Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Ask Leo! #361 – Certificates: good, bad & how they work, overheating hard drives, changing IP addresses and more…

The Ask Leo! Newsletter

*** Featured

How do compromised signing certificates affect me? And how do I stay safe?

In recent months, we've seen a couple of situations where problems at certificate authorities allowed unauthorized, authoritative signing certificates to be created or existing signing certificates to be used in ways that were not legitimate. In both cases, we've seen the certificate authorities that are involved quickly respond by revoking the certificates and push that revocation in high priority updates to as many computers as possible.

Great. But what's all that gobbledygook mean?

For example, you could visit a website via https (thinking that by using https, you were guaranteed to be visiting the website you thought you were), but in fact, you were not.

Rogue signing certificates don't cause this problem alone, but they can remove one of the important checks that we all rely on and perhaps even take for granted.

Don't panic, because it's not common, but don't ignore it either, because when it does happen it's serious.

To understand this whole chain of events, we need to – at least at a high level – understand how digital signatures and certificates work, how they relate to websites, and perhaps most importantly, how they are legitimately created.

And it all starts with a tiny refresher in one important form of encryption, and the importance of keeping secrets.

Because that's all just a little lengthy, I'll begin with the bottom line.

Continue reading: How do compromised signing certificates affect me? And how do I stay safe?
http://ask-leo.com/C5426

*** Answercast

Answercast #24 - Hot hard drives, booting problems, managing email, clicking links in emails and more...

What's a good way to manage virtual memory, delete emails, or diagnose a booting problem? How do you clean up a hard drive, know which links are safe to click in emails and much more...

Listen

Continue reading: Answercast #24 - Hot hard drives, booting problems, managing email, clicking links in emails and more...
http://ask-leo.com/C5427

How do I delete mail on Gmail permanently?
The Delete button in Gmail will move the email to the trash and there is a way to easily empty that trash.
Continue reading: How do I delete mail on Gmail permanently?
http://ask-leo.com/C5428

Are Evite invitations safe?
The rule of thumb, to keep your computer safe, is to not click on links you are unsure of... but how do you be sure?
Continue reading: Are Evite invitations safe?
http://ask-leo.com/C5429

How do I clear system information off an old system drive?
When re-using a hard drive, erasing the old system information is certainly a good idea. The best approach might be to backup and reformat.
Continue reading: How do I clear system information off an old system drive?
http://ask-leo.com/C5430

How do I confirm security on my ISP-provided wireless modem?
Securing your router is important. You may need to take an Ask Leo! checklist to your internet provider to insure you are properly protected.
Continue reading: How do I confirm security on my ISP-provided wireless modem?
http://ask-leo.com/C5431

How do I access Outlook Express emails saved into My Documents?
Outlook Express and Outlook run on the assumption that you will keep emails within the programs data folders. Saving them to your documents creates a difficult retrieval situation.
Continue reading: How do I access Outlook Express emails saved into My Documents?
http://ask-leo.com/C5432

Can I keep my IP address from changing when I switch out my router?
IP addresses can seem confusing; email headers have them, routers have them, web pages have them... how do you sort it all out?
Continue reading: Can I keep my IP address from changing when I switch out my router?
http://ask-leo.com/C5433

How do I diagnose a machine that won't boot reliably?
Diagnosing a machine remotely with very little information is impossible. It might be time for a local technician.
Continue reading: How do I diagnose a machine that won't boot reliably?
http://ask-leo.com/C5434

My hard drive is overheating, how should I fix it?
An overheating hard drive is serious. Before replacing it, it's best to solve the heat issue. Oh yes, and are you backed up?
Continue reading: My hard drive is overheating, how should I fix it?
http://ask-leo.com/C5435

Should I dedicate a hard drive entirely for virtual memory?
Virtual memory doesn't (or shouldn't) fill an entire hard drive. There are better ways to maximize performance.
Continue reading: Should I dedicate a hard drive entirely for virtual memory?
http://ask-leo.com/C5436

*** Our Sponsor

Windows XP Is Not Dead!

Learn how to clean it up, speed it up, and tune it up.
Keep your Windows XP machine running longer.

Maintaining Windows XP - A Practical Guide
Downloadable PDF or CD-ROM. Also available in paperback.
- An Ask Leo! book.

Advertisement. Ask Leo about advertising here.

*** Last Issue's Articles

*** Comments

*

How do you run TrueCrypt with Dropbox?

Mark J writes:

There are a couple of other important points regarding DropBox and TrueCrypt. 1. The default for TrueCrypt is to 'Preserve modification time stamp of file containers'. This means that the date modified of the TrueCrypt container never changes and DropBox won't realize that file has been modified. Therefore, it will not sync it unless, this default is deselected under Settings->Preferences->'Preserve modification time stamp of file containers'. 2. If you access the Internet through your phone or any other service which limits your data transfer, a large TrueCrypt container can eat up a lot of Bandwidth.

*

Why does my computer turn itself back on from standby?

RJ writes:

The BIOS is quite a risky thing to be playing about with to be honest, especially if you don't know what you are doing, because it is a fundamental part of the computer system. I therefore recommend only using official updates from the laptop's vendor's website. If you are in the slightest doubt that the update is not official, don't apply it!

It's is also worth recommending that you ensure you have a recent backup of your system before doing such updates. Normally I would not be any where near as paranoid as this but I do believe that the BIOS is crucial to your computer... I'd be tempted to weigh up the risk of updating your BIOS compared with the value of standby to you. AND at least try all of the other options before deciding the BIOS is at fault for stopping standby from working.

*

Why is my browser being redirected?

Johnxi writes:

Changing the DNS setting in your IP config - possible. Changing DNS on your router - EXTREMELY unlikely assuming you've set up an admin password.

Actually: A) an amazing number of people have never changed the default password on their routers thus B) malware authors have most definitely taken advantage of that and there is indeed malware that reaches out and changes the DNS settings on routers.

-Leo

*

What IP address do I put in my browser to secure my router?

Ken B writes:

On my system, between the wireless, wired, virtual, IPv6-toIPv4 tunnel, and so on, "ipconfig /all" shows 10 interfaces, and scrolls most of the information off the screen before you can read it. Even piping to "more" is a bit overwhelming. It might be easier to use this command to narrow down the information you need to look at:

ipconfig /all | find "Gateway"
or maybe even
route print -4
and look under the "gateway" column.

*** Thoughts and Comments

Webinar Sunday: "What's on Leo's Computer?" will be this Sunday the 10th at 1PM US PDT. I need to update an article about the software that I use, and I decided that it might be interesting to just spend an hour poking around my machine showing some of what I have installed and use every day - taking questions along the way, of course.

Hopefully there won't be anything too embarrassing. Smile

Remember, registration is required to attend and seats are limited. "What's on Leo's Computer?" has all the details and registration link.

One of the things that the Answercast format has allowed me to do is to still answer lots of questions on Ask Leo!, but also take the time to write and research articles that are a little deeper, a little more complete than normal. This week saw two examples of that: Email Hacked? 7 Things You Need to do NOW resulting form the continued rash of email account hacks, and today's How do compromised signing certificates affect me? And how do I stay safe? which is basically an explanation of how https and certificates work resulting from last weekend's out-of-cycle Microsoft update to protect from newly compromised certificates.

Sometimes topics just need more words & time to do them justice. I hope you find it all helpful and educational.

'till next week...

Leo
Leo A. Notenboom
Facebook - YouTube
Twitter - Google+

*** Administration

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at http://newsletter.ask-leo.com for their own FREE subscription!

Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Newsletter contents Copyright © 2012,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC