[ALERT] Rogue Certificates

Security experts advise us not to enter passwords, credit card details, or other sensitive information on any website that does not provide an encrypted connection, and to use a bookmark to access sites that deal with banking or other private matters. But there’s a new threat being used by clever hackers to thwart both of those measures. Read on for details…

Do You Have a Rogue Certificate?
Remember hacks in secondlife are on the rise sadly Linden Labs does not have trusted certificates but they are protected and trusted.

It’s easy to tell if your connection to a site is encrypted. At the left end of the URL address bar, you will see a padlock icon and the “https” protocol label; it literally means “HTTP Secure.”

A secure connection SHOULD tell you two things. First, no one can eavesdrop on the data that flows back and forth between your browser and the site, because all traffic is encrypted. Second, the https protocol authenticates the identity of the server to which you are connected; you can rest assured that you really are connected to your bank’s site and not a scammers imitation of it.

Authentication makes use of digital certificates. A certificate is an encrypted file containing information such as the certificate holder’s name, the name of the trusted authority that issued the certificate, the unique public encryption key that the certificate holder uses, and other info. Copies of certificates are kept in a trusted “certificate store.”

Rogue Certificates

The first time you connect to a site using https, the certificate the site sends you is compared to the copy in the store; if they match, the site is authenticated. Then a copy of the certificate is stored on your computer, so future visits to that site don’t have to check with the certificate authority. Instead, your browser checks the site’s certificate against the copy in your local certificate store.

Unfortunately, clever hackers have figured out ways to plant “rogue certificates” in victims’ local certificate stores, replacing your bank’s trusted certificate with one that belongs to a rogue website. Now you’ll see the reassuring padlock and “https” even though you are not connected to the site you think you are. Also, the rogue site can now read everything you send it, including your login credentials.
Try This Signature Checking Tool

A Microsoft tool called sigcheck can detect suspicious certificates in your local certificate store. You can read about all of sigcheck’s features and how they work, or download the zip file containing sigcheck.

Extract sigcheck.exe or sigcheck64.exe from the zip file, depending on whether you have a 32-bit or 64-bit Windows PC. (To find out which you have, click Start -> Control Panel -> System. The System panel will tell you whether you have 32-bit or 64-bit Windows. If it doesn’t say either, you have a 32-bit system.)
To use sigcheck, click the Start button, type “cmd” in the search box, and hit Enter to open a command-line window.
Navigate to the folder that contains the extracted sigcheck executable file
Type “sigcheck -tv” or “sigcheck64 -tv” and press Enter

This command checks your local certificate store for certificates that were not generated by a certificate authority that is known by Microsoft. There are many certificate authorities; each has its own “root” certificate, and Microsoft keeps a database of them. If one of your local certificates appears to be valid but wasn’t created by one of the known certificate authorities, it may (or may not) be a rogue certificate.

Ideally, you should see “No Certificates Found.” If sigcheck does list some suspicious certificates, you will need to do some detective work to see which are legit and which should be deleted.

On my test machine, sigcheck flagged two certificates from Avast, my anti-malware program. Like many security suites, Avast offers a “Web shield” feature that monitors incoming browser traffic for signs of malware payloads of JavaScript attacks, and blocks them before they can do damage. To monitor an encrypted connection, Avast Web Shield has to create a certificate that allows it to read traffic. Avast needed to create a second certificate to provide real-time protection for my email, which is sent and received via encrypted connection. So these Avast certificates can remain on my machine.

Next, there’s a certificate for “Machine\TrustedPeople:Administrator.” That would be me, or anyone with administrator privileges. So this certificate can remain, too.

Certificates for “Harmony(Test)” and “HarmonyNew(TEST)” took a bit of googling. They seem to have been created during old Java installations, and serve no purpose now. Let’s delete them.
How to Delete Rogue or Unnecessary Certificates

First, I recommend that you run a full malware scan on your system before deleting any certificates, to eradicate the malware that created the certificate(s). Otherwise, the malware may simply re-create the rogue certificates.

To delete certificates, you’ll need another command-line utility called MMC.exe (Microsoft Management Console). It is built into Windows, so all you need to do is open a command-line window and enter MMC to start it. (If prompted, click YES to continue.)

Select “File” and then “Add/Remove Snap-In”
Select the snap-in “Certificates” in the left column on the next screen, then click the “Add” button to move “Certificates” to the right column.
Select “Computer account” on the next screen, then click Next
Click Finish on the final screen without changing anything.
Click “OK” on the Add/Remove Plug-ins screen

Now you see a folder tree on the left. The middle window shows the selected folder’s contents, if any. Drill down the folder tree to find the certificate(s) you wish to delete. Right-click on a certificate in the middle windows and select “Delete” to delete it.

I know this sounds a bit geeky, but if you follow the steps carefully, it’s not so hard, and will give you extra peace of mind.
Have a Great week!

Your Computer’s Worst Enemy?

Your PC or Mac shuts down without warning at random times? There are several possible causes, but overheating is the most likely, and easiest to solve. Read on to learn why heat is your computer’s Enemy Number One, and how to keep your computer from being damaged by overheating…

Signs of Overheating – And What To Do

Electronic components in your computer and other devices generate heat. The harder they work, the more heat they generate. But heat is the mortal enemy of all things electronic. (Witness the “Exploding Samsung Note 7” debacle of 2016.) So it’s important to be alert to temperature spikes in your computer,especially when using Second Life and take steps to cool it down when necessary.

How can you tell if your computer is overheating, and what can you do to keep it from frying, or worse? Sudden, inexplicable shutdowns of your computer are often due to overheating. Other symptoms of overheating include declining performance after running processor-intensive tasks for several minutes or hours. Games may run sluggishly, video may skip, and response to mouse clicks may be delayed.

More alarming are sudden software crashes, random reboots, and the dreaded Blue Screen of Death. These symptoms may have multiple causes, but overheating is one suspect that needs to be confirmed or eliminated.

Heat-sink Fan Overheating

Your computer’s BIOS (Basic Input/Output System) detects when the CPU, motherboard, hard drive, or graphics adapter is approaching its maximum operating temperature and shuts things down to avoid damaging that vital and expensive part. If you are experiencing seemingly random shutdowns, measure your computer’s temperatures and do something to lower them immediately.

Temperature sensors are built into many computer components; the trick is accessing these sensors to read temperatures. Unfortunately, Microsoft Windows and Mac OS X do not have built-in utilities to let users read temperatures. You have to find third-party software. Fortunately, there are several free temperature-monitoring utilities. Some can not only monitor temperatures but also do something to lower them.

MSI Afterburner is a long-standing favorite temperature monitoring utility. It also monitors voltages in various devices and the speed of the fan(s) which cool your CPU, power supply, and other components. Some motherboards allow users to control fan speeds while others do not; if fan speed can be controlled, SpeedFan will do it automatically to optimize the fan’s cooling.

Another tool to display temperature readings is Speccy . Speccy reads temperature sensors built into your motherboard, graphics adapter and hard drives. In addition to that, Speccy also gives you detailed information on every hardware component inside your Windows computer.

Open Hardware Monitor is a free system monitoring program for Windows and Linux computers. It monitors all of the voltage, temperature, fan speeds and other sensors built into your motherboard, including CPU temperature.

Hardware Monitor is a similar utility for Mac computers. It’s part of a suite of Mac monitoring utilities written by Marcel Bresink, and it’s available on a free trial basis. Hardware Monitor can detect and display information about your Mac’s processor type, battery data, hard drive information, voltage sensors, power and load sensors, and ambient light sensors. If you like the software and want to keep it, you can purchase it for under $10 USD.

Core Temp is designed for Intel and AMD multi-core CPU’s. It can monitor the temperature in each core in each processor in your system. It also has a logging feature to record temperatures over variable periods of time.

If you use a fan-speed controller that works with your system, it will provide several benefits. First, it will keep the temperature of your CPU and other components under the critical level, protecting your hardware and preventing shutdowns. Second, it will extend the life of your fan by running it only when it’s really needed. Third, it will minimize that irritating noise than cooling fans often make.
Other Overheating Solutions

A good rule of thumb is to make sure your CPU temperature is under 70 degrees Celsius, but each processor has a different safe operating range.
If adjusting the fan speed doesn’t bring the problem under control, there are several other possible causes for overheating. Dust is one common culprit that leads to overheating. You can buy cans of compressed air to clean the dust out of heat sinks, fans and airflow vents. Crack open the system unit every few months and you’ll be surprised at how much dust accumulates there, and how it affects your system temps.

Adequate air flow is important. A tower system should be placed so that its vents are not blocked by desk, wall, or other obstructions. A laptop can be elevated on a cooling pad to allow air to circulate under the machine. (In addition to cooling the laptop, this can keep your “human components” from overheating as well.)

It’s possible that the fans themselves may need to be replaced. If a fan is noisy, that’s a sign that it’s not working properly. Some components have built-in fans that can fail. This recently happened to the graphics adapter on my desktop machine. My computer was shutting down unexpectedly, and MSI Afterburner revealed that the temperature of that component was hitting 120 Celsius (about 250 degrees Fahrenheit). After opening the system unit case, I saw that the fan attached to the graphics card wasn’t spinning.

Another computer I had would occasionally make a loud sound that I can best describe as a combination of a “moo” and a buzz. Opening the case did not reveal any miniature cows or bees, but I did find a noisy fan with a bad bearing. As a temporary workaround in both situations, I left the case open and cooled things down with a small clip-on electric fan, until I was able to replace the failing components. Ebay is a great place to find these parts at a good price, and the only tool you’ll need is a screw driver for repairs of this type. If you’re hesitant to go the do-it-yourself route, you can find YouTube tutorials on how to fix almost anything.

It could also be that the thermal seal between the CPU and the heat sink (which draws heat away) is not good. You can remove the heat sink and reapply thermal grease, but that’s beyond the scope of this article. Again, YouTube is your friend.

Have a great week
Deuce Marjeta

Second Life Explained…and WHY are we still here 14 years after??

To the average everyday person they may hear “Second Life” and think “OMG what a bunch of losers playing on cartoons!”  

I don’t know about you guys but there are few and far between people in the “real world” who know about my ventures online in Second Life.  There would so much immediate judgmental mentality from way too many people.

I recently submerged a relative of mine into the world of Second Life and and found myself explaining to someone who has never experienced it before, I sort of compared it to “The Sims on crack”.  The best way to explain it is that there’s really no other “game” like it.  Second Life is more of a unique combination of an MMO, mixed with a RPG, then coated in a heavy thick layer of weird sex stuff.  I mean that’s kinda what happens when you give the internet full range on content creation!  The possibilities are so endless.  I mean – hey come on! One of the first places I showed her was a male strip club “Le Bare” where I proceeded to tip a dancer until he was nude and emoting for her….ha!  I blame the margaritas!  She has since established and created an avatar with my help of course and is enjoying getting her feet submerged into this crazy world we know and love.

You can do everything from building a home, having a family, to having a weird futuristic alien sex dungeon.  The limits are only that of your imagination! It becomes a safe space to release inner kinks, a place to pick your own adventure and your own path.  Kind of like the “Choose your own Adventure” books that I personally loved so much as a child.  In fact over half of the most popular places in Second Life are adult related, Go Figure!

Perhaps you are wheelchair bound in real life, so you go to a club, listen to live performances and dance your heart out in Second Life.  As unfortunate an event as it is, perhaps you cannot have children in Real Life due to medical complications so you give birth to a few babies in Second Life and start a relationship and a family.  It’s a place to have fun and meet people from all over the globe whom you’d never have met any other way.  A place to be creative, to share your talents, live out lives where it may not be a possibility in RL and even just to release some tension after a hard day at work like as many others use it as.  Whatever your outlet maybe – thi sis the diversity that makes Second Life a successful community over the past 14 yrs!  Linden Lab the creators of Second Life are hosting a 14th Birthday Carnival in June 2017.

As previously stated – you can have babies, you can have jobs, you can even make money and turn it into Real Life cash.  There are many ways to make money in game, from creating items and selling them via in world stores, events and on marketplace to webcam shows and virtual escorting to virtual land sales and customer support.  Many people have turned Second Life into a Real World job/income.  There are tons successful business people within the world of Second Life.  Marketplace offers an additional platform to sell content on – a sort of virtual catalog for purchasing user created content – everything for your avatar, to land information to home and decorating items.  The market possibilities are so vast.

There are also role play communities galore! General, Moderate to Adult content rated. There have been numerous Universities with online in world classes, museums for teaching and learning, in world classes to learn another language, and venues for art exhibits.   Community sims, with firemen and police RP, Furry forests, all the way to Vampire/Werewolves and Gorean RP.  There are also many subgames within the world of Second Life….in example…breed-able pets or plants which you can raise and sell for money.  Gaming regions for states that do allow gambling casinos. (You need to be verified and follow the SL guidelines to enter Skilled Gaming Regions).  Fighting games with HUDs (heads up displays) are also prevalent.  Vampire/Werewolf or Angel/Demon RP systems such as Bloodlines, Hunger, Eternal Conflict are quite popular.

Whatever your reasons, it’s the diversity that makes Second Life a place for everyone.

Whichever SL purpose is yours….we are so glad you’ve stayed because that’s what makes our community great 🙂

Sincerely Yours –

Jᴜʟᴇs Mᴀᴢɪᴋᴇᴇɴ Gʀᴇʏsᴏɴ (kittykat.jules)

Image result for second life

Image result for second life

New Monthly Credit Process Limits Announced By Linden Labs

In case you missed it, Linden Labs announced that they were changing the LindeX billing & trading limits to help alleviate the potential for fraud back in December of 2016. Well, that time has now arrived!

The ability to purchase and “cash out” Lindens has been a big benefit to many of our fellow Second Lifers, especially those who have been able to establish thriving businesses in world. In a sense, having these regulations helps keep that benefit secured and streamlined for those of us who use it often.

The new limits are:

LindeX L$ Buy Limit (24 hr):                US $1999.00

LindeX L$ Buy Limit (30 days):            US $1999.00

LindeX L$ Sell Limit (24 hr):                 US $1999.00

LindeX L$ Sell Limit (30 days):            US $1999.00

US$ Process Credit (24 hr):                   US $999.00

US$ Process Credit (30 days):               US $999.00

 

You are able to see where you stand within those new limits at any time by logging into your account and going here.

While this may not affect many folks, this can especially impact those who generally work with a lot of L’s each month with Process Credits and may exceed those thresholds. You are able to request a case-by-case review of an increase if these limits don’t suit your needs by going here. So, it’s certainly not the end of the world for high-volume Linden earners and consumers, but just another way Linden Labs is making sure that they’re enforcing financially responsible measures!

 

Bria Oceanside

ZoHa Blogger/Social Media

Women Impersonating Men In Second Life

Are you sure that he is really a “he”?

Let me please preface this with the fact that the opinions I express are solely my own. Additionally, I encourage you to read this in its entirety before you form your own opinions so you’ve had a chance to absorb some perspective.

But yes, we are here today to discuss the popular existence of “real life” women whose Second Life characters appear to be men. For years Second Life was notorious for the large population of “real life” males that would choose female characters and otherwise living as females in Second Life. While there was a healthy number of people who are actually transgender and actively transitioning in “real life” (thus, utilizing Second Life as a great outlet for this) there were many that would keep their “real life”gender identity a secret or simply mislead, while carrying on relations(hips) in Second Life with a partner none the wiser.

Nowadays, it’s pretty common knowledge that if someone’s “real life” gender matters to you when it comes to someone you are interested in, one of the first things you should do is have a conversation with them on voice. If someone insists they can’t speak on voice (no mic, don’t have privacy etc) then it’s a good rule of thumb to be cautious and not get too involved until they can voice-verify. They may have a “real life partner they’re not disclosing, or are not being honest about their “real life” gender identity.

But, I digress. There was always a stigma among women to prove they were women and not “a man in disguise” by men who were interested in them. Having to say “voice verified” (which isn’t really a verification process in SL, by the way) or “can voice verify” became the norm in a lot of profiles. Men started reverse searching the “real life” pictures women would share to make sure they weren’t being catfished or tricked by another man before jumping on a pose ball.

However, male avatars weren’t always held to the same level of scrutiny.

Now, there are many “real life” women who choose to exist in Second Life with male avatars or masculine female avatars and are 100% transparent about it. That’s not even an issue, and I appreciate the honesty. But there seems to be a quiet growth of women who impersonate men simply because they know it would be easier to land a date as a man rather than as a woman.

While this might seem counter-intuitive, I had been in that exact situation with someone that I had always suspected was actually female outside of Second Life. Mind you, as someone who essentially has a non-preference sexually, it didn’t really matter to me. But they didn’t realize this and carried on like they were actually male offline. They sent pictures of someone that I was easily able to see wasn’t them (thanks, Google reverse searches) and ultimately when I insisted on meeting offline so I knew  I wouldn’t be wasting time, they bolted. It was almost two years later before they would admit the truth.

While this could have easily of been  singular instance, it’s far from that. And while some of the “red flags” should make it obvious, some women get into relationships in SL with people that won’t verify for the same reasons some women wouldn’t verify that they were actually women.

Second Life is supposed to be a place where you can be anything you want to be, and that is what makes it beautiful. But, on the flip side, is there a code of ethics? Are we responsible for making sure that we’re honest about our “real life” selves?

I have actually heard arguments on both sides of the fence, but I boiled it down to a very simple opinion:

If you are investing offline feelings, or someone is investing the same in you, you better fess up. From personal experience it can only go so far until you have to either face it or walk away, and either can leave you by yourself if you haven’t been honest. Don’t carry on being someone or something you are not if it comes from a place of needed a void to be filled or otherwise avoiding loneliness in a manipulative way.

 

Bria Oceanside

ZoHa Blogger/Social Media

Is It Infidelity? Micro-Cheating in Second Life

Are you micro cheating?

The evolution of technology has led us to some pretty unfamiliar territory when it comes to how we behave outside of our relationships, how we find love and how we can start veering in the the “infidelity” territory. When it came to cheating, it used to be a lot more cut and dry than it’s become today. There was physically cheating, and then there were emotional affairs. It was, in its own way, uncomplicated.

But then, the phenomenon of micro cheating emerged.

Micro cheating is, in a nutshell, much that is inappropriate for you to do when you are already in a relationship. This can include flirting (even if just online), getting excited when you see someone’s name pop up on your timeline or friend’s list, posting things on social media hoping “someone” will see it, purposely liking photos and posts of an ex, and hiding your phone. The idea behind micro cheating is that it can be a gateway to actual cheating….a cheating stepping stone, if you will.

Now we have a slew of ways we can talk to people without our significant other being aware: social media, texting, Skype, even Craigslist if you’re that eager. It’s easier to discreetly plan out no-strings situations and move on with your life with a blissfully unaware (or intentionally blind) partner back at home. It gives us access to ex’s, to strangers, and to always keep options open if you get seduced into the “grass is always greener” mindset through the plethora of swiping opportunities.

And then, we have Second Life, this beautiful and boundless space that we all share. It is a massive world filled with incredible diversity and……plenty of people that are unhappily spoken for in the real world.

You often see people who clearly state that they are taken in real life, but will blatantly try to talk to you in a non-platonic way. Sometimes there’s nudes they try to share, or they simply want you to grace them with your presence when they log. Sometimes folks seek out sexual “encounters”. In some way shape or form they will seek out the attention of people that coax that interest out of them.

Since roleplay is such a huge part of this virtual space, so comes the opportunities to roleplay as families and with virtual partners. While many keep it online and make no plans to take it offline, more often than not there are genuine feelings that are developed. So, unless this is something that you’ve openly discussed with your real-life partner and they’re comfortable with, welcome to the world of micro cheating.

Micro cheating isn’t fully recognized as cheating as much as it is this grey area between being faithful and not….and a tempting stepping stone for many to take it to a dangerous level. It can lead to texting, sexting, inappropriate calls and video chats, or even that ultimate form of betrayal: meeting in person. But, the most dangerous part of it all, honestly, can be the fantasy of falling in love and truly believe that it’s real.

Now, believe me when I say I wholly support the possibility of genuinely finding your perfect other half in Second Life. Just like dating offline, you never know when you will come across someone that you fully click with and decide to explore those feelings with. However, JUST LIKE REAL LIFE, if you start that venture in a shaky situation, it’s probably not going to end well.

Micro cheating in Second Life often can lead to or involve very unhealthy behaviors, such as a partner who is possessive (to the point where they do not respect that you already have a S/O), neglecting the relationship you should be focusing on instead, or even interfering with your social life and free time. I have witnessed many a person fall head first into a virtual relationship that managed to nearly drown in record speed.

In the end, we’re all adults here and can “play” this “game” any way we choose- but in the end, micro cheating in Second Life is a surefire way to create a destructive path to nothing worthwhile.

 

Bria Oceanside

ZoHa Blogger/Social Media