Thursday, June 25, 2009

More good reasons to leave Office on the shelf

By Dennis O'Reilly

In his June 18 Top Story, WS contributing editor Scott Spanbauer presented several free and low-cost alternatives to Microsoft's ubiquitous productivity suite.

If you need more reasons to shutter your Office apps, take a look at some of the suggestions that poured in from readers in response to the story.

The opportunity to save a few hundred dollars sounds appealing any time, but it's especially attractive in an era of double-digit unemployment figures. That's why the tremendous response of readers to Scott's story in last week's newsletter on Office alternatives wasn't a big surprise.

Among the people offering yet another reason to give the free application suite a try is J.D. White:

* "Re: Scott Spanbauer's excellent summary of MS Office alternatives: I ordered this Vista Home Premium computer with MS Office 2007 Premium installed. I found that Word did not open usable versions of some previous Word documents (2000 and 2003), especially a six-panel mailable brochure (it scrambled and moved both graphics and text).

"OpenOffice 2.4, however, opened it flawlessly and allowed accurate display, updating, and printing. Moral: OO handled older Word documents better than Office 2007 opened older .doc files. Also, OO opens the widely used .odt file, and version 3.1 even opens the obnoxious Office 2007 .docx while Office 2007 is just now discovering .odt. Also, OpenOffice has long given the option of saving as a PDF.

A reader named David is another convert:

* "I switched to OpenOffice a few years back when Office 2K started fighting with other apps like Google Desktop. Even without any apps open, the computer would freeze for a couple of minutes on cut and paste activities. I asked MS about the issue and they told me to buy an upgrade.

"I've used OpenOffice for fancy mail merges, complex spreadsheets, and a large book with a Master document, producing automated table of contents, index, and end notes. That did require using the ODF format, though.

"The only issue I've had is with your suggestion to set file format defaults to MS Office formats. On three occasions, I've had large .xls format spreadsheets hiccup in OpenOffice and lose multiple tabs. Fortunately, I use FileHamster, which backs up on each save.

"I've since migrated to using ODF format for spreadsheets and have found the files much smaller, faster, and completely reliable. I simply Save As Office formats or print to PDF when I share. Also, given my past experiences with not being able to open older MS file formats, I like the idea of using ODF as an archive format."

For a closer look at OpenDocument (ODF) support in Office 2007 and 3, see Andrew Z's post on the Ninja blog.

Save money by choosing Office Home and Student

As Scott pointed out in his article, few Office users need more than the basic features in Word, Excel, and PowerPoint. You can get these three apps plus the OneNote note-taking program for a lot less than the price of the full-blown Office suites, as Jeri Stodola points out:

* "You spoke at great length about the high cost of Microsoft Office and the free alternatives. However, you failed to mention the low-cost Office version — Office Home and Student 2007 — which includes Word, PowerPoint, Excel, and OneNote.

"This [version] can be found for $100 to $150 and can be installed on three PCs! You don't have to be a student to purchase this — no ID is asked for. I don't think that $33 to $50 per computer is a bad price for Office."

You'll find more information about the Home and Student version of Office 2007, plus a link to a 60-day trial, on the Microsoft Office Online site. Also, you can buy this version of Office for only U.S. $79.99 on (Note that the program is for noncommercial use only and doesn't qualify for upgrades to future Office releases.)

For more on Windows software discounts, see Scott Dunn's April 12, 2007, Top Story.

Not everyone's a fan of

There are plenty of reasons to like, not the least of which is the price — or lack thereof. Still, some people argue that you get what you pay for. Ken McLeod is among their number:

* "Yes, there are free alternatives to Office, but ...

"(1) OOo is nowhere near up to the standard of Office. It's slow, buggy, and just plain ugly. (And, btw, I hate Office as a program due to the bloat and unintuitive interface in its most recent incarnation.)

"(2) Online alternatives are sloooooooow even with a fast connection, particularly if you use any degree of complexity in a spreadsheet, etc. How like Earth people to find the worst possible way of doing something (for the user) and then make it sound like God's gift to mankind.

"(3) An overlooked alternative is WordPerfect Suite (Corel), which, while not free, is generally more competitively priced and is and always has been a better product than Office."

Visit Corel's site for more on WordPerfect Office, including a link to the trial download of the Standard Edition.

David Neeley recommends that users not standardize on Office file formats:

* "I enjoyed Scott Spanbauer's article on alternatives to MS Office. I disagree with one of his suggestions, however — that folks standardize on MS Office file formats in ...

"I have many ebooks on my computer that were originally in MS .doc format; opening them in and saving them in Open Document Text (.odt — the default) resulted in saving about two-thirds of the disk space with no loss of content.

"I've been using extensively for about three years now, both in Windows and Linux. Many of its capabilities surpass MS Office — for example, autonumbering works much better in and has been broken in every version of MS Office for at least a decade. (I worked for some years as a technical writer and had to wrestle with workarounds many times in MS Office).

"Additionally, I haven't had to deal with Access databases, but this article by Solveig Haugland explains how to connect Access databases with OpenOffice Base.

"However, there are also many articles online involving the use of Base as a front end for more-powerful databases such as MySQL or PostGresQL. That gives even more power and flexibility."

It's nice to have choices, and there would appear to be plenty when it comes to productivity software. If only software developers could get that file-compatibility thing worked out!

Windows may install updates without asking

Windows may install updates without asking

Scott Spanbauer By Scott Spanbauer

Windows XP and Vista have started installing updates at shutdown, in certain cases, without displaying a warning or requesting permission, according to reports by several readers.

The forced-install behavior has been witnessed at least three times by Windows Secrets editors, but Microsoft says its procedure for Automatic Updates hasn't changed in the last 10 months.

The behavior seems to occur only if a Windows user has Automatic Updates configured to "download updates but don't install them" or "notify me but don't install them." If updates are scheduled to occur automatically, with no notice to users, the silent installation of updates would be expected.

Most Windows patches are desirable and have few unwanted side effects. A few updates, however, are known to disable or conflict with other software. For this reason, many individuals and companies require that all upgrades be researched or tested before anything is installed.

Numerous conflicts have caused users to take a cautious approach to updates. For example, WS contributing editor Susan Bradley reported in her July 10, 2008, column (paid content) that Microsoft patch MS08-037 completely disabled the Internet connection of machines that use the ZoneAlarm firewall. Many users can't afford this kind of interruption of service and prefer to study each update before approving its installation.

Delaying the acceptance of Windows patches allows you to gauge the risk of each individual update. It buys you time to read — in Susan's articles, for example — about any problems that early adopters have reported with specific patches.

The forced-install behavior, in which Windows applies updates at shutdown time without requesting approval, is a concern to people who need to control the patch process. Normally, configuring Automatic Updates not to install patches without approval causes Windows to merely check for updates rated "Important" or "Recommended" whenever the computer is connected to the Internet (optionally downloading the patches for later installation).

Once Windows determines that patches are available, the operating system normally displays an icon in the taskbar's notification area, alerting you that updates are awaiting your review and approval. (The icon is yellow in XP, blue in Vista, as shown in Figure 1.) When the forced-install situation occurs, however, this icon never appears and users receive no prompt that updates are queued for installation.

Updates-available icon
Figure 1. Notifications to users, including Windows' new-updates icon (at left in this image), fail to appear if a forced-update situation has occurred.

Worst of all, when a user initiates a shut-down or reboot process in this situation, all pending updates are installed immediately, ignoring the user's "don't install" setting.

Why 'surprise installs' may recently have begun

One theory to explain the forced installs is that the large number of patches Microsoft released on June 9 overwhelmed the Redmond company's download servers. Ten separate security bulletins, some including numerous versions of patches, were announced that day — an unusually high number.

The extra demand may have caused some downloads to be incomplete. Incomplete downloads are known to disable the notification icon and possibly the approval dialog that's supposed to appear during shutdown.

Microsoft described in Knowledge Base article 910340 on Dec. 5, 2007, how an incomplete patch download can prevent the notification icon from appearing.

The document says: "During periods of heavy download traffic, the Automatic Updates service can reschedule download requests on a day-to-day basis.... The Automatic Updates service is designed to resume and complete the download as quickly as possible. Usually, the update will usually be downloaded and installed in several days."

This explanation is little consolation for Windows users who — due to company policy or any other reason — want to avoid installing the latest build of .NET Framework, Internet Explorer 8, or any other update that has known issues. If the forced-update bug strikes you, however, any updates that are in the queue will be installed without the opportunity for you to review them.

Microsoft has aroused scrutiny in the past for installing upgrades even though users have set Automatic Updates to "don't install." Windows Secrets was the first publication to report in a Sept. 13, 2007, article that Automatic Updates silently installs nine small executable files to upgrade itself, regardless of the AU setting.

In a follow-up story two weeks later, WS associate editor Scott Dunn reported problems caused by a silent AU upgrade that Microsoft began in July 2007. The new executable files prevented security patches from successfully installing on Windows XP if the Repair function of XP's install disc had been run.

Paul Pottorff, senior product manager of Windows Update, stated in an e-mail interview that no similar silent upgrade has been installed by Automatic Updates since August 2008. He explains that there's been no change to Windows' auto-update routine since then that would explain the recent reports of forced installs.

(Microsoft announced its August 2008 silent AU upgrade on July 3, 2008, and Scott Dunn analyzed the AU stealth patch in an article on Aug. 14, 2008.)

"The behavior we expect to see is for users to be notified about updates that are available for them to install," says Pottorff. "If there is only a throttled update, they shouldn't be notified. If there are any other available updates, they should be notified. The presence of a throttled update does not prevent Automatic Updates from notifying users about other not-throttled updates. Furthermore, this behavior has been the same for a long time and hasn't even been touched for more than 9 months."

At this point, I'm unable to make the behavior reproducible or demonstrate the exact conditions under which forced installs occur. Until a better explanation of the aberrant update behavior is provided, however, I'm calling it an unpatched bug.

How to prevent forced installs from occurring

To work around the possibility that Windows will install updates the next time you shut down or restart your PC, you need to understand the update options Windows offers. The update options in XP are:

* Automatic — automatically download recommended updates for my computer and install them.
* Download updates for me, but let me choose when to install them.
* Notify me but don't automatically download or install them.
* Turn off Automatic Updates.

The equivalent settings in Vista (see Figure 2) are:

* Install updates automatically.
* Download updates but let me choose whether to install them.
* Check for updates but let me choose whether to download and install them.
* Never check for updates.

Vista update options
Figure 2. Users who've selected one of the two "let me choose" options are reporting that Windows has forced updates onto their systems.

Choosing the first option, which installs updates without user intervention, is designed to refresh your system with the most-crucial security patches. However, many PC security experts (including Susan) recommend that advanced users choose the second or third option. Either alternative is supposed to give you the opportunity to research the latest updates before you apply them.

The forced-update problem doesn't appear to be rampant, but it can severely affect users whose systems are incompatible with certain updates.

If you consider it important to research patches before they're installed, one possible workaround involves selecting AU's option 2 or 3. Then, run Microsoft Update (a superset of Windows Update, both of which require IE) and specify every patch to be installed or not installed — every time you plan to shut down or reboot. Running Microsoft's updater should eliminate any queued downloads that might install unexpectedly.

You might think that you could eliminate forced updates by selecting Turn off Automatic Updates (in XP) or Never check for updates (in Vista). You would then check manually for updates at least once a month, using Microsoft Update or one of the third-party update services described in the WS Security Baseline.

Besides the headache of having to check manually for patches, however, a problem with disabling Automatic Updates is that Windows constantly nags you about it. A bold red "X" is repeatedly displayed, whether or not you're savvy enough to decide for yourself whether you wish to use Automatic Updates or a third-party patch checker. (See Figure 3.)

Disabled Automatic Updates warning
Figure 3. Disabling Automatic Updates, perhaps because you prefer to use a competing update checker instead, results in constant nag warnings from Windows.

Readers who have additional evidence about forced updates in XP or Vista should report the information using the Windows Secrets contact page.

Tuesday, June 23, 2009

Does The Future Hold Infinite Bandwidth?

·got some news?
story category Does The Future Hold Infinite Bandwidth?
Or a littany of roadblocks, restrictions and fees?
08:59AM Tuesday Jun 23 2009 by Karl Bode
Techdirt directs our attention to one consultant's exploration of "infinite bandwidth." As bandwidth gets cheaper and cheaper to deliver, and broadband penetrates every business practice from wired coke machines to the health care industry -- there's a certainly a world of opportunities awaiting innovative companies. We can already hear most ISP insiders reminding Stalk they "ain't goin' to use their pipes for free," though Techdirt's Mike Masnick makes the point that opening the flood gates and embracing the future makes better sense:
Bandwidth is going to increase. Those who attempt to cap it or limit it are only going to make their own pipes significantly less valuable. However, those who recognize how empowering more bandwidth can be, and how approaching "infinite bandwidth" opens up the possibility for new services and apps that we can't even fathom today, will start to realize that providing ever more bandwidth increases value and clamping down on bandwidth kills value.
Except while the cost of bandwidth delivery drops, the lack of competition has many ISPs pushing bogus concepts like the exaflood, with the goal of hoisting artificial scarcity upon the market. In part, it's because monopoly and duopoly carriers have one foot in the delivery of content. As with Internet video, they fear that the Internet's innovators will create business models that erode their existing revenues (like cable TV), so to them -- squeezing the pipe and charging by the bit seems like a logical pursuit.

Sunday, June 21, 2009

Clay Shirky: How cellphones, Twitter, Facebook can make history

While news from Iran streams to the world, Clay Shirky shows how Facebook, Twitter and TXTs help citizens in repressive regimes to report on real news, bypassing censors (however briefly). The end of top-down control of news is changing the nature of politics.

Thursday, June 18, 2009

Break from MS Office with free alternatives

By By Scott Spanbauer

If you're thinking of skipping the next expensive Microsoft Office upgrade, you can begin preparing today for the move to a free Office-like suite or Web service.

A gradual and easy transition allows you to avoid any possible file incompatibilities, because you can still keep an old copy of Office available as a safety net.

I like almost everything about Microsoft Office except its price. Even so, like many people, I use only a fraction of the suite's features. I rely mostly on the basic formatting, spellcheck, grammar, and review features of Word, with an occasional Excel spreadsheet or PowerPoint slide thrown in for good measure. The rest of Office is bloatware to me.

I don't automate my documents with VBA macros; my Excel tables are rudimentary; and my PowerPoint presentations are just the facts, ma'am. Do I really need to pay to load a copy of Office on every computer I use?

I stuck with the Microsoft behemoth all the way through Office 2003. To date, I've never felt a need for Office 2007. In recent years, meanwhile, upstart productivity applications have seduced me away from Microsoft's ubiquitous suite.

I started using the free, open-source suite on a daily basis several years ago to see whether it could really replace Office. Though OpenOffice's menu commands, dialog boxes, and settings often vary only slightly from those of the corresponding Microsoft Office applications, I found the switch to OpenOffice's Writer and Calc applications easy.

And because OpenOffice is free, I can install the program on every one of the PCs I use, whether it runs Windows, Linux, or OS X. You can get your copy — or copies — at the download page.

I outlined the major differences between MS Office and OpenOffice in my Oct. 30, 2008, review of 3. There are a couple of reasons why I haven't given up Office 2003 entirely. For one thing, I maintain several important databases in Access. Unfortunately, OpenOffice's Base database program is not a replacement for Access. Base can't read and save Access files the way Writer does with Word files, Calc does with Excel files, and Impress does with PowerPoint files.

Another reason I keep a copy of Office around is because OpenOffice lacks a PIM analogous to Outlook. This is a hole you can fill with one of the many alternatives I reviewed in my July 31, 2008, and Aug. 14, 2008, Best Software columns. Another alternative is to use OpenOffice with Yahoo's free Zimbra Desktop service in place of Outlook.

Compatibility with Office file types remains a problem for OpenOffice and other Office alternatives. Before you make the switch, open your most important Office documents in the Office replacement of your choice to ensure that the files look and function as expected.

OpenOffice opens and saves files in .doc, .xls, and .ppt formats (among others), usually without a problem. In my experience, however, those documents may not always look and behave exactly as they do in Microsoft Office.

You can protect yourself from unwanted surprises by opening and printing a generous sampling of key files you've exchanged with co-workers and clients. More importantly, keep an old copy of Office installed on at least one of your computers, just in case.

Stick with standard Office file formats

You can minimize file-compatibility issues by standardizing on the most common file formats. By default, saves files in Open Document Format (ODF). Microsoft's by-the-book support for ODF, unfortunately, breaks some spreadsheet files, according to a recent ZDNet blog post.

OpenOffice reads and writes Office 2007's default .docx and .xlsx XML file formats. But the older .doc and .xls formats are still the ones most often used. I suggest that you make the classic Office formats your defaults in OpenOffice. To set .doc as the document default, for example, open any OpenOffice program and do the following:

* Step 1. Choose Tools, Options;
* Step 2. Select General under Load/Save;
* Step 3. Click Text Document under Document type in the Default file format and ODF settings section;
* Step 4. Choose Microsoft Word 97/2000/XP in the Always save as drop-down menu and click OK.

To make .xls the default worksheet format, open the same dialog box and follow the same steps, with the following differences:

* Step 1. Choose Spreadsheet under Document type in the Default file format and ODF settings section;
* Step 2. Choose Microsoft Excel 97/2000/XP in the Always save as drop-down list and click OK.

The best sites for taking Office files online

Both Office and OpenOffice are tied to a specific computer. If you're like me, you're constantly bouncing from one PC to another as you wend your way between home and office, coffee shops and airports, iPhones and Blackberries.

If you long to store your documents in the Internet cloud — where you can reach them any time from any Internet-connected PC — make Google Docs your first stop. Thanks to the recent addition of Google Gears offline caching, you can even view and edit your Google Docs when you board a flight or are otherwise unable to access the Net.

As with OpenOffice, be sure to upload, open, and print a representative sampling of your existing documents in Google Docs to check for compatibility before you make a permanent switch. Google's Web-hosted document, spreadsheet, and presentation apps offer far fewer features than their counterparts in MS Office and OpenOffice.

However, because your Google Docs files are online 24/7, you're not the only person who can access your stuff via the Net. You can also share the files with other Google Docs users. You can even publish documents to your blog with just a couple of clicks. And it's no surprise that Google Docs can also be seamlessly integrated with Gmail.

You may find that Google Docs and the similar, collaboration-oriented ThinkFree Online Web apps are too streamlined for you. If so, try Zoho Office, a Web service that offers feature-rich word processing, spreadsheet, and presentation applications.

Zoho Office matches Google Docs' offline support via Google Gears (in the Writer application only) and provides a dozen more free apps. Zoho even has a plug-in for Microsoft Office that lets you open, edit, and save Zoho-hosted files in Word, Excel, or PowerPoint themselves.

You can do the same trick with an extension called OpenOffice.org2GoogleDocs. This bit of software is available on the site. Despite its name, the OpenOffice extension also supports Zoho and WebDAV servers.

Microsoft offers a similar tool through its free Office Live Workspace. The software giant reportedly also plans to make online capabilities a part of the upcoming Office 2010.

Fortunately, you don't have to wait until 2010 to use the Office-like suite of your choice, either online or offline.

Wednesday, June 17, 2009

Things you never knew your cellphone could do

•Emergency.The worldwide emergency number for mobiles is 112. If you find yourself out of your mobile network's coverage area, dial 112 and the phone will search any existing network to establish the emergency number for you. Interestingly, this number (112) can be dialed even if the keypad is locked.

•Locked your keys in the car?Does your car have remote keyless entry? This may come in handy someday. Good reason to own a cell phone: If you lock your keys in the car and the spare keys are at home, call someone at home on their cellphone from your cellphone. Hold your phone about a foot from your car door and have the person at home press the unlock button on your spare key while holding it near their phone. Your car will unlock. Saves someone from having to drive your keys to you. Distance is no object. You could be hundreds of miles away, and if you can reach someone who has another "remote" for your car, you can unlock the doors (or the trunk).

•Hidden battery power.Imagine your cell battery is very low. To activate, press the keys *3370# — your cellphone will restart with this reserve and the instrument will show a 50% increase in battery strength. This reserve will get recharged the next time you charge your phone.

•How to enable quick disabling of a stolen phone.To find your mobile phone's serial number, key in the following digits: *#06# — a 15-digit number will appear on the screen. This number is unique to your handset. Write it down and keep it somewhere safe. If your phone is stolen (or lost), phone your service provider and give them the serial number. They will then be able to block your phone so that even if the thief changes the SIM card, your phone will be totally useless.

Researchers Build Anonymous, Browser-Based 'Darknet'

Black Hat USA presentation will demonstrate how the latest browser technology makes underground, private Internet communities simpler to form, more secretive

By Kelly Jackson Higgins, DarkReading
June 15, 2009

A pair of researchers has discovered a way to use modern browsers to more easily build darknets -- those underground, private Internet communities where users can share content and ideas securely and anonymously.

Billy Hoffman, manager for HP Security Labs at HP Software, and Matt Wood, senior security researcher in HP's Web Security Research Group, will demonstrate a proof-of-concept for Veiled, a new type of darknet, at the Black Hat USA conference in Las Vegas next month. Darknets, themselves, are nothing new; networks like Tor, FreeNet, and Gnutella are well-established. The HP researchers say Veiled is the same idea, only much simpler: It doesn't require any software to participate, just an HTML 5-based browser. "We've implemented a simple, new darknet in the browser," Wood says. "There are no supporting [software] programs."

Unlike its predecessors, Veiled doesn't require much technical know-how to join, either. "The coolest thing about this is it lowers the barrier to entry to a darknet," Hoffman says. "You could put some very interesting applications on top of it. It could be a way to do secure whistle-blowing, [for example]. When you have something decentralized like this, no one can control or stop it." No one can take it down, either, he adds, all of which makes it more approachable for a wider community of legitimate users.

Darknets can also be abused by the bad guys as a way to cover their tracks, but Hoffman and Wood say they see this as more of an opportunity for adding legitimate and mainstream uses of darknets, such as anonymous suggestion boxes or other ways for users to express themselves anonymously without their IP addresses potentially giving them away. "Students are getting reprimanded at school because of their Facebook postings," perhaps criticizing something about school, Hoffman says. "They're being punished for free speech. Where can you freely express yourself without fear of consequences? This could be an interesting app."

"The point of our research is not to give bad guys a tool for nefarious use, but to get security researchers discussing and talking about the new concept of browser-based darknets," he says.

Veiled is basically a "zero footprint" network, in which groups can rapidly form and disappear without a trace. It connects the user's HTML 5-based browser to a single PHP file, which downloads some JavaScript code into the browser. Pieces of the file are spread among the members of the Veiled darknet. It's not peer-to-peer, but rather a chain of "repeaters" of the PHP file, the researchers say.

"It's a file on a Web server, but I can also host one on my Website, for example, and we can join those two files together," Wood says. "It's very distributed."

The researchers are building encryption into the file distribution network as a way for users to remain anonymous and communicate securely.

Hoffman says he and Wood mainly want to show that building a browser-based Darknet is possible. And they don't consider Veiled a replacement for existing darknets. "We don't think this is the best solution...Our message is that the technical barriers to these secure anonymity networks are not that high," he says. "We are trying to build an infrastructure for this type of communication and file storage to occur, and allow others to decide how they should architect it."

Thursday, June 11, 2009

IE 8 causes big problems on some PCs

IE 8 causes big problems on some PCs

Dennis O'Reilly By Dennis O'Reilly

The new version 8 of Microsoft's Internet Explorer browser has some features that version 7 doesn't.

But that's no guarantee that upgrading to IE 8 will go smoothly on your PC.

The perils of software updates were brought home to computer-repair business owner Bob Millard as he attempted to heal the XP systems of three clients who had recently moved from IE 7 to IE 8:

* "I have a computer repair business. In the last two weeks, I've had to fix three XP laptops after the installation of IE 8 made them inoperable. In each case, after the update, the desktop on each of these computers was blank except for the desktop wallpaper.

"It didn't matter whether you started the system in normal or safe mode, all desktop items — including the taskbar — were missing. The only way I could get them back was by using one of my bootable utilities that would allow me access to the restore points. On two of these laptops, restoring back a few days corrected the problem.

"On one of them, even though I got all the desktop functions restored, I didn't have Internet access or any access to USB devices. I tried to remove IE 7 (IE 8 was gone after the restore) but there was no remove/uninstall option in the Add/Remove Programs window.

"I was able to use a remove-IE7 utility that I have [IE7 EasyRemove, available at the Drive Headquarters site] to get back to IE 6, and now the system is working again.

"Bottom line: There are big issues in Internet Explorer 8 land."

Bob told me that he subsequently reinstalled IE 7 on two of the laptops and everything worked as expected. However, the third still lacked USB access and had other problems with IE 7 installed, so Bob left IE 6 on that machine — at least until he could find the required fix.

Despite the potential pitfalls, I recommend that if you must use Internet Explorer, install the latest version that won't trash your system. If IE 8 crashes and burns, revert to IE 7. If IE 7 brings you grief, roll back to IE 6 — but only long enough to get things working again. Old versions of IE are too insecure for today's scary Web.

Big-name sites spread latest malware infections

Big-name sites spread latest malware infections

Susan Bradley By Susan Bradley

Going by such names as Gumblar, JSRedir-R, Martuz, and Beladin, a new generation of malware has managed to surreptitiously place malicious JavaScript code on tens of thousands of popular Web sites.

The hacker scripts try to infect site visitors and then attempt to use their compromised PCs to spread the infection to yet other sites.

Over the past month, the security services ScanSafe and Sophos have reported infections on such major Web sites as,, and Niels Provos reported in the Google security blog on June 3 that sites infected with Gumblar numbered about 60,000. Visitors became susceptible to infection simply by opening the sites in Internet Explorer.

After the script infects a PC, it attempts to spread its code to any Web site accessible via that machine's FTP client, if one is present. Webmasters often use FTP to make changes to the sites they manage. If FTP software is configured to save a webmaster's sign-in information, the malware can edit itself into a Web site's pages.

Once a PC is running this class of malware, the hacker code tries to trick the user into opening infected PDF and Flash files. If the PC has an unpatched version of Adobe Reader, Acrobat, or Flash, opening an infected file can install a keylogger or other malware. In the case of Gumblar, Google search results in an Internet Explorer window are rewritten — in a way that end users may not notice — so the links point to hacker sites laden with infected PDF and Flash.

Security firms have made efforts to block domains that serve as malware destinations in this latest round of attacks. But the bad guys quickly move to substitute other domains in what has been compared to a game of Whack-a-Mole.

Meanwhile, it's not so easy to shut down a well-known, legitimate site that's infected (although many such sites have quickly been cleaned up). You can't protect yourself simply by visiting only "trusted" sites, because there's no easy way for an end user to determine whether a legitimate site is infected.

Fortunately, you can stack the odds in your favor by following the guidelines in the Windows Secrets Security Baseline:

* Step 1: Use a hardware firewall.
* Step 2: Install a set of security software.
* Step 3: Scan your system regularly with a software-update service (more on these below).
* Step 4: Use Mozilla's Firefox or Google's Chrome browser, both of which are more secure than Internet Explorer.

The rise of a new form of Web-based threat

On May 27, the Microsoft Malware Protection Center blog reported that a malware family Microsoft refers to as Gamburl and Redir was infecting legitimate Web sites by embedding malicious scripts in the sites' HTML code. A system running Windows XP could become infected simply by opening a seemingly trustworthy site. (Gumblar, also called JSRedir-R and Martuz, doesn't affect Vista PCs, according to the Unmask Parasites blog.)

Once an XP machine is infected, passwords for FTP sites are retrieved and placed into a file called sqlsodbc.chm. This file is a legitimate SQL help file in Windows XP and 2000, but it's not used on Vista machines.

To determine whether Gumblar has struck your PC, test sqlsodbc.chm, which is located in XP's C:\Windows\System32 folder:

* Step 1. Download the free FileAlyzer program from the Softpedia site and install the program on your system.

* Step 2. Press the Windows key and E to open an Explorer window. Navigate to the C:\Windows\System32 folder, right-click the sqlsodbc.chm file, choose Analyze file with FileAlyzer 2, and note the file size and SHA1 hash value. (See Figure 1.)

FileAlyzer file-check utility
Figure 1. The FileAlyzer utility checks the sqlsodbc.chm file to determine whether your PC is infected with Gumblar.

* Step 3. Compare the file size and SHA1 hash value with the listing of good file types published on the Microsoft Malware Protection Center blog. If the file doesn't check out, update your machine's anti-malware software and run a full system scan. The scan should find and clean out the infection. On my test PC, the sqlsodbc.chm file had the expected values, which proved that the system wasn't infected.

Once your copy of sqlsodbc.chm comes up clean, you need to take steps to ensure that it stays that way. Download the latest virus definitions for your antivirus software. Also, ensure that Adobe Reader, Acrobat, Flash Player, and all your other third-party media players and applications have the latest patches.

Home and small-business users can run a free update checker such as Shavlik Patch, which you can download from the vendor's site. (Note that the program requires the free Google Desktop, which is available on Google's site.) A complete review of Shavlik Patch and several competing update programs is in my May 28 top story.

For business networks, I recommend Shavlik's NetChk Protect. I use this utility — which costs from U.S. $104 for two seats — to patch my own firm's network. You can find information about NetChk Protect on Shavlik's site.

For an added measure of protection, configure your PC to use the OpenDNS service, which lets you block categories of sites that you don't visit. You'll find complete instructions for making the required changes to your router on the OpenDNS tutorial page.

To make OpenDNS your DNS server, you can run your router's advanced settings program and manually set its DNS options to and (See Figure 2.)

OpenDNS settings dialog
Figure 2. Make OpenDNS your primary and secondary DNS server in your router's DNS settings to block potentially dangerous sites.

It's theoretically possible to manually enter in the OpenDNS settings page the URLs of sites you want to block. But trying to keep up with the latest list of Gumblar sites is nearly impossible. ScanSafe's STAT Blog indicates that the rate of Gumblar infection is slowing. But new infected domains — all of which use China's .cn top-level domain — are popping up as fast as others are being shut down.

Boost XP's defenses against Gumblar-like attacks

If you feel your XP system needs more protection — for example, you own a PC used by unsupervised teenagers — consider creating user accounts that lack administrator privileges. Granted, XP's limited accounts are often a pain to use because they restrict downloads, settings changes, and other common actions. An article on Microsoft's site explains limited user accounts and describes how to set them up.

Fortunately, the type of limited accounts in the forthcoming Windows 7 will be much easier to use. This is because the most common applications will run properly under Win7 without administrator rights. Steve Friedl's site includes a Tech Tip that describes Windows 7's enhanced User Account Control.

Gumblar definitely makes Web surfing with Internet Explorer more hazardous. If your PC is infected, merely searching in Google for seemingly innocent topics can lead you to a site you never intended to visit.

Google's Niels Provos recommends in his Top 10 Malware Sites blog that people use Firefox, Chrome, or another browser that taps into Google's Safe Browsing API. The API blocks Web destinations on Google's list of potentially dangerous sites, which the company claims to update continuously.

Here are some additional ways you can protect yourself:

* Make a full system backup. Create a backup of your PC using drive-imaging software such as the $50 Acronis True Image Home. (A 15-day free trial can be downloaded from the Acronis site.) Be ready to roll back to a prior image should your PC become infected.

* Use Windows SteadyState. This free program "freezes" a machine, preventing changes that could be harmful. For more information and a download link, visit the product page on Microsoft's site. (Windows Genuine Advantage validation is required for the download.)

* Browse in a sandbox. WS senior editor Ian "Gizmo" Richards described free sandbox programs in an Oct. 16, 2008, article. A sandbox lets you open suspicious links without putting your system's security at risk.

* Don't use Internet Explorer. All versions of IE are vulnerable to Gumblar and similar Web threats, but especially IE 6 is an infection waiting to happen. If a site or application requires Internet Explorer, update to IE 8 if you can. If you can't, download IE 7 as a bare minimum (although it's by no means a remedy). You can download IE 7 from Microsoft's Download Center and IE 8 from the browser's page on Microsoft's site.

If you simply must use IE 6 because some site or application requires it, urge the errant developers to make their code support the latest version of IE instead.

For tips on running and optimizing Firefox, Chrome, and other non-IE browsers — including OpenDNS and the security-enhancing NoScript extension for Firefox — see a comprehensive six-part article at

Some of the above precautions may sound like paranoia, but I consider them the digital equivalent of locking your car doors and staying out of dark alleys.

Wednesday, June 10, 2009

Movie studios create cable, online channel

Three Hollywood studios are starting a TV and Internet channel that will show films ahead of their DVD release date.

"Epix" will air high definition movies over cable and stream 720p videos online for free, with no advertisements, Ars Technica reports. The movies from Lionsgate, Paramount and MGM will run in the same window as pay-per-view and premium movie channels, before DVD release. That's not a huge development for TV, but such early releases for big movies has never been done online.

There is, of course, a catch: To watch online, viewers must subscribe to both cable and Internet for the service provider that carries the channel. In setting it up this way, the studios hope that cable companies will pick up Epix and tout it as a selling point to potential subscribers. They're also banking on setting up caching servers in ISPs' data centers, avoiding slowdowns when streaming across public internet.

It's too bad, then, that there won't be any way for people without cable to get the online version, but that's the point. You'd think Epix could make even more money by offering a paid online-only service, but that might anger cable companies because it would be another way for people to work around subscribing to television.

The question is whether cable providers will show interest in the first place, as Epix hasn't announced any partners. And even if Epix found willing cable participants, its not clear which tier will get the channel (I'm guessing it'll be bundled with premium packages that include other movie channels besides HBO).

I could also see a service like this getting rolled into other online packages as developed by cable companies, such as Comcast's OnDemand Online. Though I don't think any of these features will bring back customers who have already left, they're fine incentives to keep existing subscribers on board.

Tuesday, June 2, 2009

Protect files and folders on your USB drive via WinMend Folder Hidden

If you are the type of person that carries along a USB drive on a travel, you should pay attention to the security of your important files and folders. In case your USB drive is stolen or falls in wrong hands, your confidential data on the drive may be leaked. There are various ways that can be used to ensure that your data on the USB drive is protected. You may encrypt the data or lock the drive; but sometimes these security measures may incur some costs. In case you would like a free security for your important data, you can use WinMend Folder Hidden utility.

WinMend Folder Hidden is a simple yet effective security tool to protect important data on your USB drive. For the start, you need to download and install the WinMend Folder Hidden utility on your USB drive. Once installed, you need to create a username and password when the software first runs. You will be then produced with a program window where you can add files/folders to be hidden inside.

winmendfolder Protect files and folders on your USB drive via WinMend Folder Hidden

Now the hidden folders will be seen only on entering the password and username created by you. The hidden folders will remain invisible to others until the correct password is provided.

WinMend Folder Hidden can be useful in case of sharing your USB drive with friends and colleagues where you do not want them to browse the sensitive content inside your drive.

This program is really worth trying since you do not need to pay anything. However, if you use your USB drive for storing projects worth many millions, you should find more advanced and powerful security tool.

Download WinMend Folder Hidden by clicking here.