- Why are touch screen monitors so much more vivid?
- How do I repair my system if the registry can’t be loaded?
- If we login to a site securely will our other activities be secure?
- Someone is signing me up for newsletters I don’t want – what can I do?
- Why can’t online services tell me what my password is?
- How do I tell who really sent an email?
Links above are to Ask Leo! articles based on the transcript below.
Download the mp3 [14M]
Welcome to AskLeo! Answercast #152. I’m Leo Notenboom and I’ll be answering questions that people are asking out at askleo.com.
Today’s Answercast is brought to you by The Ask Leo! Guide to Routine Maintenance. Keep your computer running better and longer; that’s what the Ask Leo! Guide to Routine Maintenance all about. Culled from the articles on Ask Leo!, it will help you speed up your computer, free up space and avoid spending money you just don’t need to spend by making that machine last as long as possible.
The Ask Leo! Guide to Routine Maintenance can be purchased in either of three formats: a downloadable PDF, as a Kindle book or as paperback from Amazon. Regardless of which one you choose, once you register your book using the link in the book, you’ll be able to download any of the digital formats of the book including PDF, mobi and epub. Also, once you register your book, you’ll get access to companion videos that demonstrate the various steps that are outline in the book.
You know, I see people discarding computer way too early. And it just doesn’t have to be that way especially when the problem that they’re trying to solve is all about the software – not the hardware. The Ask Leo! Guide to Routine Maintenance can help. Visit askleo.com/guide to learn more and purchase your copy today.
Why are touch screen monitors so much more vivid?
Leo, I’m looking for a monitor, 22 inches. I’ve been in several stores and no one can tell me why a touchscreen monitor is so much more vivid and bright, and the images just jump out at you compared to say, an LED or LCD monitor. What a difference! I’m running Windows 7 and I’m thinking this is what I’m looking for. It seems that these monitors are used on an all-in-one PC. Are they available separately? I don’t have any intentions to use the touchscreen but the colors and the display are unbelievable! What’s the difference? What do these monitors have that the others do not? And also, are these monitors even compatible with Windows 7?
To be honest, I don’t know. I can and I will speculate a little – but I do want to talk about touchscreen in general specifically with respect to compatibility and hardware requirements. Realize that most of the touchscreens are in fact LCD monitors.
First, the speculations. Two things come to mind: the touchscreen materials that somehow detect touch may require that the monitor itself behind that material be brighter so that the image, for lack of a better term, “punches through” whatever that material might be.
Or, perhaps they’re just better monitors. It could be as simple as the brightness and the contrast adjustments on those screens.
Now, external touchscreen monitors are rare. A traditional monitor is mostly a one-way communication from the computer to the screen. Touchscreen adds a data path in the other direction. Somehow the touch actions that you do on the screen need to somehow get sent back to the computer. Traditional video cables and such just don’t do that.
Internal touchscreens for tablets and laptops and convertibles and the like can be directly connected to the computer internally in several different ways. Externals will probably need some kind of an additional connection, probably USB, and perhaps depending on the version of Windows or your machine, probably some drivers as well.
Windows 7 is “compatible” in the sense that it actually knows little to nothing of touch. A touchscreen, particularly if it has USB for that reverse path, is most likely seen as a track pad or a mouse with a normal LCD monitor. If it’s hooked up internally it will depend a great deal on the drivers that are used for that monitor exactly what it appears like in Windows 7. Those drivers should be supplied by the computer or monitor manufacturer. How well it works will vary tremendously from device to device.
Windows 8, of course, is compatible. The concept of touch is baked into the operating system. One thing that’s important to realize is that Windows 8 itself does not require a touchscreen. It will work fine with traditional monitors.
It’s really hard for me to say exactly what you should do. If you have Windows 7, I’d be tempted to simply look for the best looking monitor that meets your needs, and that you can afford, with or without touch. Personally, I think it’s quite unlikely that you’ll find an external monitor with touch that falls into that “you can afford it” category.
How do I repair my system if the registry can’t be loaded?
My system, Windows XP Professional, won’t load. When I turn it on, I get this message, “Windows could not start because the following file is missing or corrupt: \Windows\System32\config\system.” And I don’t have an installation disk. I read some of your material and it looks like I have the i386 folder in the right place but I can’t get to a command prompt. I have a rescue and recovery disc but the only thing it will do is let me load the original backup created when I bought the system back in 2008 or bring the system back to its original factory state.
I really don’t want to do either of these two things. I researched the problem and I could repair the five registry files with a series of DOS commands (from a Windows paper) if I can get to the recovery console and then just restore the system to a previous restore point. After reviewing the material, from Microsoft, I think I can do it. But I want and need to upgrade my system so it occurred to me to just buy Windows 8.1 and do a clean install and then restore my backup that I made about a month ago but I’m concerned that I might overlook something.
All of the programs that I use also have to be reinstalled or redownloaded and installed so I’m looking at perhaps hours and hours of work. So I really have two questions. The first one: is there a handy informational guide to a clean install that will bring the system back to nearly what it was before but with a brand new system. If I decide to fix the system instead, can I buy a non-OEM installation disk for Windows XP Professional or does it absolutely have to be an OEM disk that is compatible with my machine?
Unfortunately, the file that’s missing, or corrupt based on the error message, is actually the system registry or actually one of the major hives of the system registry. On my Windows XP machine, it’s something like 30 MB in size so it’s not something that you can just recreate with a simple command. Or, is it?
That file is actually a core component of Windows itself. It contains the system portion of the registry; the database of system settings and information that Windows uses and keeps track of. There’s no magical command to simply recreate it from scratch. The only real hope is a backup. Now it sounds like you might have one but there might also be another.
You mentioned that you have a backup from about a month ago. If that’s an image backup, an image of everything, you could restore that. That would restore, well, everything, including that missing or corrupt file. Alternately, it’s possible that there’s a backup of that file in the same folder. On my XP machine, there’s something called system.sav for example, which is a few days older than the actual system file. You can copy system.sav on to system and maybe, I have to stress maybe, things would work.
So, the question you have course, is how to copy it if you can’t get to a command prompt? That’s an issue but there is actually one not quite so obvious solution. Linux.
Specifically if you can download and burn a Linux Live CD or DVD on another machine, then boot your existing machine from that DVD, you may be able to use Linux to perform the copy operation that we’re talking about. Yea, it does kind of sort of mean learning to do things the Linux way, which is similar but not identical, but it might very well be an option – probably one of the first things I would try.
To be honest, I’m actually a little bit more concerned about why this happened. For example, if it’s a hard disk going bad, whatever fix you put in place might be temporary. If it’s a software issue, just replacing the file from a backup isn’t going to fix the software issue that caused the problem in the first place.
So, I’d be a little concerned about exactly why this happened, and how it happened, to begin with.
Now, to answer your two questions: a retail Windows XP disc might work to repair your existing installation. It might not. It should at least get you a repair console, if that’s all you’re looking for. And at the extreme end, a retail disc will let you reinstall Windows XP from scratch. An OEM XP disc may or may not work. It’s actually impossible to tell. To stack the deck in your favor of course, you’re going to want to get the OEM disc for that specific computer or at least from that computer’s manufacturer.
The steps for upgrading a machine such as this to Windows 8 are actually extremely simple.
First, confirm that the hardware supports it. Windows 8 does place a couple of additional requirements on the CPU that some older machines might not meet. If that’s the case with your machine, you can probably still upgrade to Windows 7.
Back up your machine. If you haven’t taken an image backup lately, do so now. Even if you can’t boot, you can often boot from the backup software’s rescue disc and use that to make a backup image of the machine. That way you’re certain that you’re not going to lose anything when you perform the following steps.
The third step, well, install the operating system from scratch. That typically means wiping out the hard disk and installing only the operating system and basically getting up to date.
Next, install all your applications from scratch.
And then finally, restore your data either from that backup you started with or from wherever else you happen to save your data.
With Windows XP, you might be able to perform what’s called a repair install that would leave your applications installed while refreshing the operating system. But a move to Windows 8 from Windows XP actually does require a reformat and reinstall.
If we login to a site securely will our other activities be secure?
Hi, Leo, when I logged on to eBay it’s using https. But when I then move off the sign-in page, it’s evidently no longer https; it’s plain old http. If we’re traveling and we use Wi-Fi, will our eBay activities be secure?
Nope. This is actually a very important thing to realize about the difference between http and https. The fact that eBay uses https for the login means that yes; your login at least is protected. That means someone in an open Wi-Fi hotspot, or with some other kind of network access, can’t easily sniff the traffic and determine your eBay login credentials. That’s a good thing.
The fact that after you login it switches back to http, means that the rest of your activity is not protected by encryption. That means that in an open Wi-Fi hotspot, for example, that suspicious character in the corner could be watching what you’re viewing on eBay, and what you’re bidding on, and basically your entire activity on the non-https portions of that site.
While it’s not the end of the world, it’s not necessarily a good thing. And of course, for sites other than eBay it could be a very, very bad thing or it could be a complete non-issue.
Many sites are indeed moving to using https for everything or are already there. Email sites, for example, needed to do this early on since reading email can often contain very sensitive content. Other sites, simply don’t offer https as a connection mechanism.
I don’t know where eBay is going to fall into this category. If https is even an option for their other pages. A good resource, if you’re curious, is eff.org/encrypt-the-web. I’ll make sure that link is in the notes. That includes links to a list of major players and exactly which sites do what with respect to https.
So, if you can’t use https, and you’re in a potentially insecure location like an open Wi-Fi hotspot or a wired connection at say a hotel, what do you do? Well, the easy solution is to use a VPN service. VPN stands for Virtual Private Network. What they do is they set up an encrypted connection between your computer and the VPN service. All of your internet traffic then travels over that connection – encrypted. Http or https, it doesn’t matter – it’s all encrypted and nobody in that Wi-Fi hotspot or connected to you hotel network will be able to see, sniff or understand exactly what it is you’re doing.
Someone is signing me up for newsletters I don’t want – what can I do?
Some nasty minded individual, maybe an upset employee or an ex-employee seems to be trying to disrupt my email. Recently I’ve started receiving very many free subscriptions to all kinds of online newsletters, publications and other absolute garbage ranging from kids’ clothes to women’s makeup to porn. One day I received over 50 and they keep on coming.
Probably half of these do the correct thing in that I have to respond before they will add me to their mailing lists. The problem is that the other half doesn’t and I just keep getting their emails. Most of these are really a pain to get rid of. I’ve tried unsubscribing many times but they keep coming back. I’m using Thunderbird as my email client, which really doesn’t have any effective spam filter, that I’m aware of. Do you have any suggestions as to what I can do?
The very short answer is to treat them as spam. I’ll explain why, and I’ll talk about Thunderbird’s spam filter, which does exist, and perhaps one alternative within Thunderbird as well.
This is one of the reasons that most reputable email newsletters and other services have what is called a double or confirmed opt-in. What that means is that it’s not enough to simply provide an email address to sign up. The person receiving email at that address must then confirm that they did, indeed. sign up and do want the email.
It’s how the Ask Leo! newsletter works; you provide an email address and then confirm by clicking a link in the email that is then automatically sent to that address.
As you can see, mailings that do not use confirmed opt-in are subject to abuse – and that’s why I feel it’s appropriate to label what you do get in that manner as spam. If you’re getting things you didn’t personally sign up for, that’s almost the very definition of spam. That they originator didn’t use confirmed opt-in, well, to be put it bluntly, that’s their problem. They’re going to get marked as spam more often than more well behaved newsletters.
To be even more blunt, they should be using confirmed opt-in and this is the price of not doing so. So I have no problem whatsoever marking them as spam.
Thunderbird does indeed have a “learning” junk mail or spam filter. If you right-click on a message, you can mark it as junk, for example, and Thunderbird should learn over time. You might also need to enable junk-mail filtering in the settings for that specific email account. Now, it may not be as good as other junk mail filters, but its definitely there.
Now, one other alternative is to use Thunderbird’s ability to create what are called message rules or filters to dispose of the messages. Since these are typically newsletters sent from a consistent source, you can define a message processing rule, or filter, that basically says, “if the message is from this sender (where the sender is one of those unwanted newsletter senders) then delete it or move it to a folder, or mark it as junk” or whatever else you might want to do.
Yea, you may have to add or update a filter for each new subscription you end up getting but not wanting. But then at least that subscription will be taken care of and will stop showing up in your inbox, at least after the filters have run.
Now, I also have to unfortunately urge caution on using those unsubscribe links. Since we don’t know what kind of things you’re being signed up for, it’s very possible that the unsubscribe links, well… don’t. It’s possible that they act like unsubscribe links in traditional spam and actually could result your getting more, not less, spam email.
Use your best judgment of course, since I’m sure some are probably legitimate but if there’s any doubt, don’t click on an unsubscribe link. Use your spam filter or message rules to deal with that subscription instead. Hopefully, eventually, the person trying to annoy you will eventually give up and get tired and move on.
Why can’t online services tell me what my password is?
Why can’t an online service like Gmail or Hotmail or any of the others, just tell me what my password is rather than forcing me to reset it all the time? I mean, they have to know what it is anyway so that they can check that I’ve entered it in correctly. Right?
Actually, believe it or not, wrong. Now, in reality, some services actually can tell you your password and you know what, that’s a really, really bad thing. Among other things, it really brings in to question, that service’s real understanding of security.
First, let me explain why services don’t actually need to know your password.
There’s this mathematical concept called a one-way hash. What that means is that using a well-defined algorithm, you can transform a string, like say a password, into a very large number. Now this algorithm has some really important properties.
- First, it’s consistent: for any specific string you enter, it will always return the same number for that string.
- Second, it’s extremely unlikely that two different strings would produce the same number. It’s not impossible, but it’s so extremely unlikely as to be practically impossible.
- And third, and perhaps most important, it’s impossible to go backwards. It’s impossible to take a number and somehow calculate from that number the string that was used to create it. That’s the one-way part of a one-way hash.
Now, I know, it all sounds pretty magical and in many ways it feels like it is. It’s a fundamental concept or tenet of cryptography, actually that relies on things like hashes. And we’re definitely talking some really complex algorithms here. This isn’t a very simple mathematical formula. This is something that is fairly complex and absolutely, takes a computer to do. But it really does work.
So what that means, then, is that the correct way for an online service to handle passwords works like this. When you set up your password, or you change it, the service takes the password you enter (that string) and immediately calculates this hash value. It then stores this hash value in its account database and completely discards your actual password. Now, when you later log in, the service calculates the hash value of whatever it is you typed in as your password. If that value matches the value that was calculated when you first created the password (the value that’s stored in their database) then by definition, you must have typed in the correct password.
So the service really only needs to save this hash value; it never has to keep your actual password.
So, why is this so important? Well, I’m sure you’ve heard of various database breaches in the news over the last couple of years. This is the scenario where some hacker breaks into the actual servers of some service and steals their actual database of accounts. If that database contains only properly created hash values, the hacker can’t get your password, because there’s no way to go from that hash value and calculate what the string was that created it. You only have the hash value. If on the other hand, the database actually contains the actual passwords; well then, the hackers have complete access to all of the accounts in that database.
That’s bad. I mean that’s really bad.
So if you encounter a service that actually can tell you what your password is, they’re not doing security right. I’d be very wary in fact, of what other kinds of things related to security that they might also not be doing right.
How do I tell who really sent an email?
Leo, how do I tell who really sent me an email? And I mean their real name, location and telephone number if at all possible?
The super short answer to this question is really, really simple – you don’t.
I’m assuming you’re not the police or law enforcement. They often can get a lot of information – more than you or I ever could – but most what I have to say will look at the various pieces of data that is associated with an email and how little it actually tells you, or how easily it can be completely falsified.
I can think of only one scenario where you might get lucky, but that’s only if the sender isn’t being particularly careful.
First let’s start what exactly shows up in the “From” line of an email. You can count on exactly none of it being accurate. Not only can the name displayed on the “From” line be falsified, but the actual email address that is listed as the “sender” can be completely bogus. You know this already because you get spam like this all the time; spam that looks like it came from people you know (or in some cases even from yourself) knowing full well that those people or you had absolutely nothing to do with sending that email.
It’s actually quite trivial to set up. You don’t even need any special tools. You can simply lie when you set up an email account in your email program and if you have a permissive enough mail service (and most are) then you too can send mail that looks like it came from anyone.
Don’t do it. It’s bad form, unethical and in many cases, flat out illegal.
Now, even if you could count on the email address being accurate, it still wouldn’t help you. There’s no directory or address book or global source of information that maps an email address back to a real person – and most certainly not to an actual address and/or phone number. Yes, those people’s mail services may, or in fact may not, know that information but they just don’t disclose it to anyone It typically takes law enforcement with some kind of a court order or warrant.
Now, I said that they “might not know” because it’s so easy to set up a fake account. You can go to Gmail or Outlook.com or Yahoo or any of a number of online free emailing services and set up an account. And when you do so, you can simply lie about everything. You can lie about your name, your location, your age, your phone number, your anything. In cases like this, the service itself simply and honestly has no real idea of just who you are.
So the next piece of identification in the trail are usually IP addresses that are recorded in the headers of the email. Now by header, I mean the information that you typically you don’t see when you’re just reading your email. Headers are a record of the servers that email has passed through on its way to you.
How you find and view the headers varies, depending on your mail service. In Outlook, for example, I think you have to find Properties on the message and in there in the Advanced Tab, or something, you find something called “Internet headers.” In Gmail, you can View Original and it shows the actual raw email message complete will all of the headers.
Headers are added by the email servers as they pass messages from the source to the destination. That implies that at the beginning of the headers would be the IP address of the originator. Sometimes, that’s actually true. As we’ll see in a moment, it’s not helpful, but perhaps true.
In many cases, the IP address you want actually isn’t there. For example, if you sent email using a web-based interface, most do not include the IP address of your computer. The first IP address in the header is that of the mail service that’s originating the message itself. So in many cases, the IP address you’re looking for just isn’t there.
What if it is? Well, as I’ve discussed many times, and in many articles before, you cannot get someone’s information from just an IP address. The closest you and I can get is to determine what ISP owns that IP address. In some cases, that can tell you, with wildly varying degrees of accuracy, what part of the planet they’re on. And that’s about it.
Once again, it takes law enforcement and a fair amount of additional legwork to even get close to identifying the specific individual at a specific IP address – and even then it’s not always possible.
So, I did say that there was one case where you could get lucky, and it works like this – if the sender used a real email address that they’ve used before; if you then Google that email address you might find something out about it. Now, you don’t know actually if the email address is legit. Again, it could have been spoofed. But you may be able to get some additional clues from search results on that email address.
But to be honest, that’s about as good as it gets and it’s just not that good.
I do the Ask Leo! Answercast every week so if you have a question about your computer the internet, or technology head on out to askleo.com to search for your answer or ask your question. You might hear it answered here in a future Answercast. I also put out a newsletter every week. The Ask Leo! newsletter includes answers and fixes, and safety tips, opinions, and rants and even the occasional answer as to just why things are the way they are.
Please back up! You know, I plug this every single week because it’s so incredibly important. Nothing, can save you from almost any disaster, like a proper and recent backup.
Please be aware that all of my answers are based on my own personal experience and should be used entirely at your own risk. Unfortunately, I just don’t know you, your abilities, or the specifics of your machine and all those details can make all the difference.
The Ask Leo! Answercast is a production of Ask Leo! and is copyright 2014. Thanks for listening. I’m Leo Notenboom and I’ll be back soon with another Ask Leo! Answercast.