|
We guarantee your privacy: 1. We will never sell, rent, or give away your address to any outside party, ever. 2. We will never send you any unrequested e-mail, besides newsletter updates. 3. All unsubscribe requests are honored immediately, period. Privacy policy 
|
|
INTRODUCTION — news about your newsletter How to get free Internet calls At least four times a year, we license a special bonus download for our paying subscribers. This issue's bonus is:
Talk Is Cheap won't appear in any bookstores until July. But you can have two of the most valuable chapters right now, exclusively from Windows Secrets. The first chapter of the excerpt explains features you can get free with Internet phones, but are costly or unavailable with landlines. These include selecting almost any area code you want and receiving calls almost wherever you happen to be in the world. The second chapter describes all kinds of gadgets that can be used for cheap Internet calling, including new cordless phones. The book uses as examples the free Skype service and the monthly-fee Vonage, but the information generally applies to any provider. The author, James E. Gaskin, has previously written Corporate Politics and the Internet (Prentice Hall) and Broadband Bible (Wiley). Talk Is Cheap will be published by O'Reilly. The e-book is a printable PDF file that's 779 KB in size. Your download time will range from less than a minute on a cable modem to approximately 4 minutes on a 56 Kbps dial-up modem. To upgrade your subscription, use the following link: How to upgrade The full, printed book is not yet stocked in any store, but will be available next month for a list price of $19.95 USD. More info: United States / Canada / Elsewhere We hope you'll enjoy our exclusive excerpt of Talk Is Cheap. We look forward to bringing you even more secrets of Windows, and even more bonus content, in the year to come. —Brian Livingston, Editor Look for Firefox update soon We wrote in a newsletter update on June 10 that Firefox 1.0.3 and 1.0.4 had re-introduced a security flaw that had been fixed in 1.0.2. We linked to a Mozillazine discussion forum indicating that a change in Firefox's preferences could close the hole until Firefox 1.0.5 is released with a fix. Reader Henno Putto of the Netherlands wrote to say the workaround didn't close the hole in his copy of Firefox 1.0.4. You can safely test any browser for this flaw using a test page from the Secunia security firm. According to the firm, the same flaw has gone unpatched in IE 5 and 6 since June 2004. We don't have the ultimate answer for this flaw yet. But we know the Firefox development team on June 7 submitted a bug fix for testing. (See bug 296850.) The best thing for Firefox users to do is to upgrade to version 1.0.5 or the more-complete 1.1, whichever appears first. Version 1.1 (code-named "Deer Park") is scheduled for release in July 2005, according to the Firefox Roadmap. Whenever a new version is available, you'll see a red up-arrow button on the Firefox toolbar, near the Close Window button. Livingston on the radio Windows Secrets editor Brian Livingston will be interviewed by the "Let's Talk Computers" radio program on Sat., June 18. The show will also feature Make Magazine, the new hands-on tech publication. Anyone with an Internet connection can listen to a recording of the program, free of charge, using Windows Media Player or Real Player. Links to the audio feed will be posted at the home page of Let's Talk Computers. An interview on a different subject was also conducted by SBS, a radio and television network in Australia. The radio interview focuses on the risks of software patents. An audio file is available from the World View program. ^ |
 Windows Secrets Newsletter Issue 55 — 2005.06.16 INTRODUCTION • How to get free Internet calls • Look for Firefox update soon • Livingston on the radio TOP STORY • Readers offer tips on Wi-Fi • Login authentication using MS software • Authentication for Windows 2000 • WPA support for Centrino and Win 98/Me • Low-tech device provides 100% security WINDOWS GIZMOS • New inventions for a hip PC • Heat sink silences noisy video boards • 2GB Flash drive and MP3 player merge • Mouse manages passwords using fingerprints INDEX OF REVIEWS • We have a screenful of LCD monitor tests • Dell named PC World's Best Buy • Tom's likes LG's LCD • Dell reappears at the top of CR's list • PC Mag picks best projector • CPU Mag finds Canon unchallenged in tests • Canon's improved model impresses CNET • PC Mag awards cameras in five categories • CR recommends HP and Sony • Two Canon printers get Editors' Choice • Tom's names HP winner in photo printers SECURITY BASELINE • WSC Guard named best Wi-Fi 3rd-party app HOT TIPS • Get the most out of your Wi-Fi • How to get a free VPN • Vendors may be slow with WPA support • Not everyone reveres George Ou BRIEFING SESSION • The secrets of silent computing • An industry takes notice of noise • Buying silence for your PC • Upgrading to silent components OVER THE HORIZON • Don't wait for IE 7 to be secure • Beginning of the end for Windows 2000 • Don't expect a service pack soon • How to secure your system now WINDOWS PATCH WATCH • I'm MU-ing this month — are you? • How to switch to Microsoft Update • Troublesome patches include IE fixes • TCP/IP patch re-released to fix VPN • Firefox now easier to patch and deploy • MSN IM wants update... but for what? • Irritating Front Page and SQL issues • Good blogs and Webcasts on patching • Tell me your Microsoft Update experiences UPDATE MANAGEMENT • Tips for getting started with WSUS • Turn off unused languages • Manually install the agent, if necessary • Run the diagnostic tools • Check the logs • Disable Windows Update • Make a pilot group • Follow up with MBSA 2.0 WACKY WEB WEEK • Protect your Ben & Jerry's with a Pintlock USEFUL LINKS • Rootkit author beaten, for now • New tools may beat rootkits • IceSword author speaks out on rootkits • MSN Search Toolbar with Windows Desktop Search NEWSLETTER CONTROL PANEL • Windows Secrets home page • How to subscribe • Change your delivery address • Change your preferences • Access past free issues • Access past paid issues • Upgrade to paid version • Search for info (WinFind) • Submit a Windows tip • Get subscription help • How to unsubscribe CIRCULATION: over 147,000 |
|
TOP STORY — info you need to make Windows work Readers offer tips on Wi-Fi By Brian Livingston Readers had positive reactions — and lots of additional tips to share — to my May 26, 2005, article entitled, "Wi-Finally: wireless security that actually works." Glenn Fleishman, a wireless expert and editor of Wi-Fi Net News, wrote in his blog on May 27 that the article "is an incredibly clear set of the best advice I've seen on the topic." I devoted a lot of effort to researching the story because Microsoft had recently begun giving away a free piece of software for Windows XP SP2 that supports both of the new, secure forms of Wi-Fi — WPA (Wireless Protected Access) and WPA2. I wrote that all Windows users should immediately throw into the garbage any old Wi-Fi hardware that can't be upgraded at least to WPA. There are plenty of Wi-Fi routers, access points, and adapters that are WPA2-capable and are selling for commodity-level prices. If you're buying any new Wi-Fi equipment, insist on products that support the strongest standard: WPA2-Enterprise. (Such products are also downward-compatible with all lesser standards.) You can find a product list by clicking the WPA2-Enterprise check box at the Wi-Fi Alliance's Certified Product Listing page. Of course, buying anything new wouldn't be necessary if the computer industry had demanded from the beginning that all Wi-Fi equipment must support strong security — and must be sold with all security features turned on. Unfortunately, that's a battle that was lost long ago. The best thing you can do now is make sure the drivers, adapters, and access points you use are all upgraded to WPA or WPA2. For step-by-step instructions, see the May 26 newsletter. As usual, my readers found excellent resources that other readers can benefit from. Let's look at some of the tips they've sent in. Login authentication using MS software I sent out a brief newsletter update on June 10 describing a concern about Microsoft's new WPA2 software. eWeek Magazine had reported that the download supports only one of five forms of login authentication that have been standardized by the Wi-Fi Alliance. This form is known as EAP-TLS. Several readers, the first of whom was Fleishman, wrote to explain that Microsoft's software can also support another form of authentication called PEAP. This is because Microsoft has built PEAP support into Windows XP SP1 and SP2, Windows 2000 SP4, and Windows Server 2003. This still leaves the Microsoft software, technically known as a supplicant, without support for (take a deep breath) EAP-TTLS, PEAPv1, and EAP-SIM. Rather than explain all of these acronyms here, I'll refer you to an article by George Ou, a blogger for ZDnet, entitled "Understanding the Updated WPA and WPA2 Standards." His write-up exhaustively defines all five of these technologies, and much more. If you're a small business or home user who's decided to use the simpler WPA-PSK (WPA with a pre-shared key), none of the five forms of authentication mentioned above matter to you. Just remember to create a pre-shared key that's long enough to be secure (32 characters is fine), with a random mix of numerals, punctuation, and upper- and lowercase letters. I described these PSK details in my May 26 article. Authentication for Windows 2000 Rich Saulpaugh writes to say that Microsoft has made available a free authentication client for Windows 2000 SP3 and higher for some time. This software supports the EAP-TLS and PEAP methods of login authentication. This software is available to download from Microsoft's 802.1x client page. WPA support for Centrino and Win 98/Me Frank Bulk recommends some resources that provide WPA and/or WPA2 features to users of Centrino-based laptops and Windows 9x-based PCs:
For these reasons, Windows users may prefer WIRE1x (pronounced "wire one ex"). This is a free, open-source program developed at the National Tsing Hua University in Taiwan. It runs on Windows 98, Me, 2000, and XP and supports EAP-TLS, PEAP, and EAP-TTLS. significantly, it also works with a program called freeRADIUS, which can be used to provide WPA-Enterprise-style login authentication. Unfortunately, WIRE1x at this moment doesn't include a convenient, user-friendly installer. You need to download a set of files, copy some of them to your System32 folder, and then create a shortcut to run the executablke program. This shouldn't be difficult for most Windows Secrets readers, but it does require extra installation steps. Low-tech device provides 100% security 
Robert Riebs, a technologist/educator in Lafayette, Calif.,
is often called upon to configure wireless access points (WAPs) for his clients and
colleagues."After this is set up, I advise them to get a plug-in timer that is programmable," Riebs writes. "Now I set the power for the WAP to run only during the times they prefer to produce a wireless signal. (Who needs a wireless network in the middle of their sleep, whenever that is?)" Timing the power to your Wi-Fi connection should only be an addition to, not a substitute for, good WPA or WPA2 security. But the good thing about an AC timer is that turning off your router or access point does provide you with 100% protection against anyone misusing your wireless signal during that time! Riebs recommends the Intermatic DT17C, a 3-outlet timer (photo, left) that sells for about $19.99 on the Web. The device can be programmed for up to 98 "on" and 98 "off" periods per week. It can be manually overridden if you need to use Wi-Fi at an unexpected time. Being low-tech, the device can't be controlled by hackers, needless to say. More info: Intermatic DT17C AC Timer More great advice from readers regarding Wi-Fi is available in my Hot Tips column, below, where I continue this subject in the paid version of today's newsletter. (How to get the paid version.) Readers Saulpaugh, Bulk, and Riebs will receive gift certificates for a book, CD, or DVD of their choice for being the first to send me tips that I printed. To send us more information about Wi-Fi security, or to send us a tip on any other subject, visit WindowsSecrets.com/contact. Brian Livingston is editor of the Windows Secrets Newsletter and the coauthor of Windows 2000 Secrets, Windows Me Secrets, and eight other books. ^ |
|
WINDOWS GIZMOS — our product reviews of new stuff New inventions for a hip PC
|
|
FORWARDING INSTRUCTIONS — news gains value when it's shared Please share this information with your friends You're encouraged to refer your friends and colleagues to this free newsletter. Because most e-mail programs don't correctly display a formatted message that's been forwarded, simply call people's attention to the permanent Web address of this issue: WindowsSecrets.com/comp/050616. ^ |
|
INDEX OF REVIEWS — our directory of product shootouts We have a screenful of LCD monitor tests
|
|
THE SECURITY BASELINE — the minimum you need for safe computing WSC Guard named best Wi-Fi 3rd-party app By Brian Livingston (Note: Every PC needs a complete set of the building blocks shown below for protection against hacker attacks. In this section, which appears in every issue, we summarize the highest ratings from trusted reviewers.) New info: My article on Wi-Fi security in the May 26, 2005, newsletter focused on the benefits of the newly approved WPA2 (Wireless Protected Access 2) protocol. Individuals and small businesses can use WPA2-Personal, which relies on each wireless device being provided with a PSK (pre-shared key). Large corporations will prefer WPA2-Enterprise, which requires an authentication server and a unique username/password combination for each user. To get strong username/password security without custom development, small and medium businesses can contract to use a third-party authentication server. But which of several competing services is the best? PC Magazine started to answer this question when it tested LucidLink and WSC Guard in its June 28, 2005, issue. WSC Guard, which starts at $4.95 per month per client, came out on top with a score of 4.0 out of 5 points. LucidLink, which we ourselves tested and had some difficulties with, scored 3.5 points. To use WSC Guard, you register at its Internet site, then configure your wireless clients and your router or access point. Only authorized users with a WSC Guard account can use your Wi-Fi network after that. For more information, visit the Wireless Security Corp. Suites replace separate antivirus, antispam, firewall apps With this issue, we are collapsing three separate categories of the Security Baseline into one. The categories of Software Firewall, Antivirus, and Antispam will be represented from now on by a single Security Suite category. Our decision was precipitated by the July 2005 issue of PC World, which named ZoneAlarm's firewall and antivirus protection No. 11 on its list of the "100 Best Products of 2005." This comes on top of PC Magazine's earlier Editors' Choice award for the ZoneAlarm Security Suite, which also includes an antispam component. It seems major reviewers are giving their ringing endorsements to integrated defenses against malware. (Protection against spyware, however, is still best obtained via a separate antispyware product.) What to do: At present, the four top-rated elements of the Security Baseline that all PC users need are currently a Linksys hardware firewall, the ZoneAlarm Security Suite, CounterSpy antispyware, and an update-management tool of your choice. See details below.
|
|
HERE'S A TIP — you'll get a better newsletter if you choose the paid version You're reading the free version of the Windows Secrets Newsletter Subscribers to the paid version receive additional information in each issue. Some of the extras this week are:
Paid subscribers gain access to all past paid newsletter content Make a contribution to support our research into Windows and you'll immediately be able to read and search through scores of valuable articles. In addition, paid subscribers are entitled to download valuable content that we license for you at least once every calendar quarter. To upgrade, simply make a contribution of any amount you choose If you do this by June 29, 2005, you'll instantly be sent the full, paid version of today's newsletter. To upgrade to the paid version of Windows Secrets, please visit WindowsSecrets.com/upgrade. Thanks in advance. ^ |
|
WACKY WEB WEEK — playing for you the Internet's greatest bits
USEFUL LINKS — more stuff that's good to know Rootkit author beaten, for now (part 1 of 3) The creator of one of the world's most effective rootkits — programs that can successfully hide from antivirus software — has been defeated, at least temporarily, by a Chinese computer security group. (By Brian Livingston, Datamation) More info New tools may beat rootkits (part 2 of 3) With more and more virus authors writing rootkits, which can successfully hide from typical antivirus scans, the need for IceSword and other antirootkit programs will only grow. (By Brian Livingston, Datamation) More info IceSword author speaks out on rootkits (part 3 of 3) IceSword is a remarkably effective tool against rootkits, virus-type programs that can evade detection by ordinary antivirus products. The author of IceSword is a Chinese programmer who I was finally able to interview through an intermediary. (By Brian Livingston, Datamation) More info MSN Search Toolbar with Windows Desktop Search In this updated review, I address a new version of Microsoft's toolbar that adds tabbed browsing to IE. I've also added some new information based on reader feedback. (By Paul Thurrott, SuperSite for Windows) More info ^ ABOUT YOUR SUBSCRIPTION — we're here to serve you The Windows Secrets Newsletter (formerly Woody's Windows Watch and Brian's Buzz on Windows) is published twice a month, except for breaks in August and December. The newsletter is published on the first and third Thursdays after Patch Tuesday (the 2nd Tuesday of each month, when Microsoft generally releases new Windows patches). Publisher: The newsletter publisher is WindowsSecrets.com LLC, 300 Queen Anne Ave. N. #456, Seattle, WA 98109 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine). Editor: Brian Livingston is the coauthor of Windows 2000 Secrets, Windows Me Secrets, and eight other books. Associate Editor: Paul Thurrott is the author of Windows XP Home Networking and Great Digital Media with Windows XP and the author or coauthor of several other books. Contributing Editors: Susan Bradley, Mark Burnett, Chris Mosby. Research Director: Vickie Stevens. Program Director: Brent Scheffler. Trademarks: Windows is a registered trademark of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Index of Reviews, Briefing Session, Windows Patch Watch, and Wacky Web Week are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners. How to subscribe: Anyone may subscribe to this newsletter by visiting WindowsSecrets.com/info. Our Ironclad Privacy Guarantee: (1) We will never sell, rent, or give away your address to any outside party, ever; (2) We will never send you any unrequested e-mail, besides newsletter updates; and (3) All unsubscribe requests are always honored immediately, period. Privacy policy HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter, Copyright © 2005 by WindowsSecrets.com LLC. All rights reserved. ^ |
