Main Line Computer Users Group


October 2003 Issue 257

VILLANOVA UNIVERSITY, ST. AUGUSTINE CENTER, ROOM 110 MEETING STARTS - 09:30 - OCT 11 th
THIS MONTH'S CONTENTS
UPCOMING MEETING:

We WILL have a decent time for some Q & A, what with all the trials and travails since last time - with the 3rd major internet infection in a month! This time being the arrival of the W32.SwenA worm. I'm sure that we'll have plenty to talk about!!

For the main "demo" this month, we'll pick up where we left off on bringing our new BTO computer into service. I'll admit that this has been a slow process, but we hope that doing most all the "new computer stuff" hands-on in the meetings will be more helpful than the "we did this between meetings and here it is" mode of operation.

We urge all our members to come out and NOT to hesitate on asking about tasks we do that are not clear, either in intent or conduct.

Before we get into installing applications, the final step for this startup phase will be to:

Run Windows Update on the internet

See p.3 for some thoughts on this process before the meeting rolls around.


SECURE LIVING?

Since last month's meeting, we had yet another net invader - this time, the W32.SwenA worm. It is carried by an email attachment but with a new twist! The new wrinkle appears to have been developed because of all the emphasis on getting your Windows OS updated with patches from the Microsoft website. So, the author of Swen attached his malware load to an email message that appears to come from Bill Gates home out west - Microsoft itself!! The message indicated that the attachment contains a CRITICAL update to protect yourself against more viri, worms or whatever. [continued]

########################################
ANNOUNCEMENTS & COMMENTS
########################################

WELCOME! - to our new members in the last month, Wayne Bagnoli from Aston, Richard Brunner from Bala-Cynwyd and Wendy Emery from Philadelphia. We sincerely hope that they'll find their membership of value (and a bit of un, too!). We hope to see them at the meetings and on the emailing list!

These are the first new members in nearly a year! We urge all our members to keep their eyes peeled for others whom we could help...

THE YEAR IS ENDING! - well, not really; but the "fiscal" year for MLCUG is over. So, it is time for membership renewals. The Steering Committee has reviewed our financial situation - following the purchase of the new club PC. We are in good enough shape that we will be able to HOLD THE $15 DUES.

So, we hope you WILL pop out that checkbook, and write one for $15 to MLCUG. You can use p.8 for your renewal (or copy it and keep your issue intact).

REGULAR REMINDERS - 1) our email mailing list is run for the member's benefit; so please do not hesitate to post notices or problems to it. If we can't solve the problem remotely, we can be alerted to it ahead of a meeting where hands-on may do the job.

2) attendees know that we have a very fast internet connection from the VU meeting room! So, if you have a very large download, you could bring along a zip disk (or a CD-R/RW) and get it done there, either before or after the main meeting.

3) a half dozen or so of the regular attendees usually partake of lunch at the Villanova Diner after the meeting. Why not join us? It is a good time to get a little more help (or give it) and just to have fun talking about our common interests. The food is quite good, too!

****************************************
MLCUG LISTSERV

We now have a web-accessible, sorted and indexed archive of the mailing list. Please check it out and send any feedback my way. The archive has no pointers to it; so it can only be reached by accessing its URL directly. That's to minimize non-members accessing the info. [Pete Whinnery, webmaster]

****************************************
LAST MONTH'S MEETING

Attendance at our September meeting was 15 folks, including one guest, who joined at the end of the session (it was Richard Brunner).

The plan had been to have a shortened Q&A to allow ample time for the next (demo) steps on the new club PC. Then do these steps.

- install the various drivers from the CD - do the activation - make our first base image - do the Windows Update

The first three items were accomplished. But, we did not get to even start the last one because of time constraints

When we started off the (intended brief) Q & Q with a discussion of the malware blasts that had appeared on the scene since our last meeting: 1) the Blaster worm on August 11th, 2) the SobigF virus on the 18th and 3) Microsoft's announcement of another big hole identified in the Win 2000/XP system proved to be food for quite a time!

Fortunately, only one MLCUG member is known to have been personally affected and one had his workplace systems essentially disabled; so we had no big, bad reports.

We DID have an extensive discussion on how to take precautions to be protected when your system has not been "patched". And, some discussion on the wisdom of rapidly responding or not to Microsoft's patch announcements.

On p.4 of the September newsletter, there was an article on the precautions to take for "More secure living". This article did not directly address the patch issue; so we added that to the discussion.

In the October issue, we hope to summarize the patch approach, see p.1 in this issue. But, in summary, the best philosophy may be "to wait a bit and see". To follow the idea of letting patches be tested in the real world - for potential side effects - before you use them yourself REQUIRES that the precautions noted in the September article be followed studiously! That gives you breathing room and lets you pick and choose what you want to install or avoid.

****************************************
SECURE LIVING?

[continued from p.1]

It urges you to open the attachment and install the patch after you have forwarded the message to your friends to help them, too!! The message usually arrived as a forward from someone saying they got this message from Microsoft and I ought to know about it!!!

Since I had just gone over procedure for dealing with email attachments both at our September meeting and at my Thursday computer forum at the West Chester Senior Center, I naturally had those points come to mind when I got my first (of about a dozen) "helpful" message. Here are the guidelines; so give them a review and compare them to receiving a message, with attachment, forwarded out of the blue:

To practice "Safe Email Attachments" - before opening ANY attachment sent to you, answer these questions (my answers are noted below):

1) Do I know who the attachment is from? No 2) Do I know what the attachment is? No 3) Do I know what the attachment does? ?? 4) Did the sender CREATE the attachment? No

Remember, if an attachment is part of a forwarded email message, the answer to 4 is "NO"! Also, remember that ONLY, if you can answer "Yes" to ALL four questions, can you open the email attach-ment with impunity.

So, this message got about 3.5 'No" answers out of 4!

The RESPONSE - a resounding NOOO! open!!!

If any of the members got the message, tell us about it at the next meeting, where we'll review this stuff one more time.

****************************************
MORE SECURE LIVING?

So, after that unfortunate addition to the string of recent internet threats, I figure that another look at "more secure computing life" is in order! So:

Remember that the Windows OSes, Internet Explorer, Outlook Express and the Windows Address Book are prime targets for attack by the prolific makers of viruses, worms and Trojan Horses! If you use them, exercise care!! (And, obviously, most of you are Windows users !!!).

1) use a well supported anti-virus program that is automatically updated, with email virus scanning.

2) use a good 2-way firewall. Conventional wisdom specifies this for folks who have broadband internet connections, but it is NOW a very good idea for anyone who uses the internet, even with dialup!

3) use spyware detection and removal software. This may be more of a privacy than a safety issue, but that does not per se make it less desirable.

4) use popup/popunder protection software. This one may be more of an annoyance factor, but it can be indicative of trouble coming for you.

5) if you do have a BROADBAND internet connection, a hardware firewall (via a router) is a superb protector. This is desirable to use even if you do NOT have a network in your home !!

Any questions, thoughts, ideas? Bring them up...

****************************************
AN OLDIE, BUT GOODIE?

Eye have a spelling chequer It came with my pea sea It plainly marques four my revue Miss steaks eye kin knot sea. Eye strike a key and type a word And weight for it to say Weather eye am wrong oar write It shows me strait a weigh. As soon as a mist ache is maid It nose bee fore two long And eye can put the error rite Its rare lea ever wrong. Eye have run this poem threw it I am shore your pleased two no Its letter perfect awl the weigh My chequer tolled me sew!

Borrowed from: What's New Now: [whatsnewnow@eletters.wnn.ziffdavis.com]

****************************************
WINDOWS XP TWEAKS

Continuing from September, here are a couple more of the tweaks for Windows XP from Fred Langa:

7) Improve XP's Virtual Memory Settings On its own, Windows places your "swapfile" or "paging file" (a portion of your hard drive that's used as a kind of pseudo-RAM) on your C: drive, and sets it up so it can grow and shrink as needed. However, you may be able to do better. For example, if you have more than one physical disk in your system, you may get better performance from either placing the swapfile on the lesser-used disk (assuming it's the same speed as the primary disk) or by splitting the swapfile across two disks. You also may see modest improvements in responsiveness if you set the swapfile to a fixed size, so Windows won't waste time growing and shrinking the file on demand.

Swapfile management has been somewhat of a black art in previous versions of Windows, but the XP Help System actually has good information on the subject (a first for Windows!). Select Help And Support from the Start menu, and do a search for "virtual memory." Be sure to check out the "related topics" delivered by the search for additional good information.

8) Control XP's Hidden Devices For reasons known only to the programmers in Redmond, XP may deliberately hide certain system devices from you. While this might make a kind of sense in, say, XP Home edition, these devices remain hidden even in the Professional edition.

For example, if you're used to Windows 98's networking applet, you may be surprised by how clean and uncluttered XP's networking applet is. But XP may simply be hiding lots of networking elements from you. To see if this is the case, right click on My Computer, select Properties, Hardware, and Device Manager. In Device Manager, select View and Show Hidden Devices.

Depending on how XP was set up, you may find a number of networking devices--"Miniports"--that the Networking applet didn't display. In my case, I found unnecessary PPOE, PPTP, L2TP, and Dial Out elements. I disabled all these unneeded elements, leaving only the IP miniport enabled, and thus restored some sense of control over my networking setup. Depending on how your system is set up, you may find other hidden devices, or no others. It varies hugely. But at least now you'll know if XP is hiding things from you.

****************************************
RESTORE OLD PHOTOS?

At the meeting in August, some of you expressed interest in the book that I brought in:

Restoration and Retouching with Photoshop Elements 2

The bulk order has come in. The price turned out to be $17.50 per copy, with no sales tax or shipping charges, nice!! I'll bring all the copies to the next meeting for pickup (and payment).

NOTE: I took a chance and ordered one extra copy. If you missed getting your order in to me, there is this one copy. Call me. [Emil Volcheck]

****************************************
Spamming sleazebags ruining e-mail

By Dan Gillmor Mercury News Technology Columnist

[continued from the September issue, p.5]

Chances of Microsoft doing the right thing voluntarily: just about zero

Meanwhile, technology administrators and computer users are failing to update their systems, even when warned about gross vulnerabilities. In fairness, these updates are not always simple, and sometimes they cause additional trouble. But it's plain foolish to ignore advisories that can prevent a relative calamity later on.

Chances of more users and administrators getting with the program: better than zero, but not nearly high enough.

Then there are the Internet service providers. It's almost criminal that all digital subscriber line (DSL) and cable-modem companies don't give customers firewall and e-mail virus protection as part of their services.

Chances of ISPs doing a better job: above zero, and growing.

What will come from this crisis?

I keep expecting the trial lawyers will find a way to break through the legal protection the software industry has erected to allow the sale of unsafe, shoddy goods. For years, after all, it was considered impossible to do anything about the arrogant tobacco barons and their lethal products. You'd think that the $50 billion in Microsoft's pocket would be a tempting target, at any rate.

There's talk of an entirely new architecture for e-mail, one that would require authentication, among other things, to help track the bad guys. Tempting as that sounds, it would be a huge chore to pull off -- and it would take away anonymity, which we need to preserve if we want to preserve some vital liberties.

I wish I had the answer. I don't, but I've taken some small steps of my own.

First, I will not open e-mail attachments, period, unless I know the item is coming beforehand or have extremely good reasons to believe it's not carrying an evil payload. If you want me to see a file such as a PDF document, post it on a Web site and let me know where to find it.

Second, I'm being more selective. I have several private e-mail addresses that I give out only to a small number of people for vital communications.

Third, I'm trying to get away from e-mail as much as possible in any event. My favorite way of communicating online is instant messaging. That doesn't work when I'm not connected. But it's much better than slogging through 500 unwanted messages in an inbox to find the few I need.

I'm also encouraging e-mail newsletter people to use the RSS (Really Simple Syndication) format that lets me opt into information sources in other ways and shuts out spammers.

It's too soon to give up on e-mail. But the medium may become literally unusable if we don't work collectively to be less vulnerable. -------------------------------------------------------------
Posted on Sun, Aug. 31, 2003

****************************************
COMPUTERS! BY DR SEUSS

Why Computers Sometimes Crash!

by Dr. Seuss

(Read this to yourself aloud - it's great!)

If a packet hits a pocket on a socket on a port, and the bus is interrupted at a very last resort, and the access of the memory makes your floppy disk abort, then the socket packet pocket has an error to report...

If your cursor finds a menu item followed by a dash, and the double-clicking icon puts your window in the trash, and your data is corrupted cause the index doesn't hash, then your situation's hopeless and your system's gonna crash!

If the label on the cable on the table at your house, says the network is connected to the button on your mouse, but your packets want to tunnel to another protocol, that's repeatedly rejected by the printer down the hall.

And your screen is all distorted by the side effects of gauss, so your icons in the window are as wavy as a souse; then you may as well reboot and go out with a bang, 'cuz sure as I'm a poet, the sucker's gonna hang.

When the copy on your floppy's getting sloppy in the disk, and the macro code instructions is causing unnecessary risk, then you'll have to flash the memory and you'll want to RAM your ROM, and then quickly turn off the computer and be sure to tell your Mom!

Well, that certainly clears things up for ME. How about you?

[courtesy of Jim Hoffmann of SWFPCUG & PCUG]

****************************************
At the PCUG Novice SIG meeting recently, we were talking about converting various media to CD's or DVD's.

A new store has opened in Wilmington that seems to do almost anything that one could want. They are in the old Cingular store at the intersection of Route 202 and Murphy Road. They were having a special until 9/29 - 80 35mm slides to CD/DVD for $29.95.

Go to their web site: http://www.ddvf.com

You will have to let the browser install Macromedia Reader in order to view the site. [Jim Hoffmann]

****************************************
NTFS to FAT32

Windows XP comes with a utility to convert FAT32 partitions or drives to NTFS (the default XP type). However, they tell you that it's one-way and no going back. Usually someone upgrades from 98 or Me to XP. This has XP in a FAT32 partition, hence the converter. Once you're there, you'd normally have no need to return, since NTFS is "better".

Unfortunately, I had a system with XPm, and had partitioned it with NTFS, before I realized I needed some FAT32 partitions!

What to do? On an off chance, I looked at the docs for Partition Magic 8. Lo and behold, it does the job & saved my bacon (on 3 drives!). [Emil Volcheck]

DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM

Meetings are in the St. Augustine Center at Villanova University. The regular monthly sessions will be meeting in Room 110.

[Map goes here]

Enter from the ITHAN AVENUE main gate, then proceed to the 2-level parking building adjacent to the St. Augustine Center, on the Ithan Avenue side of the building.

NOTE: maps on our webpage - http://astro4.ast.vill.edu/mlcug/

------------------------------------------------------------------------------------------------------------------------------
PC/128/64 Meetings  2003  Steering Committee Meetings

			October 11			October 22 *
			November 8			November 19 **
			December  13 		December 17 **

	* = FOURTH Wednesday	** = THIRD Wednesday at Tom Johnson's home
*********************************************************************************
EDITOR:  Emil J. Volcheck, Jr.   1046 General Allen Lane    West Chester, PA 19382-8030
(Produced on a home-built PC: 233 MHz Pentium, 128 MB RAM, 20 GB hard drive, Epson Stylus Color 740 printer, HP Scanjet 6300C, CD-RW drive, DVD-ROM drive and 250 MB Zip drive, using Appleworks 5.0.3)

      MLCUG LISTSERV: for members only...
                 WWW: http://astro4.ast.vill.edu/mlcug/
           PUBLICITY: Robyn Josephs 610-565-4058
   VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy
MLCUG STEERING COMMITTEE:
PRESIDENT: Emil Volcheck      610-388-1581  SECRETARY: Charles Curran   610-446-5239
TREAS/MEMBERS: Dewitt Stewart 610-623-5145  SYSOP/AMIGASIG: John Deker  610-828-7897
INTERNET/Linux:Peter Whinnery 610-284-5234   DATABASE: Layton Fireng    610-688-2080
AT LARGE: Tom Johnson         610-525-3440   AT LARGE: John Murphy      610-935-4398