Sunday, July 29, 2012

Windows 8 - Do You Need It?


End of October will bring the introduction of Windows 8. The "new factor" seems to be intriguing to some people.

All Windows XP computers and some early Windows Vista computers are reaching the limits of their useful lifetime or even are outright beginning to fail. I always try to get the customer to compare the cost of a repair to the cost of a new computer. New computers generally are in every technical aspect a multiple of what a computer built for Windows XP was.

Whenever I have to talk to a customer about a new computer I am asked "Should I wait for Windows 8?".

 My current reply is usually along the lines of
  • Currently you can get reasonably priced computers with Windows 7.
  • Windows 7 IMHO is the best operating system Microsoft has ever released.
  • Windows 8 and it's Metro user interface is meant and built primarily for touch enabled devices.
  • You will have to re-learn many things that have become habitually
  • I rather recommend to stay away from the bleeding edge of technical developments.
  • Using a repaired (older) Windows XP computer with Windows 7 or Windows 8 is like attempting to keep up in Chicago's rush hour traffic with a Ford Model T.
I know that you will be able to use Windows 7 at least until January 2020. Yes, Microsoft has firm life cycle schedules available. If you look at these schedules you need to look at the "end of support" dates. In Microsoft's own words:
End of support refers to the date when Microsoft no longer provides automatic fixes, updates, or online technical assistance.
That is the date relevant for the average home user! After that date nobody will want to help you with the "old" operating system anymore.

Conclusions:

If there is any reason to currently think about possibly a new computer please think Windows 7!

If you are confused by the huge number of options out there and/or if you can't stand the quite often incredibly snotty sales people (for example but not only at Best Buy) then please ask me for advice. All my customers have my email address, my phone number and even my postal address. Or you can use the link way at the end of every single article on this blog; it looks like this: Click to send me an Email

As with any and all brand name computers I strongly recommend my Set-Up job. The customers that had me do the set-up job are those I don't hear from for years; that's how I want it to be!

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.


Click here for a categorized Table Of Contents.



Foistware - More Than A Nuisance


The following mainly is an excerpt from my recent article "PDF Creator - Good Bye". If you have read that article you don't need to read this one.

Developers of free software always had the problem of somehow making some money; they have bills to pay too!

Quite often good free software was meant to be an "entry drug", to entice you to later buy the paid version of that software. Users of these programs were reminded at certain intervals or during certain functions like updates to buy the paid version.

Over time these reminders became more intrusive and sometimes even sneakily disguised down to the point of being outright obnoxious. Good examples of the latter are AVG and Avast antivirus programs.

To further the sale of paid versions the developers of these programs made it more and more difficult to upgrade without inadvertently switching to the paid version. 

Another method of attempting to get at least some money was and is soliciting donations from users of the program. Way too few people were willing to part from their $$ for a piece of "free" software, even if they used it daily!

Both aforementioned methods and others apparently did not have the desired effect. Software developers now are prone to look for a more direct method of getting paid.

They fall for the sales pitches of third parties and offer Foistware.

Rather than repeating all the information I point you to a very good description of foistware in this ZDNet article by Ed Bott. I recommend a look at his "Foistware Hall of Shame" as well.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

PDF-Creator Good Bye!


On most computers that I have set up in the past I did install a program called PDF-Creator. It allows very simple creation of a PDF file out of any kind of document. You simply print that document on a virtual printer and voila you have that "printed" document as a PDF file.

PDF Creator still is the same good piece of free software that IMHO it always was; but something rather nasty has happened around it. Let me explain and set the stage.

Developers of free software always had the problem of somehow making some money; they have bills to pay too! Quite often good free software was meant to be an "entry drug", to entice you to later buy the paid version of that software. Users of these programs were reminded at certain intervals or during certain functions like updates to buy the paid version. Over time these reminders became more intrusive and sometimes even sneakily disguised down to the point of being outright obnoxious. Good examples of the latter are AVG and Avast antivirus programs. To further the sale of paid versions the developers of these programs made it more and more difficult to upgrade without inadvertently switching to the paid version. 

Another method of attempting to get at least some money was and is soliciting donations from users of the program.

Both aforementioned methods and others apparently did not have the desired effect. Software developers now are prone to look for a more direct method of getting paid at least some money. They fall for the sales pitches of third parties and offer Foistware. A very good description of foistware is in this ZDNet article by Ed Bott. I recommend a look at his "Foistware Hall of Shame" as well.

You ask what all this has to do with PDF Creator? A lot since PDF Creator got loaded with OpenCandy, an IMHO classical example of foistware. So far I could easily circumvent OpenCandy during installation of PDF Creator. But now PDF Creator's developers have decided to include OpenCandy and almost clandestine offers of junk into PDF Creator's update function! Take a look at one of PDF Creator's current installer windows :



In the top oval highlight you see pre-selected choices to install Babylon, IMHO one of the most heinous pieces of software currently pushed on unsuspecting people. Don't take my word for it, just read a few comments by people (all original quotes from here):
"Babylon is total f***ing malware. I unchecked every box, refused every intrusion it offered, and BOOM I find it has installed itself anyway. Oh and not just installed itself, infected Firefox to the bone. It is utterly inextricable using conventional means. One must dig into Firefox system files via about:config and manual expunge each hidden piece of malware. "
"Why is Babylon software not classified as malware? My computer is infested with it; . . .  if it did not automatically install itself everywhere."
"I do not need it and I cannot get rid of it. It overrides my settings in an obscure way that seems impossible to be corrected."

"Does anybody know how to remove this stuff?"
 Now, in above example you have to do four things to avoid getting Babylon installed:
  1. DE-select the check mark by "Make Babylon Search my home page"
  2. DE-select the check mark by "Install Babylon toolbar"
  3. DE-select the checkmark by "Make Babylon my default search" 
  4. And you have to click on the Decline button.
 If you click on Agree you have done just that, agreed to Babylon taking over your web browser(s) and the settings in the check marks are ignored.

I have used PDF Creator and Babylon as examples only! PDF Creator can offer other foistware that requires other methods of avoiding it! user beware!

All this sneaky stuff happens thanks to OpenCandy being now in PDF Creator's installer!   

What to do about it:

If I have set up your computer before August 2012 you likely have PDF Creator running. Please remove it! I recommend these steps:
  1. Open the Control Panel
  2. Open Programs and Features (on XP it is Add/Remove programs)
  3. Find and highlight "PDFCreator"
  4. Click Uninstall (on XP it is Remove) and follow the prompts
  5. Open the Printers folder.
  6. If you still see a printer "PDFCreator" Right click on it and click on Remove device
If you want to retain the option of creating PDF files by simply printing them to a virtual printer I recommend from now on doPDF. You can download it from this web page as well; please do not use the mirror links at the end of the page. Some of these go to download portals that I recommend to stay away from.

When you install doPDF you will see the window pictured below. Please set the switch "Always use this folder" to your personal preference.



If you have difficulties doing any of that or if you feel intimidated by the tasks at hand then I would love to help; you know who to ask. 
As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Monday, July 16, 2012

DISable Windows Sidebar & Gadgets NOW! Update


The Register is a British IT and computer blog. I follow it's security blog; one of the recent articles was about dangers posed by Windows Vista and Windows 7's features "sidebar" and "gadgets". To save you the need to go to this page and then return I will quote their full article here:
 Microsoft has advised Vista and Windows 7 users to put Gadgets and the Windows Sidebar to the sword, following the revelation of yet-to-be-detailed remote code execution vulnerabilities in the features.

Redmond issued this advisory ahead of an upcoming Black Hat presentation by Mickey Shkatov and Toby Kohlenberg. The two have promised to reveal “interesting attack vectors” in a presentation called “We Have You By The Gadgets”.

Microsoft hasn’t provided any further information about the vulnerability, other than to say that users could install insecure Gadgets that enable remote code execution.

“Gadgets installed from untrusted sources can harm your computer and can access your computer’s files, show you objectionable content, or change their behavior at any time,” Microsoft notes.
Since Gadgets run with the rights of the current user, the vulnerability could allow exploits all the way up to administrative level.

The Microsoft fix disables the Windows Sidebar and Gadgets on all supported Vista and Windows 7 editions.

The unloved Sidebar feature for Gadgets was killed off in Windows 8, as was the Windows Live Gallery used to access Gadgets from the desktop.
I always have advised my customers not to use sidebar functionality; especially on early Vista systems with limited hardware sidebar gadgets caused a perceivable performance reduction.

It seems to be interesting that Microsoft issues a "fix" even before the vulnerability has become public. That tells me something about this vulnerability: It must be really dangerous or maybe it's just too easy to exploit it?


If I have set up your system and you have an icon labeled "Teamviewer..." on your desktop then I can apply remotely a simple fix that will disable the sidebar and it's gadgets permanently and system wide. And you have my phone number.

Update: There is a relatively easy way to disable the sidebar and the gadgets yourself:
Uninstalling the Gadget Platform also removes the Gadget options from the desktop context menu and the control panel. To uninstall, open the Control Panel, click Programs and Features. In the upper-left corner click Turn Windows features on or off. In the Windows Features list, scroll down and un-check Windows Gadget Platform, then click OK. This will require a reboot.
As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Sunday, July 15, 2012

Passwords that are NOT a Password


Update June 15, 2013:
I stand by what I wrote here but please read as well my article "Passwords - The Latest".

I stumbled over an interesting web site maintained by security consultant Mark Burnett.  Mark writes extensively about passwords and other computer security related issues.

What intrigued me is the utter ignorance some people show when selecting passwords. Take a look at the this little table with the arbitrarily chosen top 18 entries out of the millions of passwords Mark has analyzed.

The first column lists the actually used password and the second column how often it appeared in the analyzed sample. The obscuring with **** serves to disguise a foul four letter word.


password   32027   
123456     25969   
12345678   8667      
1234       5786      
Qwerty     5455      
12345      4523      
Dragon     4321      
P****      3945
Baseball   3739      
football   3682      
letmein    3536
monkey     3487

696969     3345
abc123     3310
mustang    3289
michael    3249
shadow     3209
master     3182
What I want to emphasize are a couple of facts that by now ought to be common sense knowledge of anybody who uses the Internet:
  1. Never use any word that could be in any dictionary as a password.
    Consider as well dictionaries of nicknames, pet names and common acronyms!
  2. Don't use obvious sequences or repetitions.
  3. Make your passwords long enough. I consider 10 to 12 characters the minimum.
  4. CAPITALIZE some of the letters.
  5. Use one or two numbers.
Please read my May 2012 article about hacked passwords  and my April 2011 article on what to do about passwords that are too simple.

The former article has become even more important after Yahoo admitted that just recently one of their services has been hacked and 450,000 passwords got posted on a publicly accessible web site!

On a side note: For years I have advised my customers to drop their Yahoo email accounts; seems this was and is reasonable advice.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.


Friday, July 13, 2012

Yet Another Scam - Beware


Just today I got this email (screen shot from my email program):
Looks almost "real", doesn' it?

I thought "Yes, we have that old BoA credit card from store XYZ" and so I started reading the email..

I read until I saw the sentence in the red rectangle above. A bank asking to "confirm customer data"?
"No way you lil' ole scammer" was my reaction.

Then I thought to check the link on "HERE". And yes, you guessed it, it goes to some place somewhere but not to BoA; see this screen shot:


You csn see my cursor was on "HERE" and in the status line you see the target web site; No BoA at all!

My conclusion: Optically appealing scam.

This shows again that we need to think before we click!  And we better check every link in an email whether it's actual target has anything to with what it claims to be.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Wednesday, July 11, 2012

Printer Problems - Check This First

All too often I get calls about a printer not working. The following is a first attempt at giving you some basic tools to do a preliminary check yourself. This will likely be augmented and expanded upon; suggestions are welcome.

The first things to check before you call me would be:
  1. Are all cables correctly connected on both ends of the cable?

  2. While the computer is up and running: Turn off the power switch on the printer, wait about ten seconds  and then turn this power switch on again.

  3. Open your printers folder. If printer is shown as offline right click and remove the check mark by "Use printer offline".

  4. If the printer still does not work and only if it is connected to the computer with a cable:
  • Right click on the printer and click on (depending on your operating system) "Remove device" or "Delete printer".
  • UNplug the printer cable either from the computer or the printer (one side is good enough).
  • Restart the computer.
  • Plug the cable back in and let the system re-install the printer.
If that does not fix it I will have to visit you and take a look if you so desire.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.
Click here for a categorized Table Of Contents.