Support Alert
                       Supporter's Edition

                 Your pointer to the very best
                  tech information on the Web

                   Issue 92 - 5th February, 2003

     Support Alert is a 100% subscription-only newsletter.
    Un-subscribe instructions are at the end of each issue.

Quote of the Week

"Applying computer technology is simply finding the right wrench
to pound in the correct screw."




Hi Supporters. As a gesture of appreciation,  I've made this issue
double length rather than the normal 30-50%.   I'll try to make future
issues as long as I can, but ultimately the need for a full night's
sleep will intervene ;>). Hope you enjoy the issue.  Gizmo.


If you are deleting your spam, I suggest you stop right now.

Spam has suddenly become valuable.

In fact, instead of deleting it, you should be storing it away
in a special folder.

You see, the upcoming generation of spam mail filters needs to
be taught the difference between real mail and spam. This
process works far more effectively when the filter learns from
YOUR mail and YOUR spam.

Just like your real mail, your spam is unique to you. This may
sound strange but it's not.  Spam is not sent randomly. Each
spam campaign is sent to a list. There are of course, many lists
and your name may be on several but hopefully not the lot.  You
will be on one collection of lists, I will be on another.
That's why your spam is different to mine.

For example, my neighbor Fraser gets inundated with porn spam
while I get only a few. I get flooded with Nigerian scam spam
while he's never received one.

Smart spammers have started tweaking their spam mailers so they
pass through generic spam filters.  Commercial services have
already sprung up that tell spammers what filters will intercept
their planned messages. Using these tools, a spammer can easily
craft a message to that will not be detected as spam.

But because your mail is unique and your spam is unique, it's
not practical for spammers to craft a message to get through a
filter calibrated to your unique settings. You are relatively

Of course this only makes sense if you have a mail filter smart
enough to be able to calibrate itself to your unique mail
characteristics. Most current filters don't.

Sure, most filters "learn." As mail comes they add to your
personal whitelist and blacklist. But that's a different process
and doesn't directly affect the simple rule-base used for
classifying text as spam. This rule-base is either fixed or
updated periodically from a central server based on generic
averages rather than your email. Most spam filters are, in this
sense, dumb.

Leading the smart filter charge are the new "naive Bayesian"
filters. Early examples include products like POPFile,
Spammunition and Spam Bully all of which are based on an
adaptive filter technique outlined by Paul Graham.

But this is just the start.  Gary Robinson has recently made
suggestions for improvements to Graham's method using a
technique that rejoices in the wonderful name of "modified
bogofilters."  Others more refined methods will soon follow.
Even traditional "classification" filters like SpamAssassin are
now adding Bayesian capabilities.

All these adaptive spam filters require sets of spam and non-
spam email for training.  They calculate the probability of a
message being spam by first breaking up the message into
individual words or tokens each of which is assigned a
probability of being spam based on the relative occurrence of
these words in the spam vs. non-spam training sets. The spam
probabilities of the most common set of tokens in the message
are then combined to form an overall probability that the
message is spam.

One of the many intrinsic virtues of this approach is that the
word or token probabilities can be easily calibrated to your
unique mail characteristics. For example the word "nigeria"
would have a high probability of being spam in my mail, but a
much lower one for my neighbor Frasar.

I've being testing three naive Bayesian filters now for over a
month and they show great promise. In particular, the rate of
false positives has been astonishingly low. For one of the
products I tried, it has been nil across a sample of nearly 1000

Am I impressed? You bet.

Folks believe me. Stop deleting your spam. Instead simply move
it to a dedicated spam folder. You are going to need it.

Gizmo Richards

PS If you want to read more and you are not scared of a little
maths, then check out Paul Graham's "A Plan for Spam" at
http://www.paulgraham.com/spam.html. I've also featured a review
of the top rated Bayesian Spam filter in the Supporter's Edition
of this newsletter.



 - Windows XP Tips from Microsoft
 - Free Windows 2000 Cram Sheets
 - Top Online Application Vulnerabilities
 - Alternative Downloads
 - 50 Ways to Leave Your Buffers

   ** Additional items in Supporter's Edition **
 - Commercial Software for Free
 - How Fast do You Really Surf
 - Messenger Spam Vulnerability Test
 - Easy Way to Set Up a Linux Firewall
 - Best Free Web Site Resources

 - Free XP Systems Utilities
 - Collect Your Yahoo Webmail from POP3
 - Trojan Hunter Updated
 - Batch Process Digital Images for Free
 - Ad-aware 6 Released
 - Excellent Free Scumware Remover

   ** Additional items in Supporter's Edition **
 - The Best Spam Filter Yet? 
 - Free Utility Kills Instant Messaging Viruses
 - How to Remove Desktop Clutter
 - Free Sticky Notes Utility
 - Free Digital Photo Album Organizer
 - Add Tabs to Internet Explorer

 - Spammers Grab Hotmail and MSN Addresses
 - Browser Hijacking Menace Spreads
 - Critical Flaw in MS Locator Service (MS03-001)
 - Open Source CVS Vulnerability

 - Cheap Wireless Broadband Router
 - Run Your ATA Drive from USB
 - Stealth Technology Breakthrough
 - New CD-RW Standard
 - Mobile Phones Damage Rats Brains
 - Self Healing Software
 - Remove Windows XP CD Autorun

   ** Additional items in Supporter's Edition **
 - Tiny Scanner for Road Warriors
 - Fake Email Addresses for Your Personal Use
 - Understand Recordable DVD Formats
 - Make Your PC Quieter
 - A Really Easy to Learn Programming Language
 - Fix Corrupted IE and Outlook Express Files
 - Free Secure Erase Utility
** Additional freebie in Supporter's Edition **
 - An Entire Suite of Windows Software for Free



Windows XP Tips from Microsoft
Dozens of XP Pro tips including a sneaky way to bulk rename
files. I didn't know you could do that it Windows. Guess you
learn something every day.

Free Windows 2000 Cram Sheets
Most certification sites charge for exam cram sheets but this
one is giving away sheets for the Windows 2000 core exam for
free. I checked them out and they are excellent.

Top Online Application Vulnerabilities
The Open Web Application Security Project (OWASP) has just
released a report listing the top ten vulnerabilities. A useful
tick list against which you can evaluate your applications.

Alternative Downloads
Shareware downloads often fail due to overloaded or unavailable
servers. If you know the file name you want, this sites lists
alternative mirror sites for your download.  Also a great site
for users of GetRight and other file splitting programs.

50 Ways to Leave Your Buffers
At this site they have listings all the Microsoft Security
Bulletins by year.  This is the 2002 page.  It's a good way to
cross check you've not missed any of the 71 (sic) advisories
issued.  Probably a good way to get depressed as well, unless
you are a UNIX user that is ;>)

** Bonus Items for Supporter's **

Commercial Software for Free
Many commercial software products started life as freeware. You
can still locate many of these original free versions at the
Internet Archive, which has captured snapshots of the web at
different points of time for research purposes.  Just enter the
software vendor's web site address and with a bit of luck, you
may be able to locate and download a free version.

How Fast do you Really Surf
The high data rate you get when downloading a big file is not a
reliable measure of how quickly you can surf. This site offers a
free test that measures your connection speed to 40 different
sites worldwide. Be prepared to have your ego deflated ;>)

Messenger Spam Vulnerability Test
To see if you are vulnerable to this insidious form of spam,
just click this link. This site also offers a wealth of
information about how you can protect yourself.

Easy Way to Set Up a Linux Firewall
Just follow this useful guide from TechRepublic:

Best Free Web Site Resources
I've been building Web sites for years. Here are some of the
best services I've found:
The Best Totally Free Web hosting with No Ads:
The Best Free Website Statistics:

Got some top sites to suggest? Send them to


Free XP Systems Utilities
Free backup, drive cloning, partition image and registry cleanup
utilities form part of this awesome collection of free software.
Note: Windows XP only.

Collect Your Yahoo Webmail from POP3
I've been a long time user of the commercial shareware program
Web2POP to collect my Yahoo webmail mail from Outlook. I've just
changed over to the freeware product YahooPOPs! that does the
same thing for free. It works from any POP3 email client, is
available for a variety of operating systems, it runs faster
than Web2POP and as an added bonus has more features as well.

Trojan Hunter Updated
I've long held that Magnus Mischel's Trojan Hunter program to be
the best designed and implemented anti-trojan available. Well
it's just got even better. He's just released version 3.0 that
features a slick new user interface, a script checker, heuristic
scanning, an improved LiveUpdate utility, UPX unpacking and a
command line scanner.

Batch Process Digital Images for Free
Irfanview is a free multimedia viewer and editor that supports a
huge range of file formats. Each new version seems to add more
capabilities but to me, its most powerful features are its speed
and its batch processing capability.  If you want to resize sets
of digital images for the web or for transmission by email,
Irfanview is the best free solution available.  It's also a
mighty fine image viewer as well. I just can't believe something
this good is free.

Ad-aware 6 Released
The long awaited upgrade to the popular adware and spyware
killer is finally out, though if you want the free version
you'll have to wait until later this week. The versions
currently released are Ad-aware Plus 6 at $26.95 and a network
version at $39.95. Both versions feature a real time monitor in
addition to the normal scanner. The free version, I believe, has
no monitor. Upgrades are free to registered users of previous
versions. No trial downloads appear to be available so if you
want these products you'll have to purchase them. Alternatively,
just wait a few days for the free version.

Excellent Free Scumware Remover
Thanks to the readers who suggested I stop waiting for the
update to Ad-aware and start using Spybot's free Search and
Destroy program instead. Well I took your advice and can report
that S&D is indeed, an excellent piece of work. It scans for a
wider range of pests than Ad-aware and caught a number of
nasties on my PC previously missed. Removing them was
effortless. After testing the standard product, I downloaded the
latest beta version. This clearly moves S&D into a different
league as it offers a monitor for active protection against a
wide range of malware products including some nasty ActiveX
exploits. Final judgment will have to wait until I test Ad-aware
6 but at this stage, S&D is definitely the front runner.

Free Cookie Cruncher
PC Magazine has just released the latest version of their
popular Cookie Cop Program. The new version (2.2) features some
significant enhancements including the ability to transform
"permanent cookies into session only cookies that don't leave
any crumbs." Also new to the latest version is popup ad blocking
and the capacity to wipe clean referrer information that is
passed from one web site to another.

** Bonus Items for Supporter's **

The Best Spam Filter Yet?  **Hot Product Alert**
Over the last few weeks I've been testing three new spam filters
that utilize the naive Bayesian methodology. Easily the best is
Spam Bully which comes as an add-in for Outlook and Outlook
Express. I've only tried the Outlook version and I'd have to say
the integration was seamless. Once installed Spam Bully
inconspicuously filtered all incoming mail silently placing any
spam into a separate spam folder.

An outstanding feature of this produce is that it almost never
wrongly classified my real mail as spam. I say "almost" though
it didn't in fact, misclassify a single one in a sample of 1103
messages. But I guess it will happen sooner or later. This is an
outstanding performance - easily the best of ANY mail filter
I've used.

Its ability to correctly detect spam was not as initially as
impressive. In the first ten days it correctly picked 291 out of
346 spam messages, a detection rate of 84%. I'd rate this as
average for spam filter products.  However during the last week
I was achieving rates in the high nineties, which is really
excellent. Partly this was because I used more aggressive filter
settings and partly because Spam Bully learns from its mistakes

Spam Bully includes a host of useful features including the
ability to bounce messages and send confirmation requests.
Stability was excellent particularly for a product still very
much in the early stages of its development.

If you are sick of spam filters mistaking your real email as
spam, and you still want cutting edge spam detection, go get
Spam Bully now. However you'll need to be patient while the
product is learning and you'll also need some more patience to
accommodate some of the minor implementation glitches of a brand
new product. These caveats aside, I can recommend this product
heartily. It's now my spam filter of choice.  Spam Bully costs
$29.95 but a full featured 14 day trial version is available.

Free Utility Kills Instant Messaging Viruses
If you use IRC or instant messaging then you should check out
SOFTWIN, a company that provides a number of totally free anti-
virus utilities than scan all data transfers associated with IM
products.  All the utilities make use of the virus signature
databases from the BitDefender Professional anti-virus product
so signature file updating is simple. There are versions for MSN
Messenger, NetMeeting, ICQ, mIRC, and Yahoo! Messenger.

How to Remove Desktop Clutter
Desks at Will is a Windows utility that provides a similar
function to the Virtual Desktop Switcher so beloved by UNIX
users.  I set up three desktops: one for web design, one for
compiling the newsletter and a general desktop. This division
certainly freed up a lot of desktop real estate. With DAW, I
could switch between desktops instantly though not without a few
minor display formatting problems. This is a useful utility IF
your desktop icons naturally group into different functions.
Also serves as a pretty convincing "Boss Screen" utility. DAW
costs $22.50 but is available for free 30 day trial. (1.3MB)

Free Sticky Notes Utility
Some people hate these programs others swear they can't work
effectively without them. I used to be in the first category but
with so many things on my plate these days, I'm slowly being
converted.  The function that I find really useful is the
reminder that pops up at a designated time and date. Simple
things like "put up the latest issue on the web site." Turbonote
is a freeware utility that provides me with just about every
function I need. The same company sells an enhanced version but
the free version (v3.9) will suit most folks, me included.

Free Digital Photo Album Organizer
Jasc, makers of the popular Paint Shop Pro currently have a
public beta available of their new product Paint Shop Photo
Album. This is designed to help you quickly process and organize
your digital photos and it succeeds admirably.  The program is
now in the late beta stage and I suggest you grab a free copy
before it becomes a $45 product.

Add Tabs to Internet Explorer
Mozilla, Opera and various other modern browsers provide tabs so
that you can easily switch between browser windows. Once you've
used this system, it's so natural that it's hard to do without
it. Now Internet Explorer users can have tabs too with WebTools,
an excellent shareware ad-in from Microgarden.  After using it
for the last two weeks, I can state that WebTools will stay on
my PC permanently. If you are using IE 5.5 or above, do yourself
a favor and try this product.  At $14.95 it's a steal.  Get the
free trial version here:

Got some favorite utilities to suggest? Send them to


Spammers Grab Hotmail and MSN Addresses
If your Hotmail account is flooded with spam, here's a possible
explanation. The anti-spam site, Spamhaus, has reported that
both Hotmail and MSN are open to dictionary based password
attacks. Hotmail alone has supposedly been probed over 52
million times in the last 5 months. Even with a 2% success rate
that's over a million broken accounts.  Good reason to get a
stronger password. or switch to Yahoo mail who offer a better
deal anyway.

Browser Hijacking Menace Spreads
Ever had your browser home page mysteriously changed? Well
that's just a basic form of browser hijacking, a new type of
scumware activity that is becoming increasingly common.  Other
common symptoms include unsolicited downloads, the addition of
unwanted shortcuts and the modification of default search pages.
One of the prime offenders is Xupiter, a superficially innocuous
search bar offered as a free download and bundled in with a
number of ad-supported freeware products. To make matters worse,
some hijackers are designed so that that they cannot be manually
uninstalled. If you have a Xupiter or other scumware infection,
you can find out how to remove your unwanted guest here:

Critical Flaw in MS Locator Service (MS03-001)
Since I've been editor, I can't recall a single issue of this
newsletter that hasn't carried news of yet another Microsoft
buffer overrun problem. This issue is no different. This flaw is
in Locator, a name service that maps logical names to network-
specific names in 2000 and NT domain controllers. Utilizing the
vulnerability, an attacker could execute code of choice. Windows
NT, 2000 and XP workstations are also affected but the risk for
these devices is rated only as "moderate."  Patches are now
available here:

Open Source CVS Vulnerability
CERT have issued an advisory about a defect in CVS, a widely
used version control and collaboration system used by open-
source software development projects. The vulnerability could
allow an attacker with anonymous, read-only access to a CVS
server to execute arbitrary code, mount a DOS attack or even
tamper with open source programs.  Vendor specific patches are
now available. Full details here:


Cheap Wireless Broadband Router
Thanks to subscriber Val Clark for telling me about the new
Linksys WRT54G, a combo access point, router and 4 point switch
which handles both the IEEE 802.11b and the news 54Mbs IEEE
802.11g standards. The price is amazing.  Val paid just $129.99
from CompUSA but I notice that it's even cheaper at ecost.com
where its sells for $122.99 with free shipping! That's a lot of
function for the money.

Run Your ATA Drive from USB
Why buy a dedicated USB external drive unit when you can use
this external casing kit to connect up any ATA drive including
hard disks and CD drives. With a street price of around $80 this
is a cost effective solution particularly if you already have
some old ATA drives lying around.

Stealth Technology Breakthrough
A new way to sneak out of the office without being seen?

New CD-RW Standard
The Mt. Rainier format is a new standard for direct operating
system support of CD-RW drives that includes, among other
things, proper media defect handling. The first drives are
already on the market. This is going to be big. Read more about
it here:

Mobile Phones Damage Rats Brains
An authoritative Swedish study has demonstrated brain cell
damage in adolescent rats after only two hours exposure to cell
phone cell radiation. Worrying, very worrying. Is Wi-Fi next?

Self Healing Software
IBM has announced new versions of its DB2 and WebSphere software
products that utilize the "self-fixing" technology from IBM's
autonomic computing initiative.  The aim is to allow MIS staff
to concentrate on running daily operations while the servers and
software look after themselves, even in the event of software or
system failure. While I welcome the idea of self healing
software, I'd settle for software that just works OK right from
the start ;>)

Remove Windows XP CD Autorun
Sick to death of Windows XP auto-running every CD you put in the
tray? Can't stop the stupid thing regardless of the options you
select?  Find instructions here how to kill Autorun for good:

** Bonus Items for Supporter's **

Tiny Scanner for Road Warriors
The Visioneer Strobe XP 100 is a portable scanner that weighs in
at just 11 ounces and takes less space than a small folding
umbrella. Despite the size, it scans at 600dpi with 36 bit color
depth. It connects via a USB and derives power from same which
means one less power supply to tote. I'd love one of these but with a streetprice of around $200 it's more for likely to appeal to  
corporate types.

Fake Email Addresses for Your Personal Use
Next time you need a dummy email address for a UseNet posting or
to register at some dumb website, use these addresses allocated
by the IANA specifically for experimentation and testing:
whatever@example.com, whatever@example.org,
whatever@example.net.  Substitute for "whatever" any valid
string of your choice. Any mail sent to these addresses "ain't
going nowhere"

Understand Recordable DVD Formats
Losing track of all those formats for recordable DVDs? Then
consult this useful guide from PC magazine.

Make Your PC Quieter
Like to build a quieter PC or reduce the noise from your current
one? Then check out this useful article from TechRepublic.

A Really Easy to Learn Programming Language
OOK! is the ideal programming language for all those MBAs who
figure they want to learn to program. Its syntax includes only 1
word "OOK", and three elements "OOK.", "OOK?" and "OOK!" each
with their own orang-utan style pronunciation. There's now a
.net compiler for OOK! and you can get that, along with various
sample OOK! programs here:

Fix Corrupted IE and Outlook Express Files
As shipped, Windows XP offers no facility to repair corrupted
copies of Internet Explorer or Outlook Express. That facility
only gets added if you upgrade the products. However there is a
work-around from Microsoft. (Q318378)


Free Secure Erase Utility
Eraser is a free, GNU license utility that will securely erase
files, folders or even whole disks from any Windows or DOS PC.
Eraser overwrites data area with selectable random data patterns
and also wipes data in the paging file, Internet cache,
temporary files, Internet cookies, unused disk space and a
number of other places where data can secretly lurk.  It handles
FAT16, FAT32 and NTFS partitions as well.  Erasing files with
high security will always be a difficult and time consuming task
and can never offer absolute 100% safety. However Eraser makes
the task about as easy as it be, with a security level beyond
most conceivable requirements. An impressive package. (2.6MB)

** Bonus Freebie for Supporter's **

An Entire Suite of Windows Software for Free
GNUWin II is a free software compilation for Windows. This huge
suite features dozens of programs including free alternatives to
many expensive commercial products.  There is Abi Word as an
alternative for MS Word, OpenOffice for MS Office XP, The Gimp
for Adobe Photoshop, Gzip for WinZIP are dozens more.   Taken
collectively there suite provides more than enough software to
completely set up a PC without spending a cent on applications
or utilities.  The suite is available or CD or you download the
CD image and cut your own.

Got some top sites and services to suggest? Send them in
to mailto:supporters@techsupportalert.com


Win $10,000 and a Sony CD Player

If you like this newsletter, why not recommend it to your friends
and colleagues?

If you do, you'll automatically get a chance to win:

1.  $10,000
2.  A fantastic Sony CD Player

You've got nothing to lose and everything to gain.
Just click on the following link:



How to Get Your Money Back from PayPal

When you donated to this newsletter through PayPal, they
deducted $1.95 from your account.  You'll get this back in full,
the first time you use PayPal after you have confirmed your

To confirm your account, you must enter into your PayPal
account, a four digit code that appears next to the $1.95 debit
on your credit card statement. If you have online access to your
credit card statement, you can get the 4 digit code from there.
If not you'll have to wait until your next monthly statement
arrives by snail mail.

It's worth the time to confirm your account. Not only is it
needed for you to get your $1.95 back but you'll also remove all
restrictions on your PayPal account and become eligible for
PayPal's additional $5 bonus scheme as well.

A PayPal account is a bit of a pain to set up. But once you
have, it's the easiest way to buy online, send money to friends
or relatives or to purchase though eBay or other auction. I use
mine all the time.

For more details, check out the email titled "Enter Your Member
Number."  This was sent to you from PayPal at the time you



This edition of Support Alert is only available to those
generous souls who have made a donation to keep the newsletter
ad-free. For donation details click on the following link:
To subscribe to the standard edition of the newsletter, send a
totally blank email to supportalert-subscribe@webelists.com.

To unsubscribe from this newsletter, send me an email at
supporters@techsupportalert.com.  Remember to state the email
address at which you are currently subscribed.

To change your delivery email address, send me an email at
supporters@techsupportalert.com.  Remember to state the email
address at which you are currently subscribed and the new
address where you wish to subscribe.

For lots more free IT newsletters see

This edition of Support Alert was proof-read by subscriber A.
Belile who kindly donated her services. My hearty thanks.

(c) Copyright TechSupportAlert.com 2003