bdpnetworks
newsletter - issue #7bdpnetworks
newsletter - issue #7Security
and Privacy update:
• Things
you need to do to keep your system secure
• Spyware: It's getting worse
Nonstandard Microsoft e-mail attachments, or "What is winmail.dat?" (TNEF/RTF)
Microsoft quietly changes how Internet Explorer functions...
Tips & Tricks
• Netware:
Netware: Undelete your files with ease
• Windows:
Filename completion on the command line
Information
about my services
• Who is this guy?
• What is this all about?
Fun
& Cool
• Space Needle / Seattle Center 40th Anniversary
• CIA Factbook
• Microdots!
• Serious Lego
• Cheese Racing
• GE Color
Quiz
Welcome once again to the bdpnetworks monthly newsletter, an eclectic but hopefully useful assortment of information in a condensed format. My goal is to give you some great information you can use, while raising awareness of the types of services I can provide for businesses.
If you find any of this information useful or fun, please do me a favor and pass a copy of this newsletter on to at least one other person you know. I would really appreciate it.
As always, if you have any questions or comments about anything at all, please don't hesitate to contact me at info@bdpnetworks.com. I do NOT charge for simple e-mails and questions (even for non-customers), so give it a shot. :)
NEW! I'm now offering fixed-price Project bids, and fixed-price Maintenance Retainer contracts! For details on these and more information on bdpnetworks, please see the section below entitled Information about bdpnetworks.
Special thanks to Katerie Prior for helping to proofread this newsletter. Visit her writing website at http://www.writers-confidant.com
Thanks again for reading!
The latest big virus to spread through Microsoft Outlook is "Klez." Recent estimates have put infection rates at a whopping 7.5% of all PCs connected to the Internet. I've received dozens of messages (mainly on mailing lists) that have been infected by a variant of this virus. Klez is a bit more progressive than some previous viruses, as it constantly changes it's "look" in outgoing e-mail messages. You can revisit issue #2 for more information on viruses like Klez and an in-depth discussion about virus protection software.
But virus protection alone is not enough security for any computer hooked to the Internet... there are at least THREE things you need for security and privacy:
Keep it patched! (closes security holes caused by bugs)
Visit Windows
Update regularly, run "Software Update" on Mac OS 9 or OS
X, or run "up2date" on RedHat Linux
Install virus protection, and keep the signatures updated! (prevents
viruses & worms from damaging your files)
Home users, get some right now: Norton
AntiVirus or SystemWorks,
McAfee Netshield. Symantec (Norton) also makes virus protection for Mac
OS 9 & OS X. Linux doesn't really need virus protection... yet...
See issue
#2 for more virus protection options.
Use a firewall! (keeps hackers from penetrating your system while
connected to the Internet)
Software for the home: ZoneAlarm
Pro, or Norton
Internet Security (includes virus protection). Mac OS X users can use
a good program called BrickHouse
to configure the built-in firewall. Note: Windows XP already comes with
a firewall, and Linux users have to do a bit of work to turn on their firewall.
Hardware for the home: any NetGear DSL/Cable router with NAT+ will work
great for most people
Also helpful - Turn off file sharing in Windows 2000/XP/Me/95/98 if you don't use it to help keep hackers out, and use an anti-Spyware tool such as Ad-Aware (see below) to keep your information private.
A great step-by-step guide to securing your system is available from TechTV. Written by Leo Laporte, it includes all of these tips as well as several others worth noting.
http://www.techtv.com/screensavers/answerstips/story/0,24330,3382602,00.html
For more information on these items, see previous articles of my newsletter at:
http://www.bdpnetworks.com/newsletters.html
P.S. Mr. Laporte has written an excellent book full of tips for Windows, Mac & Linux systems. It's available from Amazon.com at this link:
http://www.amazon.com/exec/obidos/ASIN/0789726912/bdpnetworks-20
In issue 4, I wrote about the increasingly common problem of Spyware. Spyware is software that tracks Internet usage and demographics information about you, and sometimes causes software conflicts and incompatibilities without your knowledge.
Ad-Aware is an excellent free program, similar to a virus scanner, that will check your system for Spyware (also called Adware or Malware.) It has been a great way to combat Spyware and keep your information private, as well as preventing potential software conflicts.
A new media player/spyware program called RadLight now exists that will attempt to locate and uninstall Ad-aware if found on your system. What's worse is that this spyware actually includes a clause in the license agreement that says something to the effect of "you may not use this software with Ad-aware installed on your system." This has sparked outrage from privacy advocates worldwide.
Despite the threats, I'd recommend continuing to run Ad-aware regularly (at least once every few weeks) and to keep the signature files updated (which you can do with another utility available from their website, called RefUpdate). I still find new spyware on my system at least once or twice a month.
Here's an interview with Nicholas Stark, the developer of Ad-Aware, discussing the new RadLight spyware that intentionally uninstalls Ad-Aware: (salon.com):
http://salon.com/tech/feature/2002/04/26/anti_spyware/index.html
Here's an in-depth discussion of the problem with RadLight (spywareinfo.com):
http://www.spywareinfo.com/issues/index.html
Ad-aware & RefUpdate are available from any of these websites (sometimes they can be down due to high traffic):
And here's the original article I wrote about Ad-Aware:
http://www.bdpnetworks.com/nl/nl04.html#spyware
Do you listen to streaming Internet radio at home or work? Streaming Internet radio is a great way to get commercial-free broadcasts of music you would never otherwise hear on FM radio. These stations are often run as hobbies, by people who are passionate about music and who don't have the huge budgets of commercial FM stations.
The RIAA has imposed huge tariff increases on Internet radio stations that will go into effect at the end of May, retroactive to 1998! This means small-time Internet radio stations will be forced to pay hundreds of thousands of dollars if they wish to remain on the air, meaning most Internet radio stations will be forced offline. RIAA often blames lagging CD sales on new technologies such as file sharing (Napster et. al.) and Internet radio, while failing to ever place blame on their own inflated CD prices which often reach close to $20/album.
A coalition of Internet radio stations has banded together to help fight this: you can visit their website for more information on how you can help!
http://www.saveinternetradio.org
And if you're just learning about Internet radio for the first time, visit one of these links for a list of radio stations & help with software:
Recently, I had two customers come to me saying their users were complaining about not being able to read some e-mail attachments sent to them. Both companies are using Novell GroupWise 5.5 as their primary messaging system. I did some research and found out the attachments were all coming from Microsoft Exchange systems. The easy thing to do in this case (and I've seen more than one "executive" take this approach) is to point the finger at GroupWise and say "well, why don't we just switch over to Microsoft Exchange? Everyone else is doing it, and then we wouldn't have the problem."
This made me a bit suspicious--I have never really had problems sending/receiving attachments with GroupWise in the past, as it properly supports MIME encoding & even supports some older non-compliant standards including UUencode/UUdecode and Macintosh BinHex. After some research, I found the attachments in question were coming from a Microsoft Exchange e-mail system, and they were encoded in proprietary Microsoft formats unique to Microsoft Exchange and Outlook. In fact, there were two problems here; one is that Microsoft supports sending E-mail messages in "RTF" format (rich text format), which is definitely NOT supported as an Internet e-mail standard. Another is that the attachments can be encoded in a form called "TNEF" (Transport Neutral Encoding Format), which is also not an Internet e-mail standard. TNEF-encoded messages show up to non-Microsoft e-mail systems as an attached file named "winmail.dat." Exchange has some options at the server level that can actually enforce RTF & TNEF, thus breaking compatibility with any program that's NOT Microsoft Exchange. So if the system was GroupWise, Lotus Notes, or even a POP-based e-mail system with Netscape Messenger or Eudora on the front end, the problem would still surface. I pointed out that the Exchange systems in question weren't following Internet standards, and gave the clients information on how to properly configure them. It fixed the problem.
Why would Microsoft deliberately design their software to do something that's not considered "normal" by the rest of the world? Well, they have a long history of doing this and their answer is almost always to "provide features our customers want and to support backwards compatibility with older versions of our software." RTF and TNEF have been superseded long ago by other formats; to get graphics and different types of text in your e-mail these days you can use HTML. And TNEF was specific to some older Microsoft products (such as Schedule+) that have long been superseded by newer versions of Outlook. And it is not out of the question that Microsoft would intentionally leave deprecated features in their software simply to make it less compatible with the outside world, which sometimes helps sway decision makers to just use the most "dominant" e-mail system, instead of specifying products that most closely follow standards.
Unfortunately, Microsoft Exchange has become "shovelware," including countless features that most people never use. This leads to software instability, security holes and code that requires too many resources to execute. I am a pretty big fan of Novell GroupWise because it solves some important enterprise messaging problems more elegantly than Microsoft Exchange. For instance, Novell's GroupWise is generally not susceptible to the same virus outbreaks as MS Exchange/Outlook. It also requires a fraction of the server requirements & maintenance that an Exchange system requires. It doesn't require you to deploy a complex Active Directory-based Windows NT & Windows 2000-centric network to make it useful. And I have heard many who have used both remark that GroupWise is ultimately easier to use, and that the client is much leaner than Outlook. GroupWise isn't perfect (and Novell 's lack of marketing savvy hurts it), but it is pretty reliable and useful on a day-to-day basis. I think it's still one of the best available packages for the problems it solves.
Despite its popularity & feature set, Microsoft Exchange may not be the best fit for some companies. Novell GroupWise or Lotus Notes may fill requirements more easily, and some companies may even be better off with a simpler, more basic e-mail system using a Linux- or appliance-based POP/IMAP e-mail server. If you are thinking of installing or upgrading your e-mail system, please contact me because I'm eager to tell you what I know. I can give you some options so that you can select the best package that fits your company's needs.
A company called ScopeWare previously published a freeware Java-based tool for decoding MS-TNEF files, called "LS-TNEF." Unfortunately, as of this writing, they have rearranged their website and the tool is nowhere to be found. You can attempt to locate it via Google yourself should you need it, though. Just search for "LS-TNEF."
http://www.google.com/search?hl=en&q=ls-tnef
How to turn off RTF & TNEF on a Microsoft Exchange system:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q136204
Have you noticed anything different when you try to go to a nonexistent page
with Internet Explorer lately? A few months ago, Microsoft flipped a "secret
switch" that caused all Internet Explorer browsers to redirect the "404
Error - Not Found" page to their own MSN search engine. You can try this
yourself by going to any URL that doesn't exist, such as:
http://quudyyrlwoiudiuf.com
Microsoft is trying capture a bigger market for their MSN search engine. They get more queries, which means they can collect more demographic information about the people who use Internet Explorer. They can also advertise to people who might not have normally fallen into the MSN search "trap."
MSN search is not the worst possible search engine, but it's no where near as comprehensive as a fully-indexed database such as Google or as meticulous as a hand-sorted category-based index such as Yahoo!. It would be nice to see Microsoft allow users to customize the search page that automatically popped up, but this is not likely to happen. They insist that having the MSN page pop up on its own is "good for the consumer."
The worst part about this is that Microsoft has fundamentally changed the way my system operates without my knowledge or explicit permission (though I'm sure I blindly agreed to it somewhere in the Internet Explorer license.) Because Microsoft's software is already a "closed box," are we to expect more changes like this in the future? How many other "secret switches" are embedded in their software waiting to be activated? If you try to launch AOL Instant Messenger, will it redirect you to MSN Messenger instead?
What do you think about this? Is this helpful? Or is it more sinister - a sign the types of things Microsoft may eventually start to do with your software without your permission?
Write me, and I'll publish your comments in the next newsletter.
For a great, free, open-source alternative to Internet Explorer that runs on almost any operating system, check out Mozilla! which is almost ready to ship version 1.0. I first wrote about Mozilla in issue #3.
Here is a great tip I picked up from TechTV a few months ago - it lets you turn on filename completion at the windows command prompt. Tab-based file completion means you can type part of a filename at the command prompt then hit "tab" and the OS will attempt to fill in the rest of the filename for you (or offer you a list of matching options.) This is common on UNIX-based systems, but has been lacking in the CMD.EXE shell that ships with Windows. A great time saver if you spend a lot of time at the command prompt. Who knew this was even an option under Windows?
For details on how to do this, go here: (TechTV)
http://www.techtv.com/screensavers/windowstips/story/0,24330,3365929,00.html
By this point, you've probably guessed that I'm a big fan of Novell Netware. While some may view the operating system as archaic, Novell has kept up with the times by incorporating the latest Internet standards, while maintaining the features that make it an ideal network server. Over the past few years, however, the company has not marketed their strengths to the appropriate people. Even so, I still believe it's ultimately the most versatile and least-expensive (overall) way to run your business network (for most companies). Netware's greatest strengths are in the way it gracefully handles basic network tasks.
A good example of something Netware does better than anything else is the built-in salvage ("undelete") command. Novell has made the salvage process very easy: If you have the Novell-supplied Netware client software installed on your workstation, you can right-click on the directory you've deleted the file from and select "salvage deleted files." It will present you a list of all of the deleted files from that directory that you have the appropriate rights to, along with the date & time the file was deleted. Another unique feature is that it lists the name of the user who deleted the file, which makes it easy to troubleshoot what happened (or point fingers, if that helps. :)
Novell's file salvage system also retains multiple versions of a deleted file. This is especially useful with programs like Microsoft Word and Excel, which actually create a new copy of the file & delete the old one each time you save the file. This means you can literally go back in time and easily retrieve older versions of the file.
Strangely, most other server operating systems still do not have a basic undelete command built-in. With the rush for Internet gizmos, basic functionality like this has sometimes been left by the wayside. If you're using Windows NT server or Windows 2000, all is not lost--you can purchase third-party software (listed below) that will approximate this functionality. Linux doesn't even have this option (yet) though there are a few open-source projects in the works that will do it. But Novell has had more than ten years of experience with this technology, and it's a "true" undelete in that it actually puts deleted files into a holding area. They are fully recoverable until they have been "purged" from the volume. Some other undelete schemes attempt to salvage files that the operating system thinks are completely gone; these techniques may not be able to retrieve entire files if parts have already been overwritten..
Undelete has pretty significant implications in cost savings; without an undelete command, many people have to resort to restoring from backup tapes, which can take a minimum of twenty minutes or more. Some backup recovery procedures can take several hours to restore a single file, and ultimately have to involve the network administrator. With a good undelete facility, the user or supervisor is empowered with the ability to restore their own files. This ultimately saves time for everyone, reduces the number of people involved in the process, and impacts the bottom line of the company.
For more information about undeleting files with Netware (and a technical overview of how it works internally), go here:
http://www.novell.com/documentation/lg/nw4/docui/index.html#../sfug_enu/data/hdz0q32p.html
For information about a third-party undelete product that can be added to Windows NT or Windows 2000 server, go here:
http://www.executivesoftware.com/undelete/undelete.asp
I'm writing most of this newsletter on my new Apple iBook laptop that I recently purchased in December. After having used it for four months, I'm finding it's the best computer I have ever owned and is probably also the most useful. Here are some random thoughts about this machine and why I think it's such a successful design:
I'm most impressed with Apple's commitment to their next-generation operating system, Mac OS X. Since purchasing the laptop I have installed four updates to OS X (that would be considered service packs on the Windows platform). Apple is furiously cranking out new and improved code changes to this operating system. While it is technically still a bit of a work in progress, it feels refined and elegant throughout. And Apple is promising OS X 10.2 by this summer, which is only a little over a year and a half since OS X 10.0 was first released.
From a design perspective, this laptop fits my needs because it feels very durable. I'm not 100% happy with the hard shiny plastic finish--while it looks cool, it can scratch easily. But it is rugged, and all of the ports and options are designed "into" the case so there is never anything sticking out. This is great because things won't accidentally get broken off. Also, the laptop feels like it's heavy duty- I can toss it around a bit and literally "slam" the screen closed and I don't have to worry about it.
OS X has a miraculous sleep cycle. I have frequently had problems in the past getting PC-based laptops from different vendors to "go to sleep" or go into suspend mode properly with Windows 2000, 98 or XP. But this laptop literally sleeps three seconds after closing the screen. And even more amazing: it wakes up almost instantaneously. I can actually open the screen and begin typing in less than 5 seconds - the entire system is alert by that point. I am astonished at this, considering how hard it has been to implement on the PC side.
In many respects, the laptop reminds me more of my Palm PDA than of my complex Windows 2000-based desktop computer. While it can do everything the Windows 2000 computer can do (and then some more), it feels designed more like an "information appliance," always available and ready to soak up more data. OS X never "goes goofy" and requires a reboot, and device drivers don't fail. I also get about three hours of battery life from a full charge on average, easily beating most PC laptops.
If you don't have a huge investment in PC software and are looking for a new laptop or desktop computer, you might consider the options Apple has on offer. In my opinion, most of their products (especially the new iMac and Titanium PowerBook, not to mention the iPod music player) are currently the best on the market, and they're only getting better.
For more information on my iBook, visit this link:
For information on the awesome new iMac (with cool pictures), go here:
For information about the new G4-800MHz Titanium PowerBook (which probably runs roughly as fast as a 1.6-2.0GHz Pentium 4, if not faster in some cases) go here:
http://www.apple.com/powerbook
And for information about Apple's new OS X operating system, check out this link:
Finally, Apple has made a newly redesigned "old" iMac available to educational customers at a lower pricepoint. It's called the eMac.
http://www.apple.com/education/emac/specs.html
If you have read this far, THANK YOU!
bdpnetworks (located in Seattle, WA) is owned and managed by Brian Place (that's me!), and I maintain a network of contacts with other independent computer consultants and support firms for subcontracting purposes. I've been doing this consulting thing for quite a while as an employee of other computer service companies. While my experiences were very enriching, I've generally been frustrated by the lack of consistency or innovation at those companies and the overhead a lot of them carry. I think I can do a better job by myself at a lower cost, so I formed bdpnetworks in June, 2001.
Many companies are pouring vast sums of money into their infrastructure just to keep it stable, let alone add value or features to it. This doesn't have to be the case; I have the experience necessary to help get these networks running well again and the know-how to add innovative features that will benefit everyone. My focus now is primarily on small businesses in and around the Seattle area. I enjoy working with small companies and am looking forward to forming new relationships, especially with organizations near my Capitol Hill office.
I offer a free one-hour onsite consultation to new clients, so you have NO RISK! If you would like to set up an appointment, give me a call at (206)351-7964 or e-mail me at bdp@bdpnetworks.com
Additionally, I am now offering fixed-price bids for projects as well as Maintenance Retainer contracts. Fixed-price project bids mean you can control the cost of a project up-front & know that costs won't spiral out of control. Maintenance Retainer contracts are especially great for small companies that need extra computer support but can't hire their own administrator--I will drop by at least twice a month to check backups and virus protection as well as fix any "laundry lists" of workstation- or server-related problems. With a Maintenance Retainer contract, I will also respond to computer emergencies within four hours, and most of those problems will also be covered under the same contract! It's easier to budget for, and you'll enjoy peace of mind knowing that your systems are always up-to-date and well cared for.
For more information, please call me at (206)351-7964 or visit my website at http://www.bdpnetworks.com
The hopper is getting kind of full, so I thought I'd throw in a few extra Fun & Cool links this month... but continue to send me your submissions!
The Space Needle & the surrounding Seattle Center turn forty years old this month! Originally built for the 1962 World's Fair, these landmarks are like Seattle's "town square," and 80% of Seattle residents visit Seattle Center at least nine times a year! Since moving to Seattle in 2000, I have grown to really appreciate the beauty of the Space Needle - it has great lines & continues to look towards the future even to this day.
For more information about Seattle Center today with a little bit of extra background history, check out this page:
http://seattletimes.nwsource.com/news/local/seattlecenter/facts/
Everything you've ever wanted to know about any country. Great for school research projects!
http://www.cia.gov/cia/publications/factbook/
A new way of encoding unique tags onto high-ticket items, such as cars.
http://www.wired.com/news/technology/0,1282,50598,00.html
Legos could never do any of this when I was a kid...
This is just silly.
How color-savvy are you?
http://www.gereveal.com/reveal/color2.html
(c)2002 Brian Place for bdp networks. All Rights Reserved.
Proofread by Katerie Prior of The Writer's Confidant, http://www.writers-confidant.com
Feel free to forward a copy of this to whomever you wish; please leave the contents intact.
If you would like to subscribe or unsubscribe to this newsletter, please send e-mail to subscribe@bdpnetworks.com or unsubscribe@bdpnetworks.com
Questions, comments, concerns or flames may be directed to newsletter@bdpnetworks.com
Thank you for reading!
INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT. NEITHER BRIAN PLACE NOR BDPNETWORKS TAKE ANY RESPONSIBILITY FOR ANY NEGATIVE CONSEQUENCES RESULTING FROM THE USE OF ANY OF THE INFORMATION CONTAINED IN THIS DOCUMENT.