Main Line Commodore User Group


December 2012 Issue 367





Starting in 2013, hard copies of the newsletter will NOT be mailed. Along with this change, dues will be reduced to $10 per year.

In 2013 & beyond, the newsletter will only be distributed as a PDF file and will be sent via email thru the club's email system.

When you renew your membership and pay your dues this year, PLEASE make sure you have a registered, up-to-date email address with the club as this is the only way you will be able to receive a copy of the monthly newsletter.




As in years past, this will be one of our more light hearted meetings in keeping with the holiday spirit. We will eat, drink, and be merry and have prizes and raffles.

We will open the formal part of our meeting with our normal round-table of announcements, questions, and problem solving. This is the part of the meeting where we all get an opportunity to help each other thru our computer experiences, both bad and good. So come on out to the meeting prepared to make a gift of your experiences and knowledge so all may learn and reap the benefits of shared knowledge.

As we did a couple years ago and since John M expects to be in Europe at the time of our meeting, John MAY be joining our meeting via Facetime, an Apple application for video conferencing on iOS devices & newer Macs. So, for December we hope to have conferencing setup between the club meeting at Villanova and John M in Europe for all attendees to see.

As in years past, we will intersperse the meeting with raffles and prizes and a Christmas luncheon near the end.

So come out and join us for the holiday festivities. Have a safe and happy holiday!


1) It’s that time of year again – CLUB MEMBERSHIP RENEWAL time. Please give your dues to our treasurer, John D, at the meeting or mail checks to his address as indicated on the back cover. Checks should be made payable to: MLCUG.

2) Club membership entitles you to receive a copy of the newsletter and access to our email list server, which is run for the benefit of our members. Please do not hesitate to post club and computer related notices and problems to it. If we can’t solve your problem remotely, we can be alerted to it ahead of the monthly meeting where more hands-on may help resolve your problem.

3) A few of the regular attendees usually partake of lunch at the Campus Corner Restaurant near the intersection of Routes 30 and 320 just off the Villanova University campus. So, after the meeting, why not join us? It’s an opportunity to get more help and to discuss our common interests.


Attendance: 8 people in all attended the meeting on Saturday, November 10th.

Main Meeting Q&A: We began last month’s meeting with our normal round of questions and announcements. Among the questions and announcements:

John D -

Ed C -Rich T -Don W -Pat S -John M -

Main Meeting Program: The main meeting presentation topic was "Mountain Lion Overview" and was presented by John M.

One goal of the presentation was make members relatively comfortable with the Mac interface & to show the similarities between the most recent version of Mac OS and Windows 8 while also noting some of the differences. At the same time John promoted the Mac OS for its somewhat better built-in operating system features.

John started the presentation by discussing the log on screen and then covered the Macs menu bar, dock, Apple menu, system info utility, the Apple store, launcher, preferences, Time Machine, the third party Super Duper utility, and how to boot from alternate boot devices.

Anyone considering moving from Windows to a Mac should also be aware that Apple maintains a web site dedicated to those who are making the transition from Windows. It is full of helpful information to ease the transition of new users. Take a look at:



NirSoft web site provides a unique collection of small and useful freeware utilities.


IE PassView is a small password management utility that reveals the passwords stored by Internet Explorer Web browser, and allows you to delete passwords that you don't need anymore. It supports all versions of Internet Explorer, from version 4.0 and up to 9.0.

For each password that is stored by Internet Explorer, the following information is displayed: Web address, Password Type (AutoComplete, Password-Protected Web Site, or FTP), Storage Location (Registry, Credentials File, or Protected Storage), and the user name/password pair. You can select one or more items from the passwords list and export them into text/html/csv/xml file.



One of the most convenient tools browsers offer is the ability to save and automatically enter your passwords on login forms. Because so many sites require accounts and it is well known (or should be at least) that using a shared password is a big no-no, a password manager is almost essential.

So if you are an IE user and answer “yes” to allow the browser to remember your password, how secure is this information?

Where are they saved? Starting at Internet Explorer 7, password are stored in the system registry (KEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2) and ciphered against the Windows user’s login password using the the Data Protection API which utilizes Triple DES encryption.

How secure is this data? At the time of this writing, Triple DES is practically unbreakable through brute force methods. However, there really isn’t a need to brute force the encryption once you are logged into the Windows account where your password data is stored as Windows makes the assumption that once logged in it is safe for applications to access this data. As a result of IE not utilizing a master password (such as what Firefox offers) to protect its saved passwords, the respective Windows account password is the Triple DES decryption key.

Simply put, if you can log in to Windows with the account password, you can see the saved browser passwords. Using a freely available utility such as NirSoft’s IE PassView, you can view and export every saved IE password.

So can malware access this? After seeing how easy it is to get to this data, the next logical question is can malware easily get to this data. I am not a malware developer, but I don’t see any reason it could not. If I scan the IE PassView utility using Virus Total, you can see 55% of the scanners they use detect it is malware (one of which is Security Essentials).

While in our case the result is a false positive, this shows that it is possible for a piece of malware to access this data undetected even when the system runs anti-virus. Additionally, because the encrypted data is user specific no UAC prompt will be triggered by an application trying to access this data. Before thinking this is a flaw in the OS, this is really the way it has to be otherwise IE and a host of other Windows applications which utilize the protected storage would trigger a UAC prompt every time they opened.

What if my computer is stolen? The simple answer is this data is as secure as your Windows account password. As we have shown above, when you login to the account using the appropriate password all of this data is easily accessible. If you use no password, you have no protection.

To take this a step further, I did a reset of the account password to see what would happen when the password was forcefully changed outside of Windows. After the reset, I saved a new Gmail address password (blah@) and ran IE PassView. I was able to see the previous user name (myemail@) which was saved before the password was reset, but because the account passwords (i.e. “master password”) used to save the data are different, it was not able to decrypt the IE password saved under the previous Windows account password. This is definitely a good thing.

Conclusion At the end of the day, the security of your IE saved passwords depends totally on the user:

  • Use a very strong Windows account password. Keep in mind, there are utilities which can decipher Windows passwords. If someone gets your Windows account password then they have access to your saved IE passwords.
  • Protect yourself from malware. If utilities are able to easily access your saved passwords, why can’t malware?
  • Save your passwords in a password management system such as KeePass. Of course, you loose the convenience of having the browser auto-fill your passwords.
  • Use a 3rd party utility which integrates with IE and uses a master password to manage your passwords.
  • Encrypt your entire hard drive using TrueCrypt. This is completely optional and for the ultra protective, but if someone can’t decrypt your drive they surely can't get anything off of it.

    Of course both of these go without saying, but this just reinforces the importance of taking steps to keep your system secure.

    Download IE PassView from NirSoft.

    DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM Meetings are in the St. Augustine Center at Villanova University. The regular monthly sessions meet in Room 110.

    Enter from the ITHAN AVENUE main gate, then proceed to the upper level of the 2-level parking building adjacent to the St. Augustine Center, on the Ithan Avenue side of the building. NOTE: maps on our web page -

     MLCUG Meetings Schedule        Steering Committee Meetings
        December 8                      December 12
        January 12                      January 16
        February 9                      February 14
    EDITOR: John W. Deker, Jr. 2210 Lantern Lane, Lafayette Hill, PA 19444-2211 Produced with HP-P6267C: 2.5GHz 4-Core Q8300, 8GB RAM, 750GB HDD, Brother HL-5370DW laser printer, CD-RW/DVD±R/RW drive, Windows 7 Professional 64-bit OS, MS Office XP, Bullzip PDF Printer software
    MLCUG LISTSERV:         for members only...
    PUBLICITY:              Position OPEN!
    VILLANOVA SPONSOR:      Prof. Frank Maloney, Dept. of Astronomy

    MLCUG STEERING COMMITTEE; PRESIDENT: John Deker 610-828-7897 V.PRESIDENT: Al Gottlieb 215-793-9725 TREASURER/SEC: John Deker 610-828-7897 DATABASE: Layton Fireng 610-688-2080 WEBMASTER: Peter Whinnery 610-284-5234 AT LARGE: Tom Johnson 610-896-2434 AT LARGE: Wendy Emery 215-765-3328 AT LARGE: Nelson Schrock 610-834-0117 AT LARGE: John Murphy 610-935-4398