TIME Security

Uber Data Breach Put 50,000 Drivers’ Info at Risk

Berlin's Taxis As German Court Considers Uber Technologies Inc. Ban
Bloomberg—Bloomberg via Getty Images A passenger holds a HTC Corp. smartphone displaying the Uber Technologies Inc. car service application (app) as they sit in a taxi in this arranged photograph in Berlin, Germany, on Monday, Nov. 24, 2014.

But it isn't aware of any foul play as a result

A data breach at Uber last spring put tens of thousands of drivers’ personal information at risk, the company said late Friday.

Uber said it first realized its systems may have been breached by a third party in September of last year. After an investigation, the company found an “unauthorized access” by a “third party” occurred on May 13 of last year, which resulted in the names and license numbers of 50,000 drivers being leaked.

The car-hailing company didn’t specify who the third party was. However, Uber says it has since blocked further access to the database in question as well as alerted affected drivers.

Uber isn’t yet aware of any identify theft or other foul play as a result of the breach. It’s also offering one year of fraud protection to the drivers involved.

“Uber takes seriously our responsibility to safeguard personal information, and we are sorry for any inconvenience this incident may cause,” a blog post from Uber Managing Counsel of Data Privacy Katherine Tassi said. “In addition, today we filed a lawsuit that will enable us to gather information to help identify and prosecute this unauthorized third party.”

TIME Security

SIM Card Company Says the NSA Probably Hacked It

Mobile phone SIM card
David Gould—Getty Images

But it denies the NSA got access to billions of people's mobile communications

One of the world’s largest manufacturers of SIM cards has acknowledged evidence of security agency attacks on the company’s internal networks, but it’s denying that American and British intelligence agents were able to get access to billions of mobile phone users’ secure data.

Gemalto, a French-Dutch supplier of SIM cards, found “reasonable grounds” of an attack by U.S. National Security Agency and its British counterpart, the Government Communications Headquarters (GCHQ) following an internal investigation into a series of security incidents. The audits came after online publication The Intercept reported on what it said was a joint British-American operation to covertly hack Gemalto’s stash of SIM encryption keys, based on documents leaked by Edward Snowden.

SIM cards are small encrypted devices inside cell phones that carry users’ unique identifier codes on a network. Breaking their encryption could allow intelligence agencies or hackers easier access to targets’ mobile communication.

In particular, Gemalto cited two “sophisticated intrusions” in 2010 and 2011, one of which involved sending malware-infected attachments from faked company email addresses. Gemalto acknowledged that the breaches may have enabled a third party such as the NSA to spy on internal communications from company employees, but denied the breach led to a massive loss of encryption keys. The Intercept previously reported that the NSA and GCHQ stole encryption codes as Gemalto sent them to device makers like China’s Huawei.

“The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys,” read a statement from the company.

TIME Security

Google Will Now Pay You to Kill Bugs Year-Round

Sundar Pichai, senior vice president of
AFP—AFP/Getty Images Sundar Pichai, senior vice president of Chrome, speaks at Google's annual developer conference, Google I/O, in San Francisco on June 28, 2012.

Up to $50,000 in individual rewards

Google is making its annual contest to find vulnerabilities in Chrome a year-round affair.

The security contest known as “Pwnium” previously awarded cash prizes to developers once a year who found bugs in the Chrome browser or the Chrome operating system. Now the company is offering “infinity million” dollars on an ongoing basis to people that identify bugs (the company clarifies in a blog post that the contest can be modified at any time).

Individuals can be awarded between $500 and $50,000 for each bug they discover.

Google says the change in structure is an effort to prevent “bug hoarding,” in which coders would wait to disclose vulnerabilities until they could claim a reward once a year. “By allowing security researchers to submit bugs all year-round, collisions are significantly less likely and security researchers aren’t duplicating their efforts on the same bugs,” Google wrote in its blog post.

The new rules for Pwnium go into effect Wednesday.

TIME Security

U.S. Offers $3 Million Reward for Information on Russian Hacker

Bogachev Russian Hacker FBI
FBI

The FBI says it's the most ever offered in a cybercrime case

The United States announced a $3 million reward Tuesday for information that would lead to the arrest and/or conviction of a suspected Russian hacker, the largest bounty it has ever offered in a cybercrime case.

Evgeniy Mikhailovich Bogachev, one of the FBI’s most wanted cyber criminals, allegedly participated in a “major cyber racketeering enterprise,” according to the State Department, which involved using a malicious software known as “Zeus” to grab sensitive information from victims like bank account numbers, passwords and PINs.

The FBI said its investigation of the “GameOver Zeus” computer network began in September 2011 and is responsible for some 1 million computer infections, resulting in more than $100 million taken from online bank accounts. Bogachev, known as “lucky12345″ and “slavik,” was indicted by a federal grand jury in August 2012 for charges like bank fraud, conspiracy to violate the Computer Fraud and Abuse Act and aggravated identity theft. In May 2014, another federal grand jury indicted him under his real name for charges including wire fraud, money laundering and computer fraud.

Bogachev is believed to be at large in Russia.

TIME Drones

Mysterious Drones Spotted Over Paris

Earth Hour In Paris
Antoine Antoniol—Getty Images The Eiffel Tower is seen before the lights are switched off for Earth Hour 2012, on March 31, 2012 in Paris, France.

Flights over U.S. embassy and landmarks raise surveillance concerns

French police are searching for the pilots behind several mysterious drones that were seen cruising over Paris landmarks and secured compounds on Monday and Tuesday nights.

Unmanned aerial vehicles are already prohibited across the French capital, the Wall Street Journal reports, but the flights spotted this week have raised surveillance concerns in a city that is on high alert after the January terrorist attacks. The drones were seen flying near the Eiffel Tower, the U.S. Embassy and the Interior Ministry.

Police have not yet established how many drones were involved, or whether there was any connection between the flights.

Read more in the WSJ

Read next: Watch This Stunning Drone’s Eye View of Frozen Niagara Falls

Listen to the most important stories of the day.

TIME Security

This Is the Best PC Security Software You Can Buy

bitdefender-ts-2015
Bitdefender Bitdefender Total Security 2015

Bitdefender Total Security 2015 tops the list

Security software should ideally be easy to use and should detect and remove every piece of malware — all without slowing your computer down or sounding false alarms. It should also tackle all these tasks without disturbing you with constant update notifications.

The reality is that perfect antivirus software doesn’t exist yet. In fact, the recent cyberattack against Sony Pictures Entertainment confirms that. The FBI said the attack “appears to have been conducted using techniques that went undetected by industry standard antivirus software,” according to USA Today.

But that doesn’t mean the industry stops trying to provide consumers with the best security solutions. After all, even antivirus software that may not protect you against every single threat out there is better than going completely unprotected altogether.

We analyzed the best free and paid security software for Windows-based computers that closely matched the “ideal” solution, calculating test results from independent security experts, consumer sites, and technology specialists. Paid software had to not only meet top security ratings, but it had to cost less than $100 per year, be marketed for personal computers, and offer coverage for multiple PCs. And for freeware, we wanted something that had equally strong ratings, was easy to use, and offered a little something extra over the other freebies out there.

Here are our picks.

Best Paid Antivirus Product: Bitdefender Total Security 2015

Today, all of the best security suites offer strong protection against malware, trojans, and viruses while minimally slowing down your machine. They block or warn you about malicious websites and downloaded files, and safely quarantine items that can potentially wreak havoc on your PC. Many offer parental control features that track the activities of underage users and block unseemly URLs. And even consumers’ shopping habits aren’t ignored, as many top products store your login credentials and payment information so you can virtually shop ’til you drop without entering your credit card number umpteen times.

Overall, some paid products implement these features better than others, and in our findings, Bitdefender Total Security 2015 outperformed the rest. It offers some seriously strong security protection in an easy-to-use interface, all without slowing down your machine.

Testing

While independent anti-malware research lab AV-TEST hasn’t evaluated Bitdefender Total Security 2015, it has reviewed Bitdefender Internet Security 2015, which uses the same antivirus technology (minus some additional features, like anti-theft protection and online storage). In AV-TEST’s reviews, Bitdefender Internet Security 2015 obtained perfect marks for protection and performance, meaning it protected against malicious software 100% of the time and never slowed down the computer (on average, security software slowed things down by four seconds). And while Bitdefender never erroneously detected a website as suspicious, it did once falsely detect legitimate software as malware during system scans, placing it well below the industry average of nine false positives.

In PCMag’s tests, Bitdefender Total Security 2015 scored 4.5/5 in both antivirus protection and overall, earning it an “excellent” rating and an editor’s choice award. (For comparison, AVG Internet Security 2015 scored 3.5/5 and Norton 360 scored 4/5 in antivirus protection.)

When tested by AV-Comparatives, another independent testing group, Bitdefender again fared well. It was one of three paid consumer products — AVG Internet Security and Kaspersky Internet Security being the other two — that never wrongly blocked any programs. While Bitdefender ranks similarly with other top brands, it moves ahead of the pack because it costs less and subscriptions cover multiple PCs. (AVG Internet Security is $54.99 for just one PC, while Bitdefender Total Security and Internet Security are $89.95 and $79.95 for three PCs, respectively.)

Features

The web-based MyBitdefender Dashboard is the central control for all Bitdefender-registered devices, letting you scan and fix security issues remotely. You can even track your lost or stolen laptop, tablet or phone, locking or wiping missing devices using the Anti-Theft dashboard feature. Many competitors, like Avast, Kaspersky, and Panda offer anti-theft features, but they’re designed for recovering Android phones and tablets, not PCs. With Bitdefender, however, even your PC is recoverable.

There’s a weekly security report that provides a snapshot of the total number of issues fixed to date, while the updated security widget on your desktop tracks your security-related tasks in real time and sends notifications to your PC about the latest events reported by Bitdefender. And if you want to quickly scan a file or folder, you can simply drag-and-drop it into the widget. This quick option is great for when you don’t want to spend the time to open your security suite, search for the file, and scan it like with other programs.

Bitdefender’s handy Vulnerability Scanner takes the guesswork out of keeping up with the latest security patches or wondering if your password is weak. The feature regularly scans your computer for possible vulnerabilities, indicating the number of risks posed by outdated apps, weak passwords, or missing security patches. The report will also offer recommendations and solutions for each vulnerability.

While other products like McAfee Antivirus Plus also have a vulnerability scanners, it’s hard to find a program that scans the strength of your passwords like Bitdefender does. Generally, consumer security suites just offer password management tools that save your login information for various sites. For instance, Kaspersky’s free version of its Password Manager offering does store login credentials and can even generate stronger passwords, but it’s not designed to evaluate the passwords you already have. So if you want both a vulnerability scanner and a password evaluator, then Bitdefender is the way to go when it comes to preventing threats that could arise thanks to outdated software or poor passwords.

Threats that don’t originate from your PC are extinguished by Bitdefender as well. Viruses can covertly enter your PC via flash drives, for instance, but Bitdefender wards off such threats with its USB Immunizer, a feature that prevents auto-run malware from launching on your PC from a connected drive or memory card.

Additional features include a virtual file shredder that ensures no traces of your deleted files remain on your PC, a two-way firewall that protects you even over Wi-Fi networks, and file encryption to secure your confidential files in an encrypted vault. There’s also a top-rated anti-phishing feature that blocks malicious websites; PCMag ranked it highly because it outperformed Norton 360 (anti-phishing tools traditionally never come close to Norton’s accuracy, but Bitdefender scored five percentage points better than Norton, according to PCMag).

System speed

If you’re noticing your PC is acting sluggish, you can speed things up with Bitdefender’s OneClick Optimizer feature. OneClick will analyze your machine for disk, registry, and privacy issues, and then start the optimization process, which includes disk cleanup (removing Windows junk files, like Windows cache), registry cleanup (removing corrupt registry entries) and privacy cleanup (clearing your download history, temporary files, and more).

There’s also the new Startup Optimizer feature, which minimizes boot time by managing programs that launch at startup. Norton 360’s Startup Manager is similar, although Bitdefender’s version is better because it actively monitors how long it takes your device to start and how much time it takes each program to launch. To fully optimize your PC’s performance, you can enable the Bitdefender Profiles feature, which ensures that your PC performs its best based on a particular type of activity. You can choose — or let the software auto-detect — work, movie, and game modes, for instance, preventing popups or system updates from happening. While other security suites offer similar use-based optimization, it’s typically limited to gamer mode and often must be manually enabled.

Speaking of interruptions, some of the most common security product annoyances are the repetitive alerts. Bitdefender brought the Autopilot feature — which makes optimal security-related decisions without interrupting you — back from last year’s lineup and enhanced it for Total Security 2015. That means no more pop-ups and nothing to configure. If there’s a critical function disabled, such as the Bitdefender two-way firewall, Autopilot will fix it.

Online safety

For those who like to shop online, Bitdefender’s password-protected Wallet feature is a secure solution for storing your credit card details and important passwords, automatically filling in the pertinent fields as you browse and storing your credentials for new sites on the fly.

Bitdefender’s lineup also includes a fraud-warning feature that will alert you if Google and Bing search results or Facebook links are unsafe before you click on them, and will block access to infected links you accidentally click. AV-TEST found that sister product Bitdefender Internet Security 2015 — which uses the same technology — never wrongly detected a website as suspicious.

Parental controls

If you have little ones accessing the Internet, you can take advantage of the advanced parental controls settings that block inappropriate content, limit access based on hours you set, and even let you monitor their location, online activity, text messages, and calls when paired with the Parental Control app for Android. You can access your control settings online from your MyBitdefender account, which is a nice touch.

Similar to too-basic password management, other security systems can come saddled with flawed parental controls. For example, Trend Micro has a very basic parental control system that just that filters web content and offers time scheduling. To match the more advanced controls you get with Bitdefender, you’d have to install additional software. PCMag reports that once Trend Micro’s Online Guardian for Families is installed, it’s still riddled with flaws. For example, Online Guardian doesn’t run independent of web browsers, so if a child accesses the Internet via an off-brand browser, they’ll be able to view any web page they want, regardless of the limitations you set.

However, a real competitor to Bitdefender’s parental control features is AVG Family Safety, which is browser-independent. PCMag points out that AVG’s feature can even let older children with an approved password override site blocking so they can access sites that may be deemed inappropriate for their younger siblings. AVG Family Safety is actually a separate feature that costs an additional $49.99 per year for three computers, though. At that price, it’s more cost effective to opt for a full suite with robust parental control features, like Bitdefender.

Overall

Bitdefender Total Security 2015 is overflowing with features. It runs fast and light, and sports a straightforward interface that ties nicely into online controls accessed in the MyBitdefender hub. And most importantly, it’s a high-quality protection suite at a fraction of the cost of its competitors.

Bitdefender Total Security 2015 costs $89.95 for a one-year subscription that covers up to three Windows PCs (currently available on Amazon for $53.97). Bitdefender Total Security Multi-Device 2015 costs $99.95 for a one-year subscription that covers five devices, Mac and Android included.

The Best Free Option

We also went hunting for the best freeware out there. In reality, free security suites don’t exist, but free antivirus offerings are pretty common. You generally get bare-bones features, such as a system scanner, a scarce interface with little context (and riddled with popups asking you to upgrade to a paid version), and adequate to good antivirus protection.

For most consumers, though, adequate doesn’t cut it. So we searched for a product that was easy to use, earned superior security ratings in its class, and offered a bonus feature or two to put it over the top. In that search we narrowed it down to a product that was the pioneer in its industry: the first free cloud-based offering that not only sets the bar among freeware protection, but even outperforms a few paid providers.

Panda Free Antivirus (formerly Panda Cloud Antivirus) is as good as it gets for Windows freeware. It has a simple interface and is very effective at detecting malware, spyware, and viruses. As the first free cloud-based antivirus software on the market, it’s got a few nice tricks up its sleeve. You’ll need to install a small program that runs on your PC and connects to Panda’s cloud engine, but setup is a breeze and to make PC users comfortable, Panda mimics Windows 8’s tiled look once it’s running.

Cloud power

Most security programs use cloud-based technology one way or another to detect threats. Many connect to servers to update their software or to maintain a real-time database of active malware threats; Panda Free Antivirus is no different. It’s an entirely cloud-based program, so there’s no need to worry about installing updates or configuring your machine aside from the one-time installation of the connector software. And its offline cache of active malware signatures ensures you’re protected even when you’re not connected to the Internet.

In recent comparative tests by independent labs, Panda Free Antivirus led the pack in protection. It scored 100-percent protection rates in AV-TEST’s results. And in AV-Comparatives real-world testing, Panda scored highest among its freeware counterparts, even outperforming a few paid software programs, including AVG Internet Security, McAfee Internet Security, and Sophos Endpoint Security 10.3. And in PCMag’s tests, it scored a perfect 18 points in protection, performance, and usability along with Bitdefender and Kaspersky.

Panda Security’s latest creation, the XMT engine, is a type of smart engine that offers a higher level of efficiency and greater malware detection rates. Panda has made XMT available on all of its products, including Panda Free Antivirus, which promises to scan your computer 50 percent faster than its predecessor while minimally impacting system overhead. While the industry average for slowing down a machine was four seconds in AV-TEST’s findings, Panda only slowed things down by three seconds.

Other features

As an added bonus, Panda Free Antivirus packs a rescue-drive creator. If malware prevents you from booting up a particular machine, you can create a bootable USB rescue drive that scans and removes viruses from the infected machine. There’s also a USB Vaccine feature, which scans flash drives and can prevent infected ones from automatically running programs.

While the rescue drive feature and autoplay disabler are nice touches, you miss out on Panda Antivirus Pro’s features, including firewall protection and chat-based support. And if you want some mobile protection for your Android device, you’ll need Panda Mobile Security, which is $14.99 per year.

Panda may be free, but it isn’t perfect. In AV-Comparatives’ tests, it occasionally wrongly blocked safe Internet domains or downloaded files. The average score for wrongly blocked files was 18; Panda scored a dismal 46. But in AV-TEST’s results, it didn’t wrongly block websites, and it only blocked one legitimate software download. However, Panda was twice as likely to wrongly detect legitimate software as malware during system scans.

Overall

Better safe than sorry. If you can handle some false alarms, Panda Free Antivirus‘s impressive protection rate and real-time malware database places it ahead of its freeware competitors. And its bonus security features are practical additions you’ll be glad to add to your computer’s arsenal. It’s the go-to solution for free antivirus protection.

This article originally appeared on Techlicious.

More from Techlicious:

TIME Security

This Is the Best Mac Security Software You Can Buy

avast_free_mac_security_boxshot
Avast Avast Free Mac Security

Avast Free Mac Security 2015 is the go-to free software

Many Mac owners may be under the impression that their computers don’t need antivirus protection. They’re inherently safer, right? While there are fewer Trojan horses, viruses and worms designed to attack Macs than PCs, that doesn’t mean they’re immune to infection.

“Many threats, like phishing, don’t care whether you’re running Windows or a Mac,” says Christopher Budd, global threat communications manager for Trend Micro.

In fact, a serious threat to Macs was verified as recently as December 2014, according to the National Vulnerability Database. To combat this threat, Apple issued its first ever automatic security update for Mac computers in December. (Previously, Mac users would initiate the security updates themselves.) The bug, CVE-2014-9295, could enable hackers to gain remote control of machines through a vulnerability with the network time protocol, or NTP, which synchronizes a computer’s clock. It was serious enough that Apple didn’t want to wait for users to fix it themselves, according to Reuters.

With even one threat on the table, protection is needed. So we set out to find the best Mac antivirus software out there. We reviewed security lab results, interface accessibility data, and product feature ratings from independent experts and websites to recommend our favorites.

We placed an emphasis on performance and security over a trunk full of features. To find the best freeware, it had to meet top-notch security ratings while still offering a few perks. For paid software, we decided it had to not only achieve high security ratings, but it had to cost less than $100, offer a one-year subscription with multi-device protection, and be designed for home use.

With that, we narrowed it down to our two security software picks — one free, one paid — for 2015.

The best free Mac security software

Avast Free Mac Security 2015 is the go-to software for protecting your Mac without spending a penny. It’s a simple, on-demand scanning platform that can complete four different types of scans: Full System Scan, Removable Volumes Scan, Home Scan or Custom Scan. While the variety is useful for performing different system checks, it lacks the scheduled scans feature that many busy consumers want. Nonetheless, its simple-to-use interface, strong all-around coverage, and anti-spam features still pull it ahead of other free offerings.

While it’s not perfect at detecting all intrusions, independent security researcher AV-TEST reports that it gets the job done — after all, it’s free. In testing, it performed the highest among its freeware counterparts, detecting 97.4 percent of all on-demand threats (above the average of 80.8 percent). It even outperformed some paid competitors, including Kaspersky, which only detected threats 93.2 percent of the time. It also held its own with paid offerings when it came to minimizing system slowdown.

Once Avast detects something suspicious, it locks it away in a quarantined area called the Virus Chest, where you can choose to restore it if it’s a falsely-identified file, or delete it altogether. And like most of its competitors, Avast also detects Windows malware.

Generally, free security packages are pretty bare bones in their features. But Avast takes the freeware landscape to a new level by offering an anti-spam tool, which is uncommon among its freeware competitors. Similar to paid versions, Avast monitors incoming web data — through its Web Shield and Mail Shield features — like malicious links or attachments, and flags and isolates any threats it finds.

Additionally, in early 2015, Avast will include the industry’s first four-pronged home network security system. The system’s Home Network Security scan can identify misconfigured Wi-Fi networks, routers with weak passwords and compromised Internet connections. The SecureDNS feature encrypts the Internet traffic between Avast-protected devices and Avast’s DNS server to prevent users from being directed to malicious sites. A new Smart Scan feature will integrate all on-demand scans into one (antivirus, Home Network Security, junk-file cleaning, and software update scans) to meet your security needs.

Rounding out this four-component security system, Web Shield will get an upgrade to be able to scan securely-encrypted sites for malware and threats. Web Shield will accomplish this by detecting and decrypting TSL/SSL protected traffic in its web-content filtering component for any threats, Avast says.

The best paid Mac security software

Bitdefender Antivirus for Mac offers greater security than its competitors at a comparable cost. It’s $59.95 for a one-year subscription, which covers up to three Macs.

Some Mac antivirus protection products tout just the “Internet security” feature and neglect the rest of a computer’s needs. Or for “total” protection, you’re limited to protection for just one device and it costs 50% more than standard protection. Bitdefender balances cost and protection in the same product, offering coverage against adware, polymorphic viruses, spyware, trojans, worms, and more.

Bitdefender has a simple interface that’s easy to understand. If your Mac’s safe, you’ll know it because a green checkmark in the status bar will tell you so. If a security issue is detected, the status bar turns yellow and offers tips on how to quickly fix the issue.

To scan your Mac for possible threats, you have four options: Scan Critical Locations, Full System Scan, Scan a Custom Location and Continuous Scan. Scanning critical locations checks for malware in your vulnerable hotspots, such as documents, downloads, attachments, and temporary files folders. The full scan checks for malware on the entire system, including connected mounts, like external drives. You can hide certain folders and drives from Bitdefender’s watchful eye by adding them the exclusions list, or choose to scan a specific location, such as a once-hidden external drive.

A downside is that you can’t schedule scans. Instead, Bitdefender includes Continuous Scan mode, which keeps the software running day and night in the background. On the plus side, you’ll always have the most up-to-date protection because it’ll automatically update its virus-tracking database in this mode. (If Continuous Scan mode is off, you can still update the by going to Actions > Update Virus Database.) And you may never even know it’s there: in the third-party lab tests, “Bitdefender hardly slows the system at all,” says AV-TEST.

If you share files with Windows users (or your own PC), you’re covered as well. The software detects Windows viruses on your Mac, and while these threats can’t affect your Mac, you can still pass them on to Windows computers on the same network if you’re not protected.

Bitdefender also automatically scans any files you download for security threats, alerting you when a problem is detected. You can track and adjust these alerts since they’re fully integrated into your Mac’s Notification Center (go to System Preferences > Notifications).

For security on the web, Bitdefender connects its free TrafficLight extension, which monitors your web traffic and blocks any malicious content. It also notifies you of worrisome websites in your search results (with a red dot), and detects and blocks suspicious links it finds on Facebook and Twitter. TrafficLight detects “trackers” as well; code snippets that track and analyze browsing behavior. All scans happen in the cloud, so the extension offers a strong layer of protection without slowing you down. TrafficLight is available for Firefox, Google Chrome and Safari.

While Bitfender excels at malware protection, it’s still lacking in a couple of areas. For example, families may prefer a security suite with parental controls added in. But OS X’s complementary parental controls system already lets you manage and monitor your child’s computer use, interactions and Internet activity (to access this feature, go to System Preferences > Parental Controls).

It’s also missing its own firewall protection, but again, your Mac already has its own firewall tools to stop malicious network traffic. Plus, in third-party lab tests, some of Bitdefender’s competitors that do offer firewall protection actually performed poorly at malware detection tests. (For example, Symantec only detected threats 54.7 percent of the time, compared to Bitdefender’s 100 percent, according to AV-TEST.) So we’ll take greater malware protection and speedy performance over additional bells and whistles any day.

This article originally appeared on Techlicious.

More from Techlicious:

TIME How-To

How to Stop Your Phone From Tracking Your Location

Google Maps Returns To Apple's iPhone
Justin Sullivan—Getty Images The Google Maps app is seen on an Apple iPhone 4S on December 13, 2012 in Fairfax, California.

But remember some apps need your location to work properly

While scrolling through your photos, you may notice your smartphone has created albums based on your location, tagged with eerie precision. How does my phone know that I was taking a photo of a certain cathedral, or that on one night in January I took a photo in South Slope and then another by 14th street?

It’s all about location tracking, which use your phone’s internal GPS and other sensors to track your whereabouts and feed that info to various apps.

For some, location tracking can be convenient: It helps apps like Google Maps and Uber know where you are to better deliver you information and services. But for those who have just seen Citizenfour, it could be creepy and invasive. And those people may wish to disable their location services.

Here’s how to do it:

On Apple’s iPhone or iPad: Go into your phone’s Settings tab, and then select Privacy. From there, select Location Services. You’ll see a string of apps that use location services. You can choose to disable them all by moving the slider at the top, or disable location services only for specific apps. Does Fruit Ninja really need to know where you are in the world? Probably not.

On Android: Open the App Drawer, go into Settings, select Location, and then enter Google Location Settings. Here, you can turn off Location Reporting and Location History. Location Reporting feeds your location data to various apps, while Location History stores your whereabouts for future use in searches and software like Google Now. You can also jettison your entire location history by selecting “Delete Location History” below Location History.

It’s important to remember that lots of popular apps like Google Maps, Foursquare and more are pretty dependent on having access to your location data to work to the best of their ability — turning off location services means losing some of your smartphone’s capabilities. But that just might be worth it if you’re ultra-concerned about your privacy.

TIME Security

Here’s How to Remove Dangerous ‘Superfish’ Software From Your Computer

Inside Lenovo Group Ltd.'s Headquarters And Flagship Store
Bloomberg—Bloomberg via Getty Images A Lenovo Group Ltd. logo is seen on a laptop computer displayed at the company's flagship store on Qianmen Street in Beijing, China, on Tuesday, Nov. 11,

It could make Lenovo users more vulnerable to hackers

Computer manufacturer Lenovo is in hot water this week after pre-installing software that tracks your Internet activity to show you personalized ads. While that sounds a little shady on its own, it gets even worse: Security experts say the software, called Superfish, can open up a nice big door that lets hackers intercept your data.

Lenovo said in a Thursday statement that it stopped pre-loading Superfish on laptops last month, and it won’t do so again in the future. Now, Lenovo is going a step further: It just posted instructions for Lenovo owners to tell if they have Superfish and, if they do, how to erase it.

That’s a significant backtrack for Lenovo: Earlier Thursday, the company said it could not “find any evidence to substantiate security concerns” over Superfish.

Security experts, however, disagreed. They say the problem with Superfish is that it’s able to scan your Internet activity even when you’re on encrypted sites by spoofing a website’s security certificate. Hackers can take advantage of that fake certificate process to steal your data while it’s in transit.

If you’ve got a Lenovo computer, it’s a good idea to follow these instructions to see if you have Superfish and get rid of it.

TIME privacy

Lenovo Under Fire for Potentially Exposing Users to Hackers

Inside A Lenovo Group Store As Company Reports 25 Percent Jump In Fourth-Quarter Profit
Bloomberg/Getty Images Lenovo Group Ltd. signage is displayed near laptops in an arranged photograph at a Lenovo store in the Yuen Long district of Hong Kong on May 23, 2014.

The computer manufacturer's laptops were being sold with invasive adware

Computer manufacturer Lenovo is getting flak for selling laptops with marketing software that experts say opens up a door for hackers.

The software, called Superfish, analyzes users’ Internet habits and displays third-party ads based on that activity, The Next Web reports.

Troublingly, Superfish also impersonates certificates for encrypted websites in order to monitor users’ behavior even on protected sites. That can open a door for hackers targeting sensitive information like passwords or banking details, because users’ data isn’t being protected as well as it ought to be.

In a statement Thursday, Lenovo said it stopped preloading the software in January, and won’t preload it in the future. Lenovo also defended itself from criticism over installing Superfish in the first place, arguing the software doesn’t pose a security risk despite what several experts have said.

“We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” Lenovo said. “But we know that users reacted to this issue with concern, and so we have taken direct action to stop shipping any products with this software.”

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser