certificates

Should I click on a link to upgrade Flash?

Episode 1369

Darryl from Santa Rosa, CA

Darryl is getting messages to upgrade Adobe Flash on his Mac. Leo says do not reply to any message to upgrade your Flash, do directly to Adobe and get the update there. Hackers can compromise websites to include a bit of code to get you to click on a link. It's called a Phishing scam. Flash auto updates now. Or you can use Google Chrome and it will auto update as well. So never click on a link that offers to install an update to flash for you. It's a scam. Another thing you can do is redownload your browser, delete them and reinstall. That will renew certificates.

Is Let's Encrypt a good source for encryption online?

Episode 1284

Kevin from San Diego, CA

Kevin is interested in encryption so that nobody can snoop on his activity. Especially with Let's Encrypt, which Leo says will provide an encryption certificate for his website. It's free, too. To date, Let's Encrypt has provided over 2 1/2 million certificates for websites. And that's a good thing because offering an encrypted version of his website will boost his search engine rating.

Verify the Identity of a Website in Your Browser

When browsing the web, you may have encountered a "certificate" warning from your browser. This happens when you're connecting to a site using encryption, and the browser can't verify the identity of that site. Every browser or operating system comes with a preset list of "Certificate Authorities." These authorities could be governments, companies, or other entities that issue identity certificates to websites. This is all part of the SSL encryption process, and it verifies that you're securely connected to the right place.

Is the SSL certificate "Comodo" safe?

Episode 1166

Steve from Long Island, NY

Steve is worried about Comodo for security. Leo says that Comodo is not Kommodia, so it's not a security issue like Kommodia is. Superfish uses Kommodia to get beyond web browser security, but it was even worse. Comodo, though, is a completely different software. SSL certificates can be circumvented by those who visit Steve's site and there really isn't anything he can do about it. It doesn't really affect you -- it affects them. So Steve should get the encryption he can and understand that it's possible the end user will get something that breaks it on their end, not his.