How To Subscribe and Unsubscribe is at the end of this note. Mailing List Trouble? See http://www.langa.com/help.htm
Questions about the advertisers? See the end of this note. Please also see legal notices at the end of this note. LangaList: ISSN 1533-1156

Please recommend the LangaList to a friend! (And maybe win $10,000 !)

An easier-to read formatted HTML version of this newsletter is available
<a href=" http://www.langa.com/newsletters/2002/2002-06-10.htm ">here</a>

The LangaList
Standard Edition

2002-06-10

A Free Email Newsletter from Fred Langa
That Helps You Get More From Your Hardware, 
Software, and Time Online

Please visit our sponsors and help keep the LangaList S.E. free!

1) Firewall "Flaws"

Fred: Today a friend of mine showed me a few free utilities that show a flaw in most firewalls that allow for outbound traffic without user consent. What is your take on these types of security issues and should we as consumers be worried?

Backstealth:
http://piorio.supereva.it/backstealth.htm?p

Firehole:
http://keir.net/firehole.html

Take care and thank you for your LangaList! --- Michael Sanders

We should *always* be worried about security, Michael. <g> That's because the only way to be truly secure is to disconnect your PC from all outside data and phone lines, build an opaque Faraday cage around the system (to block all snoopable forms of electromagnetic radiation), and to control access to the system so that only you can get at it.

Heck, not even that's 100% secure: Remember the scene in Mission Impossible when Tom Cruise was dangling from the ceiling, trying to hack into a computer? That computer was disconnected from the outside world, and in a controlled-access, EM-Proof environment, and he still got in. <g>

OK, that's Hollywood, but even in reality there is no 100% security solution for computers--- or for anything. For example, any car can be stolen. But if you take reasonable precautions---  parking the car in a well-lit, visible location; locking the car; taking the keys; perhaps using a built-in or aftermarket theft-deterrent system--- you'll make your car a less-attractive theft target than others. Thieves will usually opt for easier targets, so the odds tilt in your favor. Your car still could be stolen by a determined and clever thief, but chances are, it won't be.

It's the same with computers: All firewalls--- *all firewalls*--- can be compromised. In fact, any computer security measure you can think of can ultimately be compromised in some way. "Backstealth" and "Firehole" simply illustrate a couple ways some firewalls can be worked around.

But--- despite what the sites claim--- that doesn't mean that firewalls are useless. Quite the contrary. Firewalls are one of several reasonable precautions you still *always* should take to tilt the odds in your favor. (See "How Much Protection Is Enough? http://www.informationweek.com/840/langa.htm ) Combined, a reasonable series of precautions will make your system a less-vulnerable/less-attractive target than others, and improve your odds of not being hacked, cracked, or attacked.

But security is such an important topic, let's not stop there: The next few items in this issue are reader-updates and pointers on various security topics and sites:

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

2) Good Security Overview Articles

Dear Fred: While browsing through me current crop of newsletters, I came across something I know is dear to your heart...:
http://www.extremetech.com/article/0,3396,s=1024&a=27417,00.asp  I thought you and possibly many other readers might like to see it.

It offers the clearest and most concise roundup of privacy and security problems, and suggested solutions that I have come across to date. There are a number of obscure privacy and security issues I had not been aware of until I read this article... Thanks for a tremendous newsletter – The Plus really is worth the money! --- Mike Windsor

Thanks, Mike. Although some of the suggested security items go a bit over the top, the article is generally quite good, with pointers to other sites you can visit for downloads or additional information to enhance your PC security.

If you're new to some of the concepts and risks of PC security, the "National Cyber Security Alliance" has published good "getting started" info at http://www.staysafeonline.info/press/022102.adp . The National Cyber Security Alliance "is a cooperative effort between industry and government organizations to foster awareness of cyber security through educational outreach and public awareness." Their site is worth a look.

Finally, you might also want to check out a four-part article I did some time ago on "Making Your PC Secure:"

Part One: http://content.techweb.com/winmag/columns/explorer/2000/04.htm
Part Two: http://content.techweb.com/winmag/columns/explorer/2000/06.htm
Part Three: http://content.techweb.com/winmag/columns/explorer/2000/06.htm
Part Four: http://content.techweb.com/winmag/columns/explorer/2000/07.htm

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

3) New, Free Security Tests

Thanks, John! We've mentioned PCFlank before, but that was a year ago and the site has changed:

They now offer a three-minute "Quick Test" for your online security; a "Stealth Test" to see if commonly-exploited "ports" might be exposing your PC to outside snoops; a "Browser Test" to see what personal info your browser may reveal; a "Trojan Test" to see if your system has been infected with many of the more common Trojan horse programs; and "Advanced Port Scanner" to look for less-common (but still potentially dangerous) open ports on your system; and an "Exploits" test that looks for vulnerabilities to things such as denial-of-service attacks.

You can run the tests single or in suites aimed at "Rookie" users, "Advanced" users, and those in a big hurry. <g> The whole thing seems excellently done.

You may also wish to check out "Good And Bad Online Security Check-Ups" at http://www.informationweek.com/841/langa.htm

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

4) Free Government Newsletter Re: Security Problems

The "Cybernotes" issues found at http://www.nipc.gov/ give an up to date listing of problems found with all sorts of hardware and software.--- Alan M. Kaplan

Thanks, Alan. NIPC stands for "The National Infrastructure Protection Center." It's a kind of central clearinghouse for "threat assessment, warning, vulnerability and law enforcement investigation and response entity" for the US Government's computing infrastructure. Because the Government uses so many PCs, many of the issues discussed in Cybernotes also apply to the general public--- in fact to anyone using a PC.

The newsletters are not emailed; you have to read them online via the "Publications" button at http://www.nipc.gov/ . Also: Even though this is an online publication, they offer it only in PDF format. PDF is normally used to convert print documents to electronic form. All-electronic documents are more efficiently produced in HTML--- but efficiency is a concept rarely found in the US Government. <g>

While you're on the site, check out the "Warnings" button, too.

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

5) More On Open Office And File Associations

In a recent issue, we discussed how you can restore your file associations if they've been changed inadvertently by installing any software, including the promising, free Open Office suite. ( http://www.langa.com/newsletters/2002/2002-05-23.htm#2 )

The discussion prompted a flood of email in two categories. First, many readers suggested one or more alternate methods for changing file associations. For example:

Hi Fred, Here is a simple method of restoring file associations that I have used with both Windows 2000 and XP.

1. Right click on the document.
2. Select Open With... (here you can choose the default or another program)
3. Select Choose Program.
4. Select the program that you want to use as a default and checkmark "Always use the selected program to open this kind of file."  BTW, I have just noticed that it is even easier to do this in XP from the properties dialog box. Just right click on a document, choose Properties, and viola a CHANGE option is available. I hope that this may help some of your readers. Regards, Khaled Rafih

Thanks, Khaled. And yes, that can work. But it doesn't work on Win9x systems, and more to the point, the problem with an office suite is that it can alter the associations of literally dozens of file types. Fixing them one at a time--- by any means--- is a hassle. The ways I suggested in the last issue ( http://www.langa.com/newsletters/2002/2002-06-03.htm#4 ) can fix them all at once.

Many other readers--- Open Office fans--- wrote to point out that this is an avoidable problem in the first place:

Hi Fred,  Just got your recent issue of the the LangaList Plus and was reading about the OpenOffice installation reassociating MS Office files with itself. You failed to mention that OpenOffice is one of those well behaved applications that actually asks you if you want to associate MS Office files with OpenOffice during the installation. It actually stops and asks you in a dialog box that you have to click through with a Yes or No. Being a software file librarian and a consultant, I find that most people do not read what's asked of them during an installation. Instead they just click through, answering yes to everything. Most problems that end users have is not because the software does something it's not supposed to, or that they don't want it to. It's because they are in too much of a hurry and don't want to read the authors notes, license, README.TXT or installation prompts. It's the "I can put this together without instructions" mentality, then they blame everyone or everything except themselves for the errors or problems that occur later. It is true that a lot of software doesn't include warnings, but OpenOffice does. --- Ray Ebersole

Good Morning, Fred! Thanks for your newsletter--it's the only paid email list I subscribe to.... In any OpenOffice app, head to "Tools > Options > Load/Save > Microsoft Office." There are options in this dialog to tell OpenOffice whether or not to Load/Convert and Save/Convert your MS Office documents. Just uncheck the boxes, and you should be in business. For what it is, OpenOffice is a great suite. And the price is right! --- Take Care, Tory Larson

So, you're covered three ways: You can avoid mis-associated files in the first place, change them in-situ afterwards, or change them from Windows. <g>

Thanks to all who wrote in!

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

6) Is This Information Useful?

If you think the LangaList is a worthwhile read, maybe a friend would find it useful too! Just use the following link to recommend the LangaList---your friend may find a new source of useful information and you just may win $10,000 for your trouble (full details also available via this link): http://www.recommend-it.com/l.z.e?s=143182

Or, win a no-strings $30 Gift Certificate for any item at Amazon.Com--- books, software, hardware, kitchenware, toys... and more. (Full details also available via this link): http://www.langa.com/recommend.htm

Either way, thank you, and good luck!

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

7) Spam Gourmet

Dear Fred, I just found a great service that can help us in the neverending battle against spam: http://www.spamgourmet.com/

The idea is great - you register an account but you don't have to delete and re-register when it is on the spammers' lists (like you have to with other accounts). The trick is that you use a prefix to you e-mail-address. You can use this address to receive up to 20 mails - the rest will be sent to nirvana! Example justspamme.5.langa@spamgourmet.com will receive and forward 5 mails, from then on it will delete anything that is sent there. Great service IMHO! Cheers, Michael from Germany

Thanks, Michael. The site describes itself this way: "Spamgourmet - self-destructing disposable email addresses, titanium strength spam blocking, very short learning curve."

It takes a little work and forethought to use the service effectively, but by using Gourmet-registered addresses when you sign up for supposedly one-time mailings, you can make sure it really is a one-time thing--- anything else to that address gets "eaten."  Clever!

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

8) They Just Keep Coming And Coming and Coming...

Over two thousand of your fellow readers have "Loaded the code." Please click over to http://www.langa.com/code.htm , and maybe you can join them! (If you've already "Loaded The Code" and are wondering if your site will appear here or on the Langa.Com web site, please see http://www.langa.com/link.txt )

Speaking of which: Here's another eclectic sample of reader sites--- some professional, some very personal:

View A Randomly-Chosen Reader Site
http://www.langa.com/randomlink.htm

Manually Browse All Posted-to-Date Sites Starting At
http://www.langa.com/readersites.htm

Security Realm
http://securityrealm.netfirms.com/

Web Site Coaching for Small Business Owners
http://www.burkeworks.com

Web Head Jessie's Free Traffic Page
http://www.webheadjessie.com/traffic.htm

New World Army Ants
http://www.armyants.org/

Galleria LA RIVA (Italy)
http://www.artelariva.it/

VW Rabbit Fan
http://www.volkswagenrabbit.com/users/babybugs/

Daily Ramblings
http://mckibben.d2g.com/

J Gibbons & Co.
http://www.jgco.net/index.htm

Radio Control Miniature Aircraft Club
http://members.cox.net/sandiegodrones/

Ravens Loft
http://theravensloft.freeservers.com/

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

9) "XP Mania"

Hi Fred, Still enjoying Plus edition. I am putting together a new machine from scratch and will install XP Home. Readers doing similar things might profit from "XP Mania" at http://www.dpdl07125.pwp.blueyonder.co.uk/index.html . As a neophyte to this OS I found the Install info and 20 XP tips interesting. Also under Recommended Sites they list some other XP pages. --- Ron Long

Thanks, Ron. It's taken a while for XP to reach critical mass, but there are many sites like this starting to pop up, offering good user-to-user kind of help and advice. It's good to see--- XP early-adopters were kinda out there all alone for a while! <g>

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

10) Just For Grins

Dear Fred, thought this funny (below) might be appreciated!! --- Kris Dickey

Why Dogs Can't Use Computers
------------------------------

-He's distracted by cats chasing his mouse.
-SIT and STAY were hard enough; CUT and PASTE are out of the question.
-Saliva-coated floppy disks refuse to work.
-Three words: carpal paw syndrome.
-Involuntary tail wagging is a dead give-away that he's browsing www.purina.com instead of working.
-The fire hydrant icon is simply too frustrating.
-He can't help attacking the screen when he hears "You've Got Mail".
- It's too messy to "mark" every Web site he visits.
-The FETCH command isn't available on all platforms.
-He can't stick his head out of Windows 98.

Click to email this item to a friend
  http://www.langa.com/sendit.htm

return to top of page

11) Plus! Edition Highlights:

• Silent Death" Stalks UPSes...
• ...And Watch Out For Unintended Consequences
• Want "D Best" In Freeware?

Today's LangaList Plus! Edition contains all ten items above, plus about 30% more content including: Info on how and why a surge suppressor or UPS may die with no external evidence at all; another weird potential glitchlet in using a surge suppressor; and an almost-unknown site with hundreds (!) of freebies and freeware.

A Plus! Edition costs just pennies! Info: http://www.langa.com/plus.htm 

Click to email this item to a friend
  http://www.langa.com/sendit2.htm

return to top of page

See you next issue!

Best,

Fred

Please recommend the LangaList to a friend! (And maybe win $10,000!I)

An easier-to read formatted HTML version is available in the "Current Issue" section of http://www.langa.com.  (The HTML version of each issue normally is available by 9AM EST [UT-5] of the issue date.) All past LangaList issues are also available at the Langa.Com site.

return to top of page

Administrivia:

UNSUBSCRIBE: From the same email account you used to sign up with), send an email to
unsubscribe-langalist@lyris.dundee.net

SUBSCRIBE (it's free!): Create and send a new email to
subscribe-langalist@lyris.dundee.net

CHANGE ADDRESS? LIST TROUBLE? HAVE QUESTIONS? OTHER PROBLEM? NEED HELP? See http://www.langa.com/help.htm

This newsletter is SPAM PROOF and requires two levels of subscriber confirmation before delivery begins: See http://www.langa.com/info.htm

About the advertisers: http://www.langa.com/privacy.htm#ads

Disclaimer: http://www.langa.com/legal.htm  In brief: All information herein is offered as-is and without warranty of any kind. Neither Langa Consulting LLC, nor its employees nor contributors are responsible for any loss, injury, or damage, direct or consequential, resulting from your choosing to use any information presented here.

This newsletter is a service of Langa Consulting LLC and is Copyright © 1997-2005 Fred Langa/ Langa Consulting LLC. All worldwide rights reserved. LangaList: ISSN 1533-1156

return to top of page