========================
                         Support Alert
                    ========================
                    www.techsupportalert.com

                 Your pointer to the very best
                  tech information on the Web

                   Issue 91 - 16th January, 2003

     Support Alert is a 100% subscription-only newsletter.
    Un-subscribe instructions are at the end of each issue.
 
                      <<<<<<<<<>>>>>>>>

Quote of the Week

"The computer allows you to make mistakes faster than any other
invention, with the possible exception of handguns and
tequila."

Mitch Ratcliffe.
                      <<<<<<<<<>>>>>>>>
 

FROM THE EDITOR

Well dear readers, would you like to receive a version of this
newsletter that has double the amount of useful information?

Twice as many top sites.  Twice as many utilities. Even two
"freebies of the week" rather than one.

Well, you can have it immediately.

And would you also like to get a special report I've prepared
listing the very best utilities I've ever used?  My "Desert
Island" selection of products that I install immediately on
every new PC I buy. A set of utilities so powerful that I can't
work effectively without them.

Well you can get the report immediately too.

All you need do is to make a very modest donation to this
newsletter.

Dear readers, if this newsletter is to survive, I need your
help. It's as simple as that.

Last year you overwhelmingly voted in our reader survey to keep
the newsletter ad free and fund it instead, by voluntary donation.

I'm fulfilling my part of your request. There will be no ads.

The survival of this newsletter now depends on your generosity.

In recognition of that generosity, everyone who donates will
receive a better and longer version of this newsletter - the
"Supporter's Edition."

They'll also receive the special "Desert Island Utilities"
report.  And some other things as well.

The suggested donation is very modest but the benefits to you
are very real.

Please consider donating.  As a first step, just click the link
below to see exactly what you get when you become a "Supporter."

http://www.techsupportalert.com/benefits.htm
 

Gizmo Richards
mailto:editor@techsupportalert.com

P.S. If you chose not to donate, that's cool, I respect your
choice.  You'll still continue to receive the standard edition
of the newsletter, which will be the same size and quality
you've received in the past.

                 <<<<<<<<<<<<<<<>>>>>>>>>>>>>

IN THIS ISSUE

1. TOP TECH SITES
 - BIOS Optimization Guide
 - Free Cram Sheets
 - Windows XP Boot Problems
 - ZoneAlarm Support
 - Instant Messaging Security Threat
 - Web Programming Tutorials

2. UTILITIES
 - Free Anti-Virus Software
 - Take Complete Control of Your Monitor
 - Self Repairing PCs
 - Shred Sensitive Data
 - For the Truly Security Conscious
 - Free Copy Utility

3. BUGS, SERVICE RELEASES AND PATCHES
 - Flash Player Vulnerability
 - Two MP3 & Windows Media Audio File Exploits
 - Windows 2000 Null Sessions Exploit
 - Microsoft IE Security Mess-up
 - MySQL Vulnerability
 - Ad-aware Spyware Remover Updates

4. OTHER USEFUL STUFF
 - A Cable Modem That Does the Lot
 - Extreme Programming Goes Mainstream
 - Popups Become Kick-Throughs
 - How to Delete an Undeletable File in XP
 - Spammers Abuse Everything
 - New W3C Scripting Interface Standard
 - Tech Support Nightmare
 
5. FREEBIE OF THE WEEK
 - Boilerplate Text Utility

             <<<<<<<<<<<<<<<>>>>>>>>>>>>>

1. TOP TECH SITES
=================
 

BIOS Optimization Guide
Want to tweak your BIOS for maximum speed or stability? Like to
understand the meaning of some of the obscure settings in your
BIOS setup?  If so, head straight to this site.
http://www.rojakpot.com/default.aspx?location=1

Windows XP Boot Problems
If your PC hangs while booting or you have other boot time
problems, you might to check out this useful Microsoft Knowledge
Base article.
http://support.microsoft.com/?kbid=308041

ZoneAlarm Support
ZoneAlarm, the popular personal firewall, is not only free of
charge; it's free of technical support as well.  It's pretty
hard to complain about this but the inability to get answers to
your questions can be frustrating. Well, now there's a solution.
ZoneAlarm has started a user forum at their site and it should
be your first port of call for ZA support questions.
http://www.zonelabs.com/store/content/support/userCommunity/userComm_agreement.jsp

Instant Messaging Security Threat
Symantec is offering an excellent, free white paper on the
security exposure presented by the various instant messaging
systems. I'd rate it as essential reading. Note that it's in PDF
format so you'll need Acrobat Reader to view the report.
http://www.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf

Web Programming Tutorials
Like to brush up on your JavaScript? Need some help with HTML4?
Then head for this site where you'll find lots of links to free
web programming resources.
http://www.muppetlabs.com/library/tech/tutorials.html

Got some top sites to suggest? Send them in
to mailto:editor@techsupportalert.com

 2. UTILITIES
=============

Free Anti-Virus Software
I normally recommend the Norton or McAfee Anti-virus suites but
I'm fully aware that some folks simply can't afford to buy them.
If you fall into this category then you should check out AVG
Antivirus 6.0 Free Edition. This product has been continuously
refined since it was first released in 1991 and now offers very
impressive protection capabilities. Additionally, it's
relatively small, light on resources, has regular automatic
updates and handles email scanning. There is a free and a pro
version, the only difference being that the free version has a
few non-critical features disabled and has no technical support.
Even so, it's an impressive package and a offers the financially
challenged a real alternative to the major anti-virus
suites.(5MB)
http://www.grisoft.com

Take Complete Control of Your Monitor
If you work in an environment where the precise control of your
monitor's resolution, refresh rate and color accuracy is
important, you should check out PowerStrip 3.  This handy
utility gives you precision control of many parameters directly
from the system tray. And, it includes direct hardware support
for many chips including the latest Radeon 9700. PowerStrip is a
$29.95 shareware product but there's a free trial. (0.9MB)
http://www.entechtaiwan.com/ps.htm

Self Repairing PCs
IBM has introduced the "Rapid Restore" utility for its line of
PCs that allows end-users to effectively re-image their PCs to
recover from data corruption, virus infections and other
software induced system failures. The utility works by restoring
a system image along with key application data from a hidden
disk partition that cannot be accessed by viruses or
applications. I don't own an IBM PC so I can't test this product
but, if it works as advertised, it may well be the best news of
2003 for many hard pressed support staff. (32.9MB)
http://www.pc.ibm.com/qtechinfo/MIGR-44466.html?lang=en_IN&page=brand&brand=IBM+ThinkPad&doctype=Downloadable+files&subtype=Cat

Shred Sensitive Data
FileShreader is a freeware utility that will permanently delete
Windows files so that they cannot be recovered. As a security
measure, FileShreader will overwrite the disk sectors containing
the original file with random data repeatedly up to 15 times.
Usage is by drop and drag or right-click menu selection from
Explorer. This is an easy to use utility for those requiring
normal levels of security but note that there may still be a
chance that your valuable data is lurking on your computer as a
temporary file or in a system cache. It all depends on your
level of paranoia. That said, this utility provides way better
protection than Windows delete. (1.5MB)
http://www.handybits.com/shredder.htm

For the Truly Security Conscious
If you really want to totally and permanently remove all traces
of a file, or indeed all your work activities, you should check
out Acronis Privacy Expert 2003. This product is awesome in it's
thoroughness in deleting data not only on the disk but in every
nook and cranny of your computer. It also thoroughly erases all
traces of your surfing activity. The user interface is a model
of clear design and provides the simplest means yet for average
users to achieve near forensic levels of data cleaning. I tested
the program by deleting some test data with Privacy Expert and
then tried to recover the data using some of the most powerful
data recovery tools in the business. After two hours I gave up.
I couldn't locate one byte of my original data. At $29.95 this
product is a bargain for the security conscious and a necessity
for anyone who shares a PC with other users. Highly recommended.
Get a free 15 day trial here: (2.86MB)
http://www.acronis.com/products/privacyexpert/

Free Copy Utility
I was surprised recently to find that a friend of mine, who is a
tech support professional, had never heard of the XXCOPY
utility.  For those of you who are living in a similar state of
ignorance, it's a command line copy program that can be best
described as being like the old DOS XCOPY on steroids. It will
even copy whole partitions including Windows 9X operating system
partitions.  It's free. It's extremely useful in particular
situations. It should be in everyone's toolkit. (252KB)
http://www.xxcopy.com/

Got some favorite utilities? Why not share the news? Send
your top picks to mailto:editor@techsupportalert.com
 

3. BUGS, SERVICE RELEASES AND PATCHES
=====================================

Flash Player Vulnerability
This is nasty. Macromedia has advised of a buffer overflow
problem in all Flash players distributed before the 12th Of
December 2002. Utilizing the fault, a specially crafted Flash
movie file could be used to allow the execution of an attacker's
program of choice. The rogue Flash animation could be on a web
site or in an email. Macromedia has released a new version of
the Flash player that remedies the fault. I suggest you download
the new version now.
http://www.macromedia.com/v1/handlers/index.cfm?ID=23569

Two MP3 & Windows Media Audio File Exploits
Security company Foundstone has released two advisories
concerning media files. The first involves a flaw in Windows
Explorer within Windows XP whereby a specially crafted MP3 or
WMA file could compromise the system and allow for remote code
execution. An alarming aspect is that the exploit could take
place merely by browsing to a folder (or web site) containing
the malicious file.  The second exploit involves the current
versions 2.81 and 3.0 of popular media player WinAmp. Again, a
maliciously crafted MP3 file could lead to a buffer overflow
when played which could expose vulnerabilities including remote
code execution.  Both Microsoft and WinAmp have released fixes,
the details of which can be found in the Foundstone advisories.
http://www.foundstone.com/knowledge/randd-advisories.html

Windows 2000 Null Sessions Exploit
CERT has issued an advisory about the W32/Lioten - an aggressive
Worm that attacks Windows 2000 machines for weak passwords by
utilizing anonymous null sessions. CERT's suggested solutions
involve the restriction of null sessions, the enforcement of
strong passwords and ingress/egress filtering. More details here:
http://www.cert.org/incident_notes/IN-2002-06.html

Microsoft IE Security Mess-up
In November, Andreas Sanblad demonstrated an object caching flaw
in Internet Explorer. First MS went into denial. Then they
blamed the messenger for the message. Then they issued a patch.
Then they upgraded the warning and issued a new patch but left a
critical element to be applied as a manual registry alteration.
If you use Internet Explorer with NT4, Win2000 or XP Pro AND you
know how to safely modify your registry, then you'd better fire
up REGEDIT.
http://support.microsoft.com/?kbid=810687

MySQL Vulnerability
A German firm has advised of a number of flaws in the widely
used MySQL database software that could, in the worst case, be
used to bypass the MySQL password check or to execute arbitrary
code.  The vulnerabilities affect all versions prior to 3.23.53a
and 4.0.5a and users should upgrades to the latest versions that
have fixed the flaws.
http://security.e-matters.de/advisories/042002.html

Ad-aware Spyware Remover Updates
Everyone just loves Ad-aware and with good justification. It's
free and it's always been extremely effective.  However with no
updates to the database since September 2002, that effectiveness
is waning. According to this report from Spyware Weekly
newsletter, the lack of updates is because a totally new version
of the engine will be released in the next couple of months.
Existing Ad-aware users will need to decide whether to hang in
for a couple of months or go over to other Spyware removal
product such as PestPatrol.  I think I'll hang in.
http://www.spywareinfo.com/newsletter/archives/december-2002/12252002.php
 

4. OTHER USEFUL STUFF
=====================

A Cable Modem That Does the Lot
Why settle for a cable modem that does only one thing? The
CG814M from Netgear also serves as a router, switch, firewall
and 802.11b wireless access point. With a street price of around
$230, it's an attractive proposition.
http://www.pcconnection.com/scripts/productdetail.asp?product_id=322204

Extreme Programming Goes Mainstream
XP is a program development methodology that uses teams
comprised of managers, developers and customers all linked in a
tight feedback loop. It's been around for a few years and is now
gaining acceptance for particular types of projects. More
details here:
http://www.newsfactor.com/perl/story/20348.html
http://www.extremeprogramming.org/

Popups Become Kick-Throughs
A new advertising menace has arrived - the kick-through window.
This device takes surfers to an advertiser's site even if they
just pass their mouse over an ad.  They are already in use by
travel discounter Orbitz at several sites including the New York
Times. The new devices represent the next step in the technology
war between advertisers and consumers. Undoubtedly we will see a
counter response from the makers of anti-popup software.
http://news.com.com/2100-1023-978616.html?part=dtx&tag=nhl

How to Delete an Undeletable File in XP
Yet another technique.  Worked for me.
http://www.dougknox.com/xp/tips/xp_undeletable_file.htm

Spammers Abuse Everything
A couple of issues ago I told you of a new spamming technique
that utilizes Windows Messenger to send pop-up ads to
unsuspecting users.  I just happened to surf to this site that
is actually offering spammers the software to do it.  Worse
still they even try to make a virtue of this offensive
technique. "IP2IP is a feature-rich direct advertising program
designed to deliver your messages directly to Windows 2000, XP,
and NT desktops." The hide of some people!
http://www.121ads.com/

New W3C Scripting Interface Standard
The W3C (World Wide Web Consortium) has finally released long
delayed specifications for level 2 of the Document Object Model.
This is a platform and language-neutral interface that defines
the way languages such as JavaScript and Java interact with
elements in HTML or XHTML pages. A free test suite is available
that allows developers to test whether their applications
conform to the new standards.
http://www.w3.org/TR/DOM-Level-2-Core/
http://www.w3.org/DOM/Test/

Tech Support Nightmare
If you thought eliminating some of the recent worms from PCs was
difficult, just wait to you see these:
http://www.uq.edu.au/education/extra/all.html
 

5. FREEBIE OF THE WEEK
======================

Boilerplate Text Utility
This is a real productivity tool. I just love it and I suspect
you will too. CastlePaste is a free utility that allows you to
easily paste any one of multiple text snippets into any program
you are currently running. You can define as many snippets as
you like. A number of clipboard extenders do the same thing but
the real strength of this product is that snippet insertion is
made really easy with a pull down menu that is available from
the title bar of any application you are currently using.
CastlePaste is freeware but there is also a $15 Pro version
which handles multi-line pastes.  Yet another great software
product from New Zealand. Must be the clean air ;>)   (1.24MB)
http://www.castlesoft.co.nz/CastlePasteStd.htm

Got some top sites and services to suggest? Send them in
to mailto:editor@techsupportalert.com

<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>

WHAT YOU ARE MISSING

Here are some of the additional items featured in the current
issue of the special "Supporter's Edition" of this newsletter.

- The best site for free Windows fonts
- How to optimize your swap file for better performance
- Web sites that will inspire any web designer
- A free email security test service
- How to become a master at Internet searching
- A free backup program that will keep your working files secure
- A free PDF file creator with full professional features
- How to access MS Outlook from Lotus Notes
- An excellent password generator that will make Sysadmins smile
- Get a free backup ad-in for MS Outlook files
- A universal AC/DC power supply that will simplify your travels
- How to change Windows XP drive letters
- Build your own PC designed for maximum price/performance
- How to network PCs via USB
- Two great Windows XP clean install guides
- The best way to clean your PC
- How to run legacy programs Under Win XP
- A free utility to monitor your user's backup needs

Get all these items now.  Just give a small denotation and I'll
send you immediately the current "Supporter's Edition" of this
newsletter packed with this additional information.

But that's not all you get when you donate.  Click the link
below to discover the benefits of being a "Supporter."

http://www.techsupportalert.com/benefits.htm

<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>

Win $10,000 and a Sony CD player

If you like this newsletter, why not recommend it to your friends
and colleagues?

If you do, you'll automatically get a chance to win:

1.  $10,000
2.  A fantastic Sony CD Player

You've got nothing to lose and everything to gain.
Just click on the following link:

http://www.recommend-it.com/l.z.e?s=877794

<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>

The Small Print
===============

To subscribe to this newsletter send a totally blank email to
supportalert-subscribe@webelists.com.

To unsubscribe from this newsletter send a blank email to
supportalert-unsubscribe@webelists.com or to the address shown
at the bottom of this page.

To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=supportalert.
Enter your old email address. No password is needed. You can
then change your subscription email address directly.

For lots more free IT newsletters see
http://www.freetechmail.org/infobase.asp?TPubId=79

This edition of Support Alert was proof-read by subscriber A.
Belile who kindly donated her services. My hearty thanks.

(c) Copyright TechSupportAlert.com 2003