Leo's Answers #293 - July 26, 2011 - Confident Computing

A Weekly Newsletter From
Ask Leo!
Leo Notenboom

Hello!

Please do not reply to this email.

If you have a tech question Ask it here. Newsletter subscribers using that link go to the head of the line.

Questions about the newsletter? Check the newsletter administration page. You can also unsubscribe using the link at the bottom of this email. The latest newsletter is always available online at http://ask-leo.com/currentnewsletter.html, where you'll also find links to complete archives.

*** New Articles

How secure is my smartphone?

I use my iPhone for most of my less-intense internet needs. I was wondering: how safe it is from being hacked, given that I keep (some) personal data on it? Is it safe? I don't put any software onto it that's not from either iTunes or the App store, nor do I download anything onto it directly that might be unsafe (though I do make some rather less secure downloads on the computer that I synchronize it to)? If it's not, how do other smartphones compare?

Today's smartphones are incredibly convenient and powerful - they're essentially fully functional, internet-connected computers that just happen to have a phone.

As such, you might imagine that the potential for security issues is present.

I'll look at the various types of risks, including what I believe is the highest risk item that many people fail to consider.

Continue reading: How secure is my smartphone?
http://ask-leo.com/C4885

* * *

How do I get Windows Explorer to display details by default in Windows 7?

How do I get Windows Explorer to display details by default? I'm using Windows 7.

Windows Explorer defaults to showing files as icons and even to hiding some files from you. That's not what I want.

Not only am I a control freak who wants to see all of the files and details by default, even after all this time, there are actually real security issues associated with Windows Explorer's choice of default display.

There are several options that you can manipulate and it's fairly easy, yet not totally obvious on how to make them the default.

Continue reading: How do I get Windows Explorer to display details by default in Windows 7?
http://ask-leo.com/C4884

* * *

How do I recover my data after a computer crash?

My computer recently crashed. How do I recover my data? I mean my pictures, folders and the other items on my C: drive. I did a recovery, but I was unable to recover any files.

This is a frighteningly common question that I get in various forms.

Computers crash, hard disks die, malware invades, and data is lost.

I'll look at some of the most common approaches to try after a crash to try to get your data back.

Continue reading: How do I recover my data after a computer crash?
http://ask-leo.com/C4883

* * *

Do I have to keep buying new computers?

How do I get upgrade info and products for my 1983 IBM PC? I jest, but it opens a Pandora's Box of implications as to what to expect in the future via upgrades, new technology, and so on. Are we expected to buy a new computer every three years, such as with cell phones? Actually, I'm serious - sort of.

Well, you don't have to. Smile

But, yes, the practical reality is that much like a cell phone, or better yet an automobile, you probably do want to buy a new computer every so often.

Let's look at why that's so and how frequently you'll probably want to do so.

Continue reading: Do I have to keep buying new computers?
http://ask-leo.com/C4882

* * *

Two-Factor Authentication

We've been using single-factor authentication - otherwise known as "username/password" - for perhaps as long as there have been computers with accounts to log in to.

Single-factor authentication relies on "something you know" - namely your username and password. Know that and you can be authenticated.

With the recent rash of account theft, multi-factor authentication is becoming more popular. Two-factor adds something else - typically "something you have" - which must be provably present in order for your authentication to succeeded.

In this video excerpt from an Ask Leo! webinar, I'll talk a little about multi-factor authentication and show how it works.

Continue reading: Two-Factor Authentication
http://ask-leo.com/C4881

*** Our Sponsor

Free PC Matic - Performance & Security Scan

PC Matic is a collection of award winning
PC Pitstop technologies in one
integrated architecture. No other product on the
market today will do as much to improve the overall
performance, security & stability of your PC.

Run a Free PC Matic Scan Now!
https://cart.pcpitstop.com/go.asp?id=500140

Advertisement. Ask Leo about advertising here.

*** Last Week's Articles

*** Comments

If I have all the recommended security in place, is my computer safe and un-hackable?

Petrus1928 writes:

I'm in favour of using a live Linux CD to access the internet. Any malware that might bypass my Linux security will live only in RAM 'cos it can't write itself to a CD. My preferred distro is Puppy 'cos it can save its settings on a dedicated memory stick. Puppy's web browser & other programs work exactly the same as their Windows equivalents, so I don't have to learn anything new. Best of all, I can save anything on to another memory stick which is readable in my Windows system after scanning it for malware.

Microsoft Standalone System Sweeper - Clean malware from your machine

Bill Nelson writes:

Just an update to my previous comment. I've had some lingering "situations" since using MSSS to clean my system after a Trojan Horse attack. I don't know if I should attribute this to the initial attack or to the cleaning process, but nearly all the files and folders on my computer had the "hidden" attribute selected. I noticed that thumbnails were barely visible, but I could access them normally. The big clue came when I began using "GoodSync" to back up data to an external drive. The newest version of that software has filters set to block backup of hidden files and it could only backup a few recent files. Even files on my external backup drives had this happen. I'd disconnected them as soon as I could when I knew I had a problem, and didn't reconnect until after I thought I had it cleared up, so I guess the attack was the culprit. A lot of files also are marked "Read only," but I'm not sure of the consequences of that yet, since the files I've tried to access are all accessible, so far.

Mark J writes:

@Bill When malware attacks a system, it can make changes to a lot of things. An antimalware program may be able to get rid of the malware, but it can't be programmed to undo all of the effects of the malware such as damaged files, properties changes etc. That's what backups are for. It's similar to a thief breaking into a house. A locksmith can repair the lock, but the things broken and damaged have to be dealt with individually.

I got a call from Microsoft and allowed them access to my computer. What do I do now?

Nick writes:

Leo, you are correct to point out that "Sites like logmein.com, ammyy.com, and perhaps other remote-access services used for this are not involved in the scam. They're just web services that the scammer happens to use and nothing more."

However, in my opinion, it would nevertheless be a very kind thing for these sites to display a very prominent warning to anyone encountering their site that the possibility of it being misused by scammers is a very real possibility and providing basic precautions to guard against that. Of course, they may already do that, I don't know as I've never used them, but if not, then perhaps they should be asked to do so - as a public service.

I'm kinda surprised we're not hearing more from those companies. These scams are definitely making these legitimate companies look bad by association.

-Leo

*** Leo Recommends

TrueCrypt - Free Open Source Industrial Strength Encryption

TrueCrypt comes up frequently in Ask Leo! answers. Many people are concerned about things like privacy and identity and data theft, particularly on computers or on portable devices where they might not always have total physical control of the media.

Someone might gain access to sensitive data stored on your computer.

Encrypting your data renders that access useless, even when your computer or your thumbdrive falls into the wrong hands.

And TrueCrypt makes it not only easy, but nearly un-crackable.

Continue reading: TrueCrypt - Free Open Source Industrial Strength Encryption
http://ask-leo.com/C3444

Each week, I recommend a specific product or resource that I've found valuable and that I think you may as well. What does my recommendation mean?

*** Popular Articles

This is a question that I still get frequently - typically, people are concerned that a MAC address can somehow be used for much more than is actually possible...

What's the difference between a Mac Address and an IP Address?

What is the difference between a Mac Address and an IP Address? Are both traceable back to your computer? And can you hide them? If by hiding them, does that mean your computer is safer from hackers? Also, are the free versions as good as the ones you buy?

•

Well, the last one is easy to answer: there's no concept of free versus paid IP or MAC addresses. As you'll see in a moment, IP addresses are assigned as part of connecting to a network, and MAC addresses are assigned at the time hardware is manufactured.

Even hiding a MAC or IP address is a concept that doesn't quite apply, but we'll get in to that too.

And whether MAC or IP addresses are hidden or not, if you connect to a network, these are not the kind of things that you should be spending your time worrying about to stay safe from hackers.

Continue reading...
What's the difference between a Mac Address and an IP Address?
http://ask-leo.com/C3456

*** Thoughts and Comments

I haven't updated the webinar page yet, but I think I've settled on a theme for the next monthly webinar: encryption. Specifically, file encryption.

I'd run through examples of encrypting and decrypting with 7-zip/WinZip, AxCrypt and of course, TrueCrypt. Perhaps I'll throw in LockNote if I have time. I suspect that the different approaches of all of these tools would be quite interesting, and a definitive "how to" specifically for TrueCrypt might clear up some confusion surrounding how it works.

That'll be the next webinar, Sunday, August 14th at 1PM U.S. Pacific time.

'Til next week...

Leo
Leo A. Notenboom
Twitter - Facebook

*** Administration

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at http://newsletter.ask-leo.com for their own FREE subscription!

Newsletter Subscriber Benefits (only mentioned here)

Visit http://ask-leo.com/subscriber to submit your comments and questions and get to the top of the question queue.
Coupon code NEWS20 gets you 20% off everything in the Puget Sound Software Store, where you'll find my ebooks and other Ask Leo! related merchandise. That coupon code changes from time to time, so be sure to check here each week.

Need more help with or have questions about the newsletter? Check out the newsletter administration page.