How To Subscribe and Unsubscribe is at the end of this note. Mailing List Trouble? See http://langa.com/help.htm
Questions about the advertisers? See the end of this note. Please also see legal notices at the end of this note. LangaList: ISSN 1533-1156

Please recommend the LangaList to a friend! (And maybe win a prize!)

An easier-to read formatted HTML version of this newsletter is available
<a href=" http://langa.com/newsletters/2006/2006-02-23.htm ">here</a>

The LangaList
Standard Edition

2006-02-23

A Free Email Newsletter from Fred Langa
That Helps You Get More From Your Hardware, 
Software, and Time Online

Please visit our sponsors and help keep the LangaList S.E. free!

1) New To "Always-On" Connection

Hi Fred: I'm a 2 year Plus subscriber and I can't tell you how many times I've gotten help, hints and tips from your newsletter. I've used most of your security recommendations for my Windows XP Home machine such as: ZoneAlarm, AVG Antivirus, Spybot, all the latest updates etc. but don't have a hardware firewall.
 
DSL recently became available in my area (Verizon/Yahoo) and I immediately switched from my old slow dial-up to DSL and I think it's about the best thing since sliced bread.  I am concerned about security and this "always on" connection since the computer is usually turned on for several hours a day. If not currently in use, it sets at the logon screen so whoever the next user is (it has an account for myself, my wife and my daughter) can conveniently get to their account. My concern is this: Is the computer, when setting idle at the logon screen, vulnerable to attacks from the internet (assuming they could get through the firewall)? I think I practice pretty good security and am relatively safe but was wondering if my DSL is connected to the internet when setting at the account logon screen. I know I could set the ZA internet lock or turn off the modem but my wife and daughter would probably complain about these inconveniences.
 
I know you get hundreds, maybe thousands of emails a week, but with the rapid growth of broadband, maybe there are a lot of us "broadband newbies" wondering about this.
 
Thanks for a great newsletter, Stephen Reed

Well, there are a couple things to consider. First, security tools that run as "services" and that are installed system-wide (for all users on a PC, not just tied to one account) load with the OS and so do provide at least basic protection even when no one's logged in. Many of the major antivirus tools operate this way, for example. When you log in, the stuff you see load then is the front end or interface that lets you access and modify these services; not the services themselves, which are already running. So your PC probably does have some level of protection even with all users logged off.

Also, when a PC has all users logged off and is just sitting there twiddling its electrons, not a lot can happen anyway. For example, for viruses, worms, and such to be a challenge to your protections, they'd have to get on your PC in the first place. With nothing running on your PC to let the malicious file in, it's not a likely occurrence. There's no mail client running to pull in files, no FTP utility running to accept or send files, etc. So, there's no easy way that bad stuff can end up on your system.

A malicious hacker could try to log onto your system from afar. By taking over your system he'd then have access to your files--- to everything on the system--- and could do you harm. But if you use good security on your system, such as limiting the use of "Administrator" accounts, and ensuring that all passwords are well-made and changed regularly, and that you don't leave "share my PC/share my files" or "remote desktop connections" and the like needlessly enabled (that is, when you don't actively need them) then the risks of a successful hostile login from afar are quite low.

PCs used as servers (eg web servers) have additional special considerations because they are, by definition, designed to allow external access: Servers thus have a higher risk of being hacked. But it sounds like you're talking about a normal desktop PC, so those issues don't pertain.

But in the same vein, even lightweight "server-like" activities such as file and printer sharing need to be carefully managed. As yours is a single PC being shared among several users, you really don't need network-oriented file and print sharing services turned on; you can marginally increase your local security by making sure those services are turned off. (I say "marginally" because if these services are set up properly on a LAN that correctly uses non-routable IP addressing, local print and file shares aren't visible to or accessible from the internet anyway.)

In short, I don't think yours is a high-risk situation. But if you want more security, than yes, by blocking the connection via software, or simply by disconnecting the physical DSL plug, you can ensure that nothing bad gets in. (Some DSL and cable "modems" have a convenient connection switch or toggle on them for exactly this purpose.) And an external hardware firewall also can help--- not in place of your existing defenses, but in addition to them.

Lots more info:

The article "5 Essential Steps To PC Security" ( http://www.informationweek.com/showArticle.jhtml?articleID=177100010 ) rounded up a ton of info and links for making a PC about as safe as it can be.

(And BTW, the good folks at CMP also have gone back and dug out many of my older articles and columns--- some dating back to 1998--- and listed them all in one convenient place: http://www.informationweek.com/authors/showAuthor.jhtml?authorID=1111 If you're looking for easy access to a *huge* amount of material going all the way to WinMag days (!) you'll probably find it there.)

This general search also has some good info in the topmost listed sites: http://www.google.com/search?q=xp+security

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

--- ( Your Clicks On Ad Links Help Keep The LangaList S.E. Free! ) ---

"I just thought I would drop a line and let you know that this is
the 2nd year of my Plus subscription and thank you for all your insight and opinions,
along with many, many useful downloads. All of your download tools and utilities
(both freeware and shareware) are great and many of which I still use today.
Long Live the Langa List ( and Fred ..of course )" ---Joseph R. Cascio Jr.

Thanks, Joseph!

The Plus! edition is just pennies an issue--- about $1 a month--- but that
small amount gets you a boatload of benefits. Get all the details:

http://langa.com/plus.htm

--------------( the above is an advertisement )--------------

2) Free "Windows Defender"

Microsoft Antispyware is slowly evolving. At long last, beta 1 is finally ending for real, and some users already are being phased over to beta 2 via the autoupdate process. But you don't have to wait; you can grab the newer version right now.

Microsoft Antispyware has been renamed "Windows Defender" and the interface has changed. It's still pretty much the same software at its core, but cleaned up, streamlined, and improved. You can read about the changes here:
http://microsoft.com/athome/security/spyware/software/about/overview.mspx , which also features a link to the new download; or, you can get there via the Windows Defender home page: http://microsoft.com/athome/security/spyware/software/default.mspx

Microsoft also has laid out its larger plans for Windows Defender and several related products, such as "Live Safety Center," One Care Live," and so on, at: http://tinyurl.com/ahfh4 . Interestingly, two of the five listed services appear to be heading towards fee-based operation. But Windows Defender, Windows Live Safety Center and the Malicious Software Removal Tool will remain free; a good thing.

If you're still running beta 1, I suggest you uninstall it and then install beta 2. It's not the only security tool you'll need, but it's pretty good at what it does; and the price sure is right! <g>

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

3) IE7 Beta Report (And An XP Tip)

Hi Fred, It's hard to believe I'm in my 7th year as a "Langalist Plus" subscriber.  "Cool beans!" as my friends are often fond of saying.
 
The purpose of this note is not really a question, but more of a tidbit of self discovery.  I recently download and installed Internet Explorer 7 Beta 2 (http://www.microsoft.com/windows/ie/ie7/tour/default.mspx), because I do like to play with the latest and (cough-cough) greatest software the world has to offer.  As suspected, the new version of Internet Explorer is bug laden, yet not so much so that it renders it useless.  In fact, once the bugs are worked out, I think Firefox will have a competent competitor.  If any of my other fellow Langalist enthusiasts have downloaded/installed the Beta 2 version of IE 7, they might have noticed something interesting within the process tab of the system task manager.  After doing some thorough web browsing with IE7-B2, I had some reason to want to see what was going on in the process tab of the task manager (unrelated to the IE7-B2) ... Whoa!  When I looked at the running processes, there was eleven entries for iexplore.exe, none of which were using any CPU time ... But eleven entries? !!!  I scoured the Internet for any info on this phenomena to no avail.  I did find that using this url; http://www.security-protocols.com/poc/sp-x23.html will cause a buffer overflow in IE7-B2 an immediately crash it.  But, that's why IE7-B2 is still in Beta ... to work these things out.  I was thinking about uninstalling IE7-B2 and going back to IE6, though there are features in IE7-B2 that I like a lot.  The Anti-phishing filter, the RSS feed button, the Tabbed browsing, and the ability opt for Google to be the default search engine.  And one thing that is not touted much, yet I think is one of the best features of all is that, IE7-B2 requires an address bar for every window, including the popup windows.  As for the multiple entries in the processes tab window of the system task manager, I created a work-around for it.  I created a shortcut that reads: "C:\Windows\Systen32\taskkill.exe /f /IM iexplore.exe /t" ... which gets rid of all instances of IE7-B2 in the process list.  I think, eventually, IE7 will be a formidable entry in the browser marketplace.
 
Thanks for your efforts at making the Langalist Plus newsletter an always welcomed guest in my email, Fred. Sincerely - Rick Bishop

Thanks, Rick, both for the beta report and for the reminder about Taskkill. That and its sibling, Tskill, are two powerful little tools built into XP that every user ought to know about--- just in case! We covered them here: http://langa.com/newsletters/2004/2004-03-15.htm#2

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

4) UPS Power Consumption

Fred, Well: I was surprised. ;-) Admittedly this UPS is larger than usual for a home PC - when I bought it I regularly had 3 PCs running, and the UPS can look after all three.

Recently I found an AC plug-in meter (maplin.co.uk). It tells me that the UPS uses 15W or so just by being turned on, and around 40W after it is activated. So, of the 180W or so consumed when one PC and the monitor are running normally, 20 - 25percent is down to the UPS. Naturally, putting the PC on standby cuts consumption by less than the usual percent figure because the UPS burns away regardless.

Not that I shall stop using the UPS because of this, but when it fails I see good reason to buy one more limited in its capabilities.

Good wishes!---Roy Lewis

"Standby" or "parasitic" losses can really add up: Every "instant on" device or device that can be turned by something other than a plain old power switch (turned on by, say, a mouse, a keyboard, an infrared controller... ) is always consuming at least a bit of power. And sometimes, even when nominally fully "off," devices *still* draw a bit of electricity to keep internal memory and settings alive. I remember reading somewhere that as much as 5-10% of a mythical average home's power consumption can be from these mostly unnoticed power uses.

But an uninterruptible power supply is a little different: It contains a battery that's "trickle charged" when not in use; a necessary technique to keep the battery in good condition. As most UPS batteries are made with lead, the environmental benefits of keeping them healthy and out of the waste stream probably outweigh the environmental costs of the trickle charge. (Lead is nasty stuff.) So, I wouldn't begrudge your UPS a few watts of standby power. <g>

But yes, it makes sense to "right size" your UPS. I've also found it useful sometimes to use two smaller UPSes--- say, one for the monitor and one for the PC--- rather than one big, honking UPS. The smaller ones can be lighter and cheaper than one large one, and can let you custom-tailor the UPS size to the device being protected.

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

5) What Kind Of Video Card?

Hi Fred, I'm one of those people that isn't interested in gaming, but I do enjoy video editing.  I use a P4 3.2 CPU with 2.5 Gb of RAM on a Windows XP Pro system.  I'd like to buy a new video card and am wondering how to choose one for video editing when all the reviews seem to only discuss gaming.  Thanks for any pointers you can offer. ---Tom

I'm not a big gamer, either--- at least not anymore. <g> But gaming is a good bellwether for any high-end application: Almost any "normal" use for a PC puts less strain on the system as a whole than does full-bore it's-3AM-and-I-haven't-slept-in-two-days-pass-me-another-can-of-Jolt gaming. <g> However, in your case, Tom, you're talking about one of the few "normal" tasks that might strain a system just as much as gaming: Real-time video editing is a *very* demanding app. That's all the more reason to use gaming-oriented hardware as a touchstone for your needs.

Serious gamers typically push their systems *hard*, and demand high CPU speeds, fast-acting RAM, blazing video speeds, and high-resolution graphics. With all the gear in the box running flat out, gaming-specific systems also usually have extra ventilation and heat sinks to keep the system from cooking itself to death.

Which is to say: any gear that will pass muster with serious gamers will almost surely meet or exceed what's required for non-gaming applications.

A final wrinkle: Windows "Vista" (due out later this year) will offload much of its visuals to the graphics card, just as visually intense games do. As we said last Fall:

If you're going to keep the new system for a while, you might consider that the next version of Windows, "Vista," offloads a lot more of the visual processing to the video card (like what today's high-end games do) for better on-screen performance. So any system you buy today should either have a very good video system (maybe as much as 256MB or more of video RAM) OR have an inexpensive video card that will be easy to upgrade later, when you eventually move to Vista. (More: http://langa.com/newsletters/2005/2005-09-15.htm#3 )

Put that all together, Tom, and I'd suggest you buy a high-end video card with as much video RAM as your budget will allow; and get a card that touts its suitability for high-end visually intense games. Further, make sure the card has XP-specific drivers (although almost all the major brands do).

That way, you'll have a video system that should be able to handle whatever you throw at it today--- and also when Vista is in play.

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

6) Is This Information Useful?

If you think the LangaList is a worthwhile read, maybe a friend would find it useful too! Just use the following link to recommend the LangaList---your friend may find a new source of useful information and you just may win one of three FREE ONE YEAR SUBSCRIPTIONS to the LangaList Plus! edition given each month. (If your name is drawn and you're already a Plus! subscriber, your current subscription will be extended by a full year.)

Check out the details at http://langa.com/recommend.htm . Thanks for recommending the LangaList--- and good luck!

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

7) "Locking" A Drive?

Dear Fred, Thanks for a most helpful newsletter. I've learned much from you. Recently while trying to back up my hard drive with nero 7 ultimate suite I got an error message saying that it could not lock C:\ and if I chose to continue it might not back up all data. What's this locking C:\ and how can I get the drive locked for a complete back up. I'm running win xp pro service pack II. Thanks, William Hood

Backup (and disk imaging) software that runs while the host operating system is awake and running has to use several tricks to try to get everything included in the backup/image. For example, some system files are always open, and may be written to at any point when the OS is running. During a backup, you don't want to start to copy a file and then have the original file change while you're partway through the copy operation; that's a recipe for disaster--- you'll end up with, at best, a munged copy that's part old version, part new version.

To avoid this kind of problem, some simple tools just skip any files that are open or in use; they don't even attempt to get everything on the drive. Others try to prevent changes to the drive by locking files. Others use techniques such as "shadow copying" to create a version of the file that can be backed up.

But these are all attempts to work around the fact that, as long as the OS is running, some files will be in use and at least hard to copy.

If you run into problems "locking" the drive, you can explore what's running to see if some software in the system is holding files open or otherwise interfering with the backup. You can close all apps and utilities, of course, and perhaps use Task Manager to see what's running that you may be unaware of.

But the way to avoid all those kinds of problems is not to have the main OS running when you do your backups or drive images. If the OS is shut down, then no files will be open or in-use; no side-stepping is needed, and the backup or imaging operation can be straightforward, simple, and guaranteed thorough--- it will be able to get at everything it should, no exceptions.

Backup and imaging tools that boot from their own, self-contained floppy or CD can work this way. Bootit ( http://www.google.com/search?as_q=bootit&as_sitesearch=langa.com ) works this way, and never has trouble with locking files or shadow copies. You also can use some Linux Live CDs (self-contained CD-based versions of Linux) to similar effect, using the tools on those CDs to backup or image your temporarily inactive Windows setup.

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

8) More Reader Sites!

Do you have a home page or website? (It doesn't matter what size.) Please click over to http://langa.com/code.htm , and maybe you can join the hundreds and hundreds of LangaList readers who have "Loaded the Code!" (If you've already "Loaded The Code" and are wondering if your site will appear here or on the Langa.Com web site, please see http://langa.com/link.txt )

Speaking of which: Here's another eclectic sample of reader sites--- some professional, some very personal:

View A Randomly-Chosen Reader Site From Among All Listed
http://langa.com/randomlink.htm

Manually Browse All Posted-to-Date Sites Starting At
http://langa.com/readersites.htm

DP6
http://dp6.blogspot.com/

"Turning It Around's" Home Page
http://www.billallin.com/

The Language Institute of Samarqand, Uzbekistan
http://samdchti.uz/

Crystal Caves
http://www.angelfire.com/my/chakeeta9/

Bob and Clara
http://www.bobandclara.com/

Find Me - Search for lost relatives and friends
http://www.findme.karlsforums.com/

Video tech
http://www3.sympatico.ca/jean.doucet5/

Woody's
http://www.woody.webster.org/

A Materia do Tempo
http://amateriadotempo.blogspot.com/

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

9) New Motherboard Needed?

Fred: One question I have is, can you do a piece on motherboard repairs. I have a board I would like to have repaired, but have not been able to locate a reputable repair place or person. There is this story going around about "Capacitor failures plague motherboard vendors", the whole story can be read at http://www.geek.com/news/geeknews/2003Feb/bch20030207018535.htm
Can you recommend a place for repair? Thanks Fred. ---James B. Holladay

The capacitor failure problem plagued large batches of motherboards made a while back: It's not so much an issue with newer motherboards. Still, it is possible for an in-use system to be developing this problem, especially if it's a few years old. (See the link above; the datestamp is from 2003.)

Motherboard repairs often aren't practical because an entirely new motherboard can cost as little as $30 or so. Just having a repair person *look* at a failed motherboard may cost you more than that in shop time, so it's often simpler, easier, and cheaper to replace the failed motherboard with a new one.

It looks scary if you've never done it, but it's actually surprisingly simple, with no special skills needed: You unplug all the cables, remove the cards, RAM, CPU, fans, and such on the original motherboard, remove the screws holding the motherboard in place, put in the new motherboard exactly the same way as the original, replace the parts and cables (they're keyed, and usually cannot be put together wrong), and that's that.

If you work slowly in a clean, well-lighted workspace, and have just a little screwdriver savvy, you'll be fine. If you have a digital camera, so much the better; Take snaps of everything in the old system before you alter it, so you'll have an exact record to refer to when you're reassembling things.

Some sources for motherboards include LangaList sponsor TigerDirect: http://tinyurl.com/hsvos . Others:
http://www.google.com/search?q=motherboard
http://froogle.google.com/froogle?q=motherboard

Of course, it's possible to spend several hundred dollars on a motherboard, if you want to replace the old board with a top-of-the-line screamer with a new CPU that's faster than what you now have. But even at that, you might well spend less than what a repair shop would charge for labor in trying to rehab a failed or failing older motherboard.

I never, ever recommend dumping older hardware "just because;" it's wasteful, costly, and environmentally harmful. But on the other hand, repairs sometimes just don't make sense. I think a major motherboard problem is one of those instances: I suggest you look at a replacement rather than a repair.

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page

10, 11, 12, 13) Plus! Edition Only:

Today's LangaList Plus! Edition contains about 40% more content including:

• External Drive Checklist
     (important things to remember...)
• More On OEM/Retail Software Pricing
     (what's fair? who's right?)
• Questions re "Net Detective" and Archives
     (two issues resolved)
• Free Cleaner
     (nice free tool for cleaning files, registry, more...)

Plus--- you get access to over 100,000 additional words in special features, extra content and private links, all on a private web site, all for about a dollar a month!

Full Plus! Edition info: http://langa.com/plus.htm

Click to email this item to a friend
http://langa.com/sendit2.htm

return to top of page