12.29.05
Posted in Article at 10:20 pm by Techie
Saying there’s a security flaw in Windows makes a tech’s eyes roll. Anyone who’s run Windows Update periodically know that there are flaws that crop up. However, recently, a new flaw was discovered that has yet to be fixed — a fully patched Windows XP machine with updated Norton Antivirus was able to be breached…by visiting a web page.
The problem has to do with the way Windows handles Windows Meta Files, which are meant to be image files. That’s right, not executables, not unsafe ActiveX controls, just image files. Well, wmf files are a little more than images; they have some scripting capability built into them, and that’s part of the problem.
The problem is, all you need to do is download the file. So, visit a malicious web page in Internet Explorer, and that’s it. In Firefox, you may get a warning about downloading a wmf file; if you do, that’s it. It’s that easy right now to get your PC hacked.
The quick workaround is to Go to Start->Run, and run the following:
regsvr32 /u shimgvw.dll
This will break some image thumbnail support. However, it’s better than running around with the threat of getting hacked. After Microsoft releases a patch, you should run:
regsvr32 shimgvw.dll
This is a quick workaround to running a little safer, but will break some things. (Not that many of you would notice.) Microsoft, release a patch already!
Reference:
Washington Post: Exploit Released for Unpatched Windows Flaw
Permalink
12.28.05
Posted in Article at 2:01 pm by Techie
Last week my sister pointed at a computer and called it a hard drive. The other one I’ve heard is calling a computer a CPU. I didn’t correct her, because no one really cares. No one, that is, except for techs. Techies are really annoyed when they hear this, because it’s just not right. It’s like pointing at a car and saying it’s a muffler. It doesn’t make any sense.
So, for the basics…most people know what a monitor, keyboard, and mouse are. They could even pick a printer and scanner out of a lineup. That leaves the computer. Most techies hate it when someone points at it and calls it a hard drive or CPU. It’s neither. The computer has those parts, but that’s just it — they’re parts. They’re components of the computer.
The part of the computer you see is the case. Sometimes referred to as a chassis, it’s where you put all the other internal stuff. A case alone is empty, and not very interesting. With stuff, it’s a computer. Not a hard drive, not a CPU. If you want to sound tech, you can even call it a beige box — just make sure it’s beige.
Let’s take a look inside. Inside the case, you’ll see a big silicon board on the bottom that everything hooks into — this is the motherboard. You don’t generally hear motherboards mentioned much in a computer’s quick description, because it’s something only techies would really care about.
On this motherboard you’ll probably see one or more green vertical silicon wafers about 1″ x 4″ in size. These are RAM. In a computer description, you might see something listed as “512 MB” — this is like short term memory for a computer. It’s a good idea to get plenty of this, because the more of it you have, the better your computer can run things at the same time. Do you multitask a lot? Better make sure you have a lot of this stuff. Think of this as like your quick memory, like when you go to the grocery store, and think to yourself, “I need a loaf of bread and a stick of butter.” You don’t write it down, and you’ll forget later that you had to remember this; it’s just useful to get what you need done right away, and then is discarded. Your computer empties this out every time you reboot, and this is normal.
Also on the motherboard, you may or may not see the CPU, which can take a few different forms, ranging from a long black cartridge, to a chip on the board. This thing does all your computer’s heavy lifting — all the calculations that happen behind the scene to do what you want to do. In either case, you’ll see attached to it a large ugly hunk of metal, which is known as a heat sink, which keeps your computer from catching fire from all the work it’s doing. On some machines (especially Dell machines), this is hidden behind a plastic awning. Rest assured, it’s there, because your computer would be a paperweight without one.
You may also see large silicon cards directly plugged into the motherboard. Your monitor may even be plugged into one of them (but not necessarily). These are add-on cards. If your monitor is plugged into one of these, it’s your graphics card. If your speakers are plugged into another one, it’s your sound card. If your network cable is connected to one, it’s your network card. If your phone line is connected to one, it’s your modem. These days, most computers have the graphics cards, sound cards, modems, and network cards actually integrated into the motherboard, so you might not see these.
Not directly attached to the motherboard, but connected via a cable, you should see a metallic rectangular box, about 4″ x 6″ x 1″ in size, with no access to it on the front of the computer. This is the mythical hard drive, where all your data actually gets stored. This is like writing down your grocery list, so you can pull it up and remember it later. This is where all your data is kept, so if you lose this, you lose all your files.
So let’s put it all together. Let’s say you see a computer description listed as such: “Intel Pentium M 2GHz, 1GB RAM, 80GB”. The CPU is the part that reads “Intel Pentium M 2 GHz.” The RAM is (obviously) “1 GB RAM”, and the hard disk size is “80 GB”. All of that, inside a case, makes a computer. Not a CPU. Not a hard drive. Those are just parts.
So stop calling computers hard drives and CPUs. It’ll make the techie’s work of fixing your broken PC a little easier, and won’t grate on their nerves. Do it, or I’ll drive my muffler over to your gutter and smack your hand with a ruler.
Permalink
12.23.05
Posted in Article at 11:30 pm by Techie
You probably keep hearing about BitTorrent, but might not have any idea what it is. Or, perhaps you’ve downloaded a .torrent file, and have no idea how to open it. BitTorrent has been getting a lot more distribution, and it’s a good idea to understand what it’s all about.
BitTorrent is a method of distributing a file to a lot of people. It has nothing to do with Peer-to-Peer (P2P) technology like Limewire, Gnutella, Bearshare, or any of the others. This is because it’s not building a network. When you use BitTorrent, you aren’t sharing a folder. It’s all about distributing the effort of sharing the file among people who are interested in it.
Let’s say a person has a 50 MB video they want to share with the public. If they have 1,000 people who want to download it, and they just host it on a web site somewhere, then this person has to support 50 MB x 1,000 downloads, or 50,000 MB (around 49 GB) of download bandwidth. That’s a lot by most standards.
Now, let’s imagine a different scenario. Let’s say that the person cuts the video into four parts, and starts uploading it to four different people. So, person A gets the first quarter, person B gets the second, C gets the third, and D gets the fourth. The original hoster has only uploaded the video one time, yet uploaded the parts to four other people. Person A, B, C, and D do not yet have complete files, they only have a fourth. However, now imagine that persons A, B, C, and D can now upload to each other. A can download the remaining parts from B, C, and D; B can download from A, C, and D, and so on. Basically, splitting things up this way mean that the other people who downloaded parts can upload the parts they downloaded to other people. Eventually, A, B, C, and D can all get the file, with the original person only having uploaded the file once.
Now, let’s add person E, another person interested in the file. Person E can download parts from the original poster, but can also download parts from A, B, C, and D. Even if the original poster doesn’t upload anymore, the file can be obtained by downloading from A, B, C, and D. The entire bandwidth of the upload can be distributed across the people who are downloading. If everyone except the original poster remains connected until E downloads the file, then the file will have been distributed five times (to A, B, C, D, and E), for an upload amount of 5 x 50 MB. However, the original poster only uploaded the file once for 50 MB. If the original poster had just hosted the file, they would have uploaded 250 MB.
This is a simplification of what happens, but is accurate enough to explain how it distributes the bandwidth cost. The truth is, the file will get cut into a lot smaller pieces, and there will probably be a lot more people involved. The more people involved, the greater the ability to download. If the original hoster didn’t have much bandwidth, that would throttle the amount that people could download at a time. Let’s say that the original hoster had the ability to upload at a rate of 50 KB/s. If one person was downloading, then they could get the file in 1,024 seconds. However, if two people were downloading, it would take 2,048 seconds. Imagine that there were a fifty people downloading the file at once — it would take everybody over fourteen hours to download.
With BitTorrent, that limit isn’t there, because everyone shares in the upload. The more people involved, the better off the bandwidth. That’s what makes BitTorrent so powerful: rather than causing downloads to get slower as more people get involved, it gets faster. I have one torrent downloading right now that is getting speeds around 540 KB/s. Not all torrents get that, but it’s even rarer to get web servers with that sort of download available, especially with a popular file.
This adds an interesting kharmic element to this mix. If everyone downloaded a file, then immediately quit uploading, then this doesn’t work. That’s why there’s a golden rule of BitTorrent: stay connected until you’ve uploaded as much as you’ve downloaded. This is referred to as a ratio — the ratio of what you’ve uploaded to what you’ve downloaded. You should stay connected until this is equal to or greater than 1.
Additionally, it also means that the power of the torrent will scale depending on the popularity. If no one wants a file, then the torrent will never pick up steam. A file’s popularity is directly correlates to the power of its torrent.
Those are the basics to understanding what BitTorrent does. These steps involve creating a .torrent file, with information about the file to distribute; this file gets uploaded to a tracker (a server that works to announce to everyone who’s connected to the torrent); then the .torrent file is uploaded somewhere for people to download. From a user’s perspective, all that’s needed is to download the .torrent file, open it in a BitTorrent client, let the download complete, then wait for the upload to download ratio to reach 1. It’s important to note, however, that some trackers strictly enforce that ratio — don’t hit it, and get banned from that tracker.
BitTorrent has been getting a bad rap because of its use in illegal trading, including music, videos, DVDs, software, and more. This is important to know, because of the way BitTorrent works: if you download things with BitTorrent, you are also uploading at the same time. If, say, the RIAA or MPAA note that you’ve been uploading copyrighted material, you’re running the risk of getting sued. Yes, it’s happened.
If you don’t have one yet, you probably should go ahead and download a BitTorrent client. The official BitTorrent client is actually decent, though there are many third party options available as well. As BitTorrent is getting more mainstream, it’s a good idea to install it, because you’ll eventually come across .torrent files.
Permalink
12.22.05
Posted in Article at 11:30 am by Techie
In this article, I don’t want to go in depth; I just want to answer the basic question: Which wireless encryption should I use? Even as more and more people are setting up wireless connectivity for their networks, few realize the additional security risk they are adding. This is further compounded by the different choices that are available — can the average user, given the documentation that comes with their wireless router, understand the difference between the different protocols as well as the consequences of their choices? Probably not.
The first step to setting up wireless is admitting that there is a problem with letting people onto your network. Chances are, if you copy files between computers, send email, instant message, or browse the web, you generally want to presume that such information is private. While to the average user this might seem to be the case when on a network, even the only modestly tech savvy individual knows this is not true.
Wireless networking compounds this issue by providing the possibility of letting anyone with a wireless card access to your network. The way to keep random people off your network is with security — this is where encryption comes in. Unfortunately, wireless networking rolled out on the consumer end first, which made it a test bed for the security measures it implemented. This resulted in flawed implementations at the start.
Take WEP for instance. If this is your only option, then use it. If, for instance, your network contains 802.11b cards, you refuse to upgrade, and you’re dead set on getting everything wirelessly networked, you might as well enable it. Just don’t harbor any illusions that your network is secure. It’s not. As most implementations of WEP can be cracked in just minutes, this only adds a layer of nuisance — hopefully your neighbor down the road has an unsecured network that people will use instead. WEP: It’s better than nothing, but just barely.
Enter WPA. Finally, wireless hardware companies realized that security just might be important for sharing your home network wirelessly with the neighborhood. WPA was designed to address WEP’s vulnerabilities, and thus, WPA-TKIP was born. Unfortunately, while much stronger than WEP, WPA was built upon the WEP infrastructure, meaning that for a variety of reasons, WPA-TKIP is not entirely secure either. While much more secure than WEP, WPA-TKIP suffers from some other potential vulnerabilities. Most wireless hardware released today supports WPA-TKIP. If you have to choose between only WEP and WPA-TKIP, it’s a no-brainer — pick WPA-TKIP.
However, there is currently a third option: WPA2. WPA2-AES is currently the strongest and most secure encryption you can readily get on the consumer level. Realizing the flaws of the previous two protocols, network engineers went back to the drawing board, developing a secure protocol from the ground up. If this is an option, then definitely use it. Another option I sometimes see is WPA2-AES+TKIP — this is for backwards compatibility, mixing support for both WPA-TKIP and WPA2-AES. If you have to support legacy WPA-TKIP hardware, then this is an option; just be aware that you’ll be allowing all the vulnerabilities of WPA-TKIP onto your network. You’ve been warned.
Oh, you might see “PSK” thrown around a lot when discussing wireless encryption. That just stands for Pre-Shared Key. Chances are you’re using it, regardless of which encryption you pick. (How else would you authorize computers onto your wireless network?) If you’re consumer-level, you should probably also ignore RADIUS — that’s an authentication server run by some corporations, and most likely, you’re not running it.
So there you go, the quick run down. If you can use WPA2-AES, use it, and rest easy (for now). WPA2-AES+TKIP is okay, but definitely not as good as WPA2-AES. WPA-TKIP will do if those aren’t available, but does have some vulnerabilities. Only as a last resort should you use WEP, as it’s only marginal security. Hopefully, no vulnerabilities will be found in WPA2-AES for some time.
Permalink
12.21.05
Posted in How To at 4:02 pm by Techie
Unless you never use the Internet and never install software on your computer, you probably need a virus scanning solution of some sort. A virus can come from pretty much anywhere: a word doc provided to you on floppy disk, an email message, a web site, downloaded programs, or even vulnerabilities in the operating system itself. What’s even more annoying is that infected PCs usually attempt to infect other PCs, be it with email worms, broadcasts on the network, or other more sinister mechanisms. If all computers ran virus scanning, there’d be a lot less network congestion. Companies like Symantec and McAfee have been selling virus scanning software for years, and often offer free year subscriptions with new PCs.
But why buy virus scanning software when you can get it for free? Sure, there’s extra support there (theoretically) if you have any issues, but most people get by with just running a virus scanner.
If you need to just quickly scan a previously infected computer without installing software, then Trend Micro’s Housecall is the way to go. This online scanner uses a Java applet to run right from your web browser and deal with problems. Unfortunately, this free scan doesn’t support cleaning of files, just deleting of them. Be forewarned!
If you’re looking for an actual virus scanner to install, then Grisoft’s AVG Free Edition is a good choice. This won’t allow you to scan network drives and also doesn’t run on Windows XP Professional x64 Edition, but most computer users don’t have to worry about this. With one scheduled scan and one scheduled update per day, it’s a solid choice. Email messages get a tag noting that they have been scanned with AVG, which can be annoying at times.
Another good choice is avast! Home Edition. I’m actually leaning towards this version these days, as I appreciate its email scanning more than AVG’s. What’s more, it runs on Windows XP Professional x64 Edition, which is nice.
With free options available, there is no reason to be running unprotected. If you’ve been putting off that Norton anti-virus renewal or just don’t have virus scanning, download and install one of the above today. The rest of the world appreciates it.
Permalink
12.20.05
Posted in How To at 7:14 pm by Techie
Every tech fears the dreaded question: “Hey, can you check out my computer?” Family get togethers, stopping by a friend’s house, sneaking into work — the question may appear at any time. The computer is running slow, or displays random errors. Popup windows abound. It must be time for a dreaded spyware cleanup.
Spyware and malware installations are perhaps the biggest menace to personal computing today. While spyware has the seemingly innocuous, annoying task of monitoring browser habits to show advertising, malware goes a step further with the threat of adding keystroke loggers, backdoors to your computer, or any of a host of other nefarious purposes. Regardless of if it’s the former or the latter, both will cause a computer to run slower, break functionality, or otherwise ruin a day of computing. Programs like this can get installed via web pages that integrate an installer; misleading popups, offering a note that your system might be at risk; or even bundled with programs downloaded from the web. The average user’s computer is likely to have been infected with spyware / malware at some point.
Any tech knows that basic spyware cleanup is easy. It’s annoying to do, especially if you have to do it over and over. Some techies might even put up a web site with an article on it, just to avoid having to do it yet again. (Ahem.) One would hope that you would just need to download a program, run a scan, and be all set. It couldn’t be that easy, could it? Well, actually, yes, it can. What’s more, it’s free. There is an entire cottage industry of techs who make a decent living out of cleaning up spyware, and yet the basics cover the majority of problems.
I recommend that you scan your computer with three different programs. Each one takes a different strategy at combatting spyware / malware, and by running all three, you can be fairly certain you’ve cleaned up most of it. Warning: Some programs may break if you clean off spyware. As some programs require spyware to function (most notably, free downloadable games), cleaning this stuff up may break them. However, given that the alternative is a pretty unusable computer in most cases, this seems like a fair tradeoff. Let’s begin!
Step 1: Scan with Microsoft Anti-Spyware (Beta).
Download the above, and run the installer. Launch it, and the Setup Assistant will guide you through the initial setup. Go ahead an enable the AutoUpdater to keep the program up to date. Additionally, enable the Real-time Security Agent, which helps make sure that you’re notified if a program tries to do something to your computer. What about SpyNet? Arguable. If you’re paranoid and concerned about privacy, say “No”; some information about what you’re running and rejecting gets sent to a networked community to build the spyware database. It’s a good thing[tm] to contribute to the community, but your specific needs may vary. You should also make a decision about if you want to run a scan every night at 2am. I would recommend letting the program do this, but your needs may vary. Go ahead and Run Quick Scan Now.
Depending on how many files you have, this might take a while. The program is scanning through your computer’s running processes, registry, and files. If anything is found, the program will give instructions for how to clean up the problems. Close out the program when done.
Step 2: Scan with Ad-Aware SE Personal.
Lavasoft’s Ad-Aware has been the standard for spyware scanning for years. While not perfect, it does a great job of catching most spyware / malware. When finishing the install, select to “Perform a full system scan now”, as well as to “Update definition file now”. You can leave the option to open the help file if you’re curious, but it’s not necessary.
The first thing that happens is Ad-Aware will connect to the Internet to search for updates. After that, the main window will open. Select the Start button in the lower right, then select to “Perform smart system scan”. It’s optional if you want to select the bottom two checkboxes (negligible and low-risk threats), as these probably do not represent spyware or malware per se. After scanning, select the Critical Objects tab, and check all the items here. Hit next, and it will confirm that you want to remove those items. Removing the negligible items as well will probably not effect things too negatively, but your main concern are the critical objects. Close out of Ad-Aware, as you’re finished with it.
Step 3: Scan with Spybot Search & Destroy.
During installation, make sure to select to “Download updates immediately”. Do not use system settings protection (TeaTimer), as you should already have Microsoft’s AntiSpyware running. You might as well enable Internet Explorer protection (SDHelper), as that is the primary source of most spyware / malware. Note that if you do, Windows AntiSpyware will alert you, and ask you to Allow this.
Upon first run, you’ll be asked to make a registry backup. This is always a good idea before messing with the registry, so go ahead and do so. You’ll know this is done because the Next button will be enabled again. You should now have a screen with two options: “Search for updates”, and “Download all available updates”. Click the first button to find available updates, then the second to actually download them. When that finishes, select Next, and you should have the option to “Immunize this system”. Clicking this button will prevent known spyware / malware from infecting your system, so do so. Click Next, and an option to “Start using the program” should be available. Click that, and you’re in the main window for Spybot.
In the left hand pane should be an item marked “Search & Destroy”. Click that, and in the right pane should be a button for “Check for problems”. Click this, and a scan will begin. Once the scan completes, the results are displayed in the window. If you would like more information, click on one of the items, then click on the right side of the pane (where you should see a bar with two arrows pointing to the left) to see a description, which is not always available. Click the “Fix selected problems” button at the top, and the problems should disappear. Close out of Spybot, because you’re done with it for now.
Step 4: Change your habits.
Your system should be pretty clean at this point, so at this point, it’s a matter of prevention. Some quick tips:
- Switch to using Firefox as your web browser. Most spyware / malware results from flaws in Internet Explorer’s security. While Firefox isn’t perfect, most spyware / malware targets IE.
- Don’t install programs without thinking. Who is providing the program? If it’s Yahoo, you’re probably okay. If it’s a company you never heard of, perhaps you should do a little more digging. If a program has an End User License Agreement (EULA), read it. Quite often, these spell out right in the terms that spyware may be installed.
- Don’t be fooled by popup windows. If it’s an offer in a popup window, you’re probably not that interested anyway. Plus, a good amount of spyware is installed in this manner.
- Periodically scan for spyware / malware. You now have three programs installed for scanning. Use them all. Just make sure to do an update first — new spyware and malware is coming out all the time, so be sure you’re up to date.
While the above instructions will take care of 99% of spyware / malware cases, it doesn’t handle them all. If everything runs great after doing the above, pat yourself on the back. You’ve taken steps to fix your computer on your own. Feels great, doesn’t it?
However, spyware / malware writers are clever, and getting more clever every day. If the above doesn’t fix all of your problems, then you’ll probably have to dig deeper — but that’s an article for another day.
Permalink