News from MisterComputer.com

NEWSLETTER July - August 2011

CLICK HERE TO GO TO THE MISTERCOMPUTER.COM WEBSITE

REMINDER !!!!
CLICK ON ANY BLUE LINK TO BE TAKEN TO THE WEBSITE MENTIONED IN THE ARTICLE!

Click and Get Your Newsletter Archives Here

Email Hacked?

If you've been following the news then you know that Citicard's computers have been hacked. The result is that some 1% (and that's a lot!) of Citicard customer account numbers as well as the name, address and email addresses of those customers were taken by the hackers. Citibank insists that Social Security numbers and CCID codes, that 3 or 4 digit number on the front of your Amex and the back of all the rest, were not compromised. Just last month I received emails from Citicard, Chase and the Marriott hotel chain telling me that Epsilon, the company that these vendors use for email marketing had been hacked and my email address had been compromised. Did you get one too?

Concurrently, and I am assured in an unrelated incident, my own Citibank credit card was compromised and some person or persons unknown tried charging stuff from JC Penny. In fact, it was Citibank fraud division that called to alert me, having spotted a charge out of my ordinary pattern and no damage was done. My card was replaced in a few days and I'm up and running again. BTW, I have two credit cards to my name, one for on-line transactions and one for everything else.

What troubling is that a day or two later, Proactive, whom I've never done business with, first confirmed my on-line purchase using this now compromised credit card, sending me an email indicating my correct shipping name and address. Of course a day later I received the second email telling me the card was no longer valid. But these people clearly had hacked in at some vendor where my credit card, my name address and my email were stored on the same computer, a common occurrence with vendors. If not Citibank (and I'm ever the pessimist), I will never know which vendor, that I did business with on-line, was compromised, as these people are not Citibank and feel not the least obligation to share the breach with me or anyone else.

Furthering the point, I had a client, let's call he/she Sophie, call me to report a similar incident in which firstly the perpetrator emailed all the contacts in her address book asking them for money. The hackers subsequently started to open and expand accounts with her existing vendors. The hackers succeeded in adding 2 lines to her cell phone account. Why? Because her email password was a simple string of lower case alphabetic characters that was easy to crack.

If hackers compromise any vendor's account that you've done business with, like a Citibank, and now have access to your legitimate email addresse(s), it becomes no great feat for the them to use a computer to pound away at that email's account password, configuring the computer to rotate through character combinations until your password is broken. Of course the hacker has access to the same website that you do for picking up email. Yes, you might not know it, but all email provides offer some sort of web access to email. With a simple all alphabetic password the crack time is insignificant.

To make matters worse the client's email inbox, AOL, (Got Gmail, Hotmail, Yahoo mail?) contained all the mail the she felt worth saving and included notes from vendors that she had done business with for years and years. Let's not forget the email address book the AOL keeps on-line for you. The breach was exacerbated by the client's use of the same password for most if not all of the vendors she does business with. This password being the same as that of her email account! So, with the emails indicating which vendors to hit and the password for these vendor accounts, these creeps wrecked havoc everywhere and still are.

As a final stab in the back, the hackers deleted all of the emails she had on-line, I suspect not out of malice, but rather to make it harder to get a handle on what information they were actually privy to.

Lesson learned: Use a variety of passwords not one. Certainly maintain a separate password for your email account. Make passwords complex, use upper and lowercase letters and special characters to make password cracking harder. If at all possible move your emails to a email client that is resident on your local computer. Outlook 2007, Outlook Express and Windows mail all have an interface for picking up email from AOL, Gmail, Yahoo, etc. Microsoft email (Hotmail, etc) can connect to even more email hosts.

At the risk of being overly repetitive, here's the link to my test the strength of your password at How Secure is My Passsword and another link to tell you if your password is too weak Should I Change my password .

Internet Explorer 9 Giving you grief?

Microsoft has released a new version of Internet Explorer, IE 9, for Windows 7 and Windows Vista users. (AOL user? Yes, that's also, really! IE with a modified face) IE9 looks nothing like its predecessors, might not be easy to understand and still has some buggy behavior. If you're looking to get your toolbars back, right click on the upper left hand corner of the browser and choose those toolbars that you want. If you're not happy with IE9 and want to revert to IE8 here's the process.

Click on the start button in the left hand corner of your desktop.
Select control panel and then Programs followed by Uninstall a program. Your view might show the programs and features menu item immediately.
Click on "View Installed Updates".
Find Windows IE9 and select it for uninstall. Disregard warning messages and after a reboot you will be returned to the previous browser version

No Grief? IE9 gives you "Tracking Protection". Enabling this feature will prevent sites from tracking your browsing activity. To enable this function right click on the settings icon in the right hand corner of the browser (cog) and select "Safety" and in the subsequent menu "Tracking Protection". You will find an "enable" button in the bottom right hand corner of the next window.

Mozilla Firefox 5 not to your liking? Unnstall 5.0. Then, here's a link to re-download 3.6 here Firefox.

What is Winmail.dat ?

if you get an attachment from someone and its labeled as winmail.dat and you're not using a Microsoft email client such as Outlook or Outlook Express then you're not going to be able to open this binary file. You could of course ask that the attachment be re-sent to you in "plain text format" but if that's not going to happen try these solutions:

If you want to view the attachment on-line try Winmail.com

if you'd like a more permanent solution try Here or Here for downloadable converters.

Short Shorts!

This website will let you watch current (not like Netflix which streams only the older releases on line) DVD rentals on line right now for about a buck or two a movie Zediva.

Skype mike not working? Check your settings. Skype presumes the mike is attached to the "pink" connector on your computer not (as is usually the case) to the external camera you purchased.

Want to capture flash video (like you tube) and store them on your pc? Try this free software Video Capture .

The results are in: For cameras and similar equipment that draw short bursts of power, rechargeable lithium ion batteries are the best bet. For everything else alkaline batteries give you better bang for the buck.

Groupon has a competitor. Try this Site Living Social for Similar deals.

Ish Y. Alter
MisterComputer.com