The Risks You Face Installing Unknown Programs

EDITORIAL: The Risks You Face Installing Unknown Programs

Best of this month April 2008

1. TOP TECH SITES AND RESOURCES

1.1 Everything You Wanted to Know About Cookies
1.2 Google Personalized Homepage Launched, GMail for All
1.3 Windows XP Myths Exposed
1.4 Good Malware Prevention and Removal Site
1.5 Downloadable Collection of Firefox Extensions

2. TOP FREEWARE AND SHAREWARE UTILITIES

2.1 Free Anti-Virus Program Shines
2.2 Free Utility Minimizes Windows Apps to the System Tray
2.3 Identify Any Changes to Your PC
2.4 New from Google: Desktop Search V2 and Google Talk
2.5 One Firefox Tab Extension to Rule Them All

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES

3.1 Microsoft Security News
3.2 New Flaw in Mozilla and Firefox Fixed
3.3 Spyware Scanners Come Under Fire
3.4 Opera Browser Now Free

4. OTHER USEFUL STUFF

4.1 Digital Spy Camera in a Zippo Case
4.2 A Complete PC on a Flash drive
4.3 Use Google to Work Out the Length of a Trail or Circuit
4.4 Complete Waste of Time Department

5. TIP OF THE MONTH

5.1 How to Speed Up Firefox

6. FREEBIE OF THE MONTH

6.1 Best Free Disk Defragger

 

EDITORIAL The Risks You Face Installing Unknown Programs

I cautioned readers against downloading and installing unknown programs. In particular against downloading free search toolbars, internet accelerators, spyware cleaners and other attractive sounding freebies from pushy websites as these products are all too often packed with adware, spyware and worse.

This prompted a lot of correspondence from readers. Many readers felt that it was cutting off one of their greatest internet pleasures; downloading and installing free programs. Others suggested that surely they could avoid infection by checking the downloaded programs with security products before installing them.

Folks, I'm not suggesting you stop downloading programs, But anly saying avoid unknown programs; stick instead to reputable programs from reputable sources of which there are many.

Reputable sources include the top download sites like SnapFiles, MajorGeeks, No-Nags, ZDNet and FileForum as well as the top newsletters like the LangaList, Windows Secrets, my own and others. You can add to that reputable software websites like BetaNews and many, many software forums.

The fact is that you have lots of choices for safe downloading. So many that there is no need at all to download unknown programs from unknown web sites.

And as for scanning downloads to check for malware, there's a bad news. It may not help you much at all.

An increasing amount of malware is distributed with the infected program file compressed and/or encrypted. That means that most anti-virus, anti-trojan and anti-spyware programs can't "see" the rogue product as it's hidden by the encryption. Hidden, too, are the characteristic "signatures" that allow the malware products to be positively identified.

Malware programs like this can't be easily detected by simply scanning the file with an anti-virus program or other security product. Often such files scan just fine. They look safe but are actually loaded.

It's true that these infected files can be detected when you actually install the program. That's because at some stage in the installation process the program files have to be unpacked and decrypted in order to run. At this point they reveal their true nature and can be identified and caught.

However, this is often too late. Even if detected by your security program, your PC may have already been compromised. Even if it hasn't, you may be faced with an extensive and time consuming clean up job to remove all traces of the infection from your PC.

Don't get me wrong; security software does a great job in protecting your PC. It is just imperfect.

When you deliberately install an unknown program on your PC, you are giving that program carte blanche to do what it wants. It's not like the program is trying to sneak onto your PC; you are giving it full permission to install.

Expecting your security software to protect you in this situation is too much to ask. It may, indeed it probably will, but you cannot depend on it.

A couple of years ago I remember reading the case of a guy who shot himself dead. He'd just bought a new bullet-proof vest and decided to test it by discharging his double barrel shotgun towards his heart.

While his death may have been regrettable, the fact is that what he was doing was plain dumb.

Installing unknown programs from unknown sources on your PC and expecting your security software to protect you is much the same.

When you visit an unknown website and are offered some attractive piece of software you must discipline yourself to resist. I know it's hard but it's unlikely the program will deliver on the promise and all too likely it will deliver something very unwanted to your PC.

Just think about the guy with the bullet proof vest. That may help you resist temptation.

Back to top

1.0 TOP TECH SITES AND RESOURCES

1.1 Everthing You Wanted to Know About Cookies

Well not quite everything. This site covers the basics pretty well, has an excellent FAQ and gives good guidance on cookie removal but there's not much on the curly issues such as setting cookie management policies.
http://www.aboutcookies.org

1.2 Google Personalized Homepage Launched, GMail for All

Google personalized homepage [1] gives you the news, weather and stock information you want plus online bookmarks, GMail notification, search history and much more. You can even drag and drop the screen panels to get the layout that suits you. Another new development at Goggle is the opening up of the previously invitation-only GMail service. Anyone with a USA- based cell phone can now get an account [2].
[1] http://www.google.com/ig
[2] https://www.google.com/accounts/SmsMailSignup1

1.3 Windows XP Myths Exposed

This is a well researched list that debunks dozens of commonly held Windows beliefs such as "Periodically cleaning the pre- fetch folder speeds up boot time." While visiting, check out other sections of the site; they are first class.
http://mywebpages.comcast.net/SupportCD/XPMyths.html

1.4 Good Malware Prevention and Removal Site

Here you can find excellent advice on how to configure your system to reduce the chance of spyware infection plus detailed information how to remove an existing infection. Most of this information is available elsewhere but the site owner Shanmuga has done an excellent job compiling the information and making it accessible. Well worth visiting and bookmarking.
http://www.malwarehelp.org/

1.5 Downloadable Collection of Firefox Extensions

This site run by Dan W. offers a selection of 26 "best" Firefox extensions in a single download. I agree with most, though not all of Dan's selections but overall it's one of the best lists around. This site is a great time saver for those who don't want to wade through the 600+ extensions now available.
http://mboverload.no-ip.org/tech/mboverloadpak.html

Back to top

2.0 TOP FREEWARE AND SHAREWARE UTILITIES

2.1 Free Anti-Virus Program Shines

The AntiVir "Personal Edition Classic" after thorough testing, there's no doubt that's first rate detection; a is better in fact than the two other main popular anti-virus programs AVG and Avast. However, it's also got some glaring weaknesses. First, the free version has no email scanning. Second, it seems to take a fair time for the latest threats to be added to the signature file updates. Finally, its ability to pick up variants of existing viruses using heuristics appears to be somewhat limited. The lack of email scanning alone precludes general recommendation, however, I think that AntiVir makes an excellent backup scanner to your existing anti-virus product. Normally it's not a great idea to run two AV products at the same time but that should not be a problem with AntiVir. That's because during installation it gives you option of disabling the real-time memory monitor. Turn that off and you should be conflict free. I tried it with NOD32, AVG, Avast and Ewido with no conflicts but it's still possible it may conflict with other products. If so, boot in Safe Mode and uninstall it. Once you've set up AntiVir give your PC a full scan and then repeat weekly. Don't be surprised if it finds some malware missed by your other security products. 7.2MB.
http://www.free-av.com/

2.2 Free Utility Minimizes Windows Apps to the System Tray

Iin the above couple of programs that allow you to do this but I must say TrayIt! impressed me with its combination of simplicity and effectiveness. First, it requires no installation; just double click the program file and it's up and running. Second, it can minimize open windows to the tray either temporarily or permanently with just one click. Third, it handles "difficult" windows such as skins, with ease. Fourth, it works with all versions of Windows. Fifth, it's a tiny 45KB! Finally, it's free. A little gem.
http://www.teamcti.com/trayit/trayit.htm

2.3 Identify Any Changes to Your PC

The web description says it all: "SystemSherlock Lite is a free command line utility designed to analyze changes made to the registry and file system on your Windows workstation. SystemSherlock Lite saves an image of the registry and all your files and folders. Later on - for example after installing some software - you can analyze in detail what changes have been made to your system. You will find out exactly which registry entries and files have been created, deleted or modified. Very useful to monitor program installations or to keep track of which files and registry keys are tampered with over time. Uninstalling trojans, spyware, viruses and keyloggers is an easy task when you know what modifications the software made to your computer." Well, removing malware is not an "easy task" but this product sure makes it easier. SystemSherlock is an excellent tool for experienced users. Donationware, all windows versions, 179KB.
http://www.kephyr.com/systemsherlocklite/supportus.phtml

2.4 New from Google: Desktop Search V2 and Google Talk

Many of you will now be aware that Google is now offering a version 2 of their free desktop search program. The latest version has a novel sidebar which, according to Google, "shows you your new email, weather and stock information, personalized news and RSS/Atom feeds, and more." Also new is a desktop find- as-you-type search box, personalized search, an application launcher, a new Outlook toolbar and the ability to search your Gmail offline. After using it for a week I'm impressed with the integrated desktop/GMail search and the search personalization but found the sidebar more intrusive than helpful. On balance, Google is now level pegging with Yahoo for the best free desktop search utility though It's still prefer the way search results are presented in Yahoo DTS. Also new from Google is Google Talk, a free IM client that's based on the open Jabber XMPP IM protocol. The client is easy to use and effective but not yet as full- featured as competitive clients. However, in one area it shines: its VoIP implementation is the best available with exceptional voice quality and notable lack of delay. This alone will convince many IM users to switch. May Google will one day offer users a free browser-based operating system providing users with all the web-based applications they need. These latest releases only reinforce this belief.
http://desktop.google.com/index.html Win2K SP3 or later, 1.3MB
http://www.google.com/talk/ Win2K or later, 899KB

2.5 One Firefox Tab Extension to Rule Them All

Firefox's tabbed browsing is wonderful but the base browser provides limited control over how the tabs work. There are several free extensions available that offer more tab functionality but none gives full control. That's why, until recently, If you use the three tab extensions you'll got what you wanted: TabBrowser Preferences, Tab Clicking Options and UndoCloseTab. All three with just one that does pretty well the same thing as the other three combined. It's called Tab Mix Plus. It's a must-have for all Firefox users.
http://www.extensionsmirror.nl/index.php?showtopic=2291

Back to top

3.0 SECURITY PATCHES, SERVICE RELEASES AND UPDATES

3.1 Microsoft Security News

Microsoft cancelled its regular batch of security patches due to "quality control problems." This only further delays long overdue fixes to numerous outstanding
vulnerabilities in Windows, Office and Internet Explorer. Check this link for just some of the serious unresolved Microsoft problems.

http://www.eeye.com/html/research/upcoming/

3.2 New Flaw in Mozilla and Firefox Fixed

A serious security vulnerability affecting all versions of Mozilla Firefox and the Mozilla Suite was reported to Mozilla. The problem which affects even the most recent versions of Firefox and Mozilla could be exploited using a specially crafted long URL consisting entirely of dashes. Firefox and Mozilla could then be made to execute the attacker's code of choice. Mozilla responded quickly with a patch and have just today released a new updated version 1.07 that totally eliminates the flaw. The new version includes other security patches and some stability enhancements so all users are advised to update ASAP.
https://addons.mozilla.org/messages/307259.html
http://www.mozilla.org/products/firefox/

3.3 Spyware Scanners Come Under Fire

Anti-spyware vendors were being pressurized by some purveyors of spyware to remove their products from detection lists or have them re-classified to a more innocuous category. Sunbelt Software, the maker of CounterSpy has given way to this pressure. This drew a response from Alex Eckelberry, the CEO of Sunbelt, who wrote clarifying the situation. Here's part of his response. "We DIDN'T buckle to WhenU's attempts to get de-listed. The situation was incredibly misunderstood, in large part because If you went on a long-planned vacation immediately after it was announced and wasn't available to explain what had happened to the anti-spyware community".

3.4 Opera Browser Now Free

Opera V8.5 has just been released and is now ad-free. They have also removed Java from the installation package and Opera will now use the Java package on your PC. This greatly reduces the download size. Opera is a great browser and a viable alternative to Firefox. Well worth trying.

http://www.opera.com/

----------------- sponsored links -----------------------

The Best Windows Backup Software
We are in the process of updating all the backup reviews at our site, but the top product has blitzed the field for a second year in row. In fact, it's improved so much that it's now a one horse race. If you have been looking for a backup program, this is the one.
http://www.backup-software-reviews.com/

The Best SpyWare Detector
If you use Ad-aware or SpyBot you will be surprised just how more effectively SpySweeper detects and protects your PC from Adware, Spyware, Trojans and other malicious products. That's why it won the prized "Editor's Choice" award in PC Magazine's massive January 2005 survey of anti-Spyware products. Try the free evaluation copy of the new Version 4 and see for yourself.
http://www.webroot.com/wb/products/spysweeper/index.php?rc=1132

The Best Remote Access Software
Our reviewer had given this product category away as "too slow, tool clumsy and too unreliable" but after reviewing this product he's changed his mind; "at long last a remote access solution that actually works! Quite frankly, it's an impressive product.
http://www.pcsupportadvisor.com/best_remote_access_software.htm

The Best Anti-trojan Scanner
Most users are not aware that their anti-virus scanner can only provide a moderate level of protection against trojan programs that try and take control of your PC. To really protect your computer, you need a dedicated anti-trojan program. Our editor's have reviewed every major product on the market and have concluded that two scanners stand head and shoulders above the other contenders.
http://www.anti-trojan-software-reviews.com

------------- end of sponsored links --------------------------

Back to top

4.0 OTHER USEFUL STUFF

4.1 Digital Spy Camera in a Zippo Case

This is way cool; it's even flip top just like a real Zippo! It takes around 300 shots, has a surveillance mode where it shoots continuously at preset intervals and will also record video. Around $79.
http://www.thinkgeek.com/electronics/cameras/7886/

4.2 A Complete PC on a Flash drive

It had to happen: a flash drive containing a bootable version of Linux 2.6 with Gnome, a complete version of OpenOffice, Firefox browser, PDF viewer, GAIM instant messenger, automatic network configuration and more. It even includes a boot CD for PCs with no BIOS USB boot support. The FingerGear "Computer-on-a-stick" starts from $149.
http://www.fingergear.com/computer_on_a_stick.php

4.3 Use Google to Work Out the Length of a Trail or Circuit

You can use Google Maps to determine the distance of your running circuit, biking loop or, indeed, any defined trail.
http://www.sueandpaul.com/gmapPedometer

4.4 Complete Waste of Time Department (funny)

More flash sites to provide you with a momentary diversion from whatever you are really supposed to be doing.
http://www.adiosbarbie.com/feed_the_model.swf
http://www.rathergood.com/independent_woman/
http://www.cothrun.com/gallery/albums/Misc/windows_mix.swf

Back to top

 

5.0 TIP OF THE MONTH

5.1 How to Speed-Up Firefox

Firefox may be faster than Internet Explorer for surfing but it sure takes a lot longer to start up.

Here are two simpler speed-up techniques that make use of free Firefox extensions:

The main reason Internet Explorer loads faster than Firefox is that several of the key modules it uses are pre-loaded into memory when Windows starts. This makes Windows load a little slower but that's a small price to pay for having IE start up quickly every time you use it.

However, the same technique can be used with Firefox. In fact, there's a Firefox extension that does just that.

The extension is called Firefox Preloader, an open source utility that pre-loads parts of Firefox into memory at Windows startup. It works well; on my PC, Firefox now loads just about as fast as Internet Explorer.

http://sourceforge.net/projects/ffpreloader/

But there's another option. Rather than close Firefox, why not always keep it open by minimizing it rather than shutting it down? That way it is always available for instant loading.

The problem with minimizing is that it takes up a fair chunk of your task bar real estate. A much preferable approach is to minimize it to an icon in the system notification area.

Firefox does not provide this option but there is an extension that does. It's called MinimizeToTray and you can get it for free from here:

http://minimizetotray.mozdev.org/

MinimizeToTray works for Thunderbird, Mozilla Suite and Nvu as well as Firefox and provides quick access to many of Firefox and Thunderbird's most used features via the right click context menu.

Minimizing Firefox has another advantage: it frees up unused memory every time it is minimized. Not a bad thing as Firefox does tend to eat up memory with continuous use.

Back to top

6.0 FREEBIE OF THE MONTH

6.1 Best Free Disk Defragger

The top recommendation here is Diskeeper Lite [1], an older, free version of Executive Software's current commercial Diskeeper product. SysInternals, for example, offers "Contig" [2], a robust, free, command line utility which defrags one file at a time. It's a pain to use but eXcessive software has built an excellent user interface [3] for Contig that turns it into a thoroughly usable product. Also to be considered is "BuzzSaw" [4], a real-time defragger that works away in the background to ensure your files are always defragged. It's not effective as a total disk defrag. To this end, the folks who wrote BuzzSaw offer another utility, "DirMS" [4], that does a full defrag. This can be used periodically in concert with BuzzSaw to provide excellent defragmentation. It can be used alone though the free version is a command line utility that's not very user friendly. "AutoIt 3"[5], a free utility that provides a graphic free interface for DirMS. It works very well indeed though note that it requires version 1.2.20 of DirMS. All products here are for Windows NT and later.
[1] http://www.majorgeeks.com/download.php?det=1207
[2] http://www.sysinternals.com/utilities/contig.html (26KB)
[3] http://www.excessive-software.tk/ (397KB)
[4] http://www.dirms.com/ BuzzSaw (37KB), DirMS (81KB)
[5] http://www.wolfgang-fuehrer.de/wwf_dirmsgui_en.htm (125KB)

Back to top