|
Please visit the LangaList Home Page Please note: Older issues may contain information that is now out of date How To
Subscribe and Unsubscribe is at the end of this
note. Mailing List Trouble? See
http://langa.com/help.htm Please recommend the LangaList to a friend! (And maybe win a prize!) An easier-to read formatted
HTML version of this newsletter is available The
LangaList 2006-02-16 Please visit our sponsors and help keep the LangaList S.E. free!
--- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------
1) Deep-Geek Tools For Even Non-GeeksThe major brain-fade I told you about earlier this week--- one that caused me to lose several files--- is generating a lot of emails of the "gentle ribbing" variety. <g> But hey--- all this backing up and synching is precisely because I've learned that *^&^%$ happens; and human error is inevitable. It's been literally many years since I lost data the last time, and should be years before it happens again. But sooner or later, it happens to us all. In discussing the recovery tools I used, some readers asked about the name "Hex Editors," wondering if binary incantations were involved. But it's much more prosaic that that: In this context, "hex" stands for "hexadecimal," the low level, machine-friendly base-16 notation system ( http://www.google.com/search?q=hexadecimal+notation ) used in many computer programs and codes. Informally speaking, in our normal base 10 system, we count from one to 10 and then repeat, forming groups of 10. In base 16--- hexadecimal--- we count from one to 16 and then repeat, forming groups of 16. Because we don't really have names for all the hex numbers, we use letters of the alphabet instead, so counting in hex goes 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f, 10.... The number "10" there doesn't mean the familiar number ten, but instead refers to "the first group of 16;" just as in base 10 the number "10" really means "the first group of ten." Why use something like hex? It's a space and memory saving convention, mostly from the early days of computing when memory was precious and literally every bit counted. For example, take our familiar decimal number 15, which normally requires two characters (a one and a five) to express. In binary--- base 2, the language of ones and zeros used by electronics at their very lowest levels--- the same number takes four characters to express: "1111." But in hex, it's simply the single character "F." So, when space matters, hex is very efficient. Too much math? Need some comic relief? Here's an old "Just for Grins" item that shows that once you get past the strangeness of hex, binary and other unfamiliar counting systems--- like octal (base 8)--- you actually can have some fun with this stuff:
But getting back to the main point, the nice thing about "hex editors" and related tools is that you don't have to do any weird math to use them. That's worth repeating: YOU DON'T HAVE TO DO ANY WEIRD MATH TO USE THESE TOOLS! <g> In searching for, say, lost text somewhere on your hard drive, you can just enter the search terms normally, in English (or whatever language you speak) just as you would with any other search tool, such as the "find" function in a word processor. That's all it takes! The hex editor does all the heavy lifting for you. And these tools are incredibly powerful:
In theory, a hex editor can let you see and modify *anything* and *everything*
*anywhere* on your hard drive, including any and all kinds of files and their
contents, and even the disk's own fundamental data structures. Maybe you'll never make a mistake like mine. But who among
us is truly immune to brain fades? (I know I'm not!) Having a deep-geek
file/disk recovery tool on hand just might save you hours of work later on, so
click on over and see what's available! Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )------------- 2) Tragic Consequence
How truly awful, Bill. My condolences. You don't say exactly what's locked, so I have to answer a bit generically: If it's a Windows-based password, this may help: http://www.informationweek.com/story/showArticle.jhtml?articleID=13100343 It discusses "...if you legitimately need to access someone else's password-protected PC.... [here are] the tools available to solve the most common types of operating system- and application-level password problems in XP..." If it's just the password itself that's encrypted, and not
the files, then you can use any number of tools to boot the PC with an "alien"
OS, and then access the unencrypted files on the hard drive via that OS. The
Linux "live" CDs (self-contained CDs that boot and run the OS without needing
anything installed on the hard drive) can often do this: Some simple file-level passwording, including that of some Office documents and the original, primitive zipfile password protection, can be broken with free "cracking" tools. A Google search will turn up a raft of software for that purpose. But more advanced file-locking tools that use sophisticated encryption (Blowfish, AES256, etc; and even some simpler, older methods like 3DES) are usually beyond desktop-level cracking tools. If that's what's involved, you can try a Google search with the word "crack" plus the name of the encryption tool or standard, such as: http://www.google.com/search?q=crack+blowfish You'll at least see what your options are. BIOS-level passwords--- ones that pop up at boot, before the OS has loaded--- can sometimes be reset by moving a "jumper" (a kind of simple switch) on the PC's motherboard. It's often just a finger job; at worst, you'll need tweezers or needle-nosed pliers to move the tiny jumper. Moving the jumper discharges the retained settings in the BIOS, including any stored passwords. After a few seconds, you put the jumper back to its original position and restart the PC, which will then wake up in a pristine, default hardware state. Here's general information on resetting the BIOS this way: http://www.google.com/search?q=reset+BIOS+jumper But the vendor's web site or the owner's manual should have full detail about this process for you, if it's available on the system in question. On some older systems, you can accomplish the same thing (a total BIOS reset) by unplugging the PC and removing the internal battery. You wait for a while--- 15-30 minutes usually does it--- to let the residual charges dissipate and for the BIOS to "forget" its settings. You then put things back, and reboot. But even all these methods combined may not be enough: A good password, properly applied, won't be open to any simple form of cracking like these. That's why it is indeed a good idea to let someone else know how to get into your PC, if they might need to. My wife and I each have our own copy of Roboform Pro, for example; we know each other's master password. With that one master password, we can--- if need be--- open each other's Roboform to access all the other passwords and other information stored within. It's the sort of thing you hope never to have to do, but--- as Bill's tragedy shows--- sometimes you must. Click to email this item to a
friend 3) How Long Should An OS Install Last?
In my experience, most--- almost all--- such problems are due to the unexpected actions of one or more security tools or settings. Your firewall or some script-stopper could be in the way, for example; there's no way to know from here. Beyond that, there are some OS-level issues that can crop up: Some tools don't like being compressed, for instance. If you have Cleanmrg set to run periodically, for example, it can compress infrequently-used files to save space. ( http://www.google.com/search?as_q=cleanmgr&as_sitesearch=langa.com ) But if the wrong file gets compressed, you may see unexpected behaviors. There also can be problems cause by too-aggressive Registry cleaning; if a tool removes a key or value it shouldn't, software may break. The trick here is not to let any cleaner take out everything it wants to unless you have a good image or other rollback tool, so you can recover from a too-aggressive cleaning; and to watch the tool very carefully for the first few runs, until you're sure it's not taking out anything it shouldn't. Hardware can play a part, too. Disk drives, for example, are extremely accurate, but not perfect. Every once in a while, a "1" will get written as a "0" or vice versa. It doesn't happen often, but with today's huge hard drives, it approaches a statistical certainty that some bits on the drive *will* get munged. If these errors aren't caught, or if they happen in the wrong time or place, you again get unexpected behaviors. Same with RAM. (And note that these hardware issues exist independently of any OS. It's not a Windows thing or a Linux thing or a Mac thing--- it's that our hardware isn't 100% perfect.) BTW: Karen Kenworthy just wrote about this in her Feb 10th newsletter: http://www.karenware.com/current.asp Which of these affected Robert? There's no way to tell. It sounds like he was doing a good job of keeping his PC setup clean, but even so, you'll never prevent all problems, forever--- not with any OS. Good maintenance practices can *extend* the life of any OS installation, and with systems that aren't changed often or used a lot, you may get literally years and years out of a single setup. On the other hand, if you make a lot of changes, add and remove lots of software, and/or otherwise diddle in the guts of any OS, you probably *won't* get "years and years" of trouble-free use from any single install. In my case, with lots of software coming and going on my system, and very heavy use (it's usually running and doing *something* pretty much 24/7), I get about a year from a setup in XP before I begin to wonder about all the changes I've made. So, each year, usually around New Year's, I'll do a proactive Grand Mal cleanup and reinstall from a known-good image made some time ago. I then update the image, and perk along for another year or so. I get much less mileage from my Linux setups, but that's because I don't know Linux as well and my installs blow up pretty frequently. <g> A highly-skilled Linux guru could probably easily go a year or more with his setup, same as I do with XP. But then, that person's XP setup might be melting down in short order because he might not know XP as well as he does Linux. If you keep your system lean and clean, with no unnecessary complexity; carefully select complementary (and non-interfering) security tools; and make regular backups and images; you should be able to go for a long time between major overhauls. But even in the best case, it won't be forever. Eventually, trouble will strike. Cleaning: Many maintenance ideas: Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList S.E. Free! ) --- "Dear Fred, I received the
first of your Plus Editions this Monday and I --------------( the above is an advertisement )-------------- 4) Tax Software Security?
I share your concerns. Even when the companies involved are 100% above-board and honorable, they may be subject to external hack-attacks that could put your information at risk. But I don't think this is an either/or thing, but rather a spectrum. At one end, someone with good security over his or her own accounts; perhaps with identity-theft insurance; and with nothing online, in a PC or in a bank of particular interest to a thief; would have little to risk by using these services. At the other end, someone with information or resources that would be highly attractive to a data or identity thief probably would be better off staying off these particular grids. Because my livelihood is on my PC, I don't use services like those: I want my information as local as possible, and under my own paranoid gaze. <g> But there are others for whom the benefits of these services would far outweigh the risks; and so would be good candidates for using them. As with so many things, it's a judgment call. All I can do is try to point out some of the issues; but you have to decide for yourself. Click to email this item to a
friend 5) IE Tab Add-On For Firefox
Thanks, Steve! Click to email this item to a
friend 6) Recommend This Newsletter And Win!If you think the LangaList is a worthwhile read, maybe a
friend would find it useful too! Just use the following link to recommend the
LangaList--- your friend may find a new source of useful information and you
just may win one of three FREE ONE YEAR SUBSCRIPTIONS to the LangaList Plus!
edition given each month. (If your name is drawn and you're already a Plus!
subscriber, your current subscription will be extended by a full year.) Click to email this item to a
friend 7) Confused Salesman?
Hmmm. Sounds like you ran into a deeply confused salescritter. A power supply will supply whatever wattage is called for, up to its capacity. When the PC needs less power, the power supply supplies less. A 350 watt power supply doesn't sit there continually pumping out 350 watts: It's capable of supplying that amount, but will only do so in response to a like-sized demand. (Think of a car engine: It may be capable of producing X horsepower or X kilowatts, but that doesn't mean it's producing that amount of power all the time.) That said, not all power supplies are the same *physical* size; and a power supply does have to fit the case it's being mounted in. Motherboard power sockets also have changed over the years, and while some replacement power supplies are more or less universal, with a whole Medusa-like mass of cables and connector types hanging from them, others are specific to a particular type of motherboard connection. Perhaps this is what the vendor was trying to say--- not a wattage issue per se, but one of simple physical size or connection type. You can use various online tools to help you find a correct replacement power supply for just about any PC. For example: http://www.pcpowercooling.com/technology/ This search will lead you to many other options, too: If you add "quiet" as a search term to the above, you'll narrow the choices to vendors specializing in less noisy units. I've personally had good luck with a very quiet Seasonic power supply that uses an oversized, thermostatically-controlled fan. It's almost inaudible at normal temperatures, and only becomes softly audible when the system's working hard for extended periods. (See http://www.informationweek.com/showArticle.jhtml?articleID=21401323 ) So I don't think you'll find that your system "cannot be upgraded beyond 300 watts." If you need more power, chances are there'll be a replacement power supply out there that will do the job just fine. Click to email this item to a
friend 8) Code-Load Success StoryCode-loaders Bob and Sherry write:
Do you have a home page or website? (It doesn't matter
what size.) Please click over to
http://langa.com/code.htm and maybe you can join the thousands of LangaList
readers who have "Loaded the Code!" (If you've already "Loaded The Code" and are
wondering if your site will appear here or on the Langa.Com web site, please see
http://langa.com/link.txt ) Manually Browse All Posted-to-Date Sites Starting At Spinoff.Com Ripper Hollow City Directory Appel family Irish Artist Automotive forms Marketing blog Don's Patch Power To Excel Computer Vitals Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )------------- 9) "Tarpitting"
Ah, yes: tarpitting: The newest half-baked anti-spam tool in vogue. Sigh. One company offering tarpitting services says it "checks for unsuccessful attempts to deliver messages to unknown users by external or local non existing users." In other words, the idea is to block inbound mails generated by a dictionary-attack that's spewing a ton of emails with made-up names for a given domain in the hopes that at least a few of them will turn out to be valid accounts. The tarpit software looks for emails generating a large absolute number of "address unknown" or "username not found," and blocks all the emails coming from the source of the erroneously-addressed emails. As is usual with antispam tools, it sounds great at first. Wow--- a way to detect and block dictionary attacks! But then reality sets in. What these brain-dead tarpit tools can't know is what *percentage* of the mailing the failures represent. So, a large, totally-legitimate mailing list can still run afoul of the tarpit because even a tiny percentage of bad addresses may still produce enough errors to trigger the tarpit's simple counting-based blocking mechanisms. As a very simplified example of the breathtaking stupidity of tarpits, let's say a given tarpit has a trigger threshold of 1,000 bad addresses from a given source. That means a spammer sending out 9,999 spam-mails with a 10% failure rate might get through the tarpit just fine; but a totally legitimate mailing list sending out 100,000 emails with a 1% failure rate might not. Brilliant, eh? Want a more realistic example? In my case, I have something around 150,000 subscribers (mostly to the free newsletter). Because I keep my mailing lists squeaky clean, I have a very high successful-delivery rate. Let's call it 98%. But that still means that each issue will generate 3000 "address unknown" or "username not found" or similar kinds of failures. Wow--- 3000 failures from this "Langalist" thing? It must be spam, right? Into the tarpit with all LangaList emails! Smaller lists with higher failure rates will also get bogged in the tarpit. It doesn't matter if the mailing is 100% legitimate, or what the actual failure percentage is. The tarpit allows a certain number of mail-address errors from a single source, and no more. If you mail to a group, one thing that might help get your mails past tarpits is to slow down your mailings and break them into smaller groups. For example, send the mails with only a few addressees or BCCs or CCs, and space them 10 or 20 or more minutes apart. By dribbling out your emails rather than blasting them all at once, you may be able to stay under the trigger thresholds of some antispam tools. You also can avoid using triggerwords in your letters. Too many capitalized words, too many exclamation points, too many words like "free," and so on, all can trigger spam filters. (Every time I discuss some free software in this newsletter, spam filters freak out and block more copies of the issue, "protecting" you from the evil of free software. Grrr.) Of course, spammers know these tricks, too, which is another reason why these simple counts and filters are so ineffective. But beyond the above, there's not much you can do. Against stupid spam tools, the email gods themselves struggle in vain; so what chance do you and I have?
http://www.google.com/search?q=email+tarpit Click to email this item to a
friend 10) Plus! Edition Highlights:Today's LangaList Plus! Edition contains about 40% more content including:
The Plus! edition is only pennies per issue, and comes
with a MONEY BACK Plus! Edition info: http://langa.com/plus.htm Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )------------- 14) Just For Grins
Ooooo, there's goes my productivity for a while.... <g> Click to email this item to a
friend (Give a gift subscription to
the LangaList Plus edition! The LangaList is published about 72 times a year, or about 6 times a month. See you next issue, 2006-02-23! Best, An easier-to read formatted HTML version is available in the "Current Issue" section of http://langa.com. (The HTML version of each issue normally is available by 9AM EST [UT-5] of the issue date.) All past LangaList issues are also available at the Langa.Com site. UNSUBSCRIBE (instant removal!):
http://langa.com/leave_langalist.htm CHANGE ADDRESS? LIST TROUBLE? HAVE QUESTIONS? OTHER PROBLEM? NEED HELP? See http://langa.com/help.htm This newsletter is SPAM PROOF and requires two levels of subscriber confirmation
before delivery begins: See
http://langa.com/info.htm |
|
Please visit the LangaList Home Page |