|
Please visit the LangaList Home Page Please note: Older issues may contain information that is now out of date. How To
Subscribe and Unsubscribe is at the end of this
note. Mailing List Trouble? See
http://www.langa.com/help.htm Please recommend the LangaList to a friend! (And maybe win $10,000 !) An easier-to read formatted
HTML version of this newsletter is available The
LangaList 2001-12-03 Please visit our sponsors and help keep the LangaList S.E. free!
--- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )--------------
1) What About "Go Back" and "Restore" Tools?Holy smokes, what a hot button. Going by the flood of email I've gotten, I guess backups are a far more controversial topic than I realized! I still soon will present a feature on backups, and am keeping many of your comments for that. But a few emails I've gotten either are timely enough or outside the areas I'll cover in the feature to warrant separate mention. For example: I've heard from many people who are great fans of "Go Back," the software that continuously tracks changes you make to your files and system settings, allowing you to "go back" in time--- to put things back the way they were--- if you encounter a problem.
Generally speaking, there are three main kinds of backups. First, there are the "imaging" programs like Ghost and Drive Image (and several others: a web search will show you the full range of choices). These tools don't copy files per se. Instead, they're disk-oriented, and make a bit-by-bit, sector-by-sector copy of your hard drive. This is important: These imaging tools not only capture what's on your drive, but also the exact placement and order of each bit, byte, cluster and sector on the drive. When you restore an image, you're not just putting the files back: You're actually putting the hard disk into exactly the same state--- bit for bit--- it was in when the image was made. That's why, if you image a "perfect" setup--- error free, defragged, etc.--- when you restore it, you get that perfect, defragged setup back. In fact, whatever was on the disk, no matter what, will get put back in *exactly* the same way it was. This is why imaging is the "gold standard" of backups. Moving down a notch, there are the standard backup tools. These are file-oriented utilities that make no attempt to replicate things like the placement or order of data on your system; instead, they simply focus on copying the files themselves. When used to restore files to the disk, a standard backup usually will do a good job restoring user-created data files, but may or may not get system files back into the same configuration as before (as we've discussed in recent issues, backup tools may sometimes miss "open" or "in-use" files). And usually, a standard backup will *not* get the disk back into perfect, defragged condition in one step. Moving down another notch, tools like "Go Back" and the "System Restore" in WinME and XP work by tracking some or all of the changes you make on your system, either in real-time (as you work) or on some preset schedule or when triggered by specific events, such as installing new software. A tool like System Restore may help you get your system running again after a software installation problem because it can restore the system files to a prior state. But it won't automatically clean up leftover files caused by the bad install, and it can't (for example) just let you selectively restore some data file you erased but now want back. Go Back does offer file-level recovery, but has its own limitations that may or may not be an issue for you. For example, if you have many files that change often (I sure do!) you may find that Go Back needs to work almost constantly, trying to keep up with you. That's what happened to me: With Go Back running, my PC was so busy trying to protect itself there wasn't much horsepower left for actually doing new work. 8-) If Go Back were so reliable that it eliminated the need for backups--- if it were a perfect safety net--- there might be some benefit to letting it consume resources. But even Go Back's makers clearly state in their documentation that Go Back is no substitute for full backups:
This makes sense if your standard backups are so slow (as with, say, tape) or labor-intensive (as when you must feed in Zip disk or blank CDs one after another) that you make backups only infrequently. But the method I use takes literally about 2-3 minutes--- you can run it during a coffee or bathroom break. With frequent, full backups, the need for something like Go Back is much reduced, especially given that a fast-method backup isn't intrusive at all, while heavy use of Go Back may place a noticeable drag on your entire system. On the other hand, any kind of backup is better than no backup at all. So you can construct a mental model like this: System Restore is better than nothing. Go Back is better than System Restore. Standard backups are better than Go Back. And "imaging" a drive is better than a standard backup---imaging is as good as it gets. All these methods can coexist if you employ them carefully and in the right way so as to maximize their strengths and minimize their weaknesses. That's what we'll soon cover. Stay tuned! Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 2) Mobile Rack Storage?Many readers who wrote about the previous backup coverage chastised me for suggesting that storing backups on a hard drive was a poor long-term strategy: In fact, many readers suggested using a portable hard drive--- an externally-mounted SCSI or USB drive, or a standard drive housed in a "mobile rack" or in a removable hard drive tray--- for making backups. The specifics differ, but the end result is a hard drive you can carry with you, letting you get your backups safely away from the PC. As I stated in item #1, any backup is better than no backup. If you've already invested in a portable hard drive and have worked out safe transport and storage methods, there's no compelling reason to stop using it. The mere fact that you're making backups at all puts you far ahead of most users! <g> But if you haven't already started using a portable hard drive, I think there are compelling reasons not to jump into this kind of storage. For one thing, there are issues of static discharge, rough handling, and such; all of which put a hard drive at risk. (Drop you portable drive, and you just may lose all your data--- and the drive itself.) But for me, the strongest argument against this type of storage is cost: For example, one reader wrote to recommend a 60GB external (Firewire) hard drive that costs $300. Let's do the math: $300 would buy you 1,666 blank CDs at 18 cents each (a quantity-buy price). Those 1,666 CDs, at 700 MB each, hold a total of 1,167 GB versus the 60 GB for the external drive. So, CDs give you roughly 20x the storage for the same price. Plus, CDs have no moving parts or delicate internal electronics, and so can be stored in a wider range of places--- almost anyplace, in fact. And if you drop a CD, odds are nothing bad will happen at all. 8-) You can change the above equation by postulating cheaper drives or more-expensive CDs, but you'll still be hard pressed to close that factor-of-twenty gap. Mobile drives can work--- and they're faster than CDs--- but all in all, when it comes to backups, I'll take the cheap, durable storage of CDs any day. Click to email this item to a
friend 3) A DMA "Doh!"Speaking of hard drives, I had a major slap-myself-on-the-forehead moment the other day. Maybe I can spare you a similar "Doh!" experience: I'd been working on my wife's PC; I'd installed more RAM (see http://www.langa.com/newsletters/2001/2001-11-29.htm#4 ) and had tried upgrading the system to XP. But the system ran way too slow with XP to be usable, so I restored the system's most recent Win98SE disk image. With XP out of the picture, I knew my wife would be using this system for some time to come, so I set out to make sure the PC was set up as perfectly as I could make it. Things mostly went well, except for a nagging problem: According to several benchmarks I ran when I was done, the hard drive wasn't up to snuff: It was delivering a lower throughput than it used to, and by a nontrivial amount. I tried defragging; I tried adjusting cache settings; I tried this and that.... I finally remember the DMA settings. DMA is "direct memory access" (sometimes also called "bus mastering"); a way data can take a short cut through your PC to significantly speed up operations. I checked, and indeed, in the midst of diddling with the system, I'd somehow turned off Direct Memory Access, thus dramatically slowing communication to and from the hard drives: The reduced performance was the inevitable result. I flipped DMA access back on, and the drive was back to full speed, just like that. Doh! It's especially embarrassing because I once wrote an entire article about DMA: http://content.techweb.com/winmag/columns/explorer/2001/02.htm . If you'd like to make sure *your* hard drives aren't suffering a needless slowdown, check out the article. BTW, as the above article explains, in Win9x and ME, the hard drive DMA settings are found in Device Manager's Disk Drive/Properties/Settings. But in Win2K and XP the settings are in the Device Manager's IDE/ATA controller's "advanced settings," on a channel by channel and device by device basis. But either way, in most cases, with DMA enabled, you'll get far more from your hard drives (and CDs!) than without. Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 4) A Malevolent "ShieldsUp?"Reader Charles Line was the first of several to pick up on some disturbing chatter in various discussion forums:
Steve Gibson's ShieldsUp is, of course, an extremely popular (and free) online security probe: It checks out your online defenses, looking for common weaknesses. If it finds problems, it suggests ways you can close the holes, and help to make your system all but hacker-proof. Because some systems reside behind proxies and firewalls, ShieldsUp and similar tests let you specify your IP address, so the test system knows where to try to find you. This is a kind of shortcut--- a true hacker or cracker might have to ferret out your address from scratch--- but it helps ensure that (if possible) your machine and not an intervening firewall or proxy is the actual target of the security probes. But some bright lights realized that you can specify *any* address at Steve's site, so you could, for example, type in the IP address of your neighbor's PC, or any random address, and ShieldsUp will show you the security state of that system. The cry went up: "This is awful. Steve's incompetent! Light the torches--- let's burn his castle!" (Sigh.) Of course, you can use exactly the same address trick at any of the other sites that offer the same kind of probing; or with almost any address-oriented networking tool. In fact, even "Ping" and "Tracert," networking tools which ship on virtually every computer in existence (they're probably on your PC right now, shipped as part of your operating system), can also be used to see if any computer, at any address you specify, anywhere in the world, is online and responding to certain external probes. Any tool can be subverted and used for evil purposes. That doesn't mean the tool maker is a bonehead or a charlatan, as many of these posts seems to suggest about Gibson. But alas, Steve's success seems to have angered a wide swath of the online community, and as a high-profile personage, his work is often (unfairly, IMHO) singled out for minute criticism. For more info: I describe several online security tools--- including Steve's--- and also discuss why Steve annoys the hacker community so much, in the article at http://www.informationweek.com/841/langa.htm . As for the current controversy, anyone who really wants to probe online systems with malicious intent can find literally dozens of tools that are far faster and more automated than ShieldsUp. I can't imagine any serious cracker would sit and enter addresses, one by one, at Steve's site, or at any of the other similar sites. And in any case, none of this matters at all if your system is secure. You can (and should) use Steve's tests at http://grc.com, or the very similar tests at http://www.dslreports.com or the other tests mentioned in the article above to ensure that your system is reasonably secure against all outside probes, regardless of their origin or intent. Then, if someone wants to use ShieldsUp or *any* tool to probe your system's defenses, let them: It won't matter. 8-) Click to email this item to a
friend 5) New Month, New Chances!It's a new month, and right now your chances in our drawing are the best they'll ever be! To have a shot at winning a no-strings $30 Gift Certificate for any item at Amazon.Com--- books, software, hardware, kitchenware, toys, and more--- just use the following link to recommend the LangaList to a friend. Your friend just may find a new source of useful information; I just may gain a new subscriber; and you just may win a mini-shopping spree! (Full details also available via this link): http://www.langa.com/recommend.htm#2 The more times you make a recommendation, the greater your chances are of winning! Or, if you'd like to try to win $10,000(really!), try this link (full details also available here): http://www.recommend-it.com/l.z.e?s=143182 Either way, thank you, and good luck! Click to email this item to a
friend 6) Nice (Free!) Email Security Testing ToolMore Trojans, viruses, and worms spread by email than by any other means, so email security deserves special attention:
Since I received the [test] e-mails.... However, I have Outlook and Outlook Express set to not open anything automatically, turned off the preview pane, practice safe e-mail ethics (never open an e-mail attachment on the first date!), and scan all attachments and disks for viruses. While I have a virus scanner, I don't run it all the time. I do have Zone Alarm as a firewall, and I have never (knock on a digitalized image of wood) been bit by a virus. I find that Outlook and Outlook Express aren't inherently less secure than others, only that the default settings are. Here is another tip that many people don't know about. In Outlook Express you can right click on an unopened e-mail, select "properties" then the "details" tab and then select "message source" to read an e-mail in a safe manner. This has allowed me to decide that the e-mail was spam, carried a nasty payload, or was a complete waste of my time. I can then delete it safely. Best, Bill Grigg Thanks, Bill. The tests are nice; the GFI system sends you emails with harmless attachments that simulate attacks using various common email vulnerabilities. GFI is mainly in the business of selling security tools to businesses; they maintain that these kinds of attachments should be filtered out of the email stream before they ever get to your desk. (GFI will be happy to sell you such a filter. <g>) Thus, the tests tell you you're at risk if the attachments show up at all. That's true in a literal sense, but local desktop defenses also can work to protect you if you're not behind an email pre-filter. In my case, like Bill, the attachments made it to my inbox. But ZoneAlarm Pro disabled all but the "CLSID vulnerability test" attachments, and when I deliberately ran the CLSID attachment (something I'd never do with an unknown, untested attachment in real life) Norton AntiVirus detected a "possible malicious script" and prevented the script from doing anything. So, even without a corporate pre-filter, my system tested as quite safe. Nice tests--- well worth using! Click to email this item to a
friend 7) More Reader Sites!Do you have a home page or website? (It doesn't
matter what size.) Please click over to
http://www.langa.com/code.htm , and maybe you can join the hundreds and
hundreds of LangaList readers who have "Loaded the Code!" (If you've already
"Loaded The Code" and are wondering if your site will appear here or on the
Langa.Com web site, please see
http://www.langa.com/link.txt ) Manually Browse All Posted-to-Date Sites
Starting At Night Sky On The Web Build Your Website's Traffic TechTvPhreak Unique design By Kali Locoweed Productions Welcome To My Sandbox I Want My Own Site Manhem Scandanavian Beach Club (NY) DK Action Figures (Note: Comet Cursor site) Travel-Ascending Creative Programmers (India) Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 8) Ethical Conundrum: A Governmental TrojanIn response to the B a d t r a n s worm that's still making the rounds--- it installs a keystroke-logger that monitors everything you type (see http://www.langa.com/newsletters/2001/2001-11-29.htm#1 )--- reader Rodney Jenness writes:
Thanks, Rodney. It will be interesting to see how this plays out. Click to email this item to a
friend 9) Just For GrinsSome months ago, we ran an item that pseudo-scientifically "proved" that Heaven must be hotter than Hell. (See http://www.langa.com/newsletters/2001/2001-04-23.htm#10 ) Reader Barrie J. Lloyd offers this further reflection:
Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 10) Plus! Edition Highlights:
Today's LangaList Plus! Edition contains all ten items above, plus about 30% more content including: A report from a security expert on flaws in the Opera browser; a reader-recommended site that provides "best of the best" freeware; and all about those new domain names--- . law, .kids, .golf, .love, .sport, .shop and many others. Plus! Edition info: http://www.langa.com/plus.htm Click to email this item to a
friend See you next issue!
Best, Please recommend the LangaList to a friend! (And maybe win $10,000!I) An easier-to read formatted HTML version is available in the "Current Issue" section of http://www.langa.com. (The HTML version of each issue normally is available by 9AM EST [UT-5] of the issue date.) All past LangaList issues are also available at the Langa.Com site. UNSUBSCRIBE: From the same email account you
used to sign up with), send an email to |
|
|
Please visit the LangaList Home Page |