All-new Optimize 3.0 — free scan Take a few minutes to find out why your PC is so slow. Run the free PC Pitstop Optimize 3.0 scan and receive a free custom report detailing common issues that might be keeping your PC from running at full speed. Over 150 million scans run. Scan now! PC Pitstop

Free Windows Server 2008 practice exams Server 2008 certifications are essential for IT pros who want to keep their skills current, and ExamForce is offering this special offer to Windows Secrets readers: six Server 2008 practice exams in one bundle, and it's free. This bundle includes the following practice exams: 70-640, 70-642, 70-643, 70-646, 70-647, 70-649. ExamForce CramMaster for Windows Server 2008

UndeletePlus file recovery software UndeletePlus is a quick and effective way to restore accidentally deleted files. It works with computers, flash drives, cameras, and other forms of data storage. Simply scan the device, select the files you want to recover, and click a button to restore the information or picture you thought was lost forever. UndeletePlus

See your ad here

By Brian Livingston

Numerous Windows geeks and I have brought you a lot of secrets since I first started publishing an e-mail newsletter called "Brian's Buzz on Windows" back in February 2003.

After switching to, ahem, a better name (Windows Secrets) — and merging the old newsletter with Woody Leonhard's in 2004, Fred Langa's in 2006, and Gizmo Richards's in 2008 — we've put out 200 newsletters, and now we're celebrating by giving away for free my $9.95 antispam e-book, newly revised.

Actually, "revised" is stretching it. Spam-Proof Your E-Mail Address, 3rd Edition (photo, left) has been tweaked to bring some references up-to-date and add a new color cover. But there's just a single important change to the book's recommendations: one very useful free service bounced around among Web sites, and the service's new name and URL needed to be edited in throughout.

As most Windows Secrets readers know by now, spammers use "harvester bots" to scrape e-mail addresses from Web sites. My e-book, based on studies by nonprofit research organizations, shows you how easy it is to protect your e-mail address inside images and encoded scripts whenever you really need to post your contact information.

The most useful free service I know of for encoding e-mail addresses into Web-friendly (but not harvester-friendly) scripts is Hivelogic's Enkoder Form. I want all readers to have Enkoder's new URL:

http://hivelogic.com/enkoder/form

From now through July 1, every Windows Secrets subscriber can download my revised e-book for free. To get yours, simply use the following link to visit your preferences page, make sure the information there is up-to-date, and a download link will subsequently appear:

All subscribers: Set your preferences and download your bonus

Thanks for your support — we promise to keep digging up more secrets for you in the years to come.

MS uses patch channel to install Firefox add-on

It's been widely blogged that Microsoft can silently add an extension to Firefox when users install .NET Framework 3.5 Service Pack 1 and certain other updates. Readers asked us about this last week because of a May 29 article by Brian Krebs of the Washington Post.

I enjoy Krebs's writing, but in this case he was apologizing for telling his readers earlier this year to install the .NET service pack. He didn't realize until later that Microsoft's Assistant 1.0 extension exposes Firefox to any .NET security holes that may be discovered. Even worse, Microsoft wrote the add-in in such a way that its Uninstall button was grayed out and unusable in Firefox.

WS contributing editor Susan Bradley warned our paying subscribers on Feb. 5 and Feb. 12 not to install .NET 3.5 SP1 (and explained, if need be, how to uninstall it). I tip my hat to her excellent advice.

No holes currently affect the latest .NET software, according to Secunia.com's .NET Framework 3.x advisory and Assistant 1.x advisory. But the security firm published in 2006, 2007, and 2008 four security warnings about flaws in the earlier .NET Framework 2.x. The most severe hole was rated "highly critical." A weakness that's currently undiscovered in .NET Framework 3.x might be exploited in the future.

The extension that MS adds to Firefox implements a technology called ClickOnce. It allows .NET apps to be downloaded and executed within browsers other than Internet Explorer. Unfortunately, this technology can also allow hacked Web sites to infect PCs.

Many Windows Secrets readers use Firefox because it suffers from fewer security holes than IE — and most people don't need .NET features — so I'm publishing in my free column today the following steps to remove Assistant 1.0 from Firefox:

Step 1. Check whether the .NET Framework Assistant is installed. You may or may not have Assistant 1.0, even if you installed .NET Framework 3.5 SP1, so check this first. In Firefox, pull down the Tools menu and select Add-ons. In the Add-ons dialog box that appears (as shown in Figure 1), if you don't see .NET Framework Assistant, the add-on is not installed. In that case, you don't need to do anything further (except close the dialog box).


Figure 1. The Uninstall button is grayed out and unusable due to the way Microsoft implemented the original version of Assistant 1.0.

Step 2. Remove or disable the add-on. If you do find the extension, I recommend that you remove it to reduce your vulnerability to possible security flaws. Choose one of the options shown below.

• Best option: Install the Microsoft fix. On May 6, with little publicity, Microsoft posted an update for .NET Framework 3.5 SP1. Installing this update enables Firefox's Uninstall button for the add-on. To install the official update, visit Microsoft's download page.

• Another option: Temporarily disable the extension. Using the Add-ons dialog box to disable the extension prevents it from running and protects Firefox from potential security flaws. You might disable the extension instead of uninstalling it if your company insists that you use Firefox to run a .NET app, but you don't wish to be vulnerable when visiting random Web sites. To disable Assistant 1.0 (or any Firefox extension), pull down Firefox's Tools menu and select Add-ons. In the Add-ons dialog box that appears, select the unwanted extension and click the Disable button. Close the dialog box.

• Not recommended: Edit the Registry. Before Microsoft's official patch was released, several sites published a procedure to manually delete entries from the Windows Registry to disable the Firefox extension. I don't recommend this, because it's easier and safer to use the options shown above. But if you need the full details, .NET Framework product unit manager Brad Abrams posted the Registry procedure in an MSDN blog entry.

Step 3. Install the third-party extension FFClickOnce, but only if necessary. If you really need ClickOnce functionality in Firefox, consider installing FFClickOnce, a Mozilla-approved extension developed by James Dobson. This third-party extension poses some of the same risks as Microsoft's add-on. But at least Dobson's extension prevents downloaded apps from running without first making the user click OK twice. For more info, see Dobson's SoftwarePunk site and the extension's Mozilla Add-ons page.

That's it. More information on .NET problems — and what to install and not install — will appear in future columns by Susan and our other contributors.

Write 50 words and enter to win 1,000 pages

From April 16 to May 6, Windows Secrets offered subscribers an exclusive bonus: a free download of "The Final Chapter," the thrilling conclusion to Stealing the Network, a book that hadn't yet shipped. The new hardcover volume is a collection of four previous books describing fictional high-tech security capers.

Now its publisher, Syngress (an imprint of Elsevier), is promising to send copies of the 1,000-page book — complete with a DVD of author interviews — free to 10 lucky Windows Secrets readers.

If you were one of the thousands who downloaded "The Final Chapter" and you'd like the whole book for free, e-mail a 50-word review of the chapter to info (at) syngress.com. The publisher will display some of the reviews on its site and select 10 winners at random to receive the hardcover collector's edition. (By entering the contest, you agree to allow Syngress to e-mail you.)

If you'd simply like to buy the collection, Syngress is also offering Windows Secrets readers a 20% discount — a U.S. $18 savings off the $90 list price. Enter the promotional code secrets at ElsevierDirect.com. (At the site, you may select one of nine fulfillment centers around the world.) Or use the company's special Stealing the Network link, and the promotional code will be entered for you. Offer expires July 15, 2009.

Here's an even-better price break: anyone can get approximately 37% off the list price — a $33 savings — at Amazon.com. More info: United States / Canada / Elsewhere.

Table of contents

Optimize your PC by updating your BIOS Do you want to improve the performance of your PC? Phoenix Technologies' new BIOSAgentPlus is a program that will scan your PC and match the correct BIOS and specific driver updates you need on any desktop or laptop. Scan today for a free report! BIOSAgentPlus

Save up to 76% on quality inkjet ink We offer the sharpest prices on the Web for quality ink and laser toner. Bonus: save an extra 10% by using coupon code JAK375H. Free shipping to contiguous U.S. locations for all orders over $50. Offer expires 7/31/2009 and excludes OEM items. 4InkJets

See your ad here

• "Windows 7 Starter: Something that our OEM partners asked for is to have an offering for folks that will do very limited things with their PCs and for PCs with limited hardware capabilities. Windows 7 Starter allows only up to three applications to run at once. This is something that will be offered only through OEM partners."
  

• "Microsoft crosses the line by attempting to contractually limit OEMs on the hardware that Starter can use. That shouldn't be Microsoft's decision. If Starter is good enough for netbooks, then it should be available to OEMs for whatever hardware that can run Windows 7."
  

Table of contents

• "I have a 64-bit Sony Vaio with Vista Home Premium. I have it up-to-date with all patches. (I do have the Genuine tool installed, which has not caused problems to date.) Vista Service Pack 2 was downloaded and installed.
  
  "Perhaps the problem was due to an AV program still running — or something else — but after the PC rebooted and began loading replacement files in DOS, it got hung up on 5367 of 81,000+ files. This happened repeatedly. My PC would no longer boot. It attempted the update several times, hanging up on the same file. This was a file involved with AMD security, which is strange since I have an Intel-based system.
  
  "I was finally able to run a low-level System Restore, and System Restore did indeed do what it was supposed to do. A PC novice would be totally lost going through the hoops I went through to restore my system. Today I will make an up-to-date ghost copy of my hard drive — my backup is a few months old. I run a part-time business on this PC. My backup of my business record was a month old — what a mistake that was! It's now up-to-date as well.
  
  "Please inform your subscribers to beware of Vista Service Pack 2. Both of my PCs have Vista — the second is the Ultimate version (desktop). I am holding off on installing Service Pack 2 on both until you folks tell me it's safe to try again."
  

• "In addition to breaking Web sites, IE 8 also breaks other Microsoft products. The Home and Business editions of Microsoft Money will no longer print business invoices. There are no error messages. It doesn't matter what printer is used. The printing process will appear to complete normally. However, the page the printer spits out will be blank.
  
  "I can confirm the problem exists in the 2007 version [of Microsoft Money]. I understand versions from 2003 to 2007 are affected. After Googling the problem, {I find] the only current fix seems to be to roll back to IE 7."
  

• "Folks, you've outdone yourself again! An excellent and very informative newsletter. Having a snail-mail subscription to a PC magazine that has as part of its marque 'In Plain English,' today's commentaries — as always — have done the same.
  
  "The [May 28] article about Microsoft's WGA and the recommendations of downloading and using autoruns.exe helped me to understand the functions and use of that utility, especially since I already had it in my utilities toolbox but didn't fully understand its use. Today, after reading that article, I ran the software and voilà, it all made sense and was much easier to comprehend and use.
  
  "The article on the various third-party update software is another great example of teaching all of us 'non-geek' PC users. Since I've been using and learning about PCs and their good, bad, and ugly qualities, you folks have gone a long way in helping me out of a long-time period of being a novice. Many, many thanks!"
  

Contents  Index

By Katy Abby Over a few short years, Andy Samberg has risen to fame as Saturday Night Live's veritable King of Digital Shorts. Songs such as "Lazy Sunday," "I'm on a Boat," and "Like a Boss" — as well as some more-crassly-named shorts that I'll refrain from repeating here — have become instant classics, dominating YouTube and breathing new life into the SNL franchise. Before you trek off to the theater to ogle the latest summer action flick, take a look at the newest addition to Andy's repertoire. This explosive short, which originally aired on Sunday's MTV Movie Awards, features Samberg in cahoots with Will Ferrell and television prodigy J.J. Abrams. Play the video

Table of contents

Windows users and geeks — REJOICE Economy got you down? Need a quick mental pick-me-up? Replenish your mind with tech excellence. Surf over to Infopackets right now and get your fix of Windows tech news, reviews, tips, plus freeware goodies daily. Bonus: join our mailing list today and you'll receive any of our highly coveted Top 10 Tech Reports. Don't forget: Reading Every Journal Of Infopackets Creates Excellence (REJOICE)! Infopackets Windows Newsletter

Your old drivers are slowing down your PC Driver Detective provides the most up-to-date drivers specific to your computer, including all major-brand OEMs (Dell, HP, Compaq, Toshiba, etc.) and generic brands. We access a database of over 9.2 million device-associated drivers — the largest driver update database on the Internet. Driver Detective saves you endless hours of work and aggravation normally associated with updating drivers. Driver Detective

Get your message seen by 400,000 readers Does your company offer a product or service? Now you can place an ad in the Windows Secrets Newsletter and be seen by more than 400,000 active buyers of PC hardware and software. Bid as much or as little as you like to get the ideal ad placement. Take advantage of our all-new design interface, allowing larger images and longer text, and get updated stats in real time! Windows Secrets Newsletter

See your ad here

INTRODUCTION By Brian Livingston I can't believe we've put out 200 newsletters MS uses patch channel to install Firefox add-on Write 50 words and enter to win 1,000 pages TOP STORY By Woody Leonhard Windows 7 Starter Edition limits netbook designs SE is ultra-cheap, but netbooks don't need it Win7 Starter Edition's hardware restrictions Controversies swirl around Win7 Starter Edition KNOWN ISSUES By Dennis O'Reilly Problems confirmed with Vista Service Pack 2 IE 8 causes Microsoft Money print failure Reader sends kudos for informative newsletter WACKY WEB WEEK By Katy Abby Here's looking at you, Steven Seagal

	LANGALIST PLUS By Fred Langa Yes or no to firewall request to act as server? Find out why a program wants server status Halting an infinite software-install loop Do solid-state disks need to be defragged? Why is Windows Search 4 so sl-o-o-o-o-w?
	BEST SOFTWARE By Ian "Gizmo" Richards Why you need to validate your downloads Using checksums to validate downloadable files Why hashes matter when you download a file File checker runs from .exe without installer Check downloaded files via Properties dialog The drag-and-drop way to check your downloads
	INSIDER TRICKS By Becky Waring Stop your ISP from tracking your Net usage Confidential business data may need protection Proxy servers provide a false sense of security What you can do now to safeguard your online privacy

	There's no fixed fee! Contribute whatever it's worth to you Readers who make a financial contribution of any amount by June 10, 2009, will immediately receive the latest issue of our full, paid newsletter and 12 months of new paid content. Pay as much or as little as you like — we want as many people as possible to have this information.
	A portion of your support helps children in developing countries Each month, we send a full year of sponsorship to a different child. Your contributions in June are helping us to sponsor Julissa, an 8-year-old girl from El Salvador. Save the Children channels development aid from donors to Julissa and her community. We also sponsor kids through Plan USA and other respected agencies. More info

More info on how to upgrade

Table of contents

• Visit our Unsubscribe page.
  

Table of contents