|
Please visit the LangaList
Home Page
Please note: Older issues
may contain information that is now
out of date
How To
Subscribe and Unsubscribe is at the end of this
note. Mailing List Trouble? See
http://www.langa.com/help.htm
Questions about the advertisers?
See the end of this note. Please also see legal notices
at the end of this note. LangaList: ISSN 1533-1156
Please
recommend
the LangaList to a friend! (And maybe win a prize!)
An easier-to read formatted
HTML version of this newsletter is available
<a href="
http://www.langa.com/newsletters/2003/2003-09-29.htm ">here</a>
The
LangaList
Standard Edition
2003-09-29
A Free Email Newsletter from
Fred Langa
That Helps You Get More From Your Hardware,
Software, and Time Online
Please visit our sponsors
and help keep the LangaList S.E. free!
--- ( Your
Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )--------------
1) Will Microsoft Do
What It Takes? Will You?
You're probably *still* getting worm-generated
E-mails or having to filter and dump bogus "we detected a virus in your E-mail"
auto-reply messages that the recent worm triggered as a secondary effect.
Although the
volume of worm-mail has diminished, it's only a matter of time before the next
round begins, either from that worm or a cousin, or from things like the fake "Security Patch"
email supposedly sent from Microsoft last week. (Microsoft never sends patches
by email; you have to download patches from a Microsoft server. Any patch you
get from "Microsoft" by email is really a trojan sent by a cracker looking to
infect your computer.)
All this hostile activity caused InformationWeek's
Editor in Chief Bob Evans to focus several articles on the topics of hacking and
security, including a column that looked at the front two-thirds of the problem--- (1) the
malicious hackers who produce hostile worms, trojans, and viruses; and (2) the
software vendors themselves--- especially Microsoft--- who generate code with
abundant security holes that miscreants can exploit.
Indeed, Microsoft is at the heart of our current
online security woes; there are real and systemic problems with Microsoft's
software development process. For example, consider buffer overruns, which can
be exploited to stuff hostile code into a PC. It's easy for buffer-overrun
vulnerabilities to happen--- they're one of the most common types of programming
error. But buffer-overrun problems have affected Microsoft software time and
again across the years and
across multiple Microsoft product lines. (See
http://www.google.com/search?q=buffer+overrun+microsoft )
If these buffer overrun issues were isolated cases, that would be one thing. But
the sheer number and persistence of this kind of problem in Microsoft software
suggests to me there's a fundamental blind spot in Microsoft's corporate
programming practices, and a glaring and obvious hole in their quality assurance
strategies.
But that's not the whole story, because there's a third component to the problem
of desktop security--- what you might call human nature, or more simply: you and
me. All these factors have to be considered as part of the solution; *we* have
to be part of the solution.
But that's also the good news: We *can* be part of
the solution. We don't have to sit by as passive victims of the shortcomings of
Microsoft and other vendors, nor of the malicious intents of crackers and cybercriminals;
nor do we have to ascribe to simplistic and sophomoric
"Dump Microsoft" strategies that--- as I'll show you--- actually would make
things worse, at least in the short term.
I've spelled it all out in a new InformationWeek
column, live now at
http://www.informationweek.com/story/showArticle.jhtml?articleID=15200416
. There, I'll show you where I think Microsoft is
failing us, and why, and what they could do about it.
I'll also discuss how even the
most-security-conscious among us may unwittingly contribute to security
problems; and I'll detail steps you can take to make yourself quite acceptably
secure now, but more importantly, also to remain secure in the future, as
attacks get even more common and more hostile.
But what's your take? Is responsibility for security
shared between vendors and end users, as I suggest, or is it mainly a vendor
problem? If someone said, "I can give you virtually hacker-proof software, but
it will require that you toss all your current software," would you do it? Would
your company? Do you prefer an incremental approach to improving security, even
if that takes longer? What steps do you currently take to keep your own PC safe?
Join in the discussion at
http://www.informationweek.com/story/showArticle.jhtml?articleID=15200416 !
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
2) Deleting IE from
Windows
Hi there, I was wondering if you knew of a way to delete IE from a
windows 2000/XP computer... I have manually tried to delete random IE folders and files I find lying around the computer... I have gone into the XP Remove System Components thing from the Add/Remove Programs and taken IE out, but that just seems to remove it from the start menu and the desktop. Thanks a lot, your newsletter has been a great resource to me! ---Andrew
Good timing, Andrew! I've actually been waiting to talk about this for a
while.
It's not a trivial thing to remove the web-components of Windows because,
since Win98, they've been buried deep in the OS. Each succeeding release of
Windows has made removal harder and harder.
There are manual removal methods, but they're ugly, dangerous, and time-consuming---
not something I recommend you try. But if you want to do it the hard way,
here's a start:
http://www.google.com/search?q=remove+ie+windows
A much better, more automated way is with a tool like the $25 "98Lite" (
http://www.litepc.com/98lite.html
), which is a professional-quality utility to produce reduced-footprint custom
versions of Win98.
The part I've been waiting to talk about is a new
version for XP and 2K called "XPlite and 2000lite." It's been in
development for ages, but it's finally shipped ($40 at
http://www.litepc.com/xplite.html ). As such, it's a version 1.0 tool, which suggests
caution. But that very long beta cycle was probably a good thing: You want the
bugs out before you try anything as potentially dangerous as this!
But before you grab a copy, let's step back for a
moment: There can be some very good reasons for wanting to remove
deeply-embedded Windows components, and many of these are discussed on the "lite"
sites, above. For example, vendors wanting to produce Windows-based "kiosk"
applications or other special-purpose installations can benefit greatly from
having an OS that contains only those components they truly need, and no others.
But many people simply want to "rip out IE," and usually for the wrong
reasons. If you simply don't like IE, don't use it. You can install any other
browser, and it'll work fine. There's no need to tear apart your entire OS
first.
If you're having trouble with IE--- it's not working right--- then slapping
in another browser may not help, because deep-seated browser problems are often
an indication of an OS that's become fundamentally unstable due to misinstalled
software, incompletely-removed software, corrupted files, viruses, worms, etc.
The problems may show up in the browser, but that may just be the tip of the
iceberg; and these problems won't be cured simply by adding a new browser or ripping out
the old one.
And all the "lite" versions, above, assume that you're starting with a clean,
properly-installed OS. If your OS already is hosed, ripping out components
wholesale isn't likely to make things any better.
So, if you're having trouble with IE, there's no way to get around the fact
that you're going to have to *fix* it sooner or later. I usually recommend
taking the hit and doing a full-blown ONE-TIME fix: back up the data, reinstall
the OS and the browser from scratch; and then preserve that perfect, known-good
setup in a new full backup or image. It's a pain, but you only have to do this
ONCE in the life of your system. If things ever get hosed again, you can restore
the perfect backup or image, and get going again in minutes. (See
http://www.langa.com/backups/backups.htm )
If you really, truly need to produce a reduced-footprint version of
Win98, 2000, or XP, the "lite" tools above are your best bet. But don't do it
for the wrong reasons, and don't expect it to correct fundamental problems in a
system that's gone bad!
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
3) Dialog Box Sort Order
A recent item called "Stuck On "Reverse Sorts" (
http://www.langa.com/newsletters/2003/2003-09-11.htm#4 ) brought this useful
reader tip:
Hi Fred, I too had the problem of the CDB [Common Dialog Box] sort order some time ago - The "Common"
dialog box is anything but common, darn MS anyway.
Your reader's suggestion about holding the control key is apparently correct
for Win98, but it will not work for other OS's.
There're a lot of "ifs, ands or buts" to the following and I've tried to
delineate them here: [
http://langa.com/u/1k.htm ] ---Larry (Laurence L.) Holbrook
Wow, thanks, Larry! There's a *ton* of info on the page. Most of it is
oriented to Win2K, but much also applies to XP as well. Excellent!
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
4) Fred Missed The
Question?
Several readers wrote letters like this in reference to "Stolen PC/Laptop
Problems" (
http://www.langa.com/newsletters/2003/2003-09-18.htm#9 ):
Love your newsletter, but disagree on: "3. Does he then have access to the actual password? It's moot. With a password crack tool, he doesn't have to know the current password at all to get in."
It's not moot if that same password is used in many other places as
I'm sure most people do. ---Al Kraybill
Hmmm. I think we inferred slightly different root
questions. I'll answer yours in a moment, but first, recall that the reader's
letter was in the context of a laptop theft. No one would steal a laptop to get
the password. If someone wanted to steal a password for data- or identity theft,
he'd want to do it as surreptitiously as possible, so the password would not be
changed. This would allow the thief to continue using the password for nefarious
means.
Stealing a laptop isn't subtle at all: The owner
immediately knows his password is compromised, and in hostile hands. The thief would have to assume
that the owner will change his account passwords in short order, rendering the
stolen password(s) useless.
And that's the answer to the question I think you
wanted me to address: "Should I now change all my passwords?" The answer is an emphatic
and absolute, "Yes!" Passwords should be changed regularly anyway, and they should
*always* be changed whenever you know or
suspect that someone's after your data; especially if a laptop or pc has been
stolen. It's like changing the lock on your
house after a burglary. Who, in his right mind, would keep the locks the same
if a burglar were likely to have a key? <g>
When in doubt, the smart thing is to assume that your
passwords are toast, and to change them all, immediately.
More info:
http://langa.com/u/1l.htm
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
--- ( Your
Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )--------------
5) Quick Partial
Defrag In XP
Hi Fred, I am a relatively new subscriber to the Langalist newsletter and must say I
enjoy it thoroughly.
I was searching for a way to speed the execution of some of my programs and
also the overall speed of my interface (WindowXP professional), the problem with
the defragmenter is it takes ages to do its job especially when I leave it for a
few weeks.
Uninstalling and installing programs seems to take its toll on the old hard
drive and consequently major fragmentation occurs, I was unaware of the command
line version of defragmenter until I read an article on a website I just happen
to drop on.
Apparently to improve the speed of your starting applications, WindowsXP
continually monitors files that are used when the computer starts and when you
start applications. It then creates an index that lists segments of frequently
used programs and the order they are loaded in. This pre-fetching process
improves performance by allowing the operating system to quickly grab program
files. [More on PreFetch:
http://www.langa.com/newsletters/2003/2003-09-22.htm#7 ]
WindowsXP runs this about every 3 days but if you need to optimize manually
all you need to do is run a Command window and type defrag c: -b
This will do a very fast defrag of your starting applications and put them on
the outer part of your hard drive making it feel as though you have just
completed a full re-installation of WindowsXP!--- Dave Leversidge
Thanks, Dave! The "-b" switch was news to me--- I'd never heard of it. I let
my system do a full automated defrag every night (via Task Scheduler), and that
places my most-used software towards the front of the disk anyway, so I'd never
sought out a separate option for doing that.
But for cases where you can't run a full defrag--- it can
indeed be slow, especially
if it hasn't been done in a while--- just being able to move the most-critical
apps around is very handy. Nice!
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
6)
Last Days To "Recommend And Win"
On Sept 30, I'll choose three more monthly
winners who each will get a FREE ONE YEAR SUBSCRIPTION to the LangaList Plus!
edition. (If your name is drawn and you're already a Plus! subscriber, your
current subscription will be extended by a full year.)
To have a shot at winning, just use the following
link to recommend the LangaList to a friend. Your friend just may find a new
source of useful information; I just may gain a new subscriber; and you just may
win a FREE ONE YEAR SUBSCRIPTION! (Full details also available via this link):
http://www.langa.com/recommend.htm
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
7) Drive Image Eaten
By Ghost
Frequent contributor Bronson Elliott was first to send this along:
Fred: Here's an interesting article:
http://news.com.com/2100-7350_3-5081273.html
---Bronson
In short, Symantec (producers of the "Ghost" drive imaging product line) has
bought out PowerQuest (producers of Drive Image and PartitionMagic).
I have no idea what this will mean for either product
line, long-term, but it may
be one more reason to steer clear of PowerQuest for a while.... (See also
http://langa.com/u/1j.htm )
Thanks, Bronson!
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
8)
They Just Keep Coming And Coming...
Over three thousand of your fellow readers have
"Loaded the code." Please click over to
http://www.langa.com/code.htm , and maybe you can join them! (If you've
already "Loaded The Code" and are wondering if your site will appear here or on
the Langa.Com web site, please see
http://www.langa.com/link.txt )
Speaking of which: Here's another eclectic sample of reader
sites--- some professional, some very personal:
View A Randomly-Chosen Reader Site
http://www.langa.com/randomlink.htm
Manually Browse All Posted-to-Date Sites
Starting At
http://www.langa.com/readersites.htm
Highland Forge
http://www.highlandforge.ca/
Desktop Help
http://www.mydesktophelp.com/
Used Homeschooling Stuff
http://www.usedhomeschoolstuff.com/
Backslash Tech
http://www.backslashtech.com/
Clerestorial
http://www.clerestorial.com
Seguel Kembo
http://www.seguel.com/
Joshua's Blog+
http://www.joshj392.com/
Puamana Web Design
http://www.puamanawebdesign.com/
Dobrodosli na trikove i savjete
http://zvjerkan.cjb.net/
SoftwareGeek
http://www.softwaregeek.nl/
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
9) Cob Shell And
Paint
Hi Fred: In a recent article you touched on Progs for people with
disabilities. I'd like to add one.
Cobshell is an application that intends to help people with any kind of
coordination disabilities, movement disabilities or visual problems (and
maybe other kinds of problems) to handle with a computer. It can also be
useful for children (4 years or less).
http://www2.educ.umu.se/~cobian/cobshellplus.htm
The program provides an interface with 6 big buttons covering the WHOLE
screen. You can configure each button to run one program. You can also
customize each button with a bmp (picture) file and a wave (sound) file.
A password feature has also been added to prevent users from changing the
configuration.
CobPaint also falls into this category.
Thanks, Bob Ethridge
Thanks, Bob. Windows has gotten somewhat better at assisting people with
different physical challenges; and Linux is beginning to adapt, at least a
little. But add-on tools like these are invaluable to those who really need 'em!
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
10) Jsut For Grnis (!)
Several readers sent in variations on the same item. For example, R. Dan Park
wrote:
Aoccdrnig to a rscheearch at an Elingsh uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer is at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit porbelm. Tihs is bcuseae we do not raed ervey lteter by it slef but the wrod as a wlohe. Qiute ture I thnik.
Bruce Starling sent in a slightly different version called "The phaomnneil pweor of the hmuan mnid."
Tahnks to all who wrtoe in! 8-)
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
--- ( Your
Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )--------------
11) Plus! Edition Highlights:
-
XP-Freeze Problem
Solved
(speeds
up all normal on-screen operations, too!)
-
KVM Mini-Network
(easy way
to migrate data)
-
Freebie Disk Imager
(too good
to be true?)
DID YOU KNOW that Plus! subscribers have
access to over 100,000 additional words
in special features, extra content and private links, all on a private web site?
All that, plus 30% more content in every issue, for just a dollar a month!
Full
Plus! Edition info:
http://www.langa.com/plus.htm
Click to email this item to a
friend
http://www.langa.com/sendit.htm
return to top of page
(Want to give a gift
subscription to the LangaList Plus edition?
Click <a href= "
http://www.langa.com/plus_gift.htm ">here</a>)
See you next issue!
Best,
Fred
( Editor@Langa.Com )
Please
recommend
the LangaList to a friend! (And maybe win a prize!)
An easier-to read formatted HTML version is
available in the "Current Issue" section of
http://www.langa.com.
(The HTML version of each issue normally is available by 9AM EST [UT-5] of the
issue date.) All past LangaList issues are also available at the Langa.Com site.
return to top
of page
Administrivia:
UNSUBSCRIBE: From the same email account you
used to sign up with), send an email to
unsubscribe-langalist@lyris.dundee.net
SUBSCRIBE (it's free!): Create and send a new email to
subscribe-langalist@lyris.dundee.net
CHANGE ADDRESS? LIST TROUBLE? HAVE QUESTIONS? OTHER PROBLEM? NEED HELP? See
http://www.langa.com/help.htm
This newsletter is SPAM PROOF and requires two levels of subscriber confirmation
before delivery begins: See
http://www.langa.com/info.htm
About the advertisers:
http://www.langa.com/privacy.htm#ads
Disclaimer:
http://www.langa.com/legal.htm In brief: All information herein is
offered as-is and without warranty of any kind. Neither Langa Consulting LLC, nor
its employees nor contributors are responsible for any loss, injury, or damage,
direct or consequential, resulting from your choosing to use any information
presented here.
This newsletter is a service of Langa Consulting LLC and is Copyright © 2003
Fred Langa / Langa Consulting LLC. All worldwide rights reserved. LangaList: ISSN
1533-1156
return to top
of page |