Email certificates provide the strongest levels of
confidentiality and security for your electronic communications by
allowing you to digitally sign and encrypt your mail and attachments.
Encryption means that only your intended recipient will be able to
read the mail while digitally signing allows them to confirm you as
the sender and verify the message was not tampered with en route.

How to obtain one?

There are many sources offering certificates for digitally
signing of email. Many of them are commercial some of them are free.
If you’d like to test this feature Comodo offers a free certificate
for personal use.

Go to

http://www.comodo.com/home/email-security/free-email-certificate.php

and click on Free Download

Fill out all the details
and soon you will receive the certificate by email.

How to install one?

This is how it is installed in
Mozilla Thunderbird running on Linux. No dobt the procedure might
differ on different systems and/or email clients.

After install the certificate is
available in Mozilla Firefox but not Thunderbird, so it needs to be
exported from Firefox and imported inside Thunderbird.

1. Go to
   Prefferences->Advanced->View certificates

2. Click on the certificate
   (it’s on the Your certificates tab)
   and click Backup

3. Save the certificate
   somewhere on your
   computer. It’s a good ideea to keep a copy of your certificate for
   future reference and so you can password protect it so it won’t be
   possible to be imported without knowing this password. (this will
   prevent unauthorized persons from posing as you using a stolen
   certificate backup)

4. Open Thunderbird.. Go to
   Account settings=>Security (under
   the account you created the certificate for)

5. Go to View
   Certificates and click import.
   Locate the certificate you exported above and import it. You will
   have to type the password you entered earlier.

The above procedure will no doubt
be different across operating systems and email clients but the basic
steps should be the same. For example it’s possible that if you use
Outlook and Internet Explorer the certificate will be already
installed in both without requiring extra import/export.

Other certifcate
providers:

• http://www.instantssl.com/ssl-certificate-products/free-email-certificate.html

• http://www.verisign.com/authentication/digital-id/index.html

• http://www.pgptrustcenter.com/digital-certificate-solutions

Infected usb drive autorun message. Notice the two Open folder to view files?

Most of the times, when the drive is infected some of the icons will look weird: Unknow program type icons, two open folder to view files entries, and so on.  So, any of those show up, or you have used your stick on a suspect computer (or a public terminal) you probably have a virus. So, click cancel. If there’s nothing you need on the stick stop right here. Just go to my computer, right click on the drive and format it. The virus, along with all your files will be gone.

If you need the files it’s going to be a little trickyer:

Go to My computer. Right click on the problem disk and choose explore. NOT open, run or anything else. Make sure windows is set to show hidden and system files. DELETE the following file and folders:

autorun.inf, RECYCLED, RECYCLER, and any other suspicious file or folder it is not yours. Be careful not to run or launch anything.

Done, all clean.

One of the problems I faced is needing to make changes on inherited machines that nobody knew the passwords for. So, if you face the same problem, or you simply forgot the root password because you usually use a normal user account here’s what you have to do to reset the password.

What you need: a bootable linux cd or flash usb drive. (You could use the slackware install disk, but any bootable, or Live CD should do as long as it has drivers for your filesystem and basic hardware)

You need to reboot the machine and boot it of the CD/USB stick. For the sake of the demonstration I will asume you use the slackware 12.2 install disk. If you use another just boot it and open a shell/console.

Log in as root.

Create a temporary directory to mount your / (root) partition where Slackware Linux is installed:

1

mkdir /tmppart

Mount your partition there:

1

mount /dev/hda1 /tmppart

Of course you need to replace hda1 with the partition where / is on your drive. Next you need to edit /etc/shadow to remove the root password.

1

vi /tmppart/etc/shadow

Locate the line starting with root: followed by letters and numbers. It’s easy, it’s usually the first line in the file. Remove everything between the first two : . Alternatively, if you know the password of another user copy everything from between the first two : to the root user.  Save the file and reboot.

Root should now have no password / a password identical with the one of the user you copied it from.

Easy. Useless to say that you must understand that if you don’t own the system / don’t have express permission from the owner you are doing something illegal. If you get arrested/fired it’s your problem.

Lately it seems to me that Ad-aware is lagging more and more behind Spybot. A friend of mine recomended Combofix so I gave it a shot. So after some time I can say that it’s pretty good. It’s sure a good tool to have.

When running it requires you to disable you antivirus software so that might be a little annoying. What I like is the plain old console look:

Combifix starting up

It’s small, doesn’t require installing and autoupdates its self at start. It also creates a system restore point before scanning. All in all a valuable tool to have in your toolbox.

You can find more information here: bleepingcomputer.com