search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
TECHIE TALK


Trust me, I’m a doctor!


Tomorrow’s Cleaning’s resident technology expert, Dean Hudson, Development Manager for CleanLink, explains how a basic understanding of ‘root’ certificates could save your skin.


with warning messages about Q:


question made me chuckle a little, because I have seen this behavior so many times - and most worryingly, also from professional IT personnel (who are paid to know better).


A:


The problem with certifi cate errors is that it’s easy to get into the bad habit of ignoring them, as we click-away in an effort to get our work done. An analogy that comes to my mind is to see yourself as the lone security guard on night duty at a bank, when suddenly a big, red fl ashing light sparks up on the control panel marked ‘silent alarm’. What to do? Turn it off and carry on reading the newspaper?


The error is there for a reason, but let’s take a step back, away from the context of computers and consider instead, the basis of a ‘certifi cate’, any certifi cate, and what it means to possess one. And then consider how fraudsters have misused certifi cates and our trust in them, to cheat and con the unwary.


Credibility For any certifi cate to work effectively, involves two things. The fi rst is


26 | REGULAR


‘certifi cates’. It happens so often, I ignore them and carry on; nothing bad seems to happen. Am I missing something?


I don’t know; have you checked your bank account recently? Your


My web browser regularly pops up


credibility which comes from it being issued by a trusted, respected authority. Issuers of certifi cates have historically used high quality parchments, papers, inks, and embossing techniques to create certifi cates that forgers would fi nd diffi cult to copy. Determined fraudsters have perversely used this aspect of certifi cates and documents to fool the unwary. The 2002 fi lm, ‘Catch Me If You Can’, told the semi-autobiographical story of Frank W. Abagnale, who’s forgery of cheques and other documents netted him a great deal of money, stolen from those predisposed to accept certifi cates at ‘face value’.


Verifi cation A credible certifi cation process also needs verifi cation, which is not always straightforward. For instance, issues surrounding the verifi cation of Barack Obama’s birth certifi cate has led many thousands of American’s to believe him ineligible to hold the offi ce of 44th President, owing to Article Two of the U.S. Constitution, which requires such holders to be identifi ed as ‘natural-born citizens’ of the United States.


And fraudsters will go to very elaborate lengths to provide not only fake ‘certifi cates’, but also to verify their fakes as genuine. For instance, the BBC reported in 2000 on a so-called ‘diploma mill’, whereby fake doctors were being ‘awarded’ certifi cates from the entirely fi ctitious Metropolitan Collegiate Institute, and were then given entire work histories and references from the equally fi ctitious Sussex General Hospital.


Computer Verifi ed


Identities If you wanted to verify your GP against the qualifi cation certifi cates adorning his offi ce wall, you might visit the General Medical Council website to check. But, how do you verify the identity of the website is genuinely connected to the owner of the domain you have navigated to? How do you know it is not a fake site owned by the fake doctors, offering fake verifi cations? The answer is that any respectable site will offer to confi rm its identity to your web browser by showing its ‘signed’ identity certifi cate – one that has been obtained from a trusted ‘root’ certifi cate issuing authority. If a particular website has had its identity validated in this way, you can be reasonably confi dent that it is who it purports to be. But, if your web- browser gives you a warning that the site you are accessing has, say, a certifi cate ‘revocation’ error, or it tells you that the certifi cate offered is from a ‘non-trusted’ source, then you might fi nd that switching off that red fl ashing light is more akin to playing with fi re. Sooner or later, you're likely to get your fi ngers burnt!


www.cleanlink.co.uk


Want some advice from our techie? Tweet @TomoCleaning with a question.


www.tomorrowscleaning.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78