gizmo richards' support alert newsletter

"Gizmo's top picks of the best
tech resources and utilities"

 Free Edition
Issue
146, 21st June, 2007

If you experience problems reading this issue in your email program you can read it online in your browser at http://techsupportalert.com/issues/al_current.htm

IN THIS FREE EDITION:

0. EDITORIAL: USB Computing - the answers to your questions

1. TOP TECH SITES AND RESOURCES

1.1 How Does Your Firewall Rate?
1.2 Utilities that Work with Vista
1.3 Free Web Based Applications
1.4 The Great Defrag Shoot-out
1.5 How to Permanently Wipe a Hard Drive
1.6 Portable Software Lists
1.7 Free Online Services Offer RoboForm-like Functionality (Premium Edition)
1.8 How to Reduce Your Spam (Premium Edition)
1.9 Free Service Monitors Website and Server Uptime & Performance (Premium Edition)

 Stop Attacks That Anti-virus and Anti-spyware Scanners Miss!  (advert)

2. TOP FREEWARE AND SHAREWARE UTILITIES

2.1 How to Mute Unwanted Website Sounds
2.2 Compress Your Files to the Max
2.3 Free Portable Media Player Tops Its Class
2.4 Using a USB Drive as a Laptop Replacement
2.5 Symantec Norton 360: First Impressions
2.6 Get Acronis True Image for Free (Premium Edition)
2.7 The Best Free Memory Optimizer (Premium Edition)
2.8 An Easy Way to Re-organize Your MP3 Files (Premium Edition)

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES

3.1 Microsoft Security News
3.2 Firefox Updated to V2.0.0.4
3.3 No More Updates for Firefox V1.5
3.4 Serious Flaw in Yahoo Messenger
3.5 New QuickTime Security Patch Underscores Need to Keep Programs Updated
3.6 How to Protect Your PC Against Hostile Sites, Browser Flaws
3.7 Goggle's Security Blog Hints at the Future

4. OTHER USEFUL STUFF

4.1 Good Deals on USB Flash Drives
4.2 Free Utility Helps Your PC Conserve Power
4.3 The Next Big Thing?
4.4 Good Guide to Modern Website Design
4.5 Useless Waste of Time Department
4.6 Site Keeps You Informed of Freeware Updates (Premium Edition)
4.7 Is Your Flash Drive Compatible With Vista? (Premium Edition)
4.8 Eset Offers NOD32 for Free (Premium Edition)

5. TIP OF THE MONTH

5.1 How to Improve Your Security When Using a Public Terminal (Part 2 of 3)

6. FREEBIE OF THE MONTH

6.1 Notepad on Crack
6.2 The Best Free Desktop Publishing Program (Premium Edition)

7. MANAGING YOUR SUBSCRIPTION


0.0 EDITORIAL

Last months editorial on using a USB flash drive as an alternative to a laptop created a flood of user queries. This month I'll try to answer your three most common questions:

What kind of USB flash drive do I need?

Forget about that old 256MB USB 1.1 drive you got for your birthday two years ago, you are going to need a fast USB 2.0 drive. The fastest you can afford.

To run applications from your USB flash drives you need a drive with the highest possible read data transfer rate otherwise you are going to get frustrated by the time it takes your programs to load.

Fast drives can cost a few dollars extra than slow drives but it's money well spent as a fast drive can load programs more than ten times more quickly than a slow drive. As a rule of thumb a fast drive is one with a read rate of more than 15 Mbs. Here are the manufacturer's stated read rates for some of the faster drives around:

Corsair Flash Voyager GT 34Mbs
Memina Rocket 30Mbs
Lexar JumpDrive Lightning 30Mbs
OCZ Rally 2 28Mbs
Kingston Data Traveler Secure 24Mbs
SanDisk Cruzer Titanium 15Mbs

Only buy a genuine USB 2.0 drive. Don't buy a drive that is the older USB 1.1 standard or one marked as "USB 2.0 Compatible." These drives drive are simply not zippy enough for running applications.

Drive capacity is less important than speed. In fact to run a full suite of applications you really don't need much bigger than 512MB. But large flash drives are now so cheap it would seem a folly to buy anything less than 2 GB.

Should I buy a U3 drive?

It's not that important. You can setup a great portable system using either a U3 drive or a standard drive. In fact many portable apps are available in both U3 and non-U3 versions.

U3 smart drives are those that comply with the U3 mobile computing standard set down by U3 LLC (www.u3.com), a consortium of vendors lead by Sandisk. The main idea behind U3 was to develop a platform where programs could run independently on USB drives without leaving any trace on the host PC. The U3 standard also provides for a user menu (the Launchpad) that pops up when the USB drive is inserted into a host and it also mandates password protection.

It's a great idea in principal but in practice there are not a lot of programs around that are written for U3. Indeed some software authors have avoided writing for U3 as they feel it is a proprietary standard. Furthermore there have been a lot of reports that U3 drives simply won't work with particular host PCs.

The Launchpad is no big deal; you can do that from non U3 drives using different techniques. And even the password protection is not foolproof; it simply stops the Launchpad being run and doesn't adequately prevent access to the unencrypted data partition.

Remember too that U3 drives will only work with Win2K SP4, XP and Vista. Older Windows operating systems Mac OS, Linux, and Unix are not supported. That's quite a limitation, particularly when using public terminals.

Don't get me wrong; U3 applications on U3 drives can work wonderfully well. It's just that you don't really need U3. It's just an option. Me, I bought a non-U3 drive as it was cheaper and promised fewer complications.

If you can get a good deal on a U3 smart drive then take it. Besides if you strike problems it's easy to convert it to a standard drive. Just uninstall U3 from the Settings option within the Launchpad. You can also re-install U3 later if needed, by following the instructions on the U3 website.

It's easy to lose a USB drive. What then?

You need to be prepared for the fact that one day you are going to forget to unplug your flash drive from a public PC, leave it on a table, lose it from your pocket or whatever. Losing your drive may mean you no longer can access your email, favorite websites, passwords etc. This may mean zip to some folks but for many others including me, it could be a disaster.

I handle it by having a separate backup flash drive that I carry around in a different location to the first. I keep the two drives synchronized using a free portable syncing program called Allway Sync 'n' Go Given the low cost of flash drives a spare drive is the best solution. If you can't afford a second drive you can use Sync 'n' Go to backup your flash drive to your PC.

Replacing your USB drive is one problem but what happens to your confidential data on the drive that has been lost is another.

If you are really worried about the implications of someone else getting access to your files then buy a flash drive that controls access with an inbuilt fingerprint scanner. Furthermore, test that it works.
Even if your drive didn't come with a fingerprint scanner it probably came with some form of encryption software. Mine did though the only way I found out was by looking though all the folders that were on the drive when I bought it.

Note that many standard encryption programs including the popular open source TrueCrypt, require administrative rights on the host PC. That's probably not an issue with your own computers but could be an insurmountable problem if you are using a public terminal almost all of which run limited user accounts that don't have admin privileges.

If your USB drive didn't come with an encryption utility I suggest you adopt a simple but usable solution rather than complicate life with fancy encryption utilities. Personally I use IZArc2Go. It's not an encryption program but an archiver similar to WinZip. However like the more recent versions of WinZip, it allows you to password protect archives using 256 bit AES encryption that is virtually unbreakable. IZArc2Go is also totally portable, doesn't require admin privileges to run and is free. Besides it's always handy to have an archiving program on your USB stick just in case someone sends you a RAR file or other archive format not supported by Windows.

For complete security you need to use a secure file eraser along with IZArc2Go to erase the originals of your private files once they have been encrypted. If you don't use a secure erase utility it's quite possible for someone to un-delete your deleted files. I recommend UltraShredder for secure erasing; it's free, portable and easy to use.

Here's how you can encrypt your flash drive files:

First run IZArc2Go from your flash drive then drop and drag all your sensitive data files into the IZArc2Go window. Accept the default ZIP archive type and under "encryption" select AES - 256 bit from the drop-down list. You will then be asked to enter and re-enter your password. Then press "Add" to start the archiving. Once all your files have been archived, securely delete the originals. You can do this by starting up UltraShredder from your USB drive then dragging and dropping the original files into UltraShredder's window.

Once you have created an encrypted archive, IZArc2Go allows you access and manage your data from within the archive so mostly you won't need to unpack the archive to get to your data. However if do need to access the data from another program then just enter your password and unpack the files you need by dropping and dragging them from the archive to a convenient folder on your USB drive. Remember though to securely delete the unpacked files using UltraShredder when you have completed your session.

OK that's it for now. If you want to learn more about portable applications check out Briard's article in item 2.4 below.

See you next month

Gizmo

editor@techsupportalert.com

PS This month I'm giving away six free copies of the the top rated Anti virus NOD32. For details, see below.

Support Alert is not produced by a giant publishing empire, it's the work of one man, working alone, namely me.

Support Alert relies on paid subscriptions to the Premium Edition to survive. If you feel that you've benefited from reading the free edition perhaps you would like to consider subscribing to the Premium.

The Premium Edition contains almost twice the number of great tech sites, free utilities, tips and other content as the free edition. It's also ad-free.

When you subscribe you'll also get immediate access to the archive of all past issues of the Premium Edition where you can catch up on the hundreds of great utilities you missed in the free edition. If you like the free edition you'll love the premium. At $10 per year it's just the cost a few coffees.

This month I'm giving away to new Premium subscribers, six free copies of the the top rated Anti virus NOD32.

NOD32 is a brilliant program for protecting your PC yet it only consumes a modest amount of your computing resources. That's why I use it on my key work computers. At $39 it's good value but it's even better value when you can get it for free.

The six copies I'm giving away will be allocated at random but your chances of scoring one are actually quite good. So if you have been thinking of subscribing, now's the time.

Even if you don't win anything you'll still get my special report "Gizmo's Desert Island Utilities" which outlines the software I use myself, including many free products.

How to subscribe to the Premium Edition: 12 months subscription to the Premium Edition costs $10 which can be made by credit card, PayPal or eCheck. Use the link below to subscribe now:

http://www.techsupportalert.com/se-edition.htm



1.0 TOP TECH SITES AND RESOURCES

1.1 How Does Your Firewall Rate?
At this site they test all the major firewalls using leak-tests. Now outbound leak-testing is only one criterion for assessing firewall performance indeed some would argue that inbound protection is more important. My view is that both are important as are user friendliness, resource usage, software compatibility and resistance to termination by hostile agents. That said Comodo, Jetico and ZoneAlarm Pro top he list while the Microsoft XP SP2 firewall get the wooden spoon. ZoneAlarm free was another notable poor performer.
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

1.2 Utilities that Work with Vista
If you use Vista you will already have discovered that many of your favorite freeware and shareware utilities won't work with Vista. At this site they list many utilities that will work. Note: despite the site's name, a good proportion of the products listed are commercial shareware not freeware.
http://www.freevistafiles.com/

1.3 Free Web Based Applications
In recent issues I've mentioned how web based application may one day replace some of the programs currently running on your PC. Here's a list of just some of the products and services available.
http://tinyurl.com/2dztm8 (cogniview.com)

1.4 The Great Defrag Shoot-out
One of the best comparative reviews of defragmentation utilities I've seen. I don't agree with all the author's comments but hey, everyone is entitled to their opinion.
http://donnedwards.openaccess.co.za/2007/04/great-defrag-shootout-part-1.html

1.5 How to Permanently Wipe a Hard Drive
Most users are aware they can securely erase files and drives using free utilities like "Eraser" [1] and "Boot and Nuke" [2] that overwrite the data multiple times. At this site [3], suggested by subscriber Chris Price, they show how you can securely wipe a drive using a little-known feature built into many hard drives.
[1] http://www.heidi.ie/eraser/
[2] http://dban.sourceforge.net/
[3] http://blogs.zdnet.com/storage/?p=129&tag=nl.e622

1.6 Portable Software Lists
There are lots of these lists; none is complete but here are two of the best. The first covers free software while the second includes commercial products as well.
http://www.portablefreeware.com/
http://en.wikipedia.org/wiki/List_of_portable_software

** These items appear only in the Premium Edition **

1.7 Free Online Services Offer RoboForm-like Functionality

1.8 How to Reduce Your Spam

1.9 Free Service Monitors Website and Server Uptime and Performance

Got some great tech sites to suggest? Send them to: editor@techsupportalert.com

------------------------
advertisement ----------------------------------

Stop Attacks That Anti-virus and Anti-spyware Scanners Miss

LinkScanner Pro provides real-time analysis of network traffic, web site content and behavior. It secures vulnerable web-connected applications and stops attacks existing security programs miss.

Vulnerabilities and exploits like WMF, VML, CreateText Range and setSlice have, and continue to, spread rootkits and open backdoors on computers around the world. LinkScanner Pro stops exploits and keeps you away from poisoned, hacked sites no matter where you go on the Web.

Special Offer - Buy LinkScanner Pro & get Registry Booster 2.0 free! Use this link to learn more:

http://www.explabs.com/promotions/tsa_pro.asp

------------------------------- end of ad -----------------------------------


2.0 TOP FREEWARE AND SHAREWARE UTILITIES

2.1 How to Mute Unwanted Website Sounds
Subscriber Rodney Green writes "Gizmo, in issue #145 of your newsletter a reader mentions that they hate it when a website starts playing music. I found an application called FlashMute [1] that works well for muting sound from Flash movies in Internet Explorer, Firefox and a few other browsers." Nice suggestion Rodney, FlashMute is a great way of overcoming a common annoyance but it won't stop HTML based sound used on many sites. To do this you need to consider other option. For example Internet Explorer allows you turn off all webpage sound from the Advanced tab within Tools /Internet options however I find this very inconvenient as sometimes you want to listen to web audio. Firefox doesn't even offer an audio mute option at all but there is a free Firefox extension called Stop AutoPlay [2] that is designed specifically for the job. It works by adding a browser button that rather conveniently allows you to play or mute at will. It doesn't stop Flash sound files but if you use FlashMute in addition to Stop AutoPlay you have a pretty complete solution to all unwanted web sound.
[1] http://www.indev.no/?p=projects#flashmute Freeware, Windows 98-XP, 233KB
[2] https://addons.mozilla.org/en-US/firefox/addon/1765

2.2 Compress Your Files to the Max
ZIP may the most common algorithm for compressing files but it's far from the most effective. The Open Source 7-ZIP for example offers higher compression for most files but there are specialist archive formats that offer higher still. I was however a little shocked when subscriber "Panzer" wrote to tell be about the free KGBArchiver which he heard, could compress Microsoft Office from 1.5GB down to 2MB! On testing, KGBArchiver V1.21 proved to be a competent well implemented archiver offering 10 different levels of compression using the PAQ algorithm. Archives are created in .kgb format. It also can create self extracting archives, supports ZIP, has drag and drop, a right click context menu and a few other niceties. It's not really a substitute for WinZip or IZArc but a specialist product aimed at those seeking to compress files down to the smallest possible size. I ran some test for different types of files with KGBArchiver set at its default compression setting and at its "Extreme" setting, its second highest. I couldn't run it at its "Maximum" setting as I was told my computer's 1GB of memory was insufficient. Here are the results along with some other popular archive formats for comparison:

File type Source Zip Rar 7Zip KGB KGB
          Default Extreme
Plain text file (.txt) 1176 KB 118 104 96 118 67
Word document (.doc) 441 KB 376 247 245 244 243
Video file (.WMV) 629 KB 619 619 623 617 616
Program file (.exe) 5867 KB 5809 5815 5873 5804 5798

At its default setting KGBArchiver performed competently but on average, no better than WinRAR or 7-ZIP. At its "extreme" setting it did a great job at compressing plain text files but struggled to squeeze anything more out of the other file types. Before you get too enthused let me tell you that KGBArchiver seemed to take forever to compress files at the "extreme" setting. The 5.5MB .exe file took nearly 7 minutes and a similar time to extract while by comparison WinZip did it in 4 seconds and WinRAR in 9. Furthermore KGBArchiver consumed my computer's entire CPU and memory resources while compressing. So is it worth it? Not for most users. However sysadmins and archivists with large text files to store (and plenty of CPU time) should at least check it out. Freeware, Windows 2000-Vista, 1.02MB
http://kgbarchiver.net

2.3 Free Portable Media Player Tops Its Class
In the Premium Edition of issue #144 I mentioned "The KMPlayer" portable media player. My main focus at the time was the fact that you could use it on a USB stick but the feedback I've received has been so positive that KMPlayer may well be a strong candidate for the "Best Free Media Player." Here's the original item from #144: Subscriber Brian Treusch writes "Gizmo, I came across this freeware media player called "The KMPlayer" that can either be run from a thumb drive or installed. It supports numerous formats including DVD playback. After using it for a while, it has become my favorite player. Goodbye Windows Media 11!" I'd never heard of this Korean player Brian, but boy am I impressed. It comes with a whole batch of inbuilt codecs and support for external codecs as well. In the audio area it supports AC3, DTS, LPCM, MP2, MP3, Vorbis, AAC, WMA, ALAC, AMR, QDM2, FLAC, TTA, IMA ADPCM, QCELP, EVRC, RealAudio and more while with video you can play DivX, XviD, Theora, WMV, MPEG-1, MPEG-2, MPEG-4, VP3, VP5, VP6, H263(+), H.264(AVC1), CYUY, ASV1/2, VQ1/3, MSVIDC, Cinepak, MS MPEG4 V1/2/3, FFV1, VCR1, FLV1, MSRLE, QTRLE Huffyuv, Digital Video, Indeo3, MJPEG. To have these features available on a thumb drive is quite extraordinary. Freeware, Windows 98-2003, 12.3MB.
http://www.kmplayer.com/forums/index.php
http://www.kmplayer.com/forums/showthread.php?t=4704<= Link to download

2.4 Using a USB Drive as a Laptop Replacement
Regular contributor "Briard" takes a break from the world of Linux and instead explores the potential of Windows flash drive computing.
http://www.techsupportalert.com/briard_in_usbland.htm

2.5 Symantec Norton 360: First Impressions
I used to be a great admirer of Norton Antivirus. Indeed I used it myself for years. While it's effectiveness in detecting viruses has never been in doubt it acquired over the years a reputation as a resource hog. Each successive version seemed to cause your PC to run slower and slower. Around 2004 it got so bad that I gave the product away and migrated to NOD32. I was not alone; thousands of knowledgeable users abandoned Norton AV and Norton Internet Security Suite for more resource efficient security products. Symantec's response was to initiate a project called "Genesis" to create a new security product from scratch. This was to be a ground up re-write rather than a revamp. Furthermore this new product would not only include anti-virus capabilities but anti-spyware detection, rootkit detection, behavior based malware analysis, phishing and malicious site blocking, a stateful firewall, backup and more. It was an ambitious project but a worthy one. Despite the pressing need I'm not aware of any other security vendor who has totally re-written their core product. Most just enhance their existing products and bolt on additional modules leading to every larger, more unwieldy and less efficient products. Project Genesis gave rise to Norton 360 [1] that was released earlier this year. Early reviews [2], [3] have been glowing and suggest that Symantec has indeed succeeded in creating a product that is effective, resource efficient and user friendly. Norton 360 is an end-user product so I though I'd ask end-user Rick Farrow to check it out. Full assessment will have to wait until the new anti-malware engine is tested by a full certification lab like AV Comparatives. Meanwhile you can read Rick's report here [4]. Commercial software, $69.99 for up to 3 PCs, 15 day free trial, Windows XP - Vista, 49.4MB.
[1] http://www.symantec.com/norton360/
[2] http://www.pcpro.co.uk/reviews/110678/norton-360.html
[3] http://reviews.cnet.com/internet-security-and-firewall/norton-360/4505-3667_7-32330411.html
[4] http://www.techsupportalert.com/review-norton-360.htm

** These items appear only in the Premium SE Edition **

2.6 Get Acronis True Image for Free

2.7 The Best Free Memory Optimizer

2.8 An Easy Way to Re-organize Your MP3 Files

Got some top utilities to suggest? Send them to
editor@techsupportalert.com


3.0 SECURITY PATCHES, SERVICE RELEASES AND UPDATES

3.1 Microsoft Security News
In the last month a new series of JavaScript related flaws were discovered in Internet Explorer [1]. These flaws could be exploited even if fully patched version of IE 6 and 7 and allow a hostile website to take control of an affected PC. A related flaw was also found in Firefox. As of today these flaws remain unpatched.
These flaws highlight yet again that you cannot rely on regularly applying Windows and other vendor updates to protect your computer when surfing. Always surf in sandbox or with your browser running with reduced rights. See item 3.6 below.
Patch Tuesday the 12th of June saw the release of six security updates from Microsoft, four of which were rated "Critical." The critical updated covered flaws in Windows, Internet Explorer, Outlook Express and Microsoft Mail. Another flaw rated "moderate" affected Vista systems and could allow "non-privileged users to access local user information data stores including administrative passwords contained within the registry and local file system."
Further details of the June updates can be found here [2]. All the updates are distributed automatically via the Microsoft Update Service. Dial-up users in particular need to be aware that these updates are large files and you will need a considerable period of time online for them to download successfully. If you have any doubts whether you have received the updates, then visit the Microsoft Update Service [3] now.
[1] http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063712.html
[2] http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
[3] http://update.microsoft.com (Requires IE5 or later)


3.2 Firefox Updated to V2.0.0.4
Mozilla released a performance and security update for Firefox on the 30th of May. The new version 2.0.0.4 has better Vista compatibility and fixes five security flaws one of which was rated as "critical." Also released were the corresponding updates for the older Firefox V1.5, Thunderbird and the SeaMonkey Suite. To my knowledge there are no current exploits in circulation that utilize these flaws however, it is essential that you update now as the malware developers routinely reverse engineer security updates to identify flaws to exploit in unpatched machines. Users with automatic updates enabled should have had the new version automatically delivered and installed. You can check by selecting Help / About from within Firefox. If your version number is less than V2.0.0.4, then update manually from here [1]:
http://www.mozilla.com/firefox/

3.3 No More Updates for Firefox V1.5
Support for the old V1.5 version of Firefox was discontinued by Mozilla at the end of May. V1.5 users should upgrade to V2 as soon as possible any newly discovered flaws in the old version will not be patched. Starting from June 7th users with the automatic update service enabled will be advised of the upgrade. Other users should upgrade manually here:
http://www.mozilla.com/en-US/firefox/

3.4 Serious Flaw in Yahoo Messenger
A critical buffer overflow flaw was discovered in the popular Yahoo Messenger instant messaging product. The flaw could allow a hostile website to take full control of a vulnerable PC. The flaw affects all versions of Messenger from 5.5.0 through to 8.0.0. All users should upgrade immediately to version 8.1.0.401 available from here [1].
[1] http://messenger.yahoo.com/

3.5 New QuickTime Security Patch Underscores Need to Keep Programs Updated
A patch for QuickTime 7.1.6 was released by Apple on the 29th of May to cover a Java Extensions flaw that could allow a PC to be compromised by simply by visiting a hostile website. Affected systems include Windows 2000 SP4, Windows XP SP2, OS X v10.3.9 and v10.4.9. The Windows patch can be downloaded from here [1]. This flaw highlights the need for users to keep all the software on their PC up-to-date not just Windows and Office. You can easily check all your products by using the free service Software Inspector service [2] over at Secunia.
[1] http://www.apple.com/support/downloads/securityupdatequicktime716forwindows.html
[2] http://secunia.com/software_inspector/

3.6 How to Protect Your PC Against Hostile Sites, Browser Flaws
Recent reports from Google [1] and Sophos [2] have highlighted the rapid increase the number of hostile websites. These sites use flaws in popular browsers as well as Windows to secretly infect anyone who happens to accidentally visit them. Keeping all your products up-to-date reduces your risk of infection but increasingly these hostile sites are exploiting new or unpatched flaws to attack visitor's computers. It's not hard to protect your PC against these threats: surf from within a sandbox such as Sandboxie or alternatively run your browser with reduced rights. To help you I've written a short how-to guide [3] that's now on my website. If you are not yet using these protective techniques I strongly recommend you read this guide and adopt its recommendations.
[1] http://googleonlinesecurity.blogspot.com/
[2] http://www.securecomputing.net.au/news/53424,number-of-infected-web-pages-soar.aspx
[3] http://www.techsupportalert.com/safe-surfing.htm

3.7 Goggle's Security Blog Hints at the Future
I found this blog [1] quite informative, particularly the observation about the potential vulnerability of virtualization based security products. With the appearance of this blog and the recent purchase of the company that makes the GreenBorder sandbox, it looks like something is definitely brewing at Google in the security arena. Then there's the recent announcement of Google Gears [2], a toolkit that allows developers to modify their online applications to work offline as well. My guess is that Google is working on a secure browser for its online apps that also allows offline access through the Google toolbar. Maybe I'm not guessing, just fantasizing :>)
[1] http://googleonlinesecurity.blogspot.com/
[2] http://code.google.com/apis/gears/-

----------------- sponsored links -----------------------

The Best Windows Backup Software
We are in the process of updating all the backup reviews at our site but I can tell you right now that the top product has blitzed the field for a second year in row. In fact, it's improved so much that it's now a one horse race for our "editor's choice." The updated review of the top product is now online. If you have been looking for a backup program, this is the one.
http://www.backup-software-reviews.com/

The Best Spyware Detector
If you use Ad-aware or SpyBot you will be surprised just how more effectively SpySweeper detects and protects your PC from  Spyware, Trojans, keyloggers and other malicious products. That's why it won the prized "Editor's Choice" award from PC Magazine and is rated "outstanding" by Gizmo Richards, editor of the highly regarded Support Alert newsletter. Spyware has become so serious you can't afford less than the best protection. Install it now before it's too late. 
http://www.webroot.com/wb/products/spysweeper/index.php?rc=1132

The Best Remote Access Software
Our reviewer had given this product category away as "too slow, tool clumsy and too unreliable" but after reviewing this product he's changed his mind; "at long last a remote access solution that actually works! Quite frankly we agree with him, it's an impressive product. Read the full review here:
http://www.pcsupportadvisor.com/best_remote_access_software.htm

The Best Free Kids Craft Projects
Keep your young children engaged and amused with healthy, creative arts and craft activities that won't cost you a cent. Free newsletter packed with easy kids craft projects.
http://kidscraftweekly.com/


------------- end of sponsored links --------------------------


4.0 OTHER USEFUL STUFF

4.1 Good Deals on USB Flash Drives
You can pick up a SanDisk 4GB Cruzer Titanium U3 from Comp-U-Plus for $38.99 while NewEgg has the huge, fast CORSAIR Flash Voyager 16GB Drive for $124.99 after a $20 rebate. Perhaps the best deal of all is at Buy.com where you can pick up a Kingston 2GB DataTraveler USB 2.0 Flash Drive for $12.95 after a $19 mail-in rebate. Shipping is free and you can save another $10 if you use Google Checkout making the unit only $2.95. At that price buy two and have a backup. Note that I don't make anything on these; they are just good deals I've seen around. Let me know if you stumble across a tasty bargain. Make sure though that any offer remains valid through to when I publish the next issue of the newsletter.
[1] http://tinyurl.com/2ck8wx (compuplus.com)
[2] http://www.newegg.com/Product/Product.aspx?Item=N82E16820227145
[3] http://www.buy.com/prod/kingston-2gb-datatraveler-usb-2-0-flash-drive/q/loc/101/202743330.html

4.2 Free Utility Helps Your PC Conserve Power
Subscriber Tom Mahoney writes "Gizmo, here's a small program [1] to manage energy saving options on a PC better and more consistently than XP. With my kids leaving PCs on all night and XP not hibernating consistently. Read about it in the NYT." Thanks for that Tom. It's an interesting program that been getting a lot of coverage as it expresses your PC energy savings in "feel-good" terms as saved carbon dioxide emissions. CO2Saver works by more aggressively controlling the power management on your PC compared to the Windows defaults. It installs a desktop toolbar that shows your greenhouse gas savings. The same toolbar can also be used for web search.
[1] http://co2saver.snap.com/

4.3 The Next Big Thing?
This Popular Mechanics video demonstrating Microsoft's prototype "Milan" coffee table computer will blow your mind. It will also blow your budget; we are talking $10,000 here. Note: This is a large video file and you'll need a fast broadband connection to play it.
http://link.brightcove.com/services/player/bcpid932579976?bclid=932553050&bctid=933742930


4.4 Good Guide to Modern Website Design
Regular contributor "Briard" writes "Gizmo. I'm looking at current trends in web design for a project I'm working on, and came across a couple of really useful links [1], [2]." Nice find Briard though I do wonder at what point the increasingly popular "Web 2 look" will start to look tired, boring and overdone. Not yet I know but it must happen.
[1] http://www.webdesignfromscratch.com/current-style.cfm
[2] http://f6design.com/journal/2006/10/21/the-visual-design-of-web-20

4.5 Useless Waste of Time Department
Here's a great way to mindlessly fritter away a few minutes of your life. Check this site where you can read how others are currently frittering away theirs :>)
http://twitter.com/

** These items appear only in the Premium SE Edition **

4.6 Site Keeps You Informed of Freeware Updates

4.7 Is Your Flash Drive Compatible With Vista?

4.8 Eset Offers NOD32 for Free

5.0 TIP OF THE MONTH

5.1 How to Improve Your Security When Using a Public Terminal (Part 2 of 3)

There is no 100% safe way to enter passwords from a public terminal. That's a fact.

Modern keyloggers can capture not only keyboard strokes but mouse clicks and the Windows Clipboard. They can also take screen shots of what you are doing. Keeping your confidential information from the prying eyes of the best of these sinister products is extremely difficult, perhaps impossible. Then there is the problem of someone looking over your shoulder and quite separately, security cameras.

So the golden rule is don't ever enter confidential information into a hotel computer, an internet cafe PC or other public terminal.

That's the rule but rules get broken. Sometimes we simply have to use a public terminal. I have and I bet most of my readers have too.

So what can you do to improve your security when entering passwords?

Quite a lot actually. Of the many different options available to improve your password security to me the most attractive is to enter your passwords using a password manager like RoboForm2Go running from your own USB flash drive. It's an option I covered in my May 2007 editorial column.

When run from a USB flash drive RoboForm2Go provides excellent security. In fact I've not yet found a keylogger that can capture the information it enters into login boxes and webforms from Portable Firefox. Don't take that to mean RoboForm2Go is 100% safe. It's not; no product is.

One particular area of weakness of RoboForm2Go is the master password you must enter to activate the password manager. If a keylogger captured that and also managed to copy the encrypted RoboForm master password file from your USB drive then you are in deep trouble as they would be able to access all your passwords.

So protecting that password is critical. Thankfully there are thing some simple entry practices that can make entering this master password much more secure. Furthermore these techniques can be applied to all password entry not just the master password in RoboForm.

(a) My first tip is to make your passwords (or passphrases) long and semi-random. Passwords like "SncnGnls3Fp" are much better than something like "banana". This is not only because long random passwords are more difficult to crack but also because they are more more difficult to unscramble from a keylogger log particularly when used in concert with some of the other techniques mentioned below.

Remembering long semi random passwords is difficult but there are lots of mnemonic systems that can help. By way of example the password "SncnGnls3Fp" I mentioned above is actually "RoboForm2Go" transformed by a simple formula where the first letter is shifted one forward in the alphabet (R -> S) while the next letter is shifted one back (o -> n). The same alternating pattern continues for the rest of the characters.

There a lot of different techniques and mnemonics for creating strong passwords and phrases. You can find some in this Microsoft article. Also worth consulting is this Wikipedia article on password strength.

(b) My second tip is before you enter your password turn around and look behind you to ensure no one is peeking. Make sure too that you shield the keyboard from the view of any security camera. Long random passwords make it difficult for someone peering over your shoulder to remember but it's still a good idea to actually physically check. Besides, it only takes a few seconds.

(c) My third tip is to use obfuscation techniques when typing your password. That's a fancy way of saying you can should disguise your password by entering it in more complex way than just typing it in from the keyboard.

For example rather than just entering the password from the keyboard you could cut and paste some of the characters that make up your password from another part of the screen. Ideally this should be from the same window as the one containing the password field but other windows will work fine too.

You could could also drop and drag and drag some characters rather than use cut and paste. Another trick is to enter a character by holding down the Alt key and using the numeric keypad. For example the letter "a' can be entered by ALT 123. Yet another technique is to use an onscreen keyboard to enter some of the characters.

You can go one further and enter the last half of your password first followed by the first half. You can then drop and drag the second half to the front from inside the password box.

Using a combination of these techniques to enter your password can make it really hard for anyone to reassemble your password from a keylogger log. However by a using another obfuscation trick we can make the task near impossible. This trick involves the insertion and deletion of random dummy characters into your password.

For simplicity lets say your password is abcdefg.

Rather than enter your password as a simple sequence of letters throw in some additional dummy random characters along these lines: aMNbOcZdPQReSfgTUV

Now go back and delete the dummy letters one at a time. Delete some characters using backspace, others using the mouse to highlight the letter(s) and the then hitting the Delete key or using the right click context menu and selecting "delete."

By combining the dummy character trick with the various multiple entry techniques you can fool pretty well any keylogger. However don't feel you have to use every single obfuscation trick I've mentioned; that's overkill. Indeed you may not be able to use all these techniques as some sites and products limit what you can do do. For example RoboForm2GO disables cut and paste  as well as drop and drag when you are entering the master password. It also won't allow you to access (get focus in) any window other than the password box. However you can still enter and delete dummy characters as well as entering characters using the Alt (numeric keyboard) trick and combined with a long random password that's good enough.

It's enough because any hacker reading a log from a keylogger has to read, identify, analyze and re-assemble what's recorded. That's hard work. If you use long random passwords combined with even a few obfuscation techniques then almost certainly you've made the job too hard. Possible yes, but too hard, specially when there is easy picking available elsewhere.

Next month we'll look at another way of protecting your passwords by using on-screen keyboards. I've located some great free products including one that works with RoboForm2Go so don't miss it!

6.0 FREEBIE OF THE MONTH

6.1 Notepad on Crack

Great tag line eh? It's the way the author of ZuluPad describes his product and it's not too far from the truth.

ZuluPad is a cross between a note-taking program and a wiki. Put another way, it allows you to create a document with many key phrases in a page linked and cross linked to other pages. Furthermore it does this in such a simple and effortless manner that even a dummy could do it.

Let me give you an example. Suppose I was writing this newsletter item in ZuluPad. When I first mentioned the word "wiki" in the second paragraph I could create a linked page by simply highlighting the word "wiki." At that point ZuluPad would pop-up a new blank page headed "Wiki." I could then write a definition of a wiki.

When I returned to my original page the word "wiki" would now be linked. Furthermore any mention of "wiki" in all current related pages and all new pages would be automatically linked as well.

This is an incredibly powerful way of cross relating information and has enormous application from personal research through to commercial applications.

The idea is not new; ZuluPad has obvious similarities with VoodooPad that has been around on the Mac for quite a while and there are other similar applications that go way back. However ZuluPad is the most usable implementation I've yet seen for Windows.

The product is still at early stage in its development cycle, indeed the version I tested was only 0.41. However I found it worked perfectly; it did all that I wanted and I didn't strike a single bug. The free version is a little short on features so if you use the product I suspect you may well be tempted to fork out $15.00 and upgrade to the Pro version.

Also available is a free web-syncing service that allows you to backup and access your hyperlinked documents. However I did not test this service.

ZuluPad: Free, Open Source, Windows ME - 2003, 1.6MB
http://www.gersic.com/zulupad/

** Bonus Freebie for Premium Edition subscribers **

6.2 The Best Free Desktop Publishing Program

Commercial Desktop publishing programs are expensive. QuarkXPress costs $749, Adobe InDesign costs $699 and even Microsoft Publisher costs $169.

Happily there are two excellent free desktop programs. One is ideal for small business and an excellent alternative to Microsoft Publisher. The other free desktop publisher is a beautifully implemented full featured product that can mix it with the big boys...

Full details in the Premium SE Edition ...

How to get the Premium Edition now

Stop missing out on all this extra information! Subscribe now to the Premium Edition of this newsletter and immediately receive the current premium issue containing nearly double the information contained in this free edition. Get twice as many great web sites, twice as many top utilities and great freebies and no ads.

You'll also get immediate access to the archive of all past issues of the Premium Edition of the newsletter where you can catch up on the hundreds of great utilities you missed in the free edition.

If you like the free edition you'll love the premium. At $10 per year it's just the cost a few coffees. Use this link to subscribe online now:

http://www.techsupportalert.com/se-edition.htm

This month I'm giving away to new Premium subscribers, six free copies of the the top rated anti virus NOD32.

NOD32 is a brilliant program for protecting your PC yet it only consumes a modest amount of your computing resources. That's why I use it on my key work computers. At $39 it's good value but it's even better value when you can get it for free.

The six copies I'm giving away will be allocated at random but your chances of scoring one are actually quite good. So if you have been thinking of subscribing, now's the time.

Even if you don't win anything you'll still get my special report "Gizmo's Desert Island Utilities" which outlines the software I use myself, including many free products.
Use the link below to subscribe now:

http://www.techsupportalert.com/se-edition.htm

7.0 MANAGE YOUR SUBSCRIPTION

Support Alert is a free newsletter. If you liked this issue why not email it to a friend. Anyone can subscribe by signing up online at
http://www.techsupportalert.com/al_subscribe.htm

Back Issues:  A searchable library of back issues is available at:
http://www.techsupportalert.com/issues/back_issues.htm

If you no longer wish to receive this newsletter just go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alerth Enter your email address. No password is needed. You can then cancel on-line. Premium Edition subscribers should note that they can delete their free edition subscription  without affecting their premium subscription as the two lists are totally separate.

To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=support.alerth Enter your old email address. No password is needed. You can then change your subscription email address directly.

The 46 Best-ever Freeware Utilities
 http://www.techsupportalert.com/best_46_free_utilities.htm

The Extended List of the Latest Freebies
http://www.techsupportalert.com/more/extended.htm

For lots more free IT newsletters see
http://www.TechNewsletters.com/infobase.asp?TPubId=79

For convenience North American subscribers can contact this newsletter by snail mail at:

Support Alert
PO Box 243
Comstock Park, MI 49321-0243 USA

Support Alert is a registered online serial publication ISSN 1448-7020. Content of this newsletter is (c) Copyright TechSupportAlert.com, 2007

See you next issue. Next month's issue will be published on the 19th of July.

Gizmo
Ian Richards
editor@techsupportalert.com