Is your security system up to date?

Home

WinFind

Reviews

Polls

Contact

Past issues

Upgrade

Prefs

Unsubscribe

Windows Secrets Newsletter • Issue 109 • 2007-05-24 • Circulation: over 270,000

Brian Livingston

Take a break — our next issue is June 7
We publish the Windows Secrets Newsletter weekly, on the 1st through 4th Thursdays of each month. We work hard to bring you the best new information, but in months that have a 5th Thursday, we take a break that week to recharge our batteries and do long-term research. That means you won't see a newsletter on May 31. Our next regular issue will appear on June 7. Go outside and smell the roses! —Brian Livingston, Editorial Director

Contents
TOP STORY: Is your security system up to date?
KNOWN ISSUES: Microsoft licenses OEM software for single users
WACKY WEB WEEK: Make your own church marquee
KNOWN ISSUES 2: More ways to avoid automatic credit-card charges
PC TUNE-UP: Make Vista load files 10 times faster!
OVER THE HORIZON: What to do when Windows turns against you
PATCH WATCH: Internet Explorer patch is now a must-install
YOUR SUBSCRIPTION: How to change your address or unsubscribe

For links to every subtopic in this issue, scroll down to the Index

ADS

Forget Vista, make your XP system faster

Forget Vista, make your XP system faster
PC Pitstop's Optimize Scan 1.5 is easy-to-use software that will automatically diagnose problems with your PC and give you a custom report detailing issues that are hurting your PC's performance. Run this free scan now!
www.pcpitstop.com

Deep Six anti-spam appliance for SMBs
Patented technology stops spam at the network edge. Designed for SMBs: the DS200 is the lowest cost, most accurate solution available. Easy to install and maintain. Recent firmware release features new Management GUI and enhanced tools. Try it free.
www.tyrnstone.com

Launch your IT career with CompTIA A+

Launch your IT career with CompTIA A+
Our CompTIA A+ training videos have everything you need to earn the industry's most popular and respected entry-level certification (including coverage of all four A+ exams). Tell employers you know computers — get A+ certified! View the demo now.
www.TrainSignal.com

See your ad here

TOP STORY

Is your security system up to date?

Scott Dunn

By Scott Dunn

WindowsSecrets.com maintains a WSN Security Baseline page to keep you current on the bare minimum you need to protect your home or small-business systems against malware.

This list is based on our analysis of the reviews and editor's choices from leading PC publications and Web sites, including PC Magazine, PC World, CNET, and others.

The basic tools you need

You need at least three categories of tools to secure your system:

A hardware firewall, usually in the form of a router;
A software security suite (a separate antispyware app is no longer needed, as I explain below); and
A patch-management system for staying current with the latest updates.

Routers: the story doesn't 'n' here

The most economical way to get a hardware firewall is to get an Internet router with built-in firewall features — preferably one that includes wireless capability.

Most wireless routers in use today follow the 802.11b or 802.11g standard, which specifies the speed and range of data transfers. The newest draft specification is 802.11n, whose multiple data streams promise faster transfers and longer range than before. It's also intended to eliminate the problems of interference and spotty coverage that sometimes occur with the current standard. A number of "n"-based routers are already available.

Unfortunately for consumers, the "n" standard is still in draft stage and is not expected to be ratified by the Institute of Electrical and Electronics Engineers (IEEE) until 2009. An unratified status means the specification could change, leaving consumers stranded with an incompatible product that may or may not be easy to upgrade. For this reason, a number of reviewers shied away in 2006 from recommending "n"-based products.

Now the climate seems to be changing. Manufacturers have worked together over the last year to create "n"-based routers that work well and work together. A number of commentators and reviewers, including PC Magazine and the computing column of the Houston Chronicle, have begun to recommend these products.

Here's my advice: If you aren't suffering from the problems that the "n" standard is meant to solve — slow speeds and inadequate range — there's little reason to risk isolating yourself with a product that may be outdated soon by a changing standard. I suspect that most home and small-business users are not likely to need the new technology in the near term.

Netgear is the hardware firewall of choice

There's no clear winner in the latest batch of router reviews, but Netgear's RangeMax 240 WPNT834 has garnered an Editor's Choice from PC Magazine and got high marks from other publications as well. This pre-"n" router includes the WPA2 encryption standard (which is the current leader and one I recommend) and includes four LAN ports, in addition to wireless capabilities. Its price online ranges from US$50 to US$120. The separate NetGear WPNT511 notebook adapter card is not required, but is likely to improve speed and compatibility. It sells for US$85 (street).

ZoneAlarm remains the top-rated suite

Long a favorite among testers, ZoneAlarm Internet Security Suite ($50 street) is still the preferred security suite among respected reviewers. Like other products in this category, this suite includes software firewall, antivirus, and antispyware as well as other OS and privacy-protection features. It recently received an Editor's Choice from CNET, which cited its "perfect balance between best-of-breed security protection and ease of use."

In previous editions of the WSN Security Baseline, we've recommended a separate antispyware utility because the tools in the security suites weren't yet up to snuff. That no longer appears to be the case. CNET notes that the antispyware tools in ZoneAlarm Internet Security Suite continue to improve, and the Apr. 10, 2007, PC Magazine goes so far as to say that the ZoneAlarm suite "blocked and removed spyware better than the best standalone antispyware products (and better than NIS 2007)."

NIS 2007, known formally as Norton Internet Security 2007, is a major alternative to ZoneAlarm and received an Editor's Choice designation in the Apr. 10 PC Magazine.

MS Update and PatchLink for patch management

For novices, we continue to recommend the free Microsoft Update (which requires Internet Explorer) to update Microsoft Office and a few other Microsoft products as well as Windows itself. As before, we advise users to configure Microsoft Update to Notify me but don't automatically download and install. Then, keep reading Windows Secrets to learn which updates might be risky or undesirable to install.

For businesses with solid IT experience, it's useful to have an independent tool for downloading and installing Windows patches and upgrades. Windows IT Pro Magazine recently gave its Editor's Choice to PatchLink Update, which costs $1,495 for a network server plus $18 annually per Windows machine. The same product received a Best Patch Management award from SC Magazine during its 2006 SC Awards Europe. The product gets especially high marks for networks that support a mixture of operating systems.

For larger networks, the Window Security site gives its recently updated gold rating to GFI LANguard Network Security Scanner ($575 for 32 machines).

The WSN Security Baseline as it stands

To see a summary of the end-user security products that are currently top-rated by test labs, visit the WSN Security Baseline page. As changes occur in the ratings, we'll give you updates here in the newsletter.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also a contributing editor of PC World Magazine, where he has written a monthly column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit) with Jesse Berst and Charles Bermant.

ADS

Backup your data with ZipBackup

Backup your data with ZipBackup
Finally, a backup program that is easy to use. ZipBackup's Wizard makes backups a snap for beginners. Filtering, scheduling, and disk spanning make it a powerful tool for experts. For a limited time, Windows Secrets readers receive 25% off.
www.zipbackup.com

Get your product seen by 270,000 readers

Get your product seen by 270,000 readers
Does your company offer a product or service? Now you can place an ad in the Windows Secrets Newsletter and be seen by more than 270,000 active buyers of PC hardware and software. Bid as much or as little as you like to get the ideal ad placement.
www.WindowsSecrets.com

See your ad here

KNOWN ISSUES

Microsoft licenses OEM software for single users

By Scott Dunn

My story in the Apr. 26 newsletter reported on the sale of "OEM versions" of Windows, which can be purchased much more cheaply than even heavily discounted "educational" versions.

Readers debated in the May 3 and May 10 issues the ethics of buying OEM versions of Windows, but there's clear evidence that Microsoft officially supports the sale of OEM licenses under certain conditions to any individual who's building a PC.

MS site encourages OEM sales to individuals

Reader Richard Edwards sent us some Web pages from Microsoft's Partner Program site, which is accessible only to registered users. These Microsoft pages support the view that any "system builder" can legally purchase and install OEM software — even a home hobbyist who just works with a single machine. Microsoft's OEM license agreement defines a system builder as "an original equipment manufacturer, an assembler, refurbisher, or pre-installer of software on computer systems." [Emphasis added.]

Naturally, the other limitations of the OEM version, which I mentioned in the Apr. 26 issue, still apply, including the lack of technical support from Microsoft and the fact that the license can't be transferred to another machine under the license terms.

A February blog posting on the Partner Program site asks, "Can a system builder sell an OEM copy of Windows Vista without attaching it to a piece of hardware?" The answer that follows is:

"YES! YES! YES you can!!!!!!! As long as you do not open the package AND the end user is assembling their own PC (at that point the user is considered a system builder). [Emphasis added.] As of August 2005, the licensing changed on all of the OEM licensing packs — 1, 3, and 30."

Another page on this private site states:

"OEM system builder software packs are intended for PC and server manufacturers or assemblers ONLY. They are not intended for distribution to end users. Unless the end user is actually assembling his/her own PC, in which case, that end user is considered a system builder as well." [Emphasis added.]

Microsoft OEM license rules

Figure 1. This image from Microsoft's Partner Program site, which is available only to registered users, clearly states that vendors can sell the OEM version of Windows as a 1-pack to individuals who are building a system, as long as the packaging is not opened by the vendor.

Unfortunately, Microsoft has chosen to hide some of its clearest statements about the sale of OEM software to end users on a Web site that is only available to those who join the Microsoft Partner Program (see Figure 1).

A further annoyance is that the license agreement states that OEM software must be installed using Microsoft's OEM Preinstallation Kit (OPK). According to a Microsoft Web page, although the OPK tool is included with the "3-pack" OEM version of Windows and Office 2003, it is not included with the 1-user OEM version of Windows and Office 2003. To obtain the tool, an individual system builder must download it from the members-only Microsoft Partner Program Web site.

The good news, however, is that any business (however small) can join the Partner Program at no charge.

Quick fixes for subscription subterfuge

Reader responses poured in after my May 17 story on security firms that make it difficult for you to opt out of automatic credit-card charges.

We received a lot of good tips, tricks, and suggestions for avoiding surprises on your credit-card statements. Many people sent in solutions, like this one from Steve Himel:

"I avoid the whole automatic subscription renewal of security products by simply purchasing the retail, boxed version of the software. So far, I have been able to register the software to obtain updates for a year without giving away a credit-card number. When the year is up, I simply purchase a new retail version of security software — either the same product, or I can switch to a different product. Also, with sales and rebates, the cost of a new retail package is often less than the subscription-renewal price."

Good points, Steve. As other readers noted, this strategy also gives you a physical disk that acts as a backup if you need to reinstall the product. Moreover, in most cases, subscriptions only update your virus and spyware definitions, but don't upgrade the product to the newest version. Buying a new box each year ensures you have the latest version.

Use virtual credit-card numbers

An enormous number of readers suggested single-use credit-card numbers, a feature offered by some credit-card companies. For example, Matthew Persico explains his strategy:

"When I use a vendor site, I give them a VAN — a Virtual Account Number. Citibank provides this service for all Citibank credit card holders. Each time you want to put a credit card number in a form, you can generate a temporary number, good for only one use. When they try to charge the card the following year, they discover 'Oops, it expired!' "

But one reader, Raymond Clouser, wasn't so sure this would work. As he explains:

"A few years ago, I thought I found the answer through the single-use credit-card numbers offered by American Express and Discover cards. However, that was not the answer, according to what I was told by credit-card company representatives. I was told that the single-transaction numbers were not really single-transaction. Instead, the single numbers were between the user and the company you used it with, and they could later bill you for additional charges, unless you challenged it with the credit card company."

I called Citibank to check its policy with virtual account numbers. A representative told me that the numbers were, indeed, solely event-based and that a subscription company could not use the same number a year later to charge your card. This service is free to Citibank customers; all it requires is an Internet connection. See the company's Web site for more information.

Naturally, readers will want to check out the policies of their individual credit-card companies to see if this service is available, and whether it would solve this particular problem.

In the paid version of today's newsletter, you'll find more ways to defeat subscription subterfuge, as well as a tip on Data Execution Prevention relating to my May 3 article on the subject.

TELL A FRIEND

How you can share this information

We love it when you send your friends links to our articles. But please don't forward your copy of our e-mail newsletter to people, which subjects us to spam complaints. Instead, simply suggest that your friends visit this issue's permanent Web address, shown below. A complete index at the bottom of the Web page provides you with hyperlinks to any article you'd like to recommend.

The address of this issue is http://WindowsSecrets.com/comp/070524

EDITOR'S BOOKSHELF

Windows Vista Secrets

Get the tips you need about Windows Vista
The all-new Windows Vista Secrets helps novices and experts alike understand Microsoft's latest operating system. "To really appreciate what is in Vista, you almost need to read through the leading book on the product, Windows Vista Secrets, by Brian Livingston and Paul Thurrott," writes Rob Enderle, principal analyst of the Enderle Group, in TechNewsWorld. "It's 595 pages of things you can do with this product — most of which you probably wouldn't have discovered for some time, let alone right at first." Check the book out now for tips you can use.
More information: United States / Canada / Elsewhere

Spam-Proof Your E-Mail Address, 2nd Ed.

Spam-Proof Your E-Mail Address, 2nd Ed.
This 32-page e-book by Brian Livingston gives you step-by-step instructions that can prevent 97% of the spam that would otherwise clog an e-mail account. You could call it "Livingston's Spam Secrets." The PDF e-book is the result of months of experiments and tests we conducted. We now receive little or no spam to the addresses we used as guinea pigs. These tests show that you can make your e-mail addresses invisible to spammers, not just battle an ever-growing flood. The methods we describe work with Windows, Apple, and Linux and don't require any filters or block lists — but you can use those in addition to the book's techniques, if you wish. More info

WACKY WEB WEEK

Make your own church marquee

Make your own church sign

Perhaps you've seen them while driving down the road — those backlit, block-letter signs in front of a church announcing the upcoming sermon or maybe just providing a thought for the day.

But why should religion get all the roadside fun? Now you can, too, with the online Church Sign Generator. Choose from five different designs, enter your text, and presto! — a photo of your custom sign appears. You can save the photo to your computer, or, for a few bucks, order magnets, stickers, and coffee mugs printed with your message. More info

INDEX

The following topics appear in the free version

TOP STORY	Is your security system up to date?
	The basic tools you need
	Routers: the story doesn't "n" here
	Netgear is the hardware firewall of choice
	ZoneAlarm remains the top-rated suite
	MS Update and PatchLink for patch management
	The WSN Security Baseline as it stands

KNOWN ISSUES	Microsoft licenses OEM software for single users
	MS site encourages OEM sales to individuals
	Quick fixes for subscription subterfuge
	Use virtual credit-card numbers

WACKY WEB WEEK	Make your own church marquee

You get all of the following in the paid version
KNOWN ISSUES 2	More ways to avoid automatic credit-card charges
	Stop unwanted charges, pay by check
	Option 2: Don't pay at all
	Enabling Data Execution Prevention may be required

PC TUNE-UP	Make Vista load files 10 times faster!
	Use Vista ReadyBoost for a big performance increase
	Safer Web surfing using virtual machines
	Help your friends and family understand security

OVER THE HORIZON	What to do when Windows turns against you
	Windows weakness allows Internet traffic hijack
	Vista's Windows Mail allows code execution

PATCH WATCH	Internet Explorer patch is now a must-install
	IE patch has problems but is important
	Office patches for Vista being offered again
	Svchost.exe issue revisited with new info
	WSUS gets an update to version 3.0
	SQL 2005 SP2 gets a needed VSS fix
	How to debug patch issues
	Just say "nyet" to .NET nonsense

Paid subscribers can access all old and new paid newsletter content Make a contribution to support our research into Windows and you'll immediately be able to read and search through scores of valuable articles. In addition, paid subscribers are entitled to download valuable content that we license for you at least once every calendar quarter. To upgrade, simply make a contribution of any amount you choose. If you do this by June 6, 2007, you'll instantly be sent the full, paid version of today's newsletter. To upgrade to the paid version of the Windows Secrets Newsletter, please visit our upgrade page. Thanks in advance.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. Vacation breaks occur in late August, Thanksgiving Week, and Christmas/New Year's.

Publisher: WindowsSecrets.com LLC, Attn.: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editorial Director: Brian Livingston. Editor-at-Large: Fred Langa. Associate Editor: Scott Dunn. Contributing Editors: Susan Bradley, Mark Edwards, Woody Leonhard, Chris Mosby, Ryan Russell. Research Director: Vickie Stevens. Program Director: Brent Scheffler. Managing Editor: Jody Braverman.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period. Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,

Visit our Unsubscribe page.

Copyright © 2007 by WindowsSecrets.com LLC. All rights reserved.