Windows Secrets Newsletter • Issue 86 • 2006-11-16 • Circulation: over 400,000

By Fred Langa Welcome to the first issue of the new, combined Windows Secrets & LangaList! Although the newsletter format is different (and better!) than the old LangaList, I’m still getting the same kind of great reader questions and tips as always. This week, I discuss new products from the makers of two immensely-popular software utilities — AVG AntiVirus and Ad-Aware — plus a concern about IP data-mining.

Is the free AVG AntiVirus going away?

If my volume of reader mail is any indication, many of you are concerned about the imminent demise of a favorite antivirus tool. Take reader Graham Gwilliam’s note, for example:

• “Fred, I hear that Grisoft’s AVG AntiVirus Free Edition will not be free in the new year. I, together with my friends, have used this excellent antivirus software for some years. Is this the latest free software that we will now have to pay for or find an alternative that works as well?”
  

Not to worry. It’s only the older versions that are going away. The newest version of AVG (7.5) is already available, and is still offered in both free and paid versions. (I’ll give you the links in a moment.)

The reason for the confusion is that Grisoft’s main Web site is set up so that you have to read through a lot of descriptive prose about the paid version before you find the links to the free one.

That’s not a malicious trick or raw greed on Grisoft’s part, it’s just good business sense. Grisoft is doing a wonderful service to the computing community by continuing to offer a free, fully-functional and quite complete antivirus tool for personal and home use. But although that version is free to end users, it’s not free to Grisoft. They paid to develop the free version, they pay to make it available for free download, and they pay still more to keep it updated.

That’s very generous of them, but no company can afford infinite largess. So, if you can spring for the paid version on at least one of your personal-use PCs, please consider doing so. It will help Grisoft stay in business and allow it to continue to deliver good software. But if you truly can’t afford the paid version, or can’t afford it on all your PCs, then fine. That’s what the free version is for!

And, by the way, one of the reasons Grisoft is trying to move all its customers to the new versions is that AVG AntiVirus 7.5 (free and paid) will ship with the “Security Center” in the soon-to-be-released Windows Vista. That makes AVG one of the most widely applicable AV tools in existence: Version 7.5 will run on all versions of 32-bit desktop Windows from Win98 through Vista.

The new paid version 7.5 is available now from Grisoft’s main site. The free version is also available either by navigating from the above site (look for the small type near the bottom of the pages) or by going directly to the free download area.

Other free antivirus tools: Avast, ClamWin, Comodo, Antidote Lite

Ad-Aware’s new firewall gets good buzz

Chances are you’ve heard of Ad-Aware, one of the oldest and most-popular antispyware utilities. But you may not know that Lavasoft (the publisher of Ad-Aware) now offers its own Lavasoft Personal Firewall as well. A reader named Gerry was first to sound the “heads up”:

• “While looking at the updates for Lavasoft’s Ad-Aware (I use it in conjunction with several other spyware/malware tools, like Spybot), I noticed that it is now selling its own firewall for $29.99 online.
  
  I am still using the venerable Sygate Personal Firewall. But, following its absorption (demise) into the Symantec conglomeration, I am still debating whether or not to move onto a more current stand-alone firewall (no suites).”
  

Thanks, Gerry. The new firewall is getting a good buzz on various online forums. But unlike the venerable Ad-Aware (which comes in free and paid versions), there is no free version of the Lavasoft Personal Firewall. Instead, there’s only a 10-day free trial. In that regard, it’s not a true one-for-one replacement for the late, lamented Sygate PF, which was totally free for personal use.

But before you toss your older firewall, note that firewalls in themselves don’t need a lot of updating. Unlike antivirus and antimalware tools that require constant updating against new threats, firewalls deal with a fixed and finite number of Internet ports. (These are well-described by Wikipedia.) A firewall that stopped unwanted “port probes” yesterday will stop them just as well today. A port is either closed or open. There’s not a lot of grey area there!

In fact, it’s because firewalls can only do so much that Sygate and other companies got into the security-suite business. Once their firewalls were doing all they could to block unwanted access to your PC, the companies felt they had to compete via add-on bells and whistles to augment or supplement their base product. Before long, what was once a relatively simple, stand-alone firewall became a huge suite of security tools.

So, if your firewall — Sygate PF or otherwise — is working to your satisfaction, there’s really no rush to replace it. It won’t go bad or suddenly stop working.

But if you want to explore alternative firewalls, such as Lavasoft’s, I suggest you temporarily remove Sygate PF and try the Lavasoft firewall for the free 10-day trial. If you like it and feel it’s worth $30, go for it. If you don’t like it or think it’s overpriced, reinstall Sygate PF until and unless you find something better.

For more information: Lavasoft’s Personal Firewall, Sygate Personal Firewall (via Oldversion.com), GRC.com (to test any firewall for free)

Is IP sniffing a security risk?

You’ve probably seen those targeted pop-up ads that seem to pinpoint your geographic location. Reader Dennis K. does, and they worry him:

• “My question concerns all these ‘lovely ladies’ who want to date me. It seems that they pop up on more and more sites. What really interests me is where the city information is stored on my computer that they are able to access to produce an ad that says that these girls are waiting for me ‘in Westland.’ Now, I don’t live in Westland (Michigan) — but I’m close.
  
  Just how are these sites accessing this info, what other info is available to them, and how can I block this unwanted infiltration?”
  

Those kinds of ads can seem disturbing at first, I agree. It looks as if the advertiser has some kind of inside knowledge about where and who you are.

But there’s nothing nefarious going on, Dennis — at least not in regard to finding your location.

Every time you go to any Web site, your browser has to identify itself (in a general way) to the site. Part of the information your browser sends is your unique IP address. Your browser has to send this so the site you’re contacting knows how to send the page you’re requesting back to you.

All the major Internet providers, interconnectors, and data “backbones” are identified by their electronic addresses, where they are, who owns them, and so forth. Your PC’s IP address is part of a range of addresses controlled by your ISP. By examining your IP address, anyone can see what ISP your data originated from.

The ads use your ISP’s physical location as a reasonable approximation of where you and your PC are. If you live in the same town as your ISP, the guess about your location will appear to be dead on because your town and the ISP’s town are one and the same. But if — as in Dennis’ case — your ISP is in a nearby town, then the guess about your location will be close but not quite precise.

For more info, Wikipedia has a rich explanation of IP geolocation.

There also are numerous free software tools that can tell you exactly where and how your data flows across the Web, hop by hop. For example, Tracert (pronounced “trace route”), while somewhat primitive, can provide pretty good clues as to the physical location of each electronic hop.

Other tools, such as IPGEO (also free), work as a kind of phone book for the Internet, letting you look up any IP address to see what country, city, region, ISP, and ZIP code that IP address is associated with.

The bottom line is that your IP address isn’t secret (it can’t be). Anyone can use it to make a reasonable guess as to where you are, based on your ISP’s physical location. So, it’s nothing to worry about.

Additional resources: IP Address Locator, Mappa Mundi, Cyber Geography Research, IP2Location (a commercial site with a free demo)

Fred Langa is the editor of Windows Secrets & LangaList. He edited the LangaList e-mail newsletter from 1997 to 2006, when it merged with Windows Secrets. Prior to that, he was editor of Byte Magazine and editorial director of CMP Media, overseeing Windows Magazine and others.