Support Alert
                       Supporters' Edition

                 "Gizmo's top picks of the best
                  Tech resources and utilities"

                 Issue 110 - 16th June, 2004

    Support Alert is a registered online serial publication
                         ISSN 1448-7020.


0. EDITORIAL: Security sandboxes.

 - Yahoo Mail Offers 100MB
 - FireFox 0.9 Released
 - Check Your Browser Defenses
 - What DLL is That?
 - Comprehensive Vulnerability Database
 - Free Local Search Toolbar
 - Bypass Annoying Web Registration
 - Build a PC That Screams for Less Than $1000 (SE Edition)
 - Scan Your In-house Software for Security Flaws (SE Edition)
 - How to Avoid Being Scammed (SE Edition)
 - Free Help with MS Word (SE Edition)
 - Unlock Mail Passwords
 - New Version of Spybot Search and Destroy
 - Manage your Favorites for Nix
 - Simple Answer to Outlook Annoyance
 - SpamNet Revisited
 - Get Xandros Desktop OS Linux for Free
 - Free Utility Transparently Encrypts Mail
 - Free All-in-one Web Server Package (SE Edition)
 - Free RSS Reader Offers Snazzy Interface (SE Edition)
 - Free HTTP Session Analyzer (SE Edition)
 - Easily Send Personal Email to Several Recipients (SE Edition)

 - Unpatched IE Flaw Leaves All Users Vulnerable
 - Another Unpatched IE Flaw?
 - Critical Flaw in Linksys Router
 - Flaw in Latest Oracle Software Exposes e-commerce Data
 - Correction

 - 40GB of Portable USB Storage
 - Use Google to Search Your PC
 - New Nokia Phone Writes Mid-air Messages
 - New Yahoo Toolbar Beta Detects Spyware
 - Planetarium on your Mobile Phone
 - A New Way of Visualizing Security Threats
 - Another Way to Increase Your Street Cred (SE Edition)
 - Use Your Camera Cell Phone as a Mouse (SE Edition)
 - Convert Microsoft Word to Emacs (SE Edition)
 - How to Get Real X-Ray Vision (SE Edition)

 - Customize the Office Places Bar

 - Create Virtual Desktops
 - Automate Mouse Clicks (SE Edition)



Tech Support: "Ok, in the bottom left hand side of the screen,
can you see the 'Start' button displayed?"

Customer: "Wow! How can you see my screen from there?"

From http://www.easydesksoftware.com/humor.htm


Something very strange was going on but I wasn't sure what.

Then the penny dropped. The "utility" I was testing was randomly
deleting files in my Windows Directory. It made me laugh - I'd
been well and truly caught by a very simple but highly effective
trojan horse.

I was able to laugh because I was running the "utility" on a
stand-alone machine I reserve exclusively for testing. I always
evaluate any program on this test PC before I install it on one
of my work machines.

Now I don't give a rat's about what happens on my test PC.
Trojans can cause havoc, viruses levy ruin and worms wiggle to
their heart's content.

I don't care because the stand-alone test PC can't infect any
other machine.  Furthermore it only takes me 15 minutes to
return it to a secure, working state by restoring from a backup
drive image.

Now most folks don't have the luxury of a test PC. They test
programs on their live machines. Mostly that works fine, but if
the program being tested is a trojan horse like the one I
described above, they are in deep trouble.

Think about how many times you've downloaded a utility from the
Internet and installed it on your PC. It's really an act of
blind faith; you are simply hoping that it's not a trojan.

If the utility you are installing is a trojan, I'm afraid it's
tough luck Charlie. Unless your AV scanner detects it, you are
gone. And if my experience with the trojan detection ability of
AV scanners is any guide, you are not going to get much
protection for that source!

Now the good news; potentially there is a way you can protect
yourself without going to the trouble of having a separate PC.

This is by using a type of security product called a "sandbox."
The strange name derives from the Java world where it refers to
the highly limited environment in which Java applets are allowed
to run - they are allowed to "play in the sandbox."

Sandboxes have not really hit the big time yet but you are going
to hear a lot about them in the future. Most of the major
vendors are putting a lot of resources into the area.

That's because sandboxes address one of the key problems in the
current Windows security crisis - the ability of potentially
hostile programs to execute with full privileges. That folks, is
fancy computer jargon for saying "doing whatever they want."

The problem is built into Windows. It's a design defect present
in every end-user version ever released though hopefully it will
be fixed in Longhorn, the next generation Windows. But that's
years away.

Sandboxes however, can greatly restrict and limit what programs
can do, even if Windows can't. That's why they are such useful
tools for defending against trojans.

In my last editorial, I mentioned Process Guard, a program which
protects your key security programs and Windows system files.
It's really a kind of sandbox. So too is WinPatrol and SSM that
I mentioned in the same article. But there are some other
contenders as well.

One of the most impressive is Tiny Trojan Trap, which is built
into the latest version of the Tiny Firewall. Another is Finjian
SurfinGuard Pro.

These products are all valuable but suffer the same weakness;
they are difficult to configure. That's because you have to
specify for each program on your PC, exactly what behavior is
acceptable and what is not. That's a lot of work.

However if you are an experienced user, you should really check
them out. They may be tough to configure but by no means
impossible. And they really add to your system security.

However there is another way of building sandboxes that is much
easier to configure.

This involves setting up a virtual machine on your PC - a kind
of virtual stand- alone test PC within your own PC. This virtual
machine is set up in a way that it is effectively isolated from
the memory, disk space and other parts of your PCs operating

Such a virtual machine gives you a relatively safe way of
running unknown applications, browsing to potentially hostile
sites or engaging in other dicey activities without risking your
everyday PC being compromised.

The technique is already used internally by some security
products. The Norman anti-virus suite includes a particularly
neat implementation. You can get a full description here:

Unfortunately the Norman Sandbox is not available as a separate
product.  However there are several general purpose virtual
machine utilities that could be shoe-horned into the role.

VMWare is the best known and has a strong following. It's
usually used to set up multiple operating systems on a single
PC, each running on its own virtual PC. However it can just as
easily be employed to set up a virtual test PC that uses the
same operating system you normally use.

Using a virtual test PC provides you with a comforting degree of
protection from trojans and other hostile agents. If your
virtual PC becomes infected with a trojan, its impact is limited
to the virtual machine where it was executed. Other virtual
machines, including your normal working PC, will not normally be

I'm not sure about the ultimate security of the VMWare virtual
environment to targeted hostile attack. After all, this software
was not designed specifically for security purposes.

However I am sure that using a virtual machine partition
certainly beats hands-down, the "Russian Roulette" practice of
running unknown programs on your everyday work machine.


PS If any readers know of a specifically security-oriented
virtual PC sandbox utility please let me know and I'll pass the
news on next issue. It's a much needed application.

Links to products mentioned:

System Safety Monitor (SSM)
http://maxcomputing.narod.ru/ssme.html?lang=en (slow site)

Process Guard


Tiny Firewall

Finjian SurfinGuard Pro



Yahoo Mail Offers 100MB
That's right, the free Yahoo mail service now provides you with
100MB of storage and that doesn't even include messages in your
Bulk Mail folder which don’t count as part of your quota. Better
still; the maximum message size has been increased to 10MB.
Other improvements include a cleaner interface and a new $19.95
per year option that gives your 2 Gigabytes of storage, twice as
much as Google's upcoming Gmail service.

FireFox 0.9 Released
With this new release FireFox has reached the point where it can
be your mainstream browser. It's faster than ever, offers more
features and has an new addictive clean look. I've now retired
IE and MYIE2 except for the occasional (non standards compliant)
secure site that requires IE. As a result I have faster, more
productive and most importantly, more secure browsing. (4.7MB)
http://www.madpenguin.org/cms/html/47/1695.html <= review

Check Your Browser Defenses
I just discovered this site operated by security company Scanit
and its set of tests is quite comprehensive. Given the current
scumware plague, I strongly recommend you go to this site and
test out your browser. It's free and only takes a couple of

What DLL is That?
Ever wondered what a particular DLL does. Find out from this
useful Microsoft database.

Comprehensive Vulnerability Database
OSVDB is an independent security vulnerability database that is
free for all to use. It's large, up-to-date and comprehensive in
its operating system coverage.

Free Local Search Toolbar
A couple of issues back I mentioned the free HotBot Desktop that
allows you to search the contents of the files on your hard disk
as well as the web.  However many folks have had trouble getting
the web based install to work. Here's a direct link to download
the Tool Bar for local installation.

Bypass Annoying Web Registration
What a clever idea - a web site that provides a logon code for
all those pesky sites that require registration before you can
access their content. It's all 100% kosher; there are no codes
for pay sites, just the free but annoying ones.

** Bonus Items for Supporters **

Build a PC That Screams for Less Than $1000
This article at Tom's Hardware shows you how. It's primarily
intended for gaming but the specs will suit general computing
just as well.

Free Server Side Spam Filter Offers Top Performance
The latest release of DSPAM, an Open Source statistical spam
filter, is looking awesome and may be a first choice for many
UNIX/Linux based mail systems. Claimed accuracy is as high as
99.98% without white lists.

Scan Your In-house Software for Security Flaws
An increasing number of software products are appearing that
analyze other software applications for security flaws and
loopholes prior to implementation.

How to Avoid Being Scammed
The number of internet scams is increasing rapidly. This site
offers useful advice as well as resources to check out
suspicious proposals.

Free Help with MS Word
Here's a site dedicated to tips, tricks and techniques for
getting the most out of MS Word

Got some top sites to suggest? Send them to


Unlock Mail Passwords
This free utility uses an ingeniously simple method of revealing
POP3 passwords. First, the utility sets up a local POP server.
You then change your email account settings to log into the
local server and the passwords will then be fully revealed.
Works with Outlook Express, The Bat or any POP client that
stores passwords on your PC. The same site offers an FTP
password recovery utility that uses the same technique.
Freeware, 11KB

New Version of Spybot Search and Destroy
Version 1.3 has now been released and is a compulsory upgrade as
all previous versions are no longer supported.  To avoid
problems, it's strongly recommended that you uninstall your
previous version before installing 1.3 and reboot after both un-
installing and re-installing. Among the most notable of new
features is enhanced active protection from infection provided
by two new, optionally installable applications called SDHelper
and TeaTimer. SDHelper is a browser helper object that blocks
malicious programs from downloading. TeaTimer is a real time
monitor that protects your system settings.  I found TeaTimer,
on occasion, to be a tad resource hungry so users of very slow
machines may have to decide between performance versus ultimate
protection. That aside, this upgrade has made a great product
made even better. Should be on every PC.  Freeware, 4.15MB.

Manage your Favorites for Nix
Bookmark Manager is an open source utility that will help you
tidy up your favorites collection. It works with Internet
Explorer, Mozilla and Netscape and allows you to validate links,
search for duplicates as well as annotate and manage your
collection. Nothing earth-shattering here rather it's one of
those honest, plain vanilla utilities that simply does the job.
Freeware 2.97MB.

Simple Answer To Outlook Annoyance
Thanks to subscriber Arley Karpman for letting me know about
Express ClickYes. This is a tiny, free utility that will
automatically answer "yes” when Outlook's Security Guard opens
the prompt dialog saying that a program is trying to send an
email with Outlook or access its address book. Anyone who has
installed Office XP SP3 will find this utility invaluable. (93KB)

SpamNet Revisited
SpamNet is a network based spam filter that utilizes its one
million odd user base to help identify spam mail. I was one the
beta testers of the original system and while impressed, I was
however, wooed away by the superior spam detection rates of
Bayesian statistical filters. I've just re-tried SpamNet and am
happy to report that detection rates have moved up from around
70% to the high eighties.  This is good but still not as good as
98% or more achieved by the best statistical filters. However
the real attraction of the system is its speed and the fact that
it never falsely classifies your personal mail as spam. For some
users, the security of the latter will be a real swinger. The
system still has a problem with bulk mail newsletters - I
noticed four subscription-only zines falsely flagged as spam.
That said, it's a great solution for Outlook/Outlook Express
users prepared to pay the $4 a month licensing fee. Personally I
find the fee irksome when you consider Linux users can get the
same service for free via Vipul's Razor.

Get Xandros Desktop OS Linux for Free
The folks at Xandros are currently offering a free version of
their popular desktop Linux distro. It has some restricted
features such as an ad supported version of the Opera browser,
limited CD write speed and is missing the Windows software
compatibility program, CrossOver Office, as well the 350 page
Xandros user guide. It's for personal use only and can only be
downloaded free via BitTorrent.  (512.3MB)

Free Utility Transparently Encrypts Mail
SecExMail Home is a security application that automatically
encrypts/decrypts mail to/from secure correspondents with whom
you have set up security keys. It works as an email proxy that
sits between your POP3/SMTP mail client and mail server so it
will work with just about any email program. What's nice is the
process is totally transparent to the user. All mail looks the
same to the user, secure or not, as SecExMail handles all the
housekeeping.  Encryption is via RSA public key encryption and
the Twofish block cipher. Much to like here particularly at the
price.  Free for personal use, Windows and Linux versions, 2.7MB.

** Bonus Items for Supporters **

Free All-in-one Web Server Package
YellowTip web server is a free, GPL license package that unifies
and integrates the installation of Apache2, PHP4, MySQL4,
phpMyAdmin and Zend Optimizer on a Windows Platform.  The 19.2
MB package also includes phpBB, PostNuke, Gallery, b2evolution
and phpMyAdmin.  Installing a web server is never a simple job
but YellowTip makes it just about as easy as it can get.

Free RSS Reader Offers Snazzy Interface
Thanks to subscriber "JBHQ" for drawing my attention to
KlipFolio a free news aggregator with some rather unusual
features.  First, it's not really a straight RSS aggregator
rather it handles RSS as a subset of a broader class of feeds
called Klips. Second, the interface is quite different to any
aggregator I've seen and in some ways superior. Configuration is
not for newbies but once set up, it works a treat.  Make sure
you check out the thousands of free Klips offered at the site.
Freeware, 523KB.

Free Virus Removal Tool
"Stinger" is a free downloadable tool offered by McAfee that can
be run on any PC to detect and remove virus/trojan infections.
It's intended use is as a cleaning tool for PCs that are already
infected rather than for prevention.  Currently handles over 40
families of viruses. A handy utility that should be in
everyone's toolkit. (776KB)

Free HTTP Session Analyzer
Subscriber Bill Morefield writes "you might want to check out a
program I found a few months back called Fiddler.  It requires
the .NET framework be installed, but is free and not only allows
you to view sessions, but also to ‘fiddle’ with the data."  Nice
find Bill and because Fiddler works through a HTTP proxy it can
be used to debug any application that accepts a proxy.
Additionally, it supports a scripting language so you can
exercise full control over sessions. Freeware, 470KB.

Easily Send Personal Email to Several Recipients
If you want to send an email to a small, once-off list the usual
option is to use CC or BCC. In the process however, you lose the
personal touch so important in email. If you use Outlook, a much
better way is to use "Send Personally" a nifty add-in that at
the touch of a button, sends individual personal letters to each
address in the "TO:" field of your email. Since installing the
product I find I'm using it regularly. Shareware, $24, free 20
day trial. (642KB)

Got some favorite utilities to suggest? Send them to

Nothing of note from Microsoft itself this month, just a couple
of "moderate" level advisories. However third party companies
have discovered more Internet Explorer flaws.

Unpatched IE Flaw Leaves All Users Vulnerable
Security Information group Secunia have released a "highly
critical" level advisory covering two previous unknown flaws in
Internet Explorer that could allow compromise of a user's
machine. An adware company is already using the flaws for "drive-
by installs" of its I-Lookup search bar.  Others malware
purveyors are bound to follow. Apparently the flaw will be
patched in Windows XP SP2 but in the meantime the only fix is,
according to Secunia to: "disable Active Scripting support for
all but trusted web sites, filter "Location:" headers containing
the "URL:" prefix in a proxy server or use another browser."
Amen to the latter.

Another Unpatched IE Flaw?
In March 2002, the security company Grey Magic Software reported
a serious flaw in IE, the so-called DSO exploit that could allow
an attacker to run code of choice without employing Active
Scripting or ActiveX. I recently visited the NSClean security
site that offers a free utility that tests your browser's
vulnerability to the DSO exploit and fixes the problem if
necessary. I was stunned to find my fully patched IE was still
vulnerable! This was confirmed by running the demonstration code
on the Secunia site though I'm happy to report that Norton AV
stopped the demonstration script from running. None-the-less, I
suggest you download the NSClean utility and test your version
of IE.

Critical Flaw in Linksys Router
Cisco has posted a firmware update to their popular WRT54G
802.11g Wi-Fi Router that fixes a flaw that could allow an
attacker to take control of the router.

Flaw in Latest Oracle Software Exposes e-commerce Data
Oracle has issued a patch for multiple flaws in their E-Business
Suite and Applications that could allow an attacker to gain full
access to Oracle databases. This is the 5th security patch from
Oracle since the start of 2004.

In a recent editorial I quoted from www.netrn.net/spywareblog/ a
list of supposed anti-spyware products that were themselves
spyware.  It appears that one product on the list, XP Antispy,
is in fact legit. "Their FORMER domain was taken over by some
idiot who's pushing a dialer and trying to pass it off as XP
Antispy." Here's the real domain of the real product:


40GB of Portable USB Storage
Taiwanese manufacturer Transcend have released a tiny external
USB 2.0 storage system based on their 1.8" disk drive unit. The
unit is available in 20GB and 40GB capacities at a price of $202
and $314 respectively. The physical size is an amazing 3.75" x
2.75" x 0.6"

Use Google to Search Your PC
The NYT is carrying an article about Puffin, a new tool from
Google currently under test that will search the contents of the
files on your PC. Apparently it's been in development for more
than a year. Sounds like a free version of Enfish Find and a
perfect solution to a pressing problem. Can't wait for it.

New Nokia Phone Writes Mid-air Messages
Nokia have just released their 3220 cell phone that will allow
you to write messages up to 15 characters long that appear to
float in mid-air. The message can be read up to 20 feet away.
Could be ideal for getting a waiter's attention.

New Yahoo Toolbar Beta Detects Spyware
Yahoo has upped the ante in the Search Toolbar wars by offering
a spyware detection and removal feature in addition to the usual
quick search, popup blocker etc. The underlying technology was
supplied by PestPatrol and involves a high level system scan for
spyware and adware. Somewhat controversially, the adware
scanning is not turned on by default though turning it on is
very straight forward. I wouldn't advise un-installing Spybot
just yet though this kind of product could be useful for many

Planetarium on your Mobile Phone
"MicroSky is a freeware planetarium for mobile/cell phones with
Java-support and a connection to the internet (preferable GPRS
or UMTS ). It is a J2ME-Midlet client/server application which
can display 2.500.000 stars, 8.000 deep sky objects, the
constellations, the planets, local horizon and registered
comets. "

A New Way of Visualizing Security Threats
The Spinning Cube of Doom. Intriguing.

** Bonus Items for Supporters **

Another Way to Increase Your Street Cred
This is nice; a free blue screen of death screensaver with a
difference. "This screensaver pretends to cause a crash, 're-
boots' and installs Linux. Then watch who logs in.)"
This 235KB download requires Flash.

Use Your Camera Cell Phone as a Mouse
Strange but true. It's part of a serious effort to make camera
phones interact with the environment and become an "all-in-one
mouse, keyboard, storage device and authentication system." This
site offers a public beta of the software.

Convert Microsoft Word to Emacs
Christopher Rath offers some free VBA macros that map that
"remap (your) keyboard to provide a basic set of Emacs key
bindings." Other customizations are offered at the site to
further morph Word to Emacs

How to Get Real X-Ray Vision


Customize the Office Places Bar

If you use Office 2000/XP/2003 you'll find it very handy to be
able to customize the contents of the Places Bar to include
shortcuts to your own commonly used folders.

The Places Bar is the left hand pane that appears in the File
Open dialog and normally contains "Favorites, My Documents and
other system folders.

Office 2000 users will need to download a free Microsoft add-in
from the following location to customize the folder.

However with Office XP and 2003, customization is dead easy.
First from within an Office application select "File/Open."
Then from the Explorer pane browse to the folder you want to
include and select it. Then from with the Open dialog box click
on "Tools/Add to "My Places" "

That's it, you are done!


Create Virtual Desktops
Judging from the PCs I've seen, most users have a problem with
desktop clutter. Virtual Desktop is free tool that solves this
problem by allowing you to create multiple virtual desktops and
switch easily between them. I've created three covering my
newsletter research, website creation and programming and must
say that it's a very addictive way of working. I particularly
like the way the extra space allows me to put less commonly used
shortcuts on each of my specialized desktops. It's quite
possible to set up Virtual Desktops by using Microsoft's
Powertoys but this freeware utility offers a far neater
solution. 247KB.

** Bonus Freebie for Supporters **

Automate Mouse Clicks
GhostMouse is a free automation utility that captures mouse
clicks into a file that can then be replayed without user
intervention. It's great for running programs automatically. One
of the simple specialized utilities that should be on every PC.
Freeware, 699KB.

Got some top sites and services to suggest? Send them in to


You'll find all back issues plus a growing list of resources
exclusively available to Supporters.

The area is protected.  Use the security information sent to you
when you first subscribed.


If you no longer wish to receive this newsletter, send me an
email at supporters@techsupportalert.com. Remember to state the
email address at which you are currently subscribed.

To change your delivery email address, go the Supporters' area of
the website. There you can manage your subscription on-line.

Receiving duplicate issues?  If you are receiving an unwanted
copy of the standard edition of this newsletter, you can cancel
that subscription by going to
http://www.webelists.com/cgi/lyris.pl?enter=support.alert. Enter
your email address. No password is needed. You can then cancel
your subscription.

Thanks to subscriber A. Belile for proofreading this issue.

You can contact this newsletter by snail mail at:
Support Alert
PO Box 243
Comstock Park, MI  49321-0243

Content of this newsletter is (c) Copyright
TechSupportAlert.com, 2004

See you next issue