This editorial is the third part in a series looking at the effectiveness of free security software.
In the last part I showed that you could achieve a high degree of protection using a three layered defense system based on free products.
By combining the free AVG anti-virus scanner, the free version of Ewido anti-Trojan scanner and the free Microsoft Antispyware scanner, I managed to achieve a 95% detection rate against a particularly nasty set of 104 assorted malware products that I had downloaded from P2P networks.
The figure of 95% using layered protection compares to a modest 84% achieved by each of the best performing individual commercial products, NOD32 and Norton AV 2005, used alone.
It is, however, unfair to compare a three layered security system to a single layer. Rather it should be compared to the best three layered combination of commercial products.
Over the last month I've looked at 45 different combinations of commercial products in a three layered system comprising of an anti-virus scanner, an anti-Trojan scanner and an anti-spyware scanner.
It's a complex business finding the right combination. All products overlap to some extent yet at the same time have different strength and weaknesses. The trick is to get the best overall protection with the least overlap.
Overlap is not in itself necessarily a bad thing. In fact, it could be considered a virtue; the more protection the better.
The problem is that overlapping products end up catching the same problems and throwing up the same warnings to users. This is a real pain.
Matching product strengths and weaknesses is a little easier. Norton AV for example is not all that strong in detecting polymorphic Trojans so it makes sense to team it up with a powerful anti-Trojan. NOD32 on the other hand, is relatively strong in its Trojan protection but not as good as Norton in picking up spyware. And so it goes on.
At the end of the day I found three product combinations that gave excellent results. Here they are:
There are of course many other effective combinations. In fact, 11 of the 45 combinations I tested had detection rates of 95% or better.
The best combination of commercial security products I tried yielded a 99% detection rate compared to 95% for the best combination of free products.
That's not a big difference but it's not insignificant. However, the cost difference is not insignificant either. To buy the full set of commercial products you will have to outlay $88.90 initially plus a further $67.20 annually.
Some folks will consider this a worthwhile investment in order to get the slightly higher level of protection. Others will baulk at the idea.
Personally, I think it all boils down to whether you are a high risk user. A high risk user is one who frequents P2P networks, tries lots of different programs, surfs to the nether regions of the web or otherwise engages in risky on-line behavior. If that's you, I suspect any money outlaid on the best security protection may prove to be a wise investment.
For those whose main internet usage is email and surfing to well known web sites, the situation is different; I suspect you could safely rely on free security products to give you all the protection you need.
See you next month.
An HTML edition of
Support Alert is coming soon. It won't replace the current all-text
version rather it will be an option. When it's all set up I'll make an
announcement in the newsletter. Meantime, I've put up a prototype html
version of this month's issue on the website so you can check it out. In
case my web server overloads I've given an alternate location below. Any
suggestions for improving the layout of the html version of the newsletter
are most welcome.
As I indicated a
couple issues back, I've decided to make my well known "46 Best-ever
Freeware" list public rather than keep it just for Support Alert
subscribers. I've now cut the list back to exactly 46 utilities and put
the remaining 18 or so in a new extended list that IS just for subscribers
- so bookmark it but please don't circulate it. Both lists have been
recently updated. Here are the links:
Here you'll find
an excellent collection of usage tips, how-to guides and solutions to
common problems. Check out the FAQ, it's excellent.
In the past I have
mentioned sites like DropLoad.com and YouSendIt.com that allow you to send
very large files to individual recipients. This site handles the related
problem of sending one file to many users. It's a free hosting service
that allows you to upload a file up to 30MB which can then be downloaded
by many folks without limit. In other words, free bandwidth. There are
some constraints on speed and the number of concurrent users and, if
that's a problem, you can upgrade to a premium level of service at modest
cost. If you want some serious free bandwidth, check out the second link.
guide not only shows you how, it also shows you some clever things you can
do with your bootable USB.
contributor Richard Thomas writes, "This  is a useful site Gizmo. You
can upload a suspicious file and have it checked by several virus scanners
and then have a report emailed to you." Thanks Richard, nice find - though
I wish they documented exactly what AV scanners they use. That's one of
the reasons I like the service offered by jotti.org  which uses 13 top
of the line AV products to scan the suspect files you submit.
This is a neat
idea. Create a valid email address by simply making-up the first part of
the address and then adding the suffix "@mailinator.com." You can then go
this site and collect any mail. It's free and you don't need to open an
account as it's created when mail arrives to the inbox of your made-up
** Additional Items in the SE Edition **
CastleCops is one of best security sites on the web and its forums are a goldmine of useful information from experienced and knowledgeable users. Be warned though that, like all forums, there are always a few loudmouths amply displaying their lack of real understanding. http://castlecops.com/
have recently written telling me about the involvement of big corporate
players, including publicly listed companies, in distributing Spyware.
Leib Moscovitz sent this link  about a major scandal in Israel where
dozens of leading companies have been named as suspects in a massive
industrial espionage scheme which involved planting Trojan horse software
in their competitor's computers. Gail Tuft, who spends a lot of her time
in spyware removal, wrote separately to say, "Many of the malware products
are now using full blown rootkits and RATs as part of the install. Some of
the main malware providers are listed on the stock exchange and are highly
profitable with substantial IT companies as shareholders." Gail provided a
link  to the website of Ben Edelman that provides a running commentary
on the culprits. Folks, the days of the pimply teenage hacker are fast
fading. The enemy today is more likely to be wearing an Armani suit.
This site will
provide a comprehensive DNS report for a given domain name. Everyone with
a web site should use this to see if there are problems they don't know
about. Amazingly comprehensive.
Ever send an email
only to regret it later? We all have, but this service allows you to
change the content of your email after it's sent. It works by storing your
email as a web page on a server. The recipient just gets a link to the
page. I tried the free account (20 emails per month) and it works as
advertised. I can't see myself using this for my normal email but I can
envisage occasions when it would be very handy.
Sick to death of
Adobe's slow, bloated PDF Reader? If so then check out the Foxit Reader.
It's small, loads in flash, supports bookmarks, has search capability,
offers many views and runs on any version of Windows. On top of that it
can print PDFs as well. It runs without installation too, so it's ideal
for your toolkit CD or USB flash drive. Thanks to subscriber Mark
Donaldson for the suggestion. Freeware, all Windows versions, 915KB.
This is a
surprise. The latest version of the Microsoft Search ToolBar offers
Internet Explorer V6 users tabbed browsing. Don't get too excited. First
it's not a complete tabs implementation but a rather minimal effort with a
tacked on feel. Second you'll also end up installing MS Desktop Search as
part of the package. Finally who really wants MS web search when Google
search is so superior?
I'm not a great
fan of hotkey programs for a couple of reasons. First, I keep forgetting
the key assignments, second, I find I run out of free key combinations
very quickly. SlickRun solves these problems by using "magic words" rather
than hotkeys. It places a tiny text box on your screen and when you type
specially assigned words into the box, they will launch a program, go to a
web site or whatever. For example if you type "mail" it can launch your
mail reader. Type in "46" and it can take you to the web page of the "46
Best-ever Freeware Utilities." Of course, it's up to you to define these
magic words and you can have as many as you want. It all works very neatly
with some really nice touches like auto-complete for your magic words
which means you only have to type in two or three letters and SlickRun
will complete the rest. Nice too, is an eyedropper tool that allows you to
identify a program you want to "hotkey" just by clicking in its
application window. There's also a built-in note jotter and a calendar
date display. All this in a tiny 168KB. Highly recommended. Freeware, Win
98 and later, 168KB.
I've been using
WordWeb for a couple of weeks now following a tip from subscriber Paul
Castelli. I've seen enough to say this will be one of the rare utilities I
review that ends up staying on my PC. So what does it do? Well, it's not a
spellchecker so let's get that out of the way. If that's what you want,
check the next item below. Rather, WordWeb is an enhanced dictionary and
thesaurus. I say "enhanced" because it does some tricky extra things like
showing only the relevant synonyms and related words according to whether
they are noun, verb, adjective or adverb. It can also find words by
pattern match or dictionary adjacency. Usage is simple: just select a word
in any document and click the WordWeb tray icon. Immediately you'll get a
popup with the word's meaning and synonyms. Overall, it works efficiently
and elegantly to help you find the just right word to use in your written
reports. It makes the dictionary and thesaurus in Word look like a useless
half-baked pile of junk. This is an essential tool for anyone who writes.
It's free for non commercial use. A Pro version with an enhanced
dictionary costs a mere $19 and is well worth buying. Windows 95 and
I use an excellent
free extension for FireFox and the Mozilla Suite called SpellBound 
that will check the spelling in any web form. Make sure you follow the
installation instructions carefully. Internet Explorer users can use the
new Google Toolbar  which includes a quite usable spell-checker or,
better still, install the free plug-in IESpell , a long time fave of
mine before I moved to Firefox.
Rootkits are a
special kind of software tool used to hide Trojans, viruses and other
malware from your anti-virus scanner and other security products.
Unfortunately, they are extremely effective which means that some of you
reading this now will be infected even though you believe your PC to be
totally clean. Thankfully, there is a new class of security products now
available called rootkit detectors that use specialized techniques to
detect these dangerous intruders. Most of these detectors require quite a
bit of technical skill to interpret the results but one of the simplest to
use and most effective is also free. It's called BlackLight and is
currently available as a free beta from F-Secure until the 1st of July
2005. I suggest everyone download this product and scan their PC. The
chances of you being infected are small but for five minutes work it's not
worth taking the risk. Free, 911KB.
In issue 121 I
gave a glowing account of Google's free web accelerator software but noted
that Google was not currently offering downloads as they had enough beta
users for the moment. Subscriber Deepankar Dheer has written in to say
that you can still download the software from another site  and that it
works fine. Before you do, I suggest you re-read my comments  from last
month. Freeware, Windows 2000 SP3 or later, 1.4MB
** Additional Items in the SE Edition **
No it's not
IrfanView. Irfan is a product about which I have mixed feelings. That's
why it's been in and out of my "46 Best Freeware" list several times. It's
an amazingly capable product but it just doesn't work the way I want it
to. Thanks to subscribers Neil Champ and Brett Lavoie I've now found a
better product called XNView. Like Irfan it is very versatile; it can read
and display nearly 400 types of graphic files and convert any of these to
over 50 formats. It displays pictures very quickly and these may be viewed
full screen, as slideshows or thumbnails. It's quite capable at processing
images, too; you can adjust brightness, color, apply filters or effects,
crop photos, re-size, convert format and more. These operations can also
be carried out from a batch file, which makes it ideal for converting
large digital photos to smaller sizes for the web or emailing. It supports
drop and drag, has many plug-ins, is available in 44 languages and has
full cross-platform support including Mac. That's all very nice but to me
its main selling point is that it is intuitive to use, something I could
never say about IrfanView. Yup, this one is a winner. Free for
non-commercial use, all Windows versions plus many other platforms. The
standard version for Windows is 3.3MB but I suggest you download the
complete version with all plug-ins which weighs in at 6.8MB
subscriber Jay Eitelman for this suggestion: "Gizmo, I've switched from
using Adobe Audition to using Audacity. It does all the recording and
editing I need, and is much simpler/faster to use. Check out the noise
reduction - it even allows you to select a noise profile - then remove the
profile - just like Audition. " Thanks Jay. I note that, according to the
web site, Audition will also "record live audio, convert tapes and records
into digital recordings or CDs, edit Ogg Vorbis, MP3, and WAV sound files,
cut, copy, splice, and mix sounds together and change the speed or pitch
of a recording." Pretty impressive for a freebie. Free Open Source,
Windows 98 and later (plus MAC and Linux),
Last issue I
mentioned a site that allows you to download PDF files of graph paper
which you can then print. This prompted subscriber Mike Moore to write in
about a free utility by Philippe Marquis called Graph Paper Printer 
that allows you to do the same thing on your PC. Actually, it does much
more: it allows you to produce custom designs using any repeating pattern,
not just a rectangular grid. There is an even more advanced version
available that will print non-rectangular pages but that's not free.
Subscriber Jennifer Crawley also wrote in about a related program  that
converts any graphic to a knitting, crochet, needlepoint or cross-stitch
pattern. An interesting idea though not something I'll need any time soon.
Version 5 of Lupas
File Rename has just been released. It's a complete rewrite that runs
faster and has many new features including much greater support for EXIF
and MP3 tags, the recursive renaming of folders and support for regular
expressions in the file mask. So how does it compare to "Flexible
Renamer", my other favorite bulk re-namer? It's a close call. Lupas seems
to me to be easier to use for simply renaming files while Flexible Renamer
has the edge with tags. Flexible Renamer can also bulk change file
attributes while Lupas can't. It also runs without installation, a
definite plus. Freeware, Win 98 and later, 742KB.
Got some favorite
utilities to suggest? Send them to mailto:firstname.lastname@example.org
the 14th of June, MS released a batch of 10 security updates including
three rated as critical. The critical updates include an Internet Explorer
cumulative update, a problem in Windows Help for Win2k and later Windows
versions and a serious flaw in SMB for Win2k and later. Full details can
be found at the link below. Users with the Windows Update service set to
automatic will receive the updates over the next couple of days. All other
users should visit the Windows Update site immediately and update
Secunia  is
carrying details of an old and long-fixed Mozilla flaw mysteriously
re-appearing in the latest version of Firefox and Mozilla. It's a frame
injection flaw that could allow an attacker from a hostile site to insert
information over the top of a screen belonging to a legitimate site. This,
to the user, would appear to be coming from the legitimate site. It's easy
to see how this could be used to collect passwords and other sensitive
information. No fix is yet available but Firefox users can overcome the
problem by installing the free TabBrowser Preferences extension  and
set the "Open links in" option to "New Tab." Similar cross scripting and
frame injection flaws plague Explorer and other browsers which is why I
have been advising that you should make a practice of logging-on to secure
sites with only a single browser window or tab open. That way you are
totally safe from this class of problem.
NetCraft has been
offering their free anti-phishing tool bar for Internet Explorer for some
time and it's now available for FireFox as well. The toolbar provides
users with a "trust rating" for sites they visit based on information
collected by NetCraft and held on their central servers. It all works well
enough but I really am not keen on this kind of product. To me, they
provide a potentially false sense of security. What happens if you visit a
new bogus site that's not yet in the database? No, folks, there is a much
better way; simply adopt the practice that when you receive an email from
a financial institution requesting some action on your part, confirm it by
phone with that institution. Don't use the phone number in the email,
either; use directory assistance. Follow this simple practice and you can
never be defrauded by phishing scams.
In separate advisories Sun Microsystems has
announced fixes for two potentially disastrous flaws in it's widely used
JRE (Java Runtime Environment). The flaws could allow an attacker to read
and write files or execute applications on a victim's computer by using a
suitably crafted web-based java program. The vulnerability affects J2SE
releases 5.0 and 5.0 Update 1 for Windows, Solaris and Linux, and J2SE
1.4.2_07 and prior 1.4.2 releases for Windows, Solaris and Linux. ALL JRE
users (and that means almost everybody) should update to J2SE 5.0 Update 2
or 1.4.2_08 using the third link below. Hint: Don't download the SDK
Oh, this is so
lustworthy. Imagine a genuine Swiss Army knife combined with a genuine USB
2.0 flash drive up to 1GB in capacity, all bundled in a pocket
knife-sized shell. The flash drive data transfer rate is excellent and
it's got some nice bundled software as well, including password protection
and a syncing application for your My Documents folder. Tools include
scissors, a file, screw driver, LED mini-flashlight and even a pen.
Available in ruby red or stainless steel finishes, the 1GB version of the
SwissMemory USB Victorinox has a street price of around $129.
Google labs is
offering a new feature that allows users to customize the Google home page
with content of their choice. Options include news from the NYT, BBC,
SlashDot, weather, stocks and more. Also new is the just-released version
3 of the Google Toolbar that offers several new features including the
ability to spell-check any text you enter into web forms. Other
enhancements include a translator and Autolink, a controversial feature
that turns street addresses into maps. Unfortunately, these features are
only available (at the moment) for the Internet Explorer version of the
Google may be
taking over the world but not without a fight from Yahoo!. Their latest
offering is MindSearch, a web search enhancement that separates commercial
search results from pure informational sources. I found it quite useful
for researching topics such as "web servers" where there is a lot of
commercial clutter. New, too, is PhotoShare, an add-in for Yahoo! Mail
that provides a clever solution to sharing photos by email. In essence it
allows you to easily insert thumbnails of photos in your email. If the
recipient clicks any thumbnail, a larger photo stored at Yahoo! Photos is
displayed. Recipients can use any email client including web mail. As
Yahoo! Photos offers free unlimited storage for your photos, it's quite an
attractive solution for the perennial problem of emailing snaps.
Wattnem had this to say: "Gizmo, This has to be the most powerful free
people finder out there. It even finds unpublished phone numbers. Scary."
Thanks Erik and, yes, it is scary. It reveals age, phone number and street
address. Pay up and you can also get a full background check.
Sniglets are tech
terms that aren't in the dictionary but should be. An example is "analog
retentives - those people who obstinately cling to outmoded technology."
Many more here:
Thanks to Mike
Wolf for the first link. The second link will make you smile. The third is
so silly it's almost fun.
** Bonus Items for Supporters **
In issue 120 I gave some links to sites that show you how to reveal the full headers in email. This site explains in simple English what all those headers mean. http://www.stopspam.org/email/headers.html
Sick of all that
useful search content getting in the way of the Google ads? This site will
remove the annoying content so you can fulfill your true destiny as a
Here's an excellent set of articles on ensuring anonymity while using the internet. http://www.governmentsecurity.org/articles/AnonymitycompleteGUIDE.php
Some quite useful
products here with regular new additions.
Most folks use the My Documents folder to keep all their personal data. Unfortunately, this folder is by default located on the C: drive, the same drive that contains the Windows operating system.
Storing these two things together on the same drive is not a great idea for several reasons. Here are just two:
First, your personal data is very likely to be growing in size while Windows is not. In this era of multi megapixel digital photos you are in real danger of filling up your C: drive. This progessively degrades Windows performance. Sooner or later you'll fill up the disk and have to make more space by deleting some of your personal files or get into the complex and problem-fraught exercise of increasing the size of your primary disk partition.
Second, it complicates backup. Your personal data is changing all the time while the Windows operating system changes much less frequently. That means your personal data needs to be backed up more frequently than Windows. With both on the same drive you'll end up making very large drive images and having to create them more frequently as well. Similar comments apply to disk defragmentation. Mixing your personal data with Windows increases the need for defragging and results in a slower defrag.
Nope, leaving your My Documents folder on the C: drive is like storing your washing powder with your vegetables. Quite possible, but not a great idea.
Now, many folks have only a single partition of their hard drive; that is, their only hard drive is their C: drive. These folks can't move their My Documents folder. They could of course re-partition their drive but that's a complex issue I'm not going to address here.
If you do have two or more partitions on your hard drive, or if you have more than one hard drive, it's quite easy to move your My Documents folder to another drive or partition.
You will, however, need enough free space on the second drive/partition to accommodate all your documents. To find out, go to My Computer and click on View/Details and make a note of the free space available on each partition or drive. Make sure you don't get confused by your CD drive. You can't move your My Documents folder there!
While still in My Computer, right-click on My Documents and select Properties. After a few seconds you should see the folder size shown. If two figures are shown with one in brackets, note the larger figure. That's the amount of disk space you will need.
Now make a decision which drive you'd like to move the My Documents folder to. Make sure there is enough disk space. Let's say you selected the D: drive.
Click on the Start button and then right-click on My Documents and select Properties. If there's no My Documents in your start menu then right click on the My Documents icon on your desktop instead.
When you've clicked on properties, select "Move" and then navigate to your D: drive. Select the drive letter and then click "Make New Folder." Enter "My Documents" as the folder name and hit Enter and then OK. Windows will then ask you whether you want to move your documents; click Yes.
Moving your documents make take some time. Once moved, though, you can access them normally from the "My Documents" icon on the desktop or elsewhere.
In the process you'll free up a lot of room on your C: drive. Defrag the drive so it can be utilized by Windows in the most effective manner.
information you can consult this Microsoft document.
The ideal time to relocate the My Document folder and other system folders is when you have just bought a new PC and have yet to load your data or applications. It's something to bear in mind when you get your next PC.
Products in this class are among the most useful of all PC utilities because they allow you to complete the common task of filling in web forms and logins by simply clicking a button.
They work by saving user IDs, passwords and other information needed for individual sites in encrypted form for later retrieval. To login to a site you only have to type in a single master password to allow retrieval of the specific password information for that site. This information is then used by the program to automatically login.
This greatly improves security by allowing different passwords to be assigned to individual sites without the need to be remembered while at the same time making logging in easier and quicker.
There's no doubt that RoboForm  is the stand-out product in the category; it's full featured, easy to use, seamlessly integrated into both Internet Explorer and FireFox browsers and is constantly being enhanced by the developer. It also allows your saved passwords to be moved between PCs which is very convenient when using multiple machines or upgrading.
I do have a major reservation though:
The free version allows only 10 forms or passwords to be stored. This used to be 30 in earlier versions which was adequate but 10 is way too few for most users and they will be eventually forced to shell out $29.99 to buy the full product.
This reservation aside, it is a fabulous product that saves me time every day. Try it. You'll be amazed how much time it will save you, too.
Note: If you use Internet Explorer, there's some good news: the last free version of RoboForm (V4.6.8) that allowed 30 passwords is still floating around the web  and works perfectly well.
FireFox users are
out of luck as you can't use this version with the current FireFox. Don't
despair, though. Check out the open source program Freepass . It's not
nearly as well integrated into your browser as RoboForm but it's a very
good product that works without any limitations at all.
** Bonus Freebie for Supporters **
I'm recommending two utilities here, each covering a different situation:
The best freeware program I've found for recovering already deleted files is Brian Kato's Restoration. It works with FAT and NTFS file structures and runs on any version of Windows from 95 onwards. As a bonus, it requires no installation which means you can run it from a USB drive, CD or floppy. In fact, that's exactly where you should run it from as installing it on your hard drive will reduce your chance of successfully recovering your deleted files.
If you want to
protect your computer from future accidental deletions, check out
SysInternals' Fundelete. It overcomes the annoying limitation in the
Windows Recycle Bin that only allows you to recover files deleted from
within Windows Explorer. Fundelete allows you to recover just about all
deleted files including files deleted in applications.
Got some top sites
and services to suggest? Send them in to mailto:email@example.com
The best way to manage your SE Edition subscription is from the Supporters' section of the Support Alert website.
There you'll also
find all individual back issues, a downloadable back issue archive, plus a
growing list of resources exclusively available to Supporters.
The Supporters' area is protected. To log-in, use the security information sent to you when you first subscribed or in subsequent update messages.
If you no longer wish to receive this newsletter, send me an email at firstname.lastname@example.org. Remember to state the email address at which you are currently subscribed.
To change your delivery email address, go the Supporters' area of the website. There you can manage your subscription on-line. http://www.techsupportalert.com/supporters/private.htm
Receiving duplicate issues? If you are receiving an unwanted copy of the
free edition of this newsletter, you can cancel that subscription by going
Note that the free and paid editions are totally different publications so you can unsubscribe to the free edition without any chance of impacting your paid subscription.
You can renew your subscription to this premium SE Edition here: http://www.techsupportalert.com/resub.htm
Thanks to subscriber A. Belile for proofreading this issue.
You can contact
this newsletter by snail mail at:
Content of this
newsletter is (c) Copyright
See you next issue.