Windows Secrets Newsletter • Issue 95 • 2007-02-08 • Circulation: over 400,000

Table of contents

Top Story: More on the Vista upgrade secret
LangaList Plus: What’s the value of a .name domain?
Wacky Web Week: New PC videos slam the Mac
LangaList Plus: Using Group Policy without XP Pro
Woody's Windows: Vista timesaver #3 — search Outlook sanely
Perimeter Scan: Apple makes QuickTime hard to patch

Top Story

More on the Vista upgrade secret

By Brian Livingston

I revealed in my Feb. 1 article that you can buy the "upgrade" version of Windows Vista and clean-install it to any hard drive, with or without a preexisting version of Windows XP or 2000.

This renders the more expensive “full” version of Vista unnecessary — and many of my readers have provided additional information about why this upgrade trick works.

Vista workaround is a deliberate feature

My previous article explained that the Vista upgrade will succeed, and will validate, when any previous version of Windows is running at the time. That includes a 30-day trial version of Vista. Every retail copy of Vista allows a trial period by installing the product without entering a product key. (See my previous story for the exact steps.)

The evidence is mounting that this upgrade policy is an official decision by Microsoft. It’s clearly not any kind of hacker trick. The steps to install without a product key, and to upgrade regardless of what version of Windows is running, is hard-coded into Vista in such a way that it can’t be a mistake.

One source of mine shared with me some of the thinking within Microsoft on Vista upgrades. I’m withholding the source’s name to protect his relationships within the Redmond company. He exchanged e-mails with a support engineer who said (I’m paraphrasing here):

“Checking for previous versions of Windows was easy to spoof in XP. So Deployment just said, ‘Let’s skip it.’ Vista only requires that the Upgrade Key must be entered while an instance of the operating system is running.”

The ability of Vista to run its upgrade routine over any version of Windows, including Vista itself, apparently simplified life for Microsoft’s developers. It will also reduce the demands on Microsoft’s telephone support department, which now has a method to quickly help people who would otherwise have difficulty installing the upgrade.

I wrote last week that upgrading Vista over a copy of itself might violate Microsoft’s EULA (End-User License Agreement). Now I’m not so sure. Is it a violation to install the product in a way that Microsoft itself programmed the product to operate?

I’d like to acknowledge a couple of readers who wrote that it might be unethical to install the Vista upgrade without having purchased a previous version of the product. I agree. The clean-install method should only be used by people who did purchase a copy of XP or 2000, but can’t install the Vista upgrade over their copy for some legitimate reason (as described in the next section, below).

If Microsoft doesn’t want the clean-install method to work at all, the company can easily change its policy. The Redmond firm could simply code Vista Home Premium’s setup routine, for example, so it actually does check for XP, 2000, or a lower-priced edition of Vista, such as Vista Home Basic.

When a Vista clean install may be necessary

Reader George Walker describes several situations in which Microsoft technical support would need a back door to allow Vista to be installed without a running copy of Windows being present:

“There are certain instances in which a person might not be able to install over an existing copy of XP or 2000.

“For example, say you own a PC from one of the name brands that only shipped with a hidden recovery partition but no CDs. (Several well-publicized class-action lawsuits were filed against these companies over this practice.) You are eligible for the upgrade, and so you purchase and install it. Three months from now, your hard drive fails. You cannot re-install your previous verson of XP — first, because you have no recovery CDs and, second, your recovery partition was lost with the hard drive failure.

“Microsoft’s support would really need a way around this scenario to avoid telling the customer that if they cannot restore their PC to its original installation, they will have to buy another copy of Vista. All you need is one widely publicized instance of some poor, sweet old lady on a fixed income being swindled by the blood-thirsty Microsoft beast to have a public relations nightmare. …

“Other scenarios might include replacing the motherboard in a name brand computer and having your original recovery CDs refusing to install because they no longer recognize the PC as the one for which they were intended. Microsoft had to have a workaround for such instances.”

The ability of Windows Vista to perform a clean install and to upgrade over itself appears more and more to have been deliberately programmed in by Microsoft. It’s not an oversight or a feature that wasn’t intended to be present.

This view is supported by a comment written by my “Windows Vista Secrets” co-author, Paul Thurrott, in the 8-step outline of the procedure that he published on Jan. 29. I tested the process and printed a complete, 11-step version of the procedure in my Feb. 1 article. Paul’s sources say that the Vista clean-install method is documented in the internal knowledge base that’s made available to Microsoft support people.

Upgrade trick works with MS Office, too

Reader Kent Hansen reports that Microsoft Office also upgrades itself over a nonactivated version of itself:

“I was suprised to see last fall that if I took Microsoft up on the 60-day free MS Office trial link on my new Gateway notebook that turning the 60-day trial into a licensed version required only an ‘upgrade’ version of Office.

Ron Harris indicates that this behavior goes all the way back to Microsoft Office 2000:

“I believe it was Office 2000 that, when installing clean from an upgrade CD, would ask for a previous version CD. But if you told it to look (browse) the CD drive that had the upgrade you were installing, it would find itself and accept it as proof of a “previous version”! I suspect this trick works on a number of MS products, actually.

Microsoft developers seem to have decided that it’s too much trouble to determine which versions of software on a user’s PC do and do not qualify for the upgrade price. As a result, more and more of Microsoft’s software appears to consider any preexisting software as qualifying software.

Vista’s behavior of installing its upgrade version over any install of Vista looks more and more like a deliberate decision on Microsoft’s part to make the install easy and less expensive than the full version of its software. The full version increasingly resembles the “golden casket” that undertakers routinely show to bereaved family members. No one expects the family to actually buy the gold-plated model, but it makes the other models seem less overpriced.

European prices for Vista seem jacked-up

Our readers in the United Kingdom are reporting that Microsoft is charging inflated prices for Windows Vista that are the same numbers in pounds as Americans are paying in dollars. That represents almost double the U.S. price. As Chris Bunton puts it:

“How about highlighting Microsoft’s outrageous differential pricing internationally? For instance, in the U.K., the Vista Home Premium upgrade is priced at GBP 149.99 — that’s $294.58 at current rates, and a whopping 88.8% premium over the U.S. price.

“Bill Gates on U.K. TV pretended there is little difference, except for short-term exchange-rate differences, which was really rather disingenuous.

“When there is so much gouging of the market, who is surprised that honest consumers are keen to use any trick in the book to get it at a reasonable price, or else just decide to pass on the upgrade idea? The story is the same for Office 2007.”

I can’t see any logical reason why Vista would cost so much more in the U.K. than it does in the U.S. Perhaps someone who fixes the prices at Microsoft thinks dollars and pounds are equal to each other!

OEM versions and educational discounts to come

I said last week that I’d write about other ways to get Vista for less than full price. These include buying OEM (Original Equipment Manufacturer) versions and by using educational discounts.

I received so many great leads this week from my readers on the Vista upgrade process, however, that I couldn’t get to everything that I wanted to reveal about discount marketing channels. I’ll just say again that buying the OEM version of Windows doesn’t qualify the buyer to receive telephone support from Microsoft. Buying a retail package in a store usually does. I promise to cover these topics and more in the next few weeks.

Readers Walker, Hansen, Harris, and Bunton will receive a gift certificate for a book, CD, or DVD of their choice for being the first to send me tips that I printed.

Brian Livingston is editorial director of the Windows Secrets Newsletter and the co-author of Windows Vista Secrets and 10 other books.

LangaList Plus

What’s the value of a .name domain?

By Fred Langa

There are currently 265 different "top level domains" (.com, .edu, .org, etc.) to choose from when registering your domain. What’s best?

First, let’s help a reader who’s wondering if he got ripped off in buying a .name domain name. Then: Secure erasures, reliable backups, CD lifespans, and more!

A .name domain works like any other

Have you seen some Web sites with names that end in somewhat unusual designations such as .biz, .info, .name, or .pro? Reader George McDaniel bought himself one such domain name and now is wondering if he wasted his money:

"I signed up for one of those .name domain names several years ago. I faithfully renew it every two years, even though I have no use for it and haven’t seen any indication so far that people are using them. Do you expect them to be of any significant use in the future, or is this just a gimmick to sell more domain names?"

It’s a short question, George, but the answer takes a bit of explaining. That’s because understanding .name domains requires knowing a bit about how the Internet’s domain name system works, and why. It’s worth digging into because it’s part of the fundamental logical infrastructure of the Internet — the very basis of everything you do online, including reading this newsletter! And (I admit I’m a geek) it’s also interesting in its own right.

Wikipedia has a truly outstanding article on the domain name system, but it’s over 5,000 words long. So here’s the fast-forward short form:

In terms of the Internet domain hierarchy, site names are read right to left, and every site name has two or three parts. Consider www.windowssecrets.com, for example. In this case, .com is the top-level domain, or TLD. The .com domain is one of the seven original generic domain names for the United States that date to the early days of the Internet: .com, .edu, .gov, .int, .mil, .net, and .org. Top-level domains were also set up at that time for other countries, such as .jp for Japan.

Each top-level domain contains many, many secondary level domains. In our example, windowssecrets is our second-level domain. But microsoft is also a second-level domain. So is google or itunes or yahoo or any of the millions of other .com names in use.

Some names may also include a third-level domain, which is www in our example. Other third-level domains you may have seen are ftp, mail, forum, and so on.

This basic domain-name setup worked for a while, until the Web boom in the late 1990s. But by the year 2000, some felt that the seven generic U.S. TLD names had become too watered down. Many personal sites, for example, were in the top level .com domain, even though those sites had nothing to do with commerce, which is what .com names were supposed to be for.

So several new TLDs were created to help sort out different types of sites. Four new generic TLDs (.biz, .info, .name, and .pro) and three other "sponsored" TLDs (.aero, .coop, and .museum) were added to the original list of generic TLDs. The sponsored TLDs are a special class; they’re not available to just anyone. But the new generic TLDs (.biz, .info, .name, and .pro) are wide open.

And that brings us, in highly compressed shorthand form, to the answer to your question, George. The .name TLDs are completely legitimate and on an equal footing with .com, .edu, org, or any of the other more-familiar TLDs. Enforcement of the naming system, however, is lax. An individual can still register a .com domain and a commercial enterprise could, in theory, register a .name domain. The sponsored TLDs and most of the 240+ country-name extensions, such as .jp, are more tightly regulated.

Because things are so loose, having a .name domain for your personal site is 100% correct, George. But it really doesn’t gain you much of anything in practical terms.

So, is it a scam? Not at all. Will it become more popular in the future? Yes, probably, but very, very slowly because enforcement of the categories varies. Is it worth it? That’s your shot to call. But at least now you have a context in which to make your decision.

You can see the current list of TLDs recognized as valid by the Internet Corporation for Assigned Names and Numbers (ICANN) in the Norid directory. The ICANN site has an excellent, relatively short description of TLDs. In combination with the Wikipedia entry mentioned above, this should give you a more complete idea of the Internet naming system than I could provide in this limited space.

More on making data unrecoverable

The item "Erasing data to make it unrecoverable" in the paid edition of the Feb. 1, 2006, issue generated some interesting reader mail, including these question:

"Would encrypting data and then erasing it be more secure, or is the encryption process itself an insufficient overwrite?" —Bill Webb
"Will a strong magnet erase a hard drive? Magnetic devices were made to erase video tapes. Of course, magnetic erasure would be used only on drives destined for recycling." —Bob Hall

The answer to these and similar questions boils down to "How safe do you want to be?" It’s one of those things that doesn’t have a clear-cut right/wrong answer.

You can achieve a reasonable level of security by using software that employs the "government wipe" technique — overwriting the old data seven or more times with random data. But even then, specialized data-recovery devices may be able to read at least some of the data.

Part of the reason for this is that hard drives aren’t perfect. Head placement can vary slightly over time and from run to run. Although this has no effect in normal operation, it means that areas alongside the normal head positions may contain readable data. In addition, magnetic fields don’t stop abruptly but diminish over a distance. Accessing and reading this off-track data is, in fact, one of the techniques used by high-end commercial data-recovery services.

Encrypting your data beforehand is a great idea, as long as it’s done early in the process. A hard drive that’s set up to encrypt everything from Day One will be very hard for unauthorized persons to recover data from. But if encryption happens late in the life of the drive, then the earlier, non-encrypted data may still be readable.

Yes, a strong magnet will erase a drive, up to a point. Commercial "degaussing" tools use a rapidly-fluctuating magnetic field to scramble the data on a disk and make it much harder to recover. But even there, you’d have to take special care to make sure that every section of every platter in your hard drive was equally exposed to the full degaussing field. Otherwise, you’re wasting your time.

Here’s what I did when I had to discard a hard drive that contained sensitive information on an old e-mail list. This data was always stored in encrypted form to begin with, and that was my first and most important line of data defense. But when the drive was dying and needed replacement, here’s how I did it:

Step 1. I repartitioned the drive, then reformatted it (empty).

Step 2. I used a "government wipe" tool that filled the entire drive with seven passes of random data.

Step 3. I physically removed the drive from my PC, opened the drive housing, and ran a screwdriver tip across both sides of all the platters, scraping off large amounts of oxide.

Step 4. I discarded the disk at a recycling center.

I suppose government-level spooks might have been able to recover some data from that drive, assuming they somehow found it. But the steps I took made the drive extremely safe from any ordinary data-recovery techniques.

Overkill? Maybe. But I didn’t want to take any chances with the personal data.

The bottom line is that if someone really, really wants what was once on your hard drive, there are ultra-sophisticated techniques that can recover at least some of the data, unless you physically destroy the disk by melting it or grinding it into dust.

So you have to ask yourself: How safe do you want to be? Once you answer that question, you’ll know how far you have to go in making your old drives snoop-proof.

There’s lots more information in my InformationWeek article, The "Dead Drive" Security Loophole.

Choosing the best backup software

Reader Dave Davidson asks whether my original advice on backing up a PC needs to be updated:

Fred, you had a backup approach you wrote about in your LangaList a few years back. Do you feel that that approach and program(s) discussed then are still appropriate?

The short answer is "yes." But that’s probably a bit too telegraphic of a reply!

Generally speaking, there are three main kinds of backups: imaging tools, file-backup tools, and rollback tools.

First, there are the "imaging" programs. Imaging tools don’t copy files, per se. Instead, they’re disk-oriented, and make a bit-by-bit, sector-by-sector copy of your hard drive.

This is important: These imaging tools not only capture what’s on your drive, but also the exact placement and order of each bit, byte, cluster, and sector on the drive. When you restore an image, you’re not just putting the files back: You’re actually putting the hard disk into exactly the same state — bit for bit — it was in when the image was made. That’s why, if you image a "perfect" setup (error free, defragged, etc.) then when you restore it, you get that perfect, defragged setup back in one step. In fact, whatever was on the disk, no matter what, will get put back in exactly the same way it was. This is why imaging is the "gold standard" of backups.

Imaging tools include Ghost and my personal favorite, the tool built into Bootit NG. (The same site that offers Bootit NG also provides the stand-alone utilities "Image for DOS" and "Image for Windows.") There are several other imaging tools, too. A Web search will show you the full range of choices.

Moving down a notch, there are the standard file-oriented backup tools, like the NTbackup tool built into XP and available at Microsoft.com in command-line form or GUI form.

File-oriented backup utilities make no attempt to replicate the placement or order of data on your system; instead, they simply focus on copying the files themselves. When used to restore files to the disk, a standard backup usually will do a good job restoring user-created data files, but may or may not get everything — especially files that are in use at the time of backup — 100% back into the same configuration as before.

Better tools use a technique called "shadowing" to try to capture "open" or "in-use" files. This usually works pretty well. But it’s still not as dead-to-rights certain as imaging. And in any case, a standard backup usually will not get your drive into perfect, defragged condition in one step.

Moving down another notch, rollback tools like GoBack and XP’s built-in System Restore work by tracking some or all of the changes you make on your system. This happens in real-time (as you work), on some preset schedule, or when triggered by specific events, such as installing new software.

If you have a problem after installing some software, you may be able to get your system running again using System Restore, because the utility can return your system files to a prior state. But System Restore won’t automatically clean up leftover files and Registry entries caused by the bad install. It also can’t, for example, let you selectively restore just one data file you erased but now want back.

GoBack does offer file-level recovery, but has its own limitations. Even GoBack’s makers clearly state in their documentation that Go Back is no substitute for full backups.

Of course, any kind of backup is better than no backup at all. But if you’re trying to construct a decision tree, consider this: System Restore is better than nothing. A tool like GoBack is better than System Restore. Standard backups are better than GoBack. And "imaging" a drive is better than a standard backup — imaging is as good as it gets.

How to predict CDR and DVD-R longevity

Reader George Butler asks a question that’s increasingly important, since all forms of removable media (floppies, tapes, zip disks…) fade away as they age. What’s the lifespan of the blank CDs and DVDs you use to burn data, music, and whatnot?

If you haven’t thought about this before, you may be surprised — and dismayed — by the answer!

"Have you ever done an article on the expected longevity of burned CDs and DVDs? It would be helpful to cover such things as how disks from various manufacturers stand up to time, heat, humidity, light, etc. What about various colors, such as green, gold, etc. What effect does burning speed have on longevity? What is involved in burning disks for long-term archiving? Do the disks of any one manufacturer stand out against the competition?"

First, just to make sure we’re on the same page: This question isn’t about commercially-produced, prerecorded CDs and DVDs, such as those you buy at music or movie stores. Those have very long lifespans. They’re mainly vulnerable to physical damage to the readable surfaces of the discs.

This question is about CDs and DVDs that you burn yourself (CD-Rs, CD-RWs, DVD-Rs, DVD-RWs). The answer is grim. Some CDs only last for a couple years, especially if they’re exposed to direct sunlight or covered with do-it-yourself glue-on labels. (The ultraviolet in sunlight and the adhesive in glue-on labels can react with and destroy the layer of dye that carries your data!)

The honest answer is that no one really knows how many years these discs will last, because burnable CD-Rs and DVD-Rs haven’t been around long enough. All the studies you see on the life expectancy of CDs and CD-Rs are based on accelerated-aging tests, which are really just a form of educated guess.

If there’s a single, definitive independent source for longevity data on CDs and DVDs, it’s "Andy McFadden’s
CD-Recordable FAQ." It’s huge, free, and is frequently updated with new information. In the nine years it’s been online (an eon in Internet time), it’s racked up over 7 million visits.

If that’s too much data to wade through, then "Is Your Data Disappearing?" may be more to your liking. It’s an article I wrote for InformationWeek that boils down McFadden’s FAQ and numerous other info sources to focus solely on the question of the lifespan of recordable media, including the various types and brands of CDs.
Fred Langa is editor of the Windows Secrets Newsletter. He was editor of Byte Magazine (1987 to 1991) and editorial director of CMP Media (1991 to 1996), overseeing Windows Magazine and others. He edited the LangaList e-mail newsletter from 1997 to 2006, when it merged with Windows Secrets.

The following LangaList Plus tips are in today’s paid newsletter:

• Group Policy tricks available for XP Home
• PivX preEmpt provides ActiveX protection
• Another tool to create hard-drive inventories
• More on offloading your document scanning
• Confusing updates for Daylight Time switch
• Run Windows 98 and XP on the same PC
• Synchronizing mail on different desktops

Wacky Web Week

New PC videos slam the Mac

Apple has been running for months its now-famous “PC vs. Mac” ad campaign. The series of commercials (“I’m a PC" — "I’m a Mac”) is designed to pitch the Mac as a hip, young machine with more contemporary capabilities, while the PC is portrayed as sluggish and antiquated.

Now director Laurie McGuinness has released a “rebuttal,” of sorts. In her version, the PC is responsible and prepared, while the Mac is sloppy and disorganized. In the PC version, the older, distinguished “model” drives the nice car and has the attractive girlfriend, all because he is (as MS tells us) more efficient and “smarter.” Because Mr. Mac has spent too much time listening to music and making frilly videos, he gets none. Watch the video.

LangaList Plus

Using Group Policy without XP Pro

Group Policy tricks available for XP Home

Group Policy is a handy tool, because it lets you lock down your computer through a variety of easy-to-configure settings. Kunal Jariwala writes to ask about it:

“I am facing a problem in my laptop. I want to configure the settings for my desktop and other users. I opened the MMC (Microsoft Management Console) to change the Group Policy settings for my desktop, but I cant find any option for Group Policy. I even tried its direct command gpedit.msc, but still my laptop shows that “Windows cannot find this file, please check the file name.” I tried a lot, but can’t find the solution. I hope, as you are the Windows expert, you will reveal its secret and help me."

Unfortunately, the Group Policy snap-in for MMC isn’t available with Windows XP Home, but only with Windows XP Professional. Since the Group Policy snap-in is essentially a glorified (and admittedly much simpler) way to edit the Registry, you can make tweaks to the Registry to achieve similar effects.

The j79zlr.com article, “ Group policy registry entries for XP Home,” includes a list of Registry keys and settings for XP Pro, many of which also work if you manually edit them in XP Home. Just be very careful when editing the Registry, because some mistakes might render your system unstable or unusable.

PivX preEmpt provides ActiveX protection

Ever heard of ActiveX controls? Windows is chock full of them. Many third-party vendors develop their own, too, so you might wind up with many more on your system over time. Chip A. Barker writes to ask about ActiveX:

"I’m a previous LangaList Plus subscriber and I would like to see an article (or two or three) on what ActiveX controls are, how they work, which ones are bad, how to manage these dang things, etc.”

To explain briefly, ActiveX controls are applications that typically run inside a Web browser and sometimes inside other applications. ActiveX provides a way for a developer to create an applet that can perform any number of tasks. The developer can distribute that applet easily over the Internet so that it “snaps in” to your system.

Microsoft developed ActiveX technology as a progression from its previous APIs for Object Linking and Embedding (OLE) and the Component Object Model (COM).

Many ActiveX controls are considered to be outright dangerous. As such, you should protect your system against having them abused. One of the best ways I know of to add that protection to your system is to use PivX preEmpt. This is a security tool ($45 for a single machine) that defends against the abuse of ActiveX controls and a whole lot more.

Another tool to create hard-drive inventory

In the Feb. 1 newsletter, I mentioned the tool FolderSizes, which lets you generate many different types of reports about files on your hard drives. This week, Rob Skinner writes in to share his tip about another, similar tool:

“I’d like to recommend WinDirStat, a free tool for visualizing file types and sizes for your entire file system at once. It doesn’t print out reports, but with it you can almost instantly see the relative size of folders or the space taken up by any file type.”

Thanks for the tip, Rob!

More on offloading your document scanning

In last week’s newsletter (Feb. 1), Sue Myran asked if there’s any standalone scanner that can scan directly to a Flash memory card. This week, Dave Detert and Sigurd Lasa write to tell us about other scanners that I didn’t know about with such capability:

“I don’t know what Sue’s exact requirements are, but the HP C6180 (and I’m sure other All-In-One models) will scan to a USB flash drive or memory card and it costs less than $300. The file will be a .jpg image, but they do have OCR software available as an option, though I’ve never used it.”

Dave’s right. The HP C6180 scanner will, in fact, scan to a variety of memory cards. New units cost around $265. Used units can be purchased for a little less on sites like eBay. If you’re looking for such a device, be sure to search HP’s Web site for any newer models that may have been released.

Sigurd Lasa writes to say that the Lexmark x664e can also scan directly to memory cards. It’s more expensive than the HP model, costing roughly $1,295 USD brand new.

Confusing updates for Daylight Time switch

I mentioned on Feb. 1 a workaround for correcting Daylight Saving Time on your computer if there isn’t a patch available for your version of Windows, as is the case for Windows 2000.

Reader Ron Smith recommends an unofficial, third-party patch for the DST problem. The patch is published by IntelliAdmin. Microsoft, of course, won’t provide support for this patch, but you can certainly try it if you need to make your computers adjust correctly to Daylight Time on Mar. 11 in the U.S.

Run Windows 98 and XP on the same PC

Some people still use Windows 98, for whatever reasons, and sometimes it’s desirable to have it loaded on the same system as another version of Windows. Jesse Wasserman writes to ask about this possibility:

“Can you explain the possibility of running Windows 98 and XP on one PC by partitioning the hard drive?”

Jesse, you don’t have to partition the hard drive, but you probably should. The main reason for doing so is that you can format one partition using NTFS for use by Windows XP. This lets you take advantage of XP’s file-system security, which isn’t available in Windows 98.

If you partition your hard drive into two parts, be sure to format the first partition using the FAT file system. Windows 98 cannot read NTFS file systems directly. You’d load Windows 98 on the first partition (formatted with FAT) and load Windows XP on the second partition, formatted with NTFS.

Synchronizing mail on different desktops

You might be among the many people who have more than one desktop. If you are, then you might wish you could synchronize e-mail across those desktops. Bob Wickham writes to ask about this situation:

“I am using Thunderbird e-mail on two desktops in different offices and a laptop. Is there a utility that would allow me to keep the e-mail addresses on all three computers up to date and in sync over the Internet? Also a way to backup the lists on each computer? Perhaps a Web based utility or service?”

There are a few ways I can think of that might accomplish e-mail synchronization:

One way is to set the e-mail client to leave the mail on the server when checking mail. That way, your other e-mail clients can still get a copy. Another way would be to use an IMAP mailbox instead of POP3. IMAP stores mail on the server, and you can manage that mail from any IMAP-enabled email client.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

Woody's Windows

Vista timesaver #3 — search Outlook sanely

How to waste time with Vista search

Vista’s new search capabilities certainly look neat. The demos run like a common rail diesel. But when you sit in the driver’s seat using Vista search on real-world problems, you may see things differently. Don’t be surprised if you go searching for something and can’t find it. Vista’s search marches to its own drummer, and the bugs seem to be calling the tunes.

You might think that tweaking search dialog box settings or flipping magical Registry bits or combining clever saved searches will make searching with Vista faster. Sure, you might be able to save a few seconds here or there with a little technical sleight of hand. But the big Vista search time-wasters don’t have anything to do with Boolean strings or indexed file types.

In my experience, the biggest time-sucking problem you’ll encounter with Vista’s search lies in puzzling over why in the blue blazes you can’t find something you know is out there. The second largest time-waster comes from wading through all the junk.

If you haven’t seen the junk yet, believe me, you will. Read on.

You can waste an enormous amount of time trying to understand Vista’s searching idiosyncrasies. In coming weeks, I’ll step you through the Byzantine rules that Vista employs to decide precisely what to index, and how you can bend those rules. I’ll also explain how to work with those rules to retrieve the things you want.

This week, I’m going to stake off a small corner of the Vista search world that will no doubt perplex you soon, if it hasn’t stumped (and infuriated!) you already. The problem arises from a devilish inconsistency between Vista and Outlook 2007.

Vista finds deleted messages, Outlook doesn’t

If you have a machine running both Windows Vista and Outlook 2007, try a little experiment. Start Outlook. Go into your Deleted Items folder and select a common word in one of the messages there — nothing fancy, just a term that you can easily find in messages in Deleted Items. Then go into your Junk E-mail folder and find a keyword in one of the messages there. Now click on Inbox, and go back to looking at your Outlook inbox. All is right with the world, and Outlook appears the way it always does, right? Good. Get ready to stumble down the Instant Search rabbit hole.

Press the Windows key (or click the "Start" button) to bring up the Vista Start Search box. Type in the keyword that you found in one of your Deleted Items messages. Wait a second or two for the search to stabilize, and you should see the matching deleted message in Vista’s list. (If the list is too long, click the link to See all results. You’ll see the matching deleted message there.) Cool. That works.

Now flip back over to Outlook. At the top of the list of messages, there’s probably a box that says Search Inbox. (If you can’t see a Search Inbox box, click Tools, Instant Search, Instant Search.) Click the down-arrow to the right of the magnifying glass and choose Search All Mail Items. Then type the same keyword into the search box. Wait a second or two for the search to stabilize. Guess what? Outlook doesn’t find the message. Wuh?

Forcing Outlook to find deleted messages

There’s a reason why Vista finds messages in the Deleted Items folder but Outlook does not: Outlook’s default is to skip all the messages in the Deleted Items folder. Vista’s default, by contrast, is to cough up all of the messages in Outlook. Big difference.

If you know that the message you seek is in the Deleted Items folder, you can search for deleted messages from inside Outlook 2007 by clicking on the Deleted Items line over in the navigation pane (on the left) and typing your search string in the search box. But if you start in the Inbox (as most people do) and ask Outlook to search all mail items, it doesn’t "see" anything in the Deleted Items folder. Worse, if you click on the Personal Folders line in the navigation pane, expecting to run a search on all of the mail in Personal Folders, Outlook won’t let you run a search: the Search command is grayed out.

It’s easy to correct Outlook’s boorish neglect. In Outlook, click Tools, Instant Search, Search Options. Check the box marked Include messages from the Deleted Items folder in each data file when searching in All Items. Click OK.

Outlook finds all your junk e-mail

While Outlook ignores the Deleted Items folder (at least, it doesn’t deign to search within it when looking for "All Mail Items"), Outlook works hard with Vista to make sure all of your spam is instantly available. Yes, it’s true: Outlook 2007 dishes up your entire Junk E-mail folder for Vista’s indexer. Chomp.

If your attempts to use Vista’s search didn’t bring up a healthy display of junk e-mail, press the Windows key or click Start to bring up the Start Search box. Type in a common word that’s in one of your Junk E-mail folder messages. See how Vista gladly displays every match in your Junk E-mail folder? (In fact, the search I’m looking at right now brings up two entries for some matches in the Junk E-mail folder, and it lists one matching junk message twice. It says that it’s both in the Inbox and in the Junk E-mail folder. Bugs.)

Fortunately, searching from inside Outlook doesn’t display matches in the Junk E-mail folder, unless you specifically click on the Junk E-mail folder in the navigation pane, and run the search from there.

I know one fellow who decided to show his boss Vista’s fancy new search box. He clicked Start, typed a few characters, and wham! Volumes of, ahem, shall we say "indiscrete" e-mail subject lines appeared on the screen. Instead of being wowed by the virtues of Vista, the boss left wondering aloud why that kind of crap was sitting on a company computer.

Eliminate spam e-mails from your searches

I don’t know of any way to make Vista’s indexer ignore junk e-mail, or any way to tell Vista that you don’t want to see matches from the Junk E-mail folder. In other words, I don’t know any way to use Vista’s search in front of the boss.

You can empty out your Junk E-mail folder periodically. (To do this, right-click on the folder in the navigation pane and choose Empty Junk E-mail Folder.) But that’s a poor second choice.

For now, if you’re searching for e-mail in front of the boss, you’d better go into Outlook and search from there. That’ll save some time. It might also save your job.

Woody Leonhard‘s latest books — Windows Vista All-In-One Desk Reference For Dummies and Windows Vista Timesaving Techniques For Dummies — explore what you need to know about Vista in a way that won’t put you to sleep. He and Ed Bott also wrote the encyclopedic Special Edition Using Office 2007.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

Perimeter Scan

Apple makes QuickTime hard to patch

QuickTime is in my Top 10 list of third-party software you’ll probably find on almost every Windows machine.

You should patch it with the same priority as you would for any Microsoft vulnerability — but Apple isn’t making this particularly easy for Windows users.

Urgent — update QuickTime to 7.1.3.191

Apple has issued a patched version of QuickTime, known as version 7.1.3.191. This update was released in response to a vulnerability posted on Jan. 1 by Kevin Finisterre and the guys publishing the Month of Apple Bugs (MoAB). The MoAB guys were focused on breaking Macs, but the Windows version of QuickTime has the same problem.

Apple isn’t making it easy to get all of your computers patched and up-to-date. I disapprove of doing things Apple’s way on my Windows machines. The company’s failure to provide a simple upgrade process for QuickTime on Windows is just leaving more copies of QuickTime vulnerable and making the Web attacks more of a threat.

Patching QuickTime shouldn’t be a big deal, right? You just download the patch file and push it out with your patch/software distribution tool. Also, you grab the corrected installer while you’re there, so you don’t have to first install a vulnerable QuickTime version in order to upgrade to the fixed version.

Not so fast.

Update your way, not
This article is part of our paid content. Subscribe.
Already a paid subscriber? Click here to login.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period. Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,

Visit our Unsubscribe page.

Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months

Leaving long cookie trails throughout the Web 5.00

Windows-like security for Android devices 5.00

Win7′s no-reformat, nondestructive reinstall 4.53

The sorry tale of the (un)Secure Sockets Layer 4.42

RPV: Win7′s least-known data-protection system 4.33

Recovery: the last step in total data security 4.30

Time for a .NET update we can’t ignore 4.30

Getting the most from Windows Search — Part 1 4.25

Revising printing habits saves money and trees 4.25

Upgrades end in erratic, partial hangs 4.25

Pros and cons of a ‘keyfile’ password 4.21

Beating back Duku and a plethora of other threats 4.20

Office 2007 gets its final service pack 4.19

Putting Registry-/system-cleanup apps to the test 4.19

One year and 99 security bulletins later 4.18

1.8TB external drive goes down hard 4.17

Don’t pay for software you don’t need — Part 3 4.16

Internet Explorer gets another round of patches 4.15

Is your free AV tool a ‘resource pig?’ 4.15

Vacation’s over; it’s a big round of patches 4.15

Remote access leads to remote attacks 4.15

Keeping you up to date: say no to .NET — again 4.14

Take control of Google’s privacy policy settings 4.14

Office File Validation patch leads to problems 4.14

The advanced system-recover toolkit 4.13

New “419″ scam involves PayPal and Western Union 4.12

Readers’ best personal-privacy tips 4.11

Getting the most from Windows Search — Part 2 4.11

Re-examining Dropbox and its alternatives 4.10

Easily edit Windows’ right-click context menus 4.09

Top-scoring articles in the past 12 months

Internet Services

Web Development

Digital Marketing

Consumer Tech