How To Subscribe and Unsubscribe is at the end of this note.
Mailing List Trouble? See http://www.langa.com/help.txt
Want an easier-to read formatted HTML version? See http://www.langa.com/whats_new.htm

Please use this super-fast form to email this LangaList to a friend!

The LangaList

In This Issue:
Cookie Monsters
Word 97 Security Bug!
Office/Outlook/VB5/Project Bug!
FREE BrowserTune 2000 Demo
A "Disposable" PC?
FREE Software For You
1,000+ Recommendations
Sorry State of Desktop Software
More BIOS Reset Tips
...and FREE Info On Almost Any BIOS!
The Most-Requested Tip
Solving A Floppy Drive Problem
Avoid a $29 Rip Off!
Just For Grins
More!

Cookie Monsters

You know you're programming too much when you have dreams in JavaScript.

But I actually did the other night: I'd been struggling with a programming issue and had had a frustrating few hours trying to resolve it. I went to bed very late, and sometime during the night my unconscious mind saw what my conscious mind had missed, and I woke up with the answer. 8-)

You see, the new version of BrowserTune will offer a very automated option: If you wish, the tests will all but run themselves, and will perform many diagnostics entirely on their own. They'll also keep score for you so at the end of the tests, you'll get a complete, customized report (both onscreen and via email, if you choose) that will tell you what's right with your browser setup, what's not right, and what you can do to make it better.

This automated method depends heavily on JavaScript to conduct the tests, to sniff out problems with your browser, and to record the results in temporary files ("cookies") on your hard drive.

Some people hate---and I mean hate---cookies. I'll have a manual series of BrowserTune tests available for them. But cookie-phobia is usually a misplaced concern:

Cookies are just plain text files. They’re commonly used to track which web pages you’ve visited, which ad banners you’ve seen, whether you’ve registered or not, and so forth. Cookies are designed so that only the web site that created them can read them---one site can't readily snoop another site's cookies, for example.

What's more, cookies can be set to self-destruct ("expire") after whatever interval the site-owner specifies. For maximum safety, I'm building the BrowserTune cookies so that they self-destruct as soon as the tests end and you close your browser. No test results will be retained beyond the end of your current browser session.

To me, cookies seem pretty harmless. Despite commonly-voiced concerns among the anti-cookie faction, cookies (or the JavaScripts that create them) won’t let website owners surreptitiously figure out who you are, for example, or reveal credit card info, or covertly index all the software on your hard drive to list the serial numbers (or lack of serial numbers) of all your software.

If you voluntarily enter personal information into a web page questionnaire or order form, then that information could be stored in a cookie, but it could only store what you’d entered.

A clever JavaScript can sniff out what kind of browser you’re using, what OS you run, what your screen resolution is, and some other similar pieces of harmless information. But even if all that were baked into a cookie---so what?

Yes, there are tricks malicious webmasters can use to try to obtain specific kinds of personal information from your system, but this kind of bad behavior involves holes in browser security, and has nothing to do with cookies per se. Plus, it would be incredibly stupid for a malicious website operator to place illicitly obtained information in a cookie where you could see it and see which website had gathered the illicit information.

It's ridiculously easy for you to check your own Cookies: There are many freeware and shareware apps that make it simple, or you can just look in the cookie folder. MSIE uses /windows/cookies; Netscape uses the Netscape/Users/YourName folder. You can open and read your cookie by dragging them to Notepad.

You'll see it's pretty boring stuff: Most cookies these days are created by ad banners so a site will know if you've been there before and what ads you've seen. Yawn. While you're in there, if you see any cookies you don't like, just delete them.

If you're interested in more, check out the cookie tests in the current BrowserTune at http://www.browsertune.com/bt98/cookie.htm.

Back to BrowserTune, and the issue that prompted this cookie discussion:

return to top of page

BrowserTune 2000 Demo Coming!

The specific problem I was working on this week was how to create an accurate, highly automated throughput test that would tell you your actual, delivered internet connection speed in just a few seconds. (The current BT98 test at http://www.browsertune.com/throughput.htm works fine, but involves several screens and a some manual timing work, and takes a while to run.)

There are many variables in a throughput test, but I came up with a way to create an accurate test that runs itself in under a minute: All you do is click one button. Then the test automatically records the start and stop times for downloading a chunk of specially designed text (it's compression-resistant, so it will prevent your modem's text-compression capabilities from kicking in and artificially inflating the results). The test page then does some match and interprets the results for you.

I suspect this test by itself will be one of BrowserTune 2000's most popular, so I'm going to try to have a stand-alone version available next week. You'll read about it first right here!

Then, whenever you're wondering if your modem or ISP or browser is dragging, you can click to this simple-to-run test and in a minute know what your actual real-world throughput is. Cool!

return to top of page

If it's not One Bug...

Microsoft released this note about a Word 97 security glitch this week:

"The Word 97 Template Security Patch addresses a vulnerability that allows malicious code to be run without warning when a user opens a Word 97 document. Currently, when you open a Word document that contains macros, you receive a warning message asking whether or not you want to enable the macros. However, if a document that doesn't contain macros is linked to a template that contains macros, you do not receive a warning message. A hacker could exploit this vulnerability by causing malicious code to be run without warning when a user visits a Web site or opens a Word document attached to an e-mail message. This malicious code could be used to damage data on a user's system."

Note that this only affects Word 97.

Microsoft has released a patch that plugs the security hole while allowing normal use of macros and templates. If you're running Word97, grab the patch at http://officeupdate.microsoft.com/downloaddetails/wd97sp.htm

return to top of page

...It's Another

Are you running

• Microsoft Office 97
• Microsoft Outlook 98
• Microsoft Project 98
• Microsoft Visual Basic 5.0
• Any third-party product that includes Visual Basic for Applications 5.0?

If so, you also have a security hole.

You can tell if you're affected by going to your \Windows\System; see if you have the file Fm20.dll there. If you do, right click on it and check the properties.

If the file date of your FM20.dll file is earlier than January 11, 1999 you need an updated version. With the older versions, a malicious programmer can use a security hole in the DLL to read information stored in your clipboard.

You can get the update at

http://officeupdate.microsoft.com/downloadDetails/fm2paste.htm

return to top of page

The "Disposable" PC?

"Inexpensive" and "cheap" aren't exactly the same, although to many people, the words are interchangeable. In reality, the former simply means that something doesn't cost very much, but the latter carries overtones of shoddiness and a lack of quality.

It was the current WinMag article "Sub-$600 System Surprises" (http://content.techweb.com/winmag//library/1999/preview/sub600/ ) that got me thinking about this. It's been a reasonably accepted rule of thumb that a decent system will set you back $1500-$2000; and a good entry-level system will run you somewhere around $800. But here was a positive hands-on review of several systems, one of which from "emachines" lists for just $499.

And actually, emachines (http://www.e4me.com/infocentral/product_tower300c.html) has just dropped the price another $100. Now, for $399, you get this:

• Cyrix® M-II 300 MMX (w/ 512KB)
• 32MB SyncDRAM (up to 256 MB)
• ATI Rage IIc 3D AGP with 4MB SDRAM
• Crystal CS4235 3D Audio
• 24x CD-ROM Drive
• 2.1GB HDD (Ultra DMA EIDE)
• 3.5" 1.44MB FDD
• 56Kbps V.90 PCI Fax/Modem
• PS/2 KBD/Mouse, 2 USB ports (1 is on Front)
• 1 Serial / 1 Parallel / 3 Expansion Slot
• Audio In & Out / Game Port on Front

Plus, the system comes with Win98 and Microsoft Works. It doesn't come with a monitor, but emachines offers a promotional 14" monitor for only another $100.

The WinMag review praised the system's "speed; serviceability; front-mounted USB port; software," and summed it up as "good performance and a great price in an attractive package."

And all for $399.

Maybe a "cheap" system doesn't have to imply low quality any more. Now, I guess it's time to re-think my definitions of what constitutes an acceptable entry-level system, and I'm beginning to wonder if the old standard of amortizing the cost of a new PC over several years makes any sense any more.

What's your take? Have we reached the era of the disposable PC? Would you try one of these very, very inexpensive machines, or does it seem just a little too low-end to risk? How much is the comfort factor of a brand name worth to you?

Maybe the real bottom line is this: How much do you expect to pay for your next PC, and when?

Join in at http://bbs.winmag.com/columns/archives/012499/monday/column.asp?frames=yes !

return to top of page

Free Software For You

In response to last week's discussion of the PICTURE.EXE trojan horse story, Bill Pytlovany sent this along:

Hiya Fred,

Love your newsletter and web page. I noticed you mentioned how easy it's getting for folks on AOL to get bitten by password surfing programs designed to look normal. I've even seen some which are disguised as text files. When you click on them in Explorer they end up launching WordPad and guess what? They really contain an OLE object which Wordpad executes and it attaches the worm(s) to your system.

The reason I wrote today is to invite you to look at a program I developed called WinPatrol. This is the ultimate way to monitor various Startup entries and Active Tasks without taking up system resources. I'm sad to say, even I was bitten by a password sniffer and created WinPatrol for my own needs. Given your wonderful BrowserTune, you might agree, the best of programs are those you create and would use yourself. Over time I've added to WinPatrol and enhanced it's functionality with other useful functions. I'll let you read about them on my website instead of wasting your E-mail time. Oh yea, just like BrowserTune, WinPatrol is free with no strings attached.

I hope you'll check it out at http://www.billp.com/winpatrol

Good Luck and enjoy,

Bill Pytlovany
Tartan Software
143 Horstman Dr.
Scotia, NY 12302
E-mail: billp@aol.com
URL: www.billp.com

Thanks, Bill. I'll try it out this week!

return to top of page

The Sorry State of Desktop Software

You see it in the tech news every day: Major software packages are routinely delayed and delayed again (Windows 2000 or Oracle 8I, for example). And despite the delays, the software always ships with bugs.

That leads to a blizzard of patches, updates and service packs, many of which are so complex in their own right they introduce a new set of bugs and incompatibilities, requiring yet another patch or hot fix, and so on.

Is software quality really deteriorating?

I'll give you some concrete examples in this week's InformationWeek Online column. But you don't have to take my word for it. Consider the folks at BugNet (who track the bug-and-fix cycles of the major software vendors). They couldn’t find any company worthy of their annual award For Best Bug-Fix Performance. (See http://www.bugnet.com/analysis/no_award.html   .)

What's your take? Is quality software a thing of the past? Has the complexity of today's hardware and software simply come to exceed what software developers can reliably support? If we want stability, must we trade-off functionality? Who, if anyone, is making stable, bugless software these days? Join in starting midday Wednesday Jan 27,1999 at http://www.informationweek.com/langaletter .

return to top of page

1,000+ Recommendations!

Thank you! Over 1,000 of you responded last week to my request that you recommend this newsletter to at least one other person.

The easy-to-use recommendation form at http://www.langa.com/recommend.htm#2 .is working fine. You just fill in your name and your friend's name, and the web page will automatically generate an email message containing the current issue. That's all there is to it---the script even composes a short note to your friend explaining what the LangaList is, and that you thought they might find it useful.

I'm dead-set against spam, so I won't sign up your friends unless they explicitly request a subscription. The form is 100% safe to use; neither you nor your friends will get any unsolicited email from me, ever.

If you'd prefer, you can just "forward" the email version of the LangaList to a friend! The drawback there is that most email packages embed a ">" character at the start of each line of forwarded text, making it hard to read. The script on my site avoids this and ensures your friends will get a clean copy.

There's always room for more readers! If you could take just literally one minute and recommend the LangaList to just one friend, I'd really appreciate it.

Thanks!

return to top of page

More Reader BIOS Resetting Tips

Every once in a while, a topic strikes a nerve and I get a higher-than-normal amount of email. A couple weeks ago, I wrote about a simple way to fix the "forgotten supervisor password" problem: You pull the clock/BIOS batteries on your motherboard, and this causes the BIOS to forget everything---including any bad passwords. Put the battery back, restart, re-enter the BIOS info, and you're all set.

Then some readers pointed out that in many newer systems, you don't have to pull the battery: You can use a "Clear BIOS" or "Clear PWD" jumper on the motherboard.

This week, reader Jesse E. (jesse_scarcege@hotmail.com) points out that if you have a standard BIOS access to the ancient DOS Debugger (DEBUG.EXE, usually in the WINDOWS\COMMAND directory) you don't even have to open the case:

Hi Fred

I read your comments at the Langalist newsletter about pulling batteries to clear the CMOS settings so I want to share a technique I use a lot to help some of my customers. First of all, pulling out batteries from systems is not a good idea especially if you don't want to get your hands dirty. If you can have access to the floppy drive make a bootable disk that contains DEBUG command, and at the a: prompt type

Debug

-o 70 2e<enter>
-o 71 ff
-q

and then reboot.

After clearing the CMOS RAM you will see an error such as CMOS Battery dead or something like that just reenter the appropriate settings.

Thanks

jesse_scarcege@hotmail.com

Thanks, Jesse--- it'd been years since I'd used that method, and I'd just plain forgotten about it. 8-)

return to top of page

Where To Get More BIOS Info
(and an interesting theory)

A reader who's a support technician at Peachtree Accounting (writing on his own, not as an official representative of Peachtree) said:

Fred,

I know you are inundated with a million e-mails. I hope you have time to read this. First off: Thank you so much for your Langalist. It's the only newsletter I've ever subscribed to that actually delivers on the promise. I have told everyone I know to subscribe. Being self-taught with computers, I depend on sources like the Langalist to keep me up to date. It really is exciting to be a part of the online revolution with you, and I look forward to the future. That having been said, I have a question...

Is there a source where one can find information for all of the BIOS's out there and how to invoke the setup at boot-up? Some are f2, some are delete...you know...so is there a definitive guide for accessing the various BIOS setup utilities? I need to know. I work as a Tech Support Technician for Peachtree Accounting Software, and I often encounter problems with Antivirus programs enabled in the BIOS...tricky to troubleshoot...Peachtree is very sensitive at installation time to programs running in the background.

As a matter of fact, I am beginning to believe that possibly 90% of unexplained program behavior and failed installs are traceable to the following conditions:

1. Not getting a clean install...that is, no background programs allowed when you install software.

2. Network installations of software on networks whose integrity has been compromised.

I'd really like to find a definitive guide to entering BIOS setup at boot time, though...can you help me?

Remember...the greater the compliment at the beginning of an e-mail, the crazier the question and the greater the desperation at the end...

Thanks,

Karlton Kent (karltonkent@atlcon.net)

What a nice letter. Here's the best place I've found for looking up all kinds of BIOS-related information:

http://www.sysopt.com/bios.html

return to top of page

The Most-Requested Tip?

Over the last couple years, the question I've been asked more than any other is like the one that follows. In it, a reader identifies a problem---the actual symptoms vary and the range of problems can be quite broad. The reader has reached the point where a reinstall seems like a good idea, and dreads the thought of starting completely from scratch.

Mr. Langa- in windows 98 explorer I can no longer view my right pane in the explorer window. If I click on view and small icons or large icons or list I have files in my right pane, but when I click on details the right pane in explorer window is blank and that is that way with everything using details.

So I cannot only not see file dates I can't see the file extensions, which I am interested in seeing. Any help or suggestions you may have would be greatly appreciated.

I reinstalled windows over the present one and that did no good. I hope I don't have to delete window and reinstall. That would be a nightmare!

THANK YOU

EDWARDM398@AOL.COM

A clean reinstall is a great way to clear up an enormous number of problems with Windows. And regardless of what problem you have, when the time comes to reinstall, it doesn't have to be a nightmare.

Here's a shortcut I use all the time: See "The fast DelTree no-reformat reinstall" in http://content.techweb.com/winmag//library/1998/1001/fea0045i.htm#won't_work

This is the biggest-single timesaver I know!

return to top of page

Floppy Drive Weirdness

Reader Monte Boone writes:

Dear Fred,

I am a new subscriber. Enjoy your news-letter. Just took the browser test.

I am having a problem with High Density disks, 1.44 mb. I cannot get a disk to read on my computer unless it is formatted on my computer. When I do format a disk, the previous files are not removed and will still read on another computer. When I format a disk and copy files to it, these files will not read on other computers. I ran Norton Disk Doctor on one of them and got a report that the disk had two 32-bit FATs and 2.88 mb.

I heard there was a problem with the "b" version of Windows95 (which I am running) in the formatting. I have made several inquiries, but so far the only cure I have been told about is to Re-Format the hard drive for a 16 bit FAT.

Would appreciate any assistance.

Monte Boone, Jr. (mwbdwb@strato.net>mwbdwb@strato.net)

You know, this sounds like a pure hardware problem: a misaligned read/write head. The system is placing information on the disk in a non-standard location that other (aligned) drives can't read.

Monte could have it repaired, but that might cost more than a new drive: you can buy a brand-new drive for under $50, and it only takes 10 minutes to install.

return to top of page

A $29 Rip-off?

Jat324@aol.com writes:

Love your Newsletter. E-mail it to all my friends and family. I keep getting messages from Internet Boost '99. They promise 200% faster Internet access, and, also have great testimonials. At $29 is this true or is it a rip-off?

Judy Tomlinson

I've tried several of these speed-boosting apps, and all the ones I've seen do basically the same thing that the freeware app "easyMTU" does.

Before you spend money on one of these accelerator apps, visit your favorite download site (shareware.com, for example) and grab a FREE copy of easyMTU. It probably will do all you need... and if not, you won't have wasted any money finding out.

Odds are, I've just saved you $29.   8-)

return to top of page

Just For Grins: Shoot Yourself In The Foot

Frequent writer "Aime Watts" <wattsa@intrinsix.com> sent this along:

THE PROGRAMMER'S QUICK GUIDE TO THE LANGUAGES

The proliferation of modern programming languages (all of which seem to have stolen countless features from one another) sometimes makes it difficult to remember what language you're currently using. This handy reference is offered as a public service to help programmers who find themselves in such a dilemma.

TASK: Shoot yourself in the foot.

C: You shoot yourself in the foot.

C++: You accidentally create a dozen instances of yourself and shoot them all in the foot. Providing emergency medical assistance is impossible since you can't tell which are bitwise copies and which are just pointing at others and saying, "That's me, over there."

FORTRAN: You shoot yourself in each toe, iteratively, until you run out of toes, then you read in the next foot and repeat. If you run out of bullets, you continue with the attempts to shoot yourself anyways because you have no exception-handling capability.

Pascal: The compiler won't let you shoot yourself in the foot.

Ada: After correctly packing your foot, you attempt to concurrently load the gun, pull the trigger, scream, and shoot yourself in the foot. When you try, however, you discover you can't because your foot is of the wrong type.

COBOL: Using a COLT 45 HANDGUN, AIM gun at LEG.FOOT, THEN place ARM.HAND.FINGER on HANDGUN.TRIGGER and SQUEEZE. THEN return HANDGUN to HOLSTER. CHECK whether shoelace needs to be re-tied.

LISP: You shoot yourself in the appendage which holds the gun with which you shoot yourself in the appendage which holds the gun with which you shoot yourself in the appendage which holds the gun with which you shoot yourself in the appendage which holds the gun with which you shoot yourself in the appendage which holds the gun with which you shoot yourself in the appendage which holds...

FORTH: Foot in yourself shoot.

Prolog: You tell your program that you want to be shot in the foot. The program figures out how to do it, but the syntax doesn't permit it to explain it to you.

BASIC: Shoot yourself in the foot with a water pistol. On large systems, continue until entire lower body is waterlogged.

Visual Basic: You'll really only appear to have shot yourself in the foot, but you'll have had so much fun doing it that you won't care.

HyperTalk: Put the first bullet of gun into foot left of leg of you. Answer the result.

Motif: You spend days writing a UIL description of your foot, the bullet, its trajectory, and the intricate scrollwork on the ivory handles of the gun. When you finally get around to pulling the trigger, the gun jams.

APL: You shoot yourself in the foot, then spend all day figuring out how to do it in fewer characters.

SNOBOL: If you succeed, shoot yourself in the left foot. If you fail, shoot yourself in the right foot.

Unix:
% ls
foot.c foot.h foot.o toe.c toe.o
% rm * .o
rm:.o no such file or directory
% ls
%

Concurrent Euclid: You shoot yourself in somebody else's foot.

370 JCL: You send your foot down to MIS and include a 400-page document explaining exactly how you want it to be shot. Three years later, your foot comes back deep-fried.

Paradox: Not only can you shoot yourself in the foot, your users can, too.

Access: You try to point the gun at your foot, but it shoots holes in all your Borland distribution diskettes instead.

Revelation: You're sure you're going to be able to shoot yourself in the foot, just as soon as you figure out what all these nifty little bullet-thingies are for.

Assembler: You try to shoot yourself in the foot, only to discover you must first invent the gun, the bullet, the trigger, and your foot.

Modula2: After realizing that you can't actually accomplish anything in this language, you shoot yourself in the head.

return to top of page

(P.S. Please email the LangaList to a friend! Use this super-fast form!)

return to top of page