is about clearing your browser cache or clearing your browser history or app caches. And that's kind of a different problem set in that clearing your caches, all that really does is it removes all the little bits of those websites they wanted you to save on your phone so you don't have to get them over and over again. It's the reason that you can read some websites or certain apps really quickly because it keeps some of those photos and, like, the styling of the website for you, so you don't have to redownload it again. That's what caches do.
So if you are really concerned about someone who takes your phone looking at those things, yeah, deleting your browser history, deleting your cache can be really important. If you think you've been doing something illegal and you're doing that in order to avoid getting caught by the police or something, know that that's actually destroying evidence.
GARCIA-NAVARRO: I guess there's one question - and this one's my own - there was an infamous picture of Mark Zuckerberg's laptop. And he had the webcam covered up. Should I be covering up the webcam on my laptop, too?
TUOHY: Personal opinion, yes. One of the things that we've been seeing a lot more of is these viruses that are sold in the black markets to get access to people's computers so they can watch through the webcam. And these are kind of just creepy people who are doing this for some sort of a thrill. And so this isn't just Nation State Actors anymore. There's actually kind of this thriving underground market of people who are selling this older malware, older ransomware that allows you to get access to the camera on people's devices.
Now, a lot of these will still turn on that light on your device and so it's less of a worry because the light will come on as well. You'll be a little bit weirded out, and then you can possibly cover it up at that point. I personally like to have fun little stickers over my camera.
GARCIA-NAVARRO: So you're talking here about your laptop or your desktop computer. But what about your phone? Should you be covering up the camera on that?
TUOHY: Well, so I think it really depends, again, on what you're worried about. The reason I suggest for desktops and laptops, specifically laptops, is because they're always open and facing into your home. When your phone is compromised, let's say, it's in your pocket most the time. It's on the desk facing up or facing down. And so I think prioritizing something like the laptop when you get the chance is a lot easier than trying to figure out every single camera in your life and every single microphone and how you, you know, hardware disable them in your phones and the like.
GARCIA-NAVARRO: All right. I'm now newly paranoid.
GARCIA-NAVARRO: Seamus Tuohy - he's a digital security consultant with Prudent Innovation.
Thanks so much for talking with us.
TUOHY: Oh, thank you very much for having me.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.