Do Certificates allow spyware?
10-31-2004, 01:30 PM
#1
Contributing Member
Thread Starter
Do Certificates allow spyware?
I was reading on another forum that Certificates may allow spyware to be constantly reinstalled on a computer even after an AdAware or Spybot cleaning. Anything to this post and suggestions?
"From the Certificates Manager you'll see tabs for Personal, Other People, Immediate Certificates Authorties, and Trusted Root Certificates.
Your Personal and Other People tabs should be empty. Immediate Certificates entries can all be deleted (you'll see lots of junk there), and finally in Trusted Root Certificates the only ones not to delete are from Microsoft. Lots of foreign companies there plus verisign and equifax."
"From the Certificates Manager you'll see tabs for Personal, Other People, Immediate Certificates Authorties, and Trusted Root Certificates.
Your Personal and Other People tabs should be empty. Immediate Certificates entries can all be deleted (you'll see lots of junk there), and finally in Trusted Root Certificates the only ones not to delete are from Microsoft. Lots of foreign companies there plus verisign and equifax."
11-02-2004, 08:16 PM
#3
Guest
Join Date: Oct 2002
Location: North Bend, WA
Posts: 1,093
Likes: 0
Received 0 Likes
on
0 Posts
Don't remove the trusted / root certs. Unless you actually approve the addition of a cert to this list, they are all good and approved by MS (ha, don't let that scare you...).
The only way a cert could allow programs to reinstall without prompting is if you first said 'Yes' to install software and checked the box to 'Always allow from this company'. In general, you never want to check that box unless you are familiar with the company and what they provide.
Jim
The only way a cert could allow programs to reinstall without prompting is if you first said 'Yes' to install software and checked the box to 'Always allow from this company'. In general, you never want to check that box unless you are familiar with the company and what they provide.
Jim
11-03-2004, 02:29 PM
#4
Contributing Member
Thread Starter
Thanks Jim! If I delete all the Certificates except for MS, will that cause any problems with stuff already installed or needed to run apps on board now? I don't remember if I checked the box you mentioned, so to be safe I'm thinking to delete all, maybe even MS, to be safe?
11-04-2004, 05:02 AM
#5
Guest
Join Date: Oct 2002
Location: North Bend, WA
Posts: 1,093
Likes: 0
Received 0 Likes
on
0 Posts
Actually, I think I may have mixed up a couple things. The more I think about it...the certificates are a very different thing than just the browser's install routine. 
Whenever you go to a site that has SSL enabled (you'd see a little gold padlock on the bottom bar of IE), it checks that certificate against this list of trusted root servers. If the cert is from one of the root servers, it will contact that server and verify the cert (if bad, it will warn you; if good, you won't see a thing). If no server matches, it will ask you if you'd like to trust that website's security.
All in all, I don't believe there is anything bad they can do by just enabling SSL (other than give you a false sense of security). In general I would advise against deleting those trusted / root certs...it would probably just cause some headache down the road.
Jim
Whenever you go to a site that has SSL enabled (you'd see a little gold padlock on the bottom bar of IE), it checks that certificate against this list of trusted root servers. If the cert is from one of the root servers, it will contact that server and verify the cert (if bad, it will warn you; if good, you won't see a thing). If no server matches, it will ask you if you'd like to trust that website's security.
All in all, I don't believe there is anything bad they can do by just enabling SSL (other than give you a false sense of security). In general I would advise against deleting those trusted / root certs...it would probably just cause some headache down the road.
Jim
Thread
Thread Starter
Forum
Replies
Last Post
Stegall984R
Computer Talk
16
09-19-2005 06:20 PM
