========================
                         Support Alert
                    ========================
                    www.techsupportalert.com

                 "Gizmo's top picks of the best
                  Tech resources and utilities"

                   Issue 110 - 16th June, 2004
                          Free Edition

    Support Alert is a registered online serial publication
                         ISSN 1448-7020.

                        <<<<<<<<<>>>>>>>>

Quote of the Week
=================

Tech Support: "Ok, in the bottom left hand side of the screen,
can you see the 'Start' button displayed?"

Customer: "Wow! How can you see my screen from there?"

From http://www.easydesksoftware.com/humor.htm
 
EDITORIAL
=========

Something very strange was going on but I wasn't sure what.

Then the penny dropped. The "utility" I was testing was randomly
deleting files in my Windows Directory. It made me laugh - I'd
been well and truly caught by a very simple but highly effective
trojan horse.

I was able to laugh because I was running the "utility" on a
stand-alone machine I reserve exclusively for testing. I always
evaluate any program on this test PC before I install it on one
of my work machines.

Now I don't give a rat's about what happens on my test PC.
Trojans can cause havoc, viruses levy ruin and worms wiggle to
their heart's content.

I don't care because the stand-alone test PC can't infect any
other machine.  Furthermore it only takes me 15 minutes to
return it to a secure, working state by restoring from a backup
drive image.

Now most folks don't have the luxury of a test PC. They test
programs on their live machines. Mostly that works fine, but if
the program being tested is a trojan horse like the one I
described above, they are in deep trouble.

Think about how many times you've downloaded a utility from the
Internet and installed it on your PC. It's really an act of
blind faith; you are simply hoping that it's not a trojan.

If the utility you are installing is a trojan, I'm afraid it's
tough luck Charlie. Unless your AV scanner detects it, you are
gone. And if my experience with the trojan detection ability of
AV scanners is any guide, you are not going to get much
protection for that source!

Now the good news; potentially there is a way you can protect
yourself without going to the trouble of having a separate PC.

This is by using a type of security product called a "sandbox."
The strange name derives from the Java world where it refers to
the highly limited environment in which Java applets are allowed
to run - they are allowed to "play in the sandbox."

Sandboxes have not really hit the big time yet but you are going
to hear a lot about them in the future. Most of the major
vendors are putting a lot of resources into the area.

That's because sandboxes address one of the key problems in the
current Windows security crisis - the ability of potentially
hostile programs to execute with full privileges. That folks, is
fancy computer jargon for saying "doing whatever they want."

The problem is built into Windows. It's a design defect present
in every end-user version ever released though hopefully it will
be fixed in Longhorn, the next generation Windows. But that's
years away.

Sandboxes however, can greatly restrict and limit what programs
can do, even if Windows can't. That's why they are such useful
tools for defending against trojans.

In my last editorial, I mentioned Process Guard, a program which
protects your key security programs and Windows system files.
It's really a kind of sandbox. So too is WinPatrol and SSM that
I mentioned in the same article. But there are some other
contenders as well.

One of the most impressive is Tiny Trojan Trap, which is built
into the latest version of the Tiny Firewall. Another is Finjian
SurfinGuard Pro.

These products are all valuable but suffer the same weakness;
they are difficult to configure. That's because you have to
specify for each program on your PC, exactly what behavior is
acceptable and what is not. That's a lot of work.

However if you are an experienced user, you should really check
them out. They may be tough to configure but by no means
impossible. And they really add to your system security.

However there is another way of building sandboxes that is much
easier to configure.

This involves setting up a virtual machine on your PC - a kind
of virtual stand- alone test PC within your own PC. This virtual
machine is set up in a way that it is effectively isolated from
the memory, disk space and other parts of your PCs operating
environment.

Such a virtual machine gives you a relatively safe way of
running unknown applications, browsing to potentially hostile
sites or engaging in other dicey activities without risking your
everyday PC being compromised.

The technique is already used internally by some security
products. The Norman anti-virus suite includes a particularly
neat implementation. You can get a full description here:
http://www.norman.com/Virus/13927/en-us

Unfortunately the Norman Sandbox is not available as a separate
product.  However there are several general purpose virtual
machine utilities that could be shoe-horned into the role.

VMWare is the best known and has a strong following. It's
usually used to set up multiple operating systems on a single
PC, each running on its own virtual PC. However it can just as
easily be employed to set up a virtual test PC that uses the
same operating system you normally use.

Using a virtual test PC provides you with a comforting degree of
protection from trojans and other hostile agents. If your
virtual PC becomes infected with a trojan, its impact is limited
to the virtual machine where it was executed. Other virtual
machines, including your normal working PC, will not normally be
affected.

I'm not sure about the ultimate security of the VMWare virtual
environment to targeted hostile attack. After all, this software
was not designed specifically for security purposes.

However I am sure that using a virtual machine partition
certainly beats hands-down, the "Russian Roulette" practice of
running unknown programs on your everyday work machine.

Gizmo
Editor@techsupportalert.com

PS If any readers know of a specifically security-oriented
virtual PC sandbox utility please let me know and I'll pass the
news on next issue. It's a much needed application.

Links to products mentioned:

System Safety Monitor (SSM)
http://maxcomputing.narod.ru/ssme.html?lang=en (slow site)

Process Guard
http://www.diamondcs.com.au/processguard/

WinPatrol
http://www.winpatrol.com/

Tiny Firewall
http://www.tinysoftware.com/home/tiny2?la=EN

Finjian SurfinGuard Pro
http://www.finjan.com/Products/HomeUsersSurfinGuardPro/default.asp

VMWare
http://www.vmware.com/landing/ws4_search.html
 

Support Alert relies on voluntary donations to survive.  If you
feel that you've benefited from reading this newsletter perhaps
you would like to consider donating by subscribing to the
special enhanced "Supporters' Edition" of this newsletter.

The Supporters' Edition contains almost twice the number of
great tech sites and free utilities as the standard edition.
It's also ad-free.

When you subscribe you'll also get my special report "Gizmo's
Desert Island Utilities" which outlines the software I consider
most useful, including many free products. You'll also get
immediate access to the archive of all past issues of the
Supporters' edition of the newsletter where you can catch up on
the hundreds of great utilities you missed in the standard
edition.

This month one lucky person who subscribes will also win a free
copy of the top anti-trojan program TDS-3, rated as the best in
class over at www.anti-trojan-software-reviews.com. Valued at
49.00 it's a great prize.
 

HOW TO SUBSCRIBE TO THE SE EDITION
==================================

12 months subscription to the Supporters' Edition costs $10
which can be made by check, postal order or credit card using
either ClickBank or PayPal.

Click the link below to subscribe now:
http://www.techsupportalert.com/se-edition.htm
 

IN THIS ISSUE:
==============

1. TOP TECH SITES
 - Yahoo Mail Offers 100MB
 - FireFox 0.9 Released
 - Check Your Browser Defenses
 - What DLL is That?
 - Comprehensive Vulnerability Database
 - Free Local Search Toolbar
 - Bypass Annoying Web Registration
 - Build a PC That Screams for Less Than $1000 (SE Edition)
 - Scan Your In-house Software for Security Flaws (SE Edition)
 - How to Avoid Being Scammed (SE Edition)
 - Free Help with MS Word (SE Edition)
 
2. UTILITIES
 - Unlock Mail Passwords
 - New Version of Spybot Search and Destroy
 - Manage your Favorites for Nix
 - Simple Answer to Outlook Annoyance
 - SpamNet Revisited
 - Get Xandros Desktop OS Linux for Free
 - Free Utility Transparently Encrypts Mail
 - Free All-in-one Web Server Package (SE Edition)
 - Free RSS Reader Offers Snazzy Interface (SE Edition)
 - Free HTTP Session Analyzer (SE Edition)
 - Easily Send Personal Email to Several Recipients (SE Edition)

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
 - Unpatched IE Flaw Leaves All Users Vulnerable
 - Another Unpatched IE Flaw?
 - Critical Flaw in Linksys Router
 - Flaw in Latest Oracle Software Exposes e-commerce Data
 - Correction

4. OTHER USEFUL STUFF
 - 40GB of Portable USB Storage
 - Use Google to Search Your PC
 - New Nokia Phone Writes Mid-air Messages
 - New Yahoo Toolbar Beta Detects Spyware
 - Planetarium on your Mobile Phone
 - A New Way of Visualizing Security Threats
 - Another Way to Increase Your Street Cred (SE Edition)
 - Use Your Camera Cell Phone as a Mouse (SE Edition)
 - Convert Microsoft Word to Emacs (SE Edition)
 - How to Get Real X-Ray Vision (SE Edition)

5. TIP OF THE WEEK
 - Customize the Office Places Bar

6. FREEBIE OF THE WEEK
 - Create Virtual Desktops
 - Automate Mouse Clicks (SE Edition)

1. TOP TECH SITES
=================

Yahoo Mail Offers 100MB
That's right, the free Yahoo mail service now provides you with
100MB of storage and that doesn't even include messages in your
Bulk Mail folder which don’t count as part of your quota. Better
still; the maximum message size has been increased to 10MB.
Other improvements include a cleaner interface and a new $19.95
per year option that gives your 2 Gigabytes of storage, twice as
much as Google's upcoming Gmail service.
http://mail.yahoo.com/

 FireFox 0.9 Released
With this new release FireFox has reached the point where it can
be your mainstream browser. It's faster than ever, offers more
features and has an new addictive clean look. I've now retired
IE and MYIE2 except for the occasional (non standards compliant)
secure site that requires IE. As a result I have faster, more
productive and most importantly, more secure browsing. (4.7MB)
http://www.mozilla.org/products/firefox/
http://www.madpenguin.org/cms/html/47/1695.html <= review

Check Your Browser Defenses
I just discovered this site operated by security company Scanit
and its set of tests is quite comprehensive. Given the current
scumware plague, I strongly recommend you go to this site and
test out your browser. It's free and only takes a couple of
minutes.
http://bcheck.scanit.be/bcheck/

What DLL is That?
Ever wondered what a particular DLL does. Find out from this
useful Microsoft database.
http://support.microsoft.com/default.aspx?scid=/servicedesks/fileversion/dllinfo.asp

Comprehensive Vulnerability Database
OSVDB is an independent security vulnerability database that is
free for all to use. It's large, up-to-date and comprehensive in
its operating system coverage.
http://www.osvdb.org/

Free Local Search Toolbar
A couple of issues back I mentioned the free HotBot Desktop that
allows you to search the contents of the files on your hard disk
as well as the web.  However many folks have had trouble getting
the web based install to work. Here's a direct link to download
the Tool Bar for local installation.
http://dl.lygo.com/hbdt/en_US/hotbot/hbdt.cab

Bypass Annoying Web Registration
What a clever idea - a web site that provides a logon code for
all those pesky sites that require registration before you can
access their content. It's all 100% kosher; there are no codes
for pay sites, just the free but annoying ones.
http://www.bugmenot.com/

** Additional Items in the SE Edition **

- Build a PC That Screams for Less Than $1000
- Free Server Side Spam Filter Offers Top Performance
- Scan Your In-house Software for Security Flaws
- How to Avoid Being Scammed
- Free Help with MS Word

Got some top sites to suggest? Send them to
mailto:editor@techsupportalert.com

2. UTILITIES
=============

Unlock Mail Passwords
This free utility uses an ingeniously simple method of revealing
POP3 passwords. First, the utility sets up a local POP server.
You then change your email account settings to log into the
local server and the passwords will then be fully revealed.
Works with Outlook Express, The Bat or any POP client that
stores passwords on your PC. The same site offers an FTP
password recovery utility that uses the same technique.
Freeware, 11KB
http://www.gsmblog.com/freeware/mpr/

New Version of Spybot Search and Destroy
Version 1.3 has now been released and is a compulsory upgrade as
all previous versions are no longer supported.  To avoid
problems, it's strongly recommended that you uninstall your
previous version before installing 1.3 and reboot after both un-
installing and re-installing. Among the most notable of new
features is enhanced active protection from infection provided
by two new, optionally installable applications called SDHelper
and TeaTimer. SDHelper is a browser helper object that blocks
malicious programs from downloading. TeaTimer is a real time
monitor that protects your system settings.  I found TeaTimer,
on occasion, to be a tad resource hungry so users of very slow
machines may have to decide between performance versus ultimate
protection. That aside, this upgrade has made a great product
made even better. Should be on every PC.  Freeware, 4.15MB.
http://www.safer-networking.org/

Manage your Favorites for Nix
Bookmark Manager is an open source utility that will help you
tidy up your favorites collection. It works with Internet
Explorer, Mozilla and Netscape and allows you to validate links,
search for duplicates as well as annotate and manage your
collection. Nothing earth-shattering here rather it's one of
those honest, plain vanilla utilities that simply does the job.
Freeware 2.97MB.
http://sourceforge.net/projects/bkm/

Simple Answer To Outlook Annoyance
Thanks to subscriber Arley Karpman for letting me know about
Express ClickYes. This is a tiny, free utility that will
automatically answer "yes” when Outlook's Security Guard opens
the prompt dialog saying that a program is trying to send an
email with Outlook or access its address book. Anyone who has
installed Office XP SP3 will find this utility invaluable. (93KB)
http://www.express-soft.com/mailmate/clickyes.html

SpamNet Revisited
SpamNet is a network based spam filter that utilizes its one
million odd user base to help identify spam mail. I was one the
beta testers of the original system and while impressed, I was
however, wooed away by the superior spam detection rates of
Bayesian statistical filters. I've just re-tried SpamNet and am
happy to report that detection rates have moved up from around
70% to the high eighties.  This is good but still not as good as
98% or more achieved by the best statistical filters. However
the real attraction of the system is its speed and the fact that
it never falsely classifies your personal mail as spam. For some
users, the security of the latter will be a real swinger. The
system still has a problem with bulk mail newsletters - I
noticed four subscription-only zines falsely flagged as spam.
That said, it's a great solution for Outlook/Outlook Express
users prepared to pay the $4 a month licensing fee. Personally I
find the fee irksome when you consider Linux users can get the
same service for free via Vipul's Razor.
http://www.cloudmark.com/products/spamnet/download/
http://razor.sourceforge.net/

Get Xandros Desktop OS Linux for Free
The folks at Xandros are currently offering a free version of
their popular desktop Linux distro. It has some restricted
features such as an ad supported version of the Opera browser,
limited CD write speed and is missing the Windows software
compatibility program, CrossOver Office, as well the 350 page
Xandros user guide. It's for personal use only and can only be
downloaded free via BitTorrent.  (512.3MB)
http://www.xandros.com/products/home/desktopoc/dsk_oc_intro.html

Free Utility Transparently Encrypts Mail
SecExMail Home is a security application that automatically
encrypts/decrypts mail to/from secure correspondents with whom
you have set up security keys. It works as an email proxy that
sits between your POP3/SMTP mail client and mail server so it
will work with just about any email program. What's nice is the
process is totally transparent to the user. All mail looks the
same to the user, secure or not, as SecExMail handles all the
housekeeping.  Encryption is via RSA public key encryption and
the Twofish block cipher. Much to like here particularly at the
price.  Free for personal use, Windows and Linux versions, 2.7MB.
http://www.bytefusion.com/products/ens/secexmail/whatissecexmail.htm

** Additional Items in the SE Edition **

- Free All-in-one Web Server Package Simplifies Server Setup
- Free RSS Reader Offers Snazzy Interface
- Free Virus Removal Tool
- Free HTTP Session Analyzer
- How-to Easily Send Personal Email to Several Recipients

Got some top utilities to suggest? Send them to
mailto:editor@techsupportalert.com
 

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
=================================================

Nothing of note from Microsoft itself this month, just a couple
of "moderate" level advisories. However third party companies
have discovered more Internet Explorer flaws.

Unpatched IE Flaw Leaves All Users Vulnerable
Security Information group Secunia have released a "highly
critical" level advisory covering two previous unknown flaws in
Internet Explorer that could allow compromise of a user's
machine. An adware company is already using the flaws for "drive-
by installs" of its I-Lookup search bar.  Others malware
purveyors are bound to follow. Apparently the flaw will be
patched in Windows XP SP2 but in the meantime the only fix is,
according to Secunia to: "disable Active Scripting support for
all but trusted web sites, filter "Location:" headers containing
the "URL:" prefix in a proxy server or use another browser."
Amen to the latter.
http://secunia.com/advisories/11793/

Another Unpatched IE Flaw?
In March 2002, the security company Grey Magic Software reported
a serious flaw in IE, the so-called DSO exploit that could allow
an attacker to run code of choice without employing Active
Scripting or ActiveX. I recently visited the NSClean security
site that offers a free utility that tests your browser's
vulnerability to the DSO exploit and fixes the problem if
necessary. I was stunned to find my fully patched IE was still
vulnerable! This was confirmed by running the demonstration code
on the Secunia site though I'm happy to report that Norton AV
stopped the demonstration script from running. None-the-less, I
suggest you download the NSClean utility and test your version
of IE.
http://www.nsclean.com/dsostop.html
http://www.greymagic.com/security/advisories/gm001-ie/

Critical Flaw in Linksys Router
Cisco has posted a firmware update to their popular WRT54G
802.11g Wi-Fi Router that fixes a flaw that could allow an
attacker to take control of the router.
http://www.linksys.com/download/firmware.asp?fwid=201

Flaw in Latest Oracle Software Exposes e-commerce Data
Oracle has issued a patch for multiple flaws in their E-Business
Suite and Applications that could allow an attacker to gain full
access to Oracle databases. This is the 5th security patch from
Oracle since the start of 2004.
http://otn.oracle.com/deploy/security/alerts.htm

Correction
In a recent editorial I quoted from www.netrn.net/spywareblog/ a
list of supposed anti-spyware products that were themselves
spyware.  It appears that one product on the list, XP Antispy,
is in fact legit. "Their FORMER domain was taken over by some
idiot who's pushing a dialer and trying to pass it off as XP
Antispy." Here's the real domain of the real product:
http://www.xpantispy.org/
 

4. OTHER USEFUL STUFF
=====================

40GB of Portable USB Storage
Taiwanese manufacturer Transcend have released a tiny external
USB 2.0 storage system based on their 1.8" disk drive unit. The
unit is available in 20GB and 40GB capacities at a price of $202
and $314 respectively. The physical size is an amazing 3.75" x
2.75" x 0.6"
https://ec.transcendusa.com/product/memspitem.asp

Use Google to Search Your PC
The NYT is carrying an article about Puffin, a new tool from
Google currently under test that will search the contents of the
files on your PC. Apparently it's been in development for more
than a year. Sounds like a free version of Enfish Find and a
perfect solution to a pressing problem. Can't wait for it.
http://www.nytimes.com/2004/05/19/technology/19google.html?hp

New Nokia Phone Writes Mid-air Messages
Nokia have just released their 3220 cell phone that will allow
you to write messages up to 15 characters long that appear to
float in mid-air. The message can be read up to 20 feet away.
Could be ideal for getting a waiter's attention.
http://joi.ito.com/archives/2004/06/01/will_airtexting_blackberry_become_the_mobile_hecklebot.html
htt
p://www.mobile9.com/news/2004/05/nokia_3220_unveiled.php

New Yahoo Toolbar Beta Detects Spyware
Yahoo has upped the ante in the Search Toolbar wars by offering
a spyware detection and removal feature in addition to the usual
quick search, popup blocker etc. The underlying technology was
supplied by PestPatrol and involves a high level system scan for
spyware and adware. Somewhat controversially, the adware
scanning is not turned on by default though turning it on is
very straight forward. I wouldn't advise un-installing Spybot
just yet though this kind of product could be useful for many
users.
http://beta.toolbar.yahoo.com/

Planetarium on your Mobile Phone
"MicroSky is a freeware planetarium for mobile/cell phones with
Java-support and a connection to the internet (preferable GPRS
or UMTS ). It is a J2ME-Midlet client/server application which
can display 2.500.000 stars, 8.000 deep sky objects, the
constellations, the planets, local horizon and registered
comets. "
http://www.upto.org/microsky/

A New Way of Visualizing Security Threats
The Spinning Cube of Doom. Intriguing.
http://www.nersc.gov/nusers/security/TheSpinningCube.php

** Additional Items in the SE Edition **

- Another Way to Really Increase Your Street Cred
- Use Your Camera Cell Phone as a Mouse
- Convert Microsoft Word to Emacs
- How to Get Real X-Ray Vision

5. TIP OF THE WEEK
==================

Customize the Office Places Bar

If you use Office 2000/XP/2003 you'll find it very handy to be
able to customize the contents of the Places Bar to include
shortcuts to your own commonly used folders.

The Places Bar is the left hand pane that appears in the File
Open dialog and normally contains "Favorites, My Documents and
other system folders.

Office 2000 users will need to download a free Microsoft add-in
from the following location to customize the folder.
http://support.microsoft.com/default.aspx?scid=kb;EN-GB;q260190

However with Office XP and 2003, customization is dead easy.
First from within an Office application select "File/Open."
Then from the Explorer pane browse to the folder you want to
include and select it. Then from with the Open dialog box click
on "Tools/Add to "My Places" "

That's it, you are done!

6. FREEBIE OF THE WEEK
======================

Create Virtual Desktops
Judging from the PCs I've seen, most users have a problem with
desktop clutter. Virtual Desktop is free tool that solves this
problem by allowing you to create multiple virtual desktops and
switch easily between them. I've created three covering my
newsletter research, website creation and programming and must
say that it's a very addictive way of working. I particularly
like the way the extra space allows me to put less commonly used
shortcuts on each of my specialized desktops. It's quite
possible to set up Virtual Desktops by using Microsoft's
Powertoys but this freeware utility offers a far neater
solution. 247KB.
http://sourceforge.net/projects/virtual-desktop/

** Additional Freebie in the SE Edition **

Automate Mouse Clicks
This program is a free automation utility that captures mouse
clicks into a file that can then be replayed without user
intervention. It's great for running programs automatically. One
of the simple specialized utilities that should be on every PC.
Freeware, 699KB.

-----------------------------------------------------------

Stop missing out on all this good information! Become a
subscriber now and receive the enhanced SE Edition of this
newsletter immediately.

HOW TO GET THE ENHANCED SE EDITION OF THIS NEWSLETTER NOW
=========================================================

Use this link to subscribe online now:
http://www.techsupportalert.com/se-edition.htm

This is the free edition of Support Alert newsletter. If you
like this version, you'll be blown away by the enhanced SE
edition. It features nearly twice as many great web sites, top
utilities and great freebies.

Subscribe now and you'll not only get 12 monthly issues of the
enhanced "SE Edition", you'll also get "Gizmo's Desert
Island Utilities" report outlining the very best software
utilities on the market, including many free products.

You'll also get immediate access to the current issue plus the
archive of all past issues of the SE edition of the newsletter
where you can catch up on the hundreds of great freebies you
missed in the standard edition.

Use this link to subscribe online now.
http://www.techsupportalert.com/se-edition.htm
 

MANAGE YOUR SUBSCRIPTION
========================

Support Alert is a free newsletter. If you liked this issue why
not email it to a friend.  Anyone can subscribe by signing up
online at http://www.techsupportalert.com/al_subscribe.htm.

Back Issues
A searchable library of back issues is available at:
http://www.techsupportalert.com/issues/back_issues.htm

If you no longer wish to receive this newsletter just go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your email address. No password is needed. You can then cancel
on-line.

To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your old email address. No password is needed. You can then
change your subscription email address directly.

For lots more free IT newsletters see
http://www.freetechmail.org/infobase.asp?TPubId=79

Thanks too to A. Belile for proofreading this issue.

You can contact this newsletter by snail mail at: Support Alert
PO Box 243
Comstock Park, MI  49321-0243 USA

Content of this newsletter is (c) Copyright
TechSupportAlert.com, 2004

See you next issue

Gizmo
Ian Richards
editor@techsupportalert.com