Main Line Computer Users Group

May 2004 Issue 264


As usual, we'll start off the meeting with some announcements and a bit of round-table talking on news and problems. Come early and stay late!

As noted in the minutes from last month, Pete Whinnery took us a bit farther in using the "live Linux CD" version of KNOPPIX.

Between the March and April meetings quite a few gave the CD a try and a number of problems were identified. Pete addressed some of them, in the time available to us last month.

However, not all the difficulties can be overcome by typing in commands at the Knoppix boot prompt. For example, this worked for changing the display resolution from the 1024x768 default to 800x600 to make viewing easier.

It will be necessary to actually put the Knoppix CD contents onto your hard drive to get around most all the remaining difficulties.

So, Pete will do more followup and cover: how to transfer the Knoppix distro to your hard drive, how to set it up, how to use it to clear up difficulties with drivers (the main problem) AND how to use this arrangement to install and run software that was NOT included in the massive file set that comes with Knoppix on the single CD. Hope you all make this session!!

Caution: spoofing, spyware and phishing

By Edward Johnson

Whoever coined the phrase "Good things come in small packages" certainly was not contemplating the damage that can be caused by today's Internet-related scams du jour. [continued]


TIDBIT - as a sign of the times (I guess), you recall that the former big computer giant, Gateway, has recently purchased the bargain computer maker, eMachines. However, rather than a sign of strength, on 4/30/04, Gatewat announced that they would be laying off 40% of their remaining workforce. When completed, this move will take them from a peak of 25,000 employees to an expected 2,000 (or a drop of 92%).

They also announced that part of this personnel reduction is coming from the closure of all 188 of their Gateway local stores (no indication of just how many folks this part involved).

Ironically enough, the #1 computer maker, Dell, almost simultaneously announced that they are planning to increase the number of local kiosk stores that they deploy. Wonder if that will truly bode well for Dell?

PIRACY - by now, we are familiar with the move that Microsoft made to cut down on pirated copies, of their Windows XP operating system and the Office Business suite, by introducing the "product activation" feature.

Other vendors have started to move in the same direction; so, for the larger vendors, this is very likely to become a way of the future.

Interestingly enough, the latest issue of MACworld told us that activation has entered the arena of the Macintosh computer, too!! The article was not exactly upbeat , but then I would not have expected it to be. I'll bring it to the May meeting.

OUR NEW WEBSITE - just a reminder that thru the good offices of Mr. Rich Goldberg, operator of the local ISP, the club has been provided with a new website host and a new (we hope, easy-to-remember) domain name -! So, now we can be found on the web at:

Remember to check it out regularly. Last minute meeting items may be posted there, in addition to coming to you via the MLCUG listserv.

Oh yes, our faithful webmaster, Pete Whinnery, will be most appreciative of ideas to improve the useability and value of this website; so don't hesitate to suggest (he tells us he is still learning!).

REGULAR REMINDERS: 1) our email mailing list is run for the member's benefit; so please do not hesitate to post notices or problems to it. If we can't solve the problem remotely, we can be alerted to it ahead of a meeting where hands-on may do the job.

2) attendees know that we have a very fast internet connection from the VU meeting room (last month we hit 800+ KBps, now that's really moving - tho past performance is no guarantee of the future!). So, if you have a very large download, you can bring along a zip disk (or a CD-R/RW) and get it done there, either before or after the main meeting.

3) a half dozen or so of the regular attendees usually partake of lunch at the Villanova Diner after the meeting. Why not join us? It is a good time to get a little more help (or give it) and just to have fun talking about our common interests. The food is quite good, too!

Sage Advice

by Reid Goldsborough, Inquirer

It is better to take a broken PC to a local repair shop than have a repair technician come to your office or home. Though this is less convenient, the repair shop will have access to better diagnostic tools there. It will have time to observe the problem, if it is intermittent. And the cost will be lower.

Write down the exact nature of the problem you experience when it occurs, including what you see on your screen, what you hear and how long the problem lasts.

Before the repair ~work begins, get a written estimate and request that you receive an invoice afterward detailing the parts repaired or~replaced, the cost of the material and labor for each, and the warranty on each.

Pay by credit card, which will provide you with some protection if a dispute arises later.

Use your computer as soon as you get it back, and notify the repair shop immediately if you are still experiencing the problem.

Small sample sizes prevent the Checkbook magazine's ratings of individual stores from being statistically accurate in a strict scientific sense, but Krughoff said that large differences in scores even with small sample sizes can be meaningful. Nonetheless, take what follows with the proverbial grain of salt, using it as just one piece of information along with others such as personal recommendations from trusted sources.

The best local computer repair shops for both quality and price, according to the magazine, include Comp Solutions, of Clayton; MacMobile, of Upper Darby; Mariton Computer Service, of Marlton; Mindy International Computers, of Abington; Motto Computer, of Wilmington; and Oxford Computer, of Broomall.

The large stores - Best Buy and CompUSA - got the worst ratings on quality, though some individual Best Buy and CompUSA stores did better than others.

On the Web: Contact columnist Reid Goldsborough at


Whether it was the weather, our interesting subject matter, or our engaging presenters, April brought a much bigger than average turnout with 23 attendees, including 2 guests! To mak e things even better, we had no hitches (or Murphy visits) for either of our topics - great!

Because of the need to really fit two topics in, we kept the round-table discussion short - and were not able to deal too much with problems. Tho, right after the meeting, member Mike Byrne hooked up his recalcitrant computer that he had brought in. It did not want to get out of safe mode. In fact, when we fired it up, it did not even want to boot properly. By forcing it into safe mode and switching a video setting, we got it calmed down and bootable into regular Windows mode; so Mike will now be able to investigate the circumstances just before the problem appeared to seek a cause (and remedy???).

One show-and-tell item was brought in by Emil, a Casio CW-75 Disc Title Printer. This is similar to the device that John Murphy used to label the big batch of Knoppix copies that he made up for last month's distribution. The CW-75 is a neat device, with its own built-in keyboard, runs on battery power and allows for stand-alone CD or DVD labels (no fancy graphics or full color scenes, but distinctive, easily legible print).

Marty Caulfield had a show-and-tell also, one of the Microsoft free "Security Update" CDs. Look for a bit more info elsewhere in the May issue on this offering.

While on the subject of security and Microsoft, remember that the next service pack (SP2) for Windows XP will be mainly devoted to security and privacy considerations. Right after the meeting, I learned that a beta of SP2 is now downloadable from the MS website. It is 273 MB in size; so plan on a week or so download for your 3K modem . According to the report I read, if you download and install SP2, upcoming security updates will update the beta to the final release version. Some of the features in SP2 are definite steps forward (like having the XP firewall turned ON by default, rather than OFF!!


by John Deker

Keeping to the security/privacy theme, at the April meeting, we turned things over to John Deker to, at last, finish his demo on spyware detection and prevention. This involved firing up Spybot and using its internal link to download the latest version of SpywareBlaster. The latter application tries to prevent the installation of spyware, rather than simply allow one to scann for and (hopefully) remove this increasingly pervasive marketing (and worse) tool of the trade.

Before actually performing the installation of the blaster update, John had the existing version turn off the various protection features it had put in place, then uninstalled it, installed the new version and reinstituted the prevention features. This mode is recommended to be sure that the new installation is proper and no hidden glitches due to remnants from the earlier version remain.

John mentioned that there is a conflict between SpywareBlaster and PestPatrol, one of the detectors that he showed in the original presentation. The conflict involves a registry change that SB makes that PP considers to be malware. John suggested that letting PP remove the SB change - relating to what are called "ActiveX" controls - and letting your browser manage that potential problem, was his preference. That immediately raised the issue of ActiveX and Emil suggested that we go thru some of that next time with a review of the privacy settings in Internet Explorer that allow for a wide range of options in dealing with ActiveX. Watch for that!

In the April issue of the newsletter, John had published his recommended approach to spyware handling. He will review that recommendation as time goes on and update it based on what he learns, or gets from member feedback, or whatever. This could be a source of perpetual articles for the newsletter!!!

Knoppix Demo for April

On that note, we turned to our second topic and Pete Whinnery took the witness stand to do a Part 2 on the use of the "run from the CD" version of the Linux operating system. Many of the members tried the CDs that were distributed last month, had problems and questions about it. So, Pete's primary goal this time was to respond to as many of those that he could to ease the use of the product for all of us.

Elsewhere in this issue, Pete summarizes the material he covered, as well as followup stuff from the questions that came up during today's meeting. So, give that a good look, fire up the CD and try your hand at it. The interest level seems pretty high amongst the members to at least give it a whirl. We will have future meeting opportunities and demos to help those who continue with the experiment.

NOTE: if you did not get a CD and would like one, plan to pick one up at the next meeting. We should have additional copies made up by then.

Spoofing & Phishing

[continued from p.1]

The Better Business Bureau advises that given the variety of viruses, combined with the level of sophistication by which your privacy can be violated, simply opening an e-mail can be a Pandora's box. For the average person, the world of Internet worms, intrusions and flat-out fraud can make the info highway unsafe at any speed.

Take the use of spyware. You may not even realize that spyware is used by marketers to track your Web traffic. It sneaks onto your computer hard drive via innocent "surfing" on the Internet.

It is also the software that generates those annoying popup advertisements that you may perpetually find interfering with your ability to use the Internet. The fact that software unknown to you can get on your hard drive and track your movements is invasive. In the wrong hands this information enables those with lessthan-honorable intentions to wreak havoc.

This is disturbing.

In addition to being aware of spyware, the practice of spoofing (and the nasty viruses they spread) is on an upward trend. Spoofing occurs when hackers configure their e-mail to make it appear as if messages they are sending are coming from someone they are not.

Spoofing hides the identity of the original sender and can make it difficult to track them down.

Bundled in with the deceptive e-mail is usually some sort of virus.

The e-tricks that people play unfortunately go weli beyond looking over your shoulder and sending viruses your way. Scammers are casting about in hopes of obtaining your credit card or other personal information.

The practice of using spam to lure consumers into disclosing what should be privately guarded information is known as phishing. With this the e-huckster will send you an email representing themselves to be from a business that you normally might have legitimate interactions. In such cases, the e-mail message might tell recipients that it is from their Internet Service Provider (ISP) or from their bank or credit card service provider.

The message will go on to say that they need to update or validate their billing information to keep their accounts active. Next, the message directs you to a look-alike Web site of your real ISP or bank to further win your confidence in thinking you are responding to a bona fide update or vaildation request.

From there, the scam collects financial info, unknowingly submitted by the consumer.

To help prevent being victimized by the various Internet and email-related ploys that monitor your traffic, dump viruses or deceive you, the BBB offers the following tips:

Install antivirus protection and spyware software and scan your computer for viruses on a regular basis. Also, remember to check with your software provider for virus updates.

Equip your computers with firewalls. Firewalls are hard-.~ ware and/or software that can be purchased at most computer stores. They protect a computer network from unauthorized outsiders. Your ISP should have filters that keep intruders out, too.

Depending on the level of privacy you need, consider obtaining encryption software.

Back up important data in case you catch a virus that crashes your computer.

Refrain from downloading programs from or providing information to sites that you have not authenticated.

Be careful of file sharing. This can lead to invasions of your hard drive.

Do not open e-mails from unknown sources and avoid emailing personal or financial information.

If you are making an online purchase look for the "closed-lock" icon on the browser's status bar. This signals a secure environment.

Also, for those companies you do business with online, look for mainstream thirdparty verification seals such as BBBonline, Truste or Verisign.

Edward Johnson is President & CEO of the Better Business Bureau serving Eastern Pennsylvania.

[This list of to-dos is a good guide for any user of a computer: ejv]

MIT is blocking executables within their email system

In what might be the wave of the future, MIT took the extraordinary step of blocking delivery of attachments that are executables. From now on, to send an executable to someone within their system, the file must first be zipped or pdf-ed.

This prevents those "helpful" Microsoft email clients from launching executables for us.

The MIT approach - simple and effective - sounds like a good practice for all of us to use. MIT believes this would have prevented the spread of the SoBig.F virus last year.

(Attachment blocking is not a 100 percent reliable method of protection against viruses and security vulnerabilities. There are ways of encoding attachments that will manage to evade these tests, such as encoding the filename with non-English characters.) [John Voris - EPCC]

Here is what MIT published as their List of Dangerous Three Letter Extensions:

	ade 		adp 
	bas 		bat 
	chm 		cmd 
	com 		cpl 
	crt 		eml 
	exe 		hlp 
	hta 		inf 
	ins 		isp 
	jse 		lnk 
	mdb 		mde 
	msc 		msi 
	msp 		mst 
	pcd 		pif 
	reg 		scr 
	sct 		shs 
	url 		vbs 
	vbe 		wsf 
	wsh 		wsc 


Joke Programs - Programs that change or interrupt the normal behavior of your computer, creating a general distraction or nuisance. Harmless programs that cause various benign activities to display on your computer (for example, an unexpected screen saver).

Remote Access - Programs that allow another computer to gain information or to attack or alter your computer, usually over the Internet. Remote access programs detected in virus scans may be recognizable commercial software, which are brought to the user's attention during the scan.

"Security Update" CD

Since our last meeting, we looked at Microsoft's Security Update CDs a bit. The version that Marty Caulfield brought last month apparently has the security updates for Windows 98 thru XP for the time frame up to February 5, 2004. We'll bring it.