Ask Leo! #584 – Stopping Spam, Hacking Facebook, MAC vs. IP, and more…

Personal Post

I published an article over the weekend, I Thought the Internet was Supposed to Make Us Smarter? What Happened?.

I posted it to my personal blog rather than Ask Leo! because, to be honest, it felt more like a bit of a rant and opinion peice than Ask Leo!'s typically more educational direction.

Nonetheless, with that as a caveat, I thought I'd share here in case you were interested.

Leo's Blog

Stopping Spam is Harder Than You Think

Continue Reading: Stopping Spam is Harder Than You Think


Is my Facebook account being hacked?

"Is my Facebook account being hacked?" That's the question I had when I found a series of password-reset confirmation requests from Facebook in my inbox.

In fact, since I have two email addresses associated with my Facebook account, I had the same series of request in both inboxes.

Except I hadn't requested a reset.

Let's look at what happened, and how my preparations in securing my account kept me safe, so that you can do the same.

Continue Reading: Is my Facebook account being hacked?

What's the Difference Between a MAC Address and an IP Address?

What is the difference between a MAC Address and an IP Address? Are both traceable back to your computer? And can you hide them? If by hiding them is your computer safer from hackers. Also, are the free versions as good as the ones you buy?

Well, the last one is easy to answer: there's no concept of free versus paid IP or MAC addresses. As you'll see in a moment, IP addresses are assigned as part of connecting to a network, and MAC addresses are assigned at the time hardware is manufactured.

Even hiding a MAC or IP address is a concept that doesn't quite apply, but we'll get in to that too.

And whether MAC or IP addresses are hidden or not, they are not the kind of things you should be spending your time worrying about to stay safe from hackers.

Continue Reading: What's the Difference Between a MAC Address and an IP Address?


Saved! Baking Up With EaseUS Todo

Previous Issue

Glossary Term

cross-site scripting

Cross-site scripting (often abbreviated XSS) is an imprecise term for a number of different web-server vulnerabilities. To over-simplify, malicious software of some sort – usually written using JavaScript – can be placed on the server through otherwise normal usage. That malicious code can then attack subsequent visitors who simply visit the service or page.

This type of vulnerability is normally prevented by the server. Most do, indeed, prevent this type of malicious code placement. Others, however, don't, or do so incompletely or incorrectly. These are referred to as having "cross-site scripting vulnerabilities", or "XSS vulnerabilities".

One example of such vulnerabilities is malicious instructions in a comment on a blog post. Once published, subsequent visitors to the page could be at risk of the malicious code being executed in their browsers as the comment is displayed. A properly secure server would not allow those instructions to be included, or would only include them in a way that would not work.

Typically, malicious code of this form is a very short reference to more code stored elsewhere on another server – hence the "cross site" reference. Posting a malicious comment on a vulnerable site might cause every subsequent visitor to run code from a completely different site.

Note that while I've used blog post comments here as an example, commenting systems on major platforms are typically robust and not vulnerable. The risks of cross-site scripting vulnerabilities can apply to any type of site or service that allows user interaction.

Glossary Terms are featured selections from The Ask Leo! Glossary.
Have a term you'd like defined? Submit it here.

Featured Comments

Is MAC address filtering a viable wireless security option?

Ray Smith writes:

'In order to know which MAC addresses can access your LAN, sniffing is not enough. You need to access the router and there you can see the list.' - That's totally and completely incorrect.

'The main reason I go through such great trouble is that encryption and decryption of every packet of data will delay the transfer a bit. - Unless somebody is using hardware that's a decade or more old, the loss performance loss will be minimal. Imperceptible, in fact.

'I use 'WhoIsOnMyWiFi' which tells me when something I did not authorize tries to connect.' - Which is all well and good if you happen to be at home - and awake! - to take the necessary action. Otherwise, it'll do nothing to keep people off your network.

Bottom line: WPA2 is a better and far more secure choice.

Is it illegal to download torrent files?

Ray Smith writes:

'Those who make available original creative work are going to have to come up with a different pricing structure.' - Phooey. The pricing structure is completely irrelevant. E-books that would cost a buck to buy are illegally shared. It's not done because people can't afford a buck or don't consider the book to be worth a buck; it's done because people can avoid paying the buck by stealing the book - and know they'll almost certainly get away with it.

The 'I only do it because companies charge too much' line has been used since file sharing became popular in the 1990s. The excuse was bogus then, and it's even more bogus now. Services such as Netflix, Spotify and Kindle Unlimited provide very cheap access an enormous collection of movies, TV shows, music and books - and yet people still choose to download material illegally. Why?

As I said, illegal file sharing has nothing to do with things being overpriced; it has to do with people not wanting to pay anything at all and preferring to steal.

To say that 'Those who make available original creative work are going to have to come up with a different pricing structure,' is absolutely ridiculous. It's like suggesting that Best Buy have to come up with a different pricing structure to stop people stealing TVs.

Let's Talk About Ransomware32

The Oncoming Storm writes:

"backing up, keeping your other tools up-to-date, and using your own common sense when it comes to malware." that's about your BEST defense against these bloody things. they're actually very easy to avoid (and/or deal with) if you do this.

How do I get rid of this annoying Facebook share pop-up?

D M writes:

As noted in other comments, it appears that your site is one of the ones you are advising people not to visit! That persistent stripe at the side of the page is ANNOYING in the extreme. If you must have it, put it at the bottom of your page and don't harass people with its annoying presence, especially since you offer no way to turn it 'off'.

Leo writes:

If you hover over it there's a "go away" icon beneath it. I need it because it works. Without it and things like it Ask Leo! simply could not survive. I get exceptionally few complaints about it. (I know, not all annoyed complain, but even so ... exceptionally few.)

But, yes, if my comparatively small amount of advertising - required to keep this site free - is something that you're not willing to tolerate, then indeed I'd expect you not to come back. The alternative is for my site not to exist at all. I prefer that it exist so that the people who are more tolerant will continue to find help and resources.

There's much more about the topic, including specific Ask Leo! examples, in Can we no longer view websites without getting pop-ups?

Ask Leo! on Business

Recent posts...

Buying Your Domain Name

There are several places to purchase a domain, but given the importance of your online identity, you want it to be from a reliable source. I'll walk through the process.

Read: Buying Your Domain Name

Choosing Your Domain Name - How Do You Want to be Known?

Your domain name is your online identity. Choosing an appropriate one is both incredibly important and surprisingly difficult. It's worth investing some time and research.

Read: Choosing Your Domain Name - How Do You Want to be Known?

Leo's Books

Backing Up 101 Saved! - Backing Up with Macrium Reflect - 2nd Edition Saved! Backing Up With EaseUS Todo
Saved! - Backing Up with Windows 7 Backup Saved! - Backing Up with Windows 8 Backup
Just Do This: Back Up! The Ask Leo! Guide to Internet Safety The Ask Leo! Guide to Routine Maintenance Maintaining Windows XP - A Practical Guide

More Ask Leo!

Facebook - YouTube - Google+ - Twitter
Amazon - GoodReads


Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2016,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC