Secure flash drives keep you safe on the road

Home

Newsletter

Search

Reviews

Polls

Contact

This issue

Library

Upgrade

Preferences

Unsubscribe

Windows Secrets Newsletter • Issue 224 • 2009-12-10 • Circulation: over 400,000

BONUS DOWNLOAD

How to make Windows 7 uniquely yours
This month's free bonus to all is a two-chapter excerpt from Microsoft Windows 7 Your Way: Speed Up and Customize Windows by Michael Miller. The book provides valuable information on how to make Windows 7 work for your personal desktop needs.

The printed volume won't be in stores until Dec. 28, but all subscribers can receive our exclusive excerpt of two full chapters now through Jan. 5. Simply visit your preferences page, save any changes, and a download link will appear. Thanks! —Brian Livingston, editorial director

All subscribers: Set your preferences and download your bonus
Info on the printed book: United States / Canada / Elsewhere

Table of contents
INTRODUCTION: Free subscribers: watch for an invite next week
TOP STORY: Secure flash drives keep you safe on the road
KNOWN ISSUES: Credit-card extended warranties come in handy
WACKY WEB WEEK: Tetris may not be so random after all
LANGALIST PLUS: How to correct Msconfig ghost entries
IN THE WILD: Windows 7 suffers from Server Message Block flaw
PATCH WATCH: ATL flaw makes IE vulnerable to attack

ADS

Never reinstall your XP again
Looking for a permanent solution for your dysfunctional XP? Don't compromise — get the new, state-of-the-art technology. Reimage requires no setup and causes no loss of data or applications. This is the ultimate professional repair tool, which works like "magic," according to eWeek. Get it now!
Reimage Online PC Repair

20 free PC performance reports
The PC Matic free scan by PC Pitstop™ will analyze and diagnose multiple aspects of your computer's performance, stability, speed, and security. Run a PC Matic scan today and get 20 PC performance reports customized for your system — FREE!
PC Matic

Free Windows 7 practice exams
It's never too soon to get the edge in a tight job market, and proving you have what it takes to support Windows 7 is a great way to start, especially when it's free. Exam-quality questions, detailed explanations, and reference materials help you learn faster and easier, so you're ready to step up when needed.
Windows 7 Exam Prep

See your ad here

INTRODUCTION

Free subscribers: watch for an invite next week

By Brian Livingston

I announced last month that all newsletter subscribers would be invited into a new, totally free service that we've been quietly developing on the Windows Secrets site.

Paid subscribers received advance invites on Dec. 2, and in just a few days it'll be the free subscribers' turn to splash around in the resource pool.

Every subscriber to the free version of Windows Secrets will receive an invitation via e-mail on a random date between Dec. 14 and 16. Our notifications will go out in a gradual series, so we don't overload the place with all 400,000 of us at once. The message will include a link as your free ticket into the service.

Be assured that the message isn't a phishing hoax. The e-mail will bear your reader number at the top. This is a "shared secret" that no spammer could know.

I won't repeat here all of the goodies that you'll enjoy access to. For details, simply visit my Nov. 26 column.

Then watch your inbox early next week for a holiday gift that we're extremely proud to give you. Thanks for your support!

Brian Livingston is editorial director of WindowsSecrets.com and co-author of Windows Vista Secrets and 10 other books.

Table of contents

ADS

Windows news: 5 days a week — free
Get news as it happens! Surf over to Infopackets and get your daily fix of Windows news, reviews, tech tips, plus freeware goodies daily — all absolutely free. Bonus: join our Windows Newsletter mailing list today, and you'll also receive our highly coveted Top 10 Tech Reports, including: Top 10 PC Security Essentials, Optimization Secrets, Top Freeware Antivirus, and much more.
Infopackets Windows Newsletter

Your old drivers are slowing down your PC
Driver Detective provides the most up-to-date drivers specific to your computer, including all major-brand OEMs (Dell, HP, Compaq, Toshiba, etc.) and generic brands. We access a database of over 9.2 million device-associated drivers — the largest driver update database on the Internet. Driver Detective saves you endless hours of work and aggravation normally associated with updating drivers.
Driver Detective

Get your message seen by 400,000 readers
Does your company offer a product or service? Now you can place an ad in the Windows Secrets Newsletter and be seen by more than 400,000 active buyers of PC hardware and software. Bid as much or as little as you like to get the ideal ad placement. Take advantage of our all-new design interface, allowing larger images and longer text, and get updated stats in real time!
Windows Secrets Newsletter

See your ad here

TOP STORY

Secure flash drives keep you safe on the road

By Scott Dunn

In a Sept. 24 Top Story, I described how to evade keyloggers when using a public PC by storing your personal information on a flash drive.

If you don't mind paying a little extra to maintain your privacy and security, a specialized flash drive called IronKey can help you stay safe while using an untrustworthy computer.

Anyone concerned about security — and that's just about everybody — should consider using a flash drive to transport sign-in info and other personal data when traveling. Following my story on thwarting keyloggers, several readers suggested the IronKey flash drive as an even-stronger security measure.

Billing the device as the "world's most secure flash drive," the company claims IronKeys are waterproof, tamperproof, and able to endure extreme physical conditions.

Beyond the sheer ruggedness of its devices, each of which is encased in metal, the firm takes multiple approaches to securing your data. The first time you use an IronKey device, the product prompts you to create a master password and set up an account on the IronKey.com site. As part of the sign-up process, you're asked to provide answers to personal questions that can be used to identify you if you forget your password.

You can also select images and provide a passphrase to help you authenticate e-mail sent to you by IronKey and thus avoid being fooled by a phishing mail. After you complete these steps, the product goes through its authentication routine and then is ready to use.

Hardened flash drive is one tough nut to crack

The first time you use your IronKey flash drive, you need to enter the master password to do pretty much anything. If you forget or lose the password, you can sign in to the IronKey site to retrieve it. If you lose the drive itself, you can report it lost so that no one else can sign in to your account.

The setup routine creates an IronKey icon in the notification area of the Windows taskbar. When you click this icon, you're presented with a main menu and control panel. In this way, IronKey is similar to U3 flash drives and portable application suites such as winPenPack. (See my Oct. 18, 2007, Top Story for more on portable apps and U3 drives.) You can customize the IronKey menu by adding shortcuts to any other portable apps you install to the drive.

IronKey's identity manager lets you store user names and passwords for the sites you frequent, so you can sign in with a simple point-and-click. Because the IronKey device provides your password directly to any secure sites you visit, keyloggers see no keystrokes to capture.

IronKey preinstalls a version of Firefox on the drive, which means no cached or temporary files are left on the computer you're using. If, for some reason, you can't or won't use Firefox, not to worry. You can choose instead to open an Internet Explorer window while the IronKey drive is in place. The device inserts an icon onto IE's title bar to give you access to IronKey's menu choices.

These are only a few of IronKey's many security features. Others of note include the following:

You can store your work files in a folder protected with military-grade hardware encryption. IronKey will mount this folder as a drive, but only if you enter the master password.
The device's self-destruct feature obliterates your stored data if someone enters the password incorrectly ten times or tampers with the device.
The drive's built-in backup utility saves data securely to a folder on your computer.

Not surprisingly, all these precautions don't come cheap. IronKey's personal version costs $99 for a 2GB drive and $149 for the 4GB model. The 8GB and 16GB drives will set you back $199 and $299, respectively. But the device might be a bargain for people who need to take their most-sensitive data and sign-in information on the road. If that describes you, an IronKey is one of the safest ways to go.

You'll find more information about the product on the IronKey site.

Create your own secure, bootable flash drive

If you don't want to shell out for an IronKey, you can still use a flash drive for added security when you have no choice but to use a shared computer. One strategy is to load an entire operating system onto a flash drive and then boot from it rather than the PC's hard drive.

Be aware, however, that many Internet cafés won't let you boot their computers using a flash drive. Even if you can boot a public PC from a flash drive, doing so is unlikely to evade hardware keyloggers.

Still, you may find booting from a flash drive useful in some cases. In my Mar. 20, 2008, Top Story, I discussed how to install a version of Linux on a flash drive . If you'd prefer to load Windows XP onto a flash drive, instructions are provided in WS contributing editor Mark Edwards's Mar. 27, 2008, PC Tune-Up column on the subject.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World since 1992 and occasionally writes for the Here's How section of that magazine.

Table of contents

KNOWN ISSUES

Credit-card extended warranties come in handy

By Dennis O'Reilly

Most experts recommend against paying for an extended warranty when you purchase a PC or peripheral, partly because you may already be covered beyond the vendor's standard warranty period.

If you used a credit card to buy the system, your card company's extended warranty could be the key to a free repair or replacement.

In his Dec. 3 Insider Tricks column, WS contributing editor Scott Dunn points out that paying for an extended warranty is usually not a good idea. A reader named "Jojo" reminds us of an added layer of protection that you may not be aware of:

"It's my experience that few CC users know about this nice benefit. At some point, you received a summary of benefits, and the coverage is described there.

"Typically, the extension is a doubling of the original warranty up to one year. A standard requirement is that you paid for the product completely with the credit card. There are exclusions (e.g., automobiles are not covered), but most small items are covered, including computer equipment. I once used this benefit for an internal CD/DVD drive that went bad.

"I have made use of this a number of times through Visa and American Express without any major problems. American Express has been the easiest. Not too long ago, my digital camera died a few months outside the one-year warranty. I submitted a claim and got a full refund of the camera price ($300) applied to my credit card in a few weeks!"

That sound you hear is me shuffling through my old credit-card bills to find the statement listing my HP notebook, whose motherboard fried just beyond its one-year warranty.

Scott's article also referred to the incomprehensibility of most online end-user license agreements (EULA). James Lawson recommends a free tool that attempts to make sense of these nonsensical documents:

"Those darned EULAs can be pretty tricky, and I'm sure very few people even scan them — let alone read them — before clicking the Accept button. I see some of them now have a Print button, so we can send a copy to our lawyer before clicking the Accept button. But that seems to take too long when we're itching to use our new software.

"A great tool I've discovered is the EULAlyzer. Perhaps [using the program is] not as good as reading — and understanding — the entire contract (the 'A' in EULA may stand for 'agreement,' but technically it's a contract) or having it vetted by one's lawyer, but [it's] leaps and bounds better than 'Accept'ing without even looking."

For more information on EULAlyzer, visit the Javacool Software site. Paying a lawyer to review the EULA for a free or low-cost software app? Now that's what I call a hidden cost.

Now we have to worry about labeler security?

An article last month on the Web site of Boise, Idaho, television station KCBI reported that discarded old fax machines retain on their carbon ribbons any images that were recently received. This could provide quite a treat for thieves seeking Social Security numbers or other personal information you may have received via fax.

Richard Murray points out another unexpected source of potential security breaches:

"I have a Brother PT-2700 label maker. It runs on label-editing software. The big problems are the label tape cartridges. When the tape runs out, the cartridge still contains a dry ink tape that has a reversed image of everything that has been made with it.

"If a spy (or your neighbor) were to pick that out of the garbage, they could see all the labels that you made, i.e., labels for your $68,000 coin collection, etc. The way I solve this is to remove the tape and burn it. This is the only sure way to destroy it."

Discarded fax ribbons and label tapes are unlikely security threats, but some thieves will go to great lengths to separate you from your valuables. (Personally, my "labeler" is a roll of masking tape and a felt-tip pen.)

Readers Jojo, James, and Richard will each receive a gift certificate for a book, CD, or DVD of their choice for sending tips we printed. Send us your tips via the Windows Secrets contact page.

The Known Issues column brings you readers' comments on our recent articles. Dennis O'Reilly is technical editor of WindowsSecrets.com.

Table of contents

WACKY WEB WEEK

Tetris may not be so random after all

By Stephanie Small

Ever play Tetris? Fitting the different block shapes into straight lines to accumulate points may seem easy, but it never quite works out the way you want. Is it really a game of luck, or is there some method behind the order in which you receive the shapes?

This video will help to clear up the question. Introducing the Tetris God, who decides what shapes you get and ultimately whether you win or lose. Watch with a smile as he determines the fate of players. It'll make you sing his praises the next time you play! Play the video

Table of contents

PERMALINKS

Use these permalinks to share info with friends

We love it when you include the links shown below in e-mails to your friends. This is better than forwarding your copy of our e-mail newsletter. (When our newsletter is forwarded, some recipients click "report as spam," and corporate filters start blocking our e-mails.)

The following link includes all articles this week: http://WindowsSecrets.com/comp/091210

Free content posted on Dec. 10, 2009:

INTRODUCTION
By Brian Livingston
Free subscribers: watch for an invite next week

TOP STORY
By Scott Dunn
Secure flash drives keep you safe on the road
Hardened flash drive is one tough nut to crack
Create your own secure, bootable flash drive

KNOWN ISSUES
By Dennis O'Reilly
Credit-card extended warranties come in handy
Now we have to worry about labeler security?

WACKY WEB WEEK
By Stephanie Small
Tetris may not be so random after all

You get all of the following in our paid content:

	LANGALIST PLUS By Fred Langa How to correct Msconfig ghost entries Ghostbusting Windows' built-in startup manager Clean install? What about OEM drivers? Annotate files to make them easy to identify Just how trustworthy is the "Web of Trust"?
	IN THE WILD By Robert Vamosi Windows 7 suffers from Server Message Block flaw Disagreement on the extent of SMB vulnerability Flash Player hole hits webmail, social networks Secunia identifies flaw in Adobe Illustrator
	PATCH WATCH By Susan Bradley ATL flaw makes IE vulnerable to attack IE patch prevents Web-based infection WordPad and Word are the focus of new threats Be careful when opening Microsoft Project files Nonsecurity patches really are security-related Adobe releases important Flash Player update Browser video codecs get rubbed out for safety Server admins need to apply these two patches Prevx's Black Screen of Death claims lay an egg Microsoft's "other" Patch Tuesday was a doozy

Get our paid content by making any contribution

	There's no fixed fee! Contribute whatever it's worth to you Readers who make a financial contribution of any amount by Dec. 16, 2009, will immediately receive the latest issue of our full, paid newsletter and 12 months of new paid content. Pay as much or as little as you like — we want as many people as possible to have this information.
	A portion of your support helps children in developing countries Each month, we send a full year of sponsorship to a different child. Your contributions in December are helping us to sponsor Neisy, a 5-year-old girl from Honduras. Children International channels development aid from donors to Neisy and her community. We also sponsor kids through Save the Children and Plan USA. More info

Use the link below to learn more about the benefits of becoming a paid subscriber!

More info on how to upgrade

Thanks in advance for your support!

Table of contents

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Editor-at-Large: Fred Langa. Technical Editor: Dennis O'Reilly. Program Director: Tony Johnston. Web Developers: Dan Engler, Damian Wadley. Research Director: Stephanie Small. Copyeditor: Roberta Scholz. Contributing Editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Woody Leonhard, Ryan Russell, Robert Vamosi, Becky Waring.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period. Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,

Visit our Unsubscribe page.

Table of contents