Main Line Computer Users Group

April 2004 Issue 263


MEETING STARTS - 09:30 - APR 10 th


As usual, we'll start off the meeting with some announcements and a bit of round-table talking on news and problems. Come early and stay late!

From February's part 2 on spyware, we have a bit left over. That's to finish the demo of the Spybot + SpywareBlaster combo. So, presenter, John Deker, will give the finale (we hope ).

Last month. Pete Whinnery got us started on dabbling with Linux, in the form of the "Live CD" format called: "Knoppix". Each attendee received a copy of the bootable CD to try out on his own system, to get a feel for how it operates.

We hope that each person who got one of the CDs will have tested it on their computer - at least booted it up to determine if it boots. If it does, what functionality (video, sound, modem, network, etc.) it is able to establish without any further tweaking. And, that you made notes about it!

If it did not boot, we hope you made noteson that, too. So, either way it went, there will be topics to discuss - from the experiences fedback form all.

So, Pete will do the followup. See p.6 for some of the items he plans to cover. Then, be sure to bring your notes and your memories; so that any questions or problems you have can be covered for all to benefit. Hope you all make this session!!..

The Bagle Virus' Nasty Turn
[The bad news keeps getting worse! ed]

Is the Internet becoming a little more hazardous? The Bagle virus took a turn for the worse recently, with some variations now able to infect PCs without any user intervention. [cont.]


SECURITY - unfortunately, the business of security (or should I say insecurity) of our home computers continues unabated! This last month has brought seceral new items to the fore.

Some of them are mentioned here on p.1 and p.2; so see those spots for more info.

OUR NEW WEBSITE - just a reminder that thru the good offices of Mr. Rich Goldberg, operator of the local ISP, the club has been provided with a new website host and a new (we hope, easy-to-remember) domain name -! So, now we can be found on the web at:

Remember to check it out regularly. Last minute meeting items may be posted there, in addition to coming to you via the MLCUG listserv.

Oh yes, our faithful webmaster, Pete Whinnery, will be most appreciative of ideas to improve the useability and value of this website; so don't hesitate to suggest (he tells us he is still learning!).

REGULAR REMINDERS: 1) our email mailing list is run for the member's benefit; so please do not hesitate to post notices or problems to it. If we can't solve the problem remotely, we can be alerted to it ahead of a meeting where hands-on may do the job.

2) attendees know that we have a very fast internet connection from the VU meeting room (last month we hit 800+ KBps, now that's really moving - tho past performance is no guarantee of the future!). So, if you have a very large download, you can bring along a zip disk (or a CD-R/RW) and get it done there, either before or after the main meeting.

3) a half dozen or so of the regular attendees usually partake of lunch at the Villanova Diner after the meeting. Why not join us? It is a good time to get a little more help (or give it) and just to have fun talking about our common interests. The food is quite good, too!


The best solution to prevent a virus or Trojan Horse disaster is NOT to place yourself in harm's way in the first place So, remember, when you receive an email attachment and BEFORE you open it, ask yourself these four questions:

  1. Do I know who the email is from?
  2. Do I know what the attachment is?
  3. Do I know what the attachment does?
  4. Does the attachment ORIGINATE from the person who is sending it to me?
ONLY, if you can answer "Yes" to ALL four questions, can you be assured that you may open the email attachment with impunity.

Note: in this incident, that attachment failed questions 1, 2 & 3; so you should not have downloaded or tried to open it, if you did do the download. If your anti-virus software was actively scanning your email downloads, it should have acted and protected you.


Attendance at the March meeting was down a bit - only 14 folks turned out, including one guest (John Keohane). Hopefully, it was not the program that scared folks off - as we had an engaging one!

Due to a personal conflict, our first presenter, John Deker, could not make the first part of the meeting. So, his topic - Part 3 of the spyware detection story - was postponed until next month. He plans to demo the recommendations that were published in the March newsletter, p.5-6. This growing problem deserves more and more attention; so plan to come out for that meeting.

One special announcement that Emil covered was a Inquirer article, Reid Goldsborough, entitled: "Internet Flaw: World wide woes with the truth" and an article from the NY Times that member Layton Fireng had posted to the listserv, entitled: "The camera never lies, but the software can". The essence of these is that there is an increasing use of image processing software (like Photoshop and similar products) to fabricate false images and circulate them to cast a false light on people or organizations. Please be sure that you do not contribute to and make worse this increasingly serious problem. Do NOT automatically pass on (forward) stuff that comes your way without thoroughly checking into it, especially if it cast a derogatory view of someone(s) or thing(s).

We had a round-table Q&A, that covered a number of problems and questions. Some of the highlights from it include:

Two conflicting reports on the Norton Internet Security Suite 2004. Rich Tave reported that it installed and worked well on his Win XP system, an indication that Symantec, the publisher of NIS, may have (in some of the downloadable updates) got a handle on problems reported by a number of writers. However, John Keohane told us that he was unable to get NIS to install on his Win 98 system - kind of leaving us hanging! If anyone else has acquired and installed the product, please tell us about your experience - a posting to our listserv will do the trick.

Layton Fireng showed us his newest toy - a new Fuji S3000 digital camera (a 3 megapixel system with a 6X optical zoom and a new type of flash memory card). It came in at about $200 and is a very neat package. He passed around some 4x6 prints (from an Epson printer on Epson paper. As they should be, from 3 MP, the prints had excellent sharpness and good color rendition. The camera comes with a 16 MB, xD Picture Card (it can take 16-512 MB xD cards), which is a very new, very small format that has the potentials to go up to 8 GB of flash memory (this is a big jump compared to the 2 GB max of the other flash memory technologies and a big downsize in size). Watch for this!! Oh yes, one annoyance, the camera will not save uncompressed images - only jpegs. For most folks this is not an issue, but it is a deficiency if you want to do off-camera image processing on your pix.

While on the topic of flash memory, Emil showed us his newest toy, too. It is a Sandisk Cruzer Mini 512 MB, USB 2, flash drive. Compact and speedy (if you have USB 2 as it is much slower on the older USB 1 - tho it works fine with it, just slower). He's only had experience with two brands - a PNY and two of the Sandisk units. The latter work better on Win 98 SE, while both makes work well on Win Me or Win XP. It has become one of those do-not-want -to do-withouts!

If you may want to follow all the legal tangles going on with the various parties in the Linux-Unix suits and counter suits from the SCO Group, Pete Whinnery suggested a look at:

Ralph Hose had a strong comment on the "turn of your anti-virus program when installing new software and such-like". He had to do a total reinstall of his Windows OS, then the various applications that he wanted. He followed the advice and, to his chagrin, found that he had got several infections while all this was going on! So, he suggested that the conventional wisdom should become "never turn off your anti-virus software"!!! Perhaps, a slight mod might be "unless it cause the installation to croak!".

March's Knoppix Startup

At our March meeting, having made our way round the table, we turned the meeting over to Pete Whinnery for the part of the announced program on: "Knoppix - a unique way to experience Linux". As most of you know, or gathered from the announcements, Knoppix is a "live CD" Linux distribution - the whole operating system runs from a totally packed CD (with an estimated 2 GB of OS and other software on it!). Nothing needs to be installed on your hard drive; so no partitioning, no messups of your hard drive arrangement - just stick in the CD and restart.

Prior to the meeting, member John Murphy, who has a CD duplicator, made up about twenty (20) copies of the Knoppix v3.3 CD. These were passed out as Pete started his show. Very special thanks go to John for this extraordinary effort (especially in view of the fact that he had been in and out of town on some urgent and demanding customer support work for his livelihood)!!!

Pete proceeded to pop one of the CDs into the club PC and restart - we then observed the boot process (which takes about 1.5 minutes on the club PC). Since everything is compressed on the CD, it has to be read off the CD, uncompressed and installed. So, the faster your CD drive, the faster your CPU and the bigger your RAM, the quicker the whole thing goes! As a contrast to the club computer, my almost 4-year old PC with a 233 MHz CPU, 128 MB of RAM and a speedy CD drive, takes 4 minutes (or, because it is better to boot from a startup floppy, a process that adds a minute to the boot time). Your experience will be different (the speediest system I've tested did it in 68 seconds - from a 2.8 GHz Pentium 4 with 512 MB of RAM and a 52X CD).

After she booted up, Pete stepped us thru the features of the GUI interface (the KDE desktop manager) that Knoppix uses. It looks and acts pretty much like a Windows machine - just looks different as the authors jazzed up the desktop!

Then, he turned to his crib sheet, which you can do, too. This aid is on an unlinked page on the club website. You will not find a link to click; so just type in: and go! Pete went thru most of the points in this "Knoppix for Newbies" writeup, that he had modified for our consumption from a writeup of the same title that IS linked on the webpage:

To get a full flavor of the presentation that Pete made, get that outline and review it in detail. He covered accessing drives, firing up the browser, connecting to the net, running some of the 100s of programs that are provided on the CD (unlike a typical Windows distribution, Knoppix, like other flavors of Linux distros, includes a vast range of applications and utilities. So, not only is the OS free, but most of the apps you'll want to get started with are free, too, and provided.

We'll be soliciting folks experiences and questions at our next meeting - which will be followed by Pete's next part of the Knoppix story. ========================= To have folks explore Linux and get a real feel for what it can do, we strongly encourage all who got one of the free CDs to use it during the next month. Make notes of what you experience, especially questions and problems. You can feel free to post these to the listserv to help others and get some help for yourself!

If you DID NOT get one of the CDs, please contact Emil and see about getting one of the extras that we have a few leftovers of. You can have one mailed to you - but be sure, before you so request that you'll be able to use it before the next meeting, as the CDs will be available then, too.

See you Knoppixing next time! [Emil Volcheck]

Bagle Virus' Nasty Turn!

By user intervention, we mean opening attachments. Even the most casual of home PC users now understand that it's dangerous to open strange attachments they're not expecting, especially from strangers or, sometimes, even from friends who have unknowingly sent a virus.

This new version of Bagle only requires a recipient to open the email or view it within the Outlook preview frame, where some invisible HTML code downloads and infects a PC through a known flaw in the Internet Explorer browser. According to Dow Jones, there are several subject lines that may herald the virus' arrival, including "E-Mail Warning" and "Fax Message Received."

Before you panic, there's good news. According to anti-virus rivals Network Associates (NYSE: NET) and Symantec (Nasdaq: SYMC), you PC users who have been downloading Microsoft's (Nasdaq: MSFT) patches with discipline shouldn't have any problems. Meanwhile, most corporate IT departments have likely kept things up to date.

Also, this version isn't widespread so far (see above). What's interesting is that it's a new way of delivery, which means Microsoft (and Windows users) will have to be diligent. In that vein, it could signal a new trend in viruses -- executing without attachments is a smarter contagion indeed.

The news comes at a rather inopportune time. Yesterday, the Pew Internet & American Life survey said that spam alone has been reducing the use of email and spoiling people's view of it as a safe communications tool. The survey said that 30% of respondents decreased their use of email due to spam. In fact, 77% said that spam makes their online experience "unpleasant and annoying."

The danger hasn't been lost on lawmakers, who recently enacted the CAN-SPAM Act, which many industry watchers claim hasn't yet done much to alleviate the onslaught of spam. Meanwhile, archrivals with a pretty hefty stake in email's history as the Internet's killer app -- including Microsoft, Time Warner's (NYSE: TWX) America Online, and Yahoo! (Nasdaq: YHOO) -- recently banded together in a lawsuit targeting spammers.

So we have the annoyance of spam, the threat of viruses, and signs of a growing weariness in users -- the email experience is degrading. It's clear the industry needs to continue to fight to clean up inboxes or risk a souring outlook on email.

Has spam taken the fun out of email? Do you think this new virus signals a bad new trend? Talk with other Fools who track this sort of thing on the Viruses, Hoaxes, & Spam, Oh My! discussion board.

By Alyce Lomax, 3/19/04 (& The Motley Fool) Alyce Lomax does not own shares of any of the companies mentioned.


by John Deker, continued from p.1

Spyware Summary & Recommendation

Emil has asked that I provide a recommendation to the club on which anti spyware you should use and why. I believe Emil recognizes the burden spyware and viruses place on the user who wants to keep his computer safe and Emil wants us to have as simple a one fix answer as possible. The reality of spyware is that I don't believe there is a best answer for all users as not all users have the same competency level or needs. Nor in this new threat arena is any of the anti spyware programs able to detect and successfully remove ALL spyware.

If I were forced to pick one best answer it would be to install and use Spybot and Spyware Blaster based on bang for the buck. Both programs are donation ware which makes the price one of the best features. Second, PC Magazine recently rated Spybot with an honorary mention right behind its favored Spyware Sweeper program. The big negative downside with Spybot and Spyware Blaster is that you have 2 programs to keep updated on a weekly basis. And that's in addition to your anti virus program that you update weekly. YOU DO UPDATE YOUR ANTI VIRUS PROGRAM, DON'T YOU?

I feel that Spybot and Spyware Blaster require quite a bit more effort from the user than Ad-aware which is freeware. For those of you who think your computer competency is not all you would like it to be and who don't use peer-to-peer file exchange software and don't visit risque Web sites, I think Ad-aware may best serve your needs. Please note that the freeware version of Ad-aware requires you, the user, to manually run it occasionally for it to be of any value you. This is also true of Spybot, but Spybot does offer some realtime protection features

For those of you who want an aggressively updated anti spyware program with the best information about spyware and don't mind paying for it, Pest Patrol is recommended. PC Magazine noted that Pest Patrol has the best research information about spyware. At this time, the information is freely accessible to the public on their website.

Not presented in our review of anti spyware, but highly recommended by PC Magazine is Spyware Sweeper. It is the costliest of this group of anti spyware with an annual renewal charge of just under $30, or you can opt for a 2 year renewal charge of just under $40.

These recommendations will be discussed further at our April meeting. Until then, be sure to practice safe computing!!!

Re: Knoppix Demo for April

Here is an amplification of the Knoppix/Linux stuff that Pete intends to cover at this meeting:

a this is not being touted as a long term, everyday Linux distro for folks to use. It is an extremely convenient way for folks to use/play with Linux to help them decide if they would like to do more with this OS (what distro to use for that is a decision further down the pike).

b how to deal with Knoppix's missing of key drivers (sound cards and modems for example) - when the right drivers are actually on the CD already. b1 may be related to wanting to have some personal configuration items (like self-created desktop icons) remembered for automatic recreation at subsequnet startups.

c how to deal with the situation where the key drivers are not on the CD and have to be downloaded - how to make them work, preferably by default once they have been found, downloaded and installed the first time.

d demo some of what is included on the CD: How to create desktop icons from the start menu All the items in the Knoppix menu Mozilla Open Office Screen resolution - help for the vision impared

e how can one run other apps that you come across, but that have not been included in Knoppix.


Dialers - Programs that use a system, without your permission or knowledge, to dial out through the Internet to a 900 number or FTP site, typically to accrue charges.

Hack Tool - Tools used by a hacker to gain unauthorized access to your computer. One example of a hack tool is a keystroke logger -- a program that tracks and records individual keystrokes and sends this info back to the hacker.

Hoax - Usually an email that gets mailed in chain letter fashion describing some devastating, highly unlikely type of virus. Hoaxes are detectable as having no file attachment, no reference to a third party who can validate the claim, and by the general tone of the message.


Meetings are in the St. Augustine Center at Villanova University. The regular monthly sessions meet in Room 110.

[Map goes here]

Enter from the ITHAN AVENUE main gate, then proceed to the upper level of the 2-level parking building adjacent to the St. Augustine Center, on the Ithan Avenue side of the building.

NOTE: maps on our webpage -

PC/128/64 Meetings  2004  Steering Committee Meetings

			April 10 			April 21 **
			May 8   			May 19 **
			June 12 			June 16 **

	* = FOURTH Wednesday	** = THIRD Wednesday at Tom Johnson's home
EDITOR:  Emil J. Volcheck, Jr.   1046 General Allen Lane    West Chester, PA 19382-8030
(Produced on a home-built PC: 233 MHz Pentium, 128 MB RAM, 20 GB hard drive, Epson Stylus Color 740 printer, HP Scanjet 6300C, CD-RW drive, DVD-ROM drive and 250 MB Zip drive, using Appleworks 5.0.3)

          MLCUG LISTSERV: for members only...
               PUBLICITY: Robyn Josephs 610-565-4058
       VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy


PRESIDENT: Emil Volcheck    610-388-1581  SECRETARY: Charles Curran 610-446-5239
TREASURER: Dewitt Stewart   610-623-5145  AMIGASIG: John Deker      610-828-7897
WEBMASTER: Peter Whinnery   610-284-5234  DATABASE: Layton Fireng   610-688-2080
AT LARGE:  Tom Johnson      610-525-3440  AT LARGE: John Murphy     610-935-4398