SPCUG Home Page | Officers | Newsletter | SIGs | Regular Meetings | Sarasota | Join NOW! |
| Coming Attractions | Favorite Links | Calendar | Search | Site Map | Dave "Bytes"
| Dave "Bytes" Please remember to use your thinker, before you tinker! |
|
SPCUG Home Page | Officers | Newsletter | SIGs | Regular Meetings | Sarasota | Join NOW! |
| Coming Attractions | Favorite Links | Calendar | Search | Site Map | Dave "Bytes"
| Dave "Bytes" Please remember to use your thinker, before you tinker! |
|
A Periodic Newsletter for the Members of the Sarasota PC User Group and the World!!
Click here to subscribe to Dave "Bytes
(Please provide your full name and email address)
Here's An Internet Explorer Tip
Say Goodbye To The 'Go' Button
Here's a way to remove a button from Internet Explorer that most people never use.
Chances are when you type a URL into the Address field you hit the Enter button to go to the site. You may have never noticed it, but beside the Address field there is button with an arrow icon and the word Go. It performs the same function as hitting Enter. If you never use it and want to simplify the look of your browser follow these steps.
In Internet Explorer click on the Tools menu.
Select Internet Options.
Click on the Advanced tab.
From the Settings menu, uncheck the Show Go button in Address bar box.
Click Apply and Ok.
Users Often Invite Spyware Trouble
Tagalong software, generally known as spyware, is an especially tricky security threat because user carelessness is nearly always to blame.
All Dennis McGrath wanted was to belong. Just about everyone else in his chat room began displaying new kinds of smiley faces with their messages. So he downloaded a free program to get some, too.
Little did McGrath know he would also get a pesky toolbar that keeps reappearing no matter how he tries to disable it.
"When you go install something, a big window should come up with big letters and tell you in the first paragraph, `Here, we're going to install this, this and that,'" said McGrath, a former truck driver in San Jose, Calif.
McGrath realizes he might have agreed to the toolbar in accepting a licensing agreement he didn't bother to read.
Craig Herold, a retired phone company employee in Fort Wayne, Ind., allows that software developers may have the law behind them when they include consent within the licenses, but "everything that is legal is not necessarily ethical."
At one point, he broke his computer trying to remove spyware himself. It took three technicians at the local repair shop to figure out how to restore his machine.
Indeed, some repair shops blame spyware for more than half the trouble they're seeing. At Dell Inc., spyware accounts for 15 percent of service calls, up from 2 percent in August 2003.
And it comes down to the same reason: Users don't know better.
Not that spyware developers make it easy on them. Many ride on the same techniques that legitimate software like Macromedia Inc.'s Flash use to get onto machines.
"People are just so used to clicking OK, OK, OK," said David Purcell, owner of PCTechBytes in suburban Philadelphia.
Spyware is the first thing technicians look for when customers visit Purcell's shop. And in 20 percent of spyware cases, he said, the problem is so bad that it's easier, and cheaper, simply to reformat the computer's hard drive and start from scratch.
How can users avoid spyware?
For one, they should read licensing agreements that come with free software. Many will name programs that tag along. For more details on what such programs do, try typing their names into a search engine or a spyware database like SpywareGuide.com's.
"If they would read the end-user license agreement, they would prevent 80 percent of the spyware," said Andrew Newman, co-founder of Giant Company Software Inc.
Also, keep Internet Explorer security settings at medium or higher so prompts will warn you of so-called drive-by downloads. Read those prompts carefully. Alternative browsers like Opera or Firefox or even alternative platforms like Mac computers can reduce risks greatly.
Some spyware bypasses such prompts entirely by taking advantage of known flaws with Internet Explorer or the Windows operating system. Get the latest security updates from Microsoft Corp. Installing the Service Pack 2 update for Windows XP (news - web sites) computers should give users more warnings.
Users should also scan their systems regularly using one of a number of spyware scanners and removal tools, many of which are available for free. Be sure to obtain the latest definitions before running a scan, and try more than one because the tools vary in what they catch.
Dell Inc. and the nonprofit Internet Education Foundation recently launched a spyware education campaign. Video tutorials and other tips are available at getnetwise.org.
Teaching users safe practices won't be easy, but it's not impossible, said Neel Mehta of Internet Security Systems Inc. Though it took years, he notes, users today are more cautious about e-mail attachments that contain viruses.
WebEyes® OFFERS A SPECIAL 20% DISCOUNT FOR ALL APCUG MEMBERS*
Are you tired of reading the tiny type on Web pages? Web Eyes is offering all APCUG members a 20% discount on a computer software product that makes reading on the Web much easier. This Internet Explorer toolbar software puts you in control of reading the web. Web Eyes allows you to easily adjust the text on any Web page to the size of your choice (up to 144 pt). You can even enlarge the type of your Web-based email (i.e. Hotmail, MSN, Yahoo and any other Web based email provider). In addition, Web Eyes eliminates scrolling text by converting it to a “book format” so you simply turn the pages of your book. Web Eyes radically reduces eyestrain, provides a natural reading experience and increases reading efficiency.
This simple, easy-to-use patented software can be purchased by APCUG members at a 20% discount:* To learn more about Web Eyes and to download a 15-day Free Trial version – try before you buy – visit www.webeyes.us. The special UG price is valid through 12/31/04 --- and they ship internationally.
$19.95 downloaded (you save $5.00)
$27.95 CD, plus s/h (you save $7.00)
* THE PROMOTION CODE FOR THIS SPECIAL OFFER IS: APCUG
Our company, BackRex Software, would like to announce the release of Office Backup 1.1 for Windows 95/98/ME/NT/2000/XP.
We'd like to offer your members and subscribers a $10 discount off the regular price.
Please find the press release of Office Backup 1.1 below for your information.
We will be very grateful if you spread the word about our software to your members through your web site and/or your newsletter.
The discount coupon code is 'PR-MAG-1910'.
BackRex Software has released Office Backup 1.1, a versatile settings backup and migration tool for MS Windows(TM) programs.
BackRex Office Backup 1.1 uses wizard interface to select Microsoft Office(TM) configurations to be restored at a later time or transferred to another computer. Office Backup has the capability of managing migration between computers running on different versions of the MS Windows(TM) operating system. New to Version 1.1 is a Scheduled Backup feature to enable automatic backup on a regular basis. Office Backup 1.1 joins Easy Backup, a lighter tool for single-type operating system users, and Expert Backup, for IT professionals operating multiple workstations.
Office Backup 1.1 features customizable backup/restore settings, generating extremely small back-up files by selecting only user settings and data for back-up, as the program executive files can be restored from their installation CD. With the ability to roll back restore operations, users can 'undo' restoration functions, returning systems to pre-restoration status if necessary. Since Office Backup can be launched from the command line window, it can be used remotely
through a network, via command line scripts (.CMD, .BAT, etc.).
The programs served by this tool include Internet Explorer, Outlook and Outlook Express, all MS Office components, ICQ Instant Messenger and MSN Messenger, saving proxy and connection settings, user customizations, custom dictionaries, documents, address books, mail, messages and histories. Setting up a new system with familiar user preferences or restoring a system from files from another computer is easily accomplished, and back-up files are regularly maintained with the use of the Scheduled Backup feature.
Office Backup 1.1 is available in a demo version, downloadable from www.backsettings.com. BackRex Software provides online support for all of its products.
BITS |
| BYTES |
|
Clicking on Dave will take you to the
"Bits & Bytes"
site where you can listen to the most recent broadcast
While Wandering The Web
The home of over 4600 PhotoShop Tutorials .....
This site is awesome .... One new PhotoShop tutorial is added every HOUR !!!!
Rename A Series of Files
|
Countdown to the next SPCUG General Meeting |
|
How Do Spammers Harvest Email Addresses ?
There are many ways in which spammers can get your email address. The ones I know of are :
From posts to UseNet with your email address.
Spammers regularly scan UseNet for email address, using ready made programs designed to do so. Some programs just look at articles headers which contain email address (From:, Reply-To:, etc), while other programs check the articles' bodies, starting with programs that look at signatures, through programs that take everything that contain a '@' character and attempt to demunge munged email addresses.
There have been reports of spammers demunging email addresses on occasions, ranging from demunging a single address for purposes of revenge spamming to automatic methods that try to unmunge email addresses that were munged in some common ways, e.g. remove such strings as 'nospam' from email addresses.
As people who where spammed frequently report that spam frequency to their mailbox dropped sharply after a period in which they did not post to UseNet, as well as evidence to spammers' chase after 'fresh' and 'live' addresses, this technique seems to be the primary source of email addresses for spammers.
From mailing lists.
Spammers regularly attempt to get the lists of subscribers to mailing lists [some mail servers will give those upon request], knowing that the email addresses are unmunged and that only a few of the addresses are invalid.
When mail servers are configured to refuse such requests, another trick might be used - spammers might send an email to the mailing list with the headers Return-Receipt-To: email address or X-Confirm-Reading-To: email address. Those headers would cause some mail transfer agents and reading programs to send email back to the email address saying that the email was delivered to / read at a given email address, divulging it to spammers.
A different technique used by spammers is to request a mailing lists server to give him the list of all mailing lists it carries (an option implemented by some mailing list servers for the convenience of legitimate users), and then send the spam to the mailing list's address, leaving the server to do the hard work of forwarding a copy to each subscribed email address.
From web pages.
Spammers have programs which spider through web pages, looking for email addresses, e.g. email addresses contained in mailto: HTML tags [those you can click on and get a mail window opened]
Some spammers even target their mail based on web pages.
A widely used technique to fight this technique is the 'poison' CGI script. The script creates a page with several bogus email addresses and a link to itself. Spammers' software visiting the page would harvest the bogus email addresses and follow up the link, entering an infinite loop polluting their lists with bogus email addresses.
For more information about the poision script, see http://www.monkeys.com/wpoison/
From various web and paper forms.
Some sites request various details via forms, e.g. guest books & registrations forms. Spammers can get email addresses from those either because the form becomes available on the world wide web, or because the site sells / gives the emails list to others.
Some companies would sell / give email lists filled in on paper forms, e.g. organizers of conventions would make a list of participants' email addresses, and sell it when it's no longer needed.
Some spammers would actually type E-mail addresses from printed material, e.g. professional directories & conference proceedings.
Domain name registration forms are a favorite as well - addresses are most usually correct and updated, and people read the emails sent to them expecting important messages.
Via an Ident daemon.
Many UNIX computers run a daemon (a program which runs in the background, initiated by the system administrator), intended to allow other computers to identify people who connect to them.
When a person surfs from such a computer connects to a web site or news server, the site or server can connect the person's computer back and ask that daemon's for the person's email address.
Some chat clients on PCs behave similarly, so using IRC can cause an email address to be given out to spammers.
From a web browser.
Some sites use various tricks to extract a surfer's email address from the web browser, sometimes without the surfer noticing it. Those techniques include :
Making the browser fetch one of the page's images through an anonymous FTP connection to the site.
Some browsers would give the email address the user has configured into the browser as the password for the anonymous FTP account. A surfer not aware of this technique will not notice that the email address has leaked.
Using JavaScript to make the browser send an email to a chosen email address with the email address configured into the browser.
Some browsers would allow email to be sent when the mouse passes over some part of a page. Unless the browser is properly configured, no warning will be issued.
Using the HTTP_FROM header that browsers send to the server.
Some browsers pass a header with your email address to every web server you visit. To check if your browser simply gives your email address to everybody this way, visit http://www.privacy.net/analyze/
It's worth noting here that when one reads E-mail with a browser (or any mail reader that understands HTML), the reader should be aware of active content (Java applets, Javascript, VB, etc) as well as web bugs.
An E-mail containing HTML may contain a script that upon being read (or even the subject being highlighted) automatically sends E-mail to any E-mail addresses. A good example of this case is the Melissa virus. Such a script could send the spammer not only the reader's E-mail address but all the addresses on the reader's address book. http://www.cert.org/advisories/CA-99-04-Melissa-Macro-Virus.html
From IRC and chat rooms.
Some IRC clients will give a user's email address to anyone who cares to ask it. Many spammers harvest email addresses from IRC, knowing that those are 'live' addresses and send spam to those email addresses.
This method is used beside the annoying IRCbots that send messages interactively to IRC and chat rooms without attempting to recognize who is participating in the first place.
This is another major source of email addresses for spammers, especially as this is one of the first public activities newbies join, making it easy for spammers to harvest 'fresh' addresses of people who might have very little experience dealing with spam.
AOL chat rooms are the most popular of those - according to reports there's a utility that can get the screen names of participants in AOL chat rooms. The utility is reported to be specialized for AOL due to two main reasons - AOL makes the list of the actively participating users' screen names available and AOL users are considered prime targets by spammers due to the reputation of AOL as being the ISP of choice by newbies.
From finger daemons.
Some finger daemons are set to be very friendly - a finger query asking for john@host will produce list info including login names for all people named John on that host. A query for @host will produce a list of all currently logged-on users.
Spammers use this information to get extensive users list from hosts, and of active accounts - ones which are 'live' and will read their mail soon enough to be really attractive spam targets.
AOL profiles.
Spammers harvest AOL names from user profiles lists, as it allows them to 'target' their mailing lists. Also, AOL has a name being the choice ISP of newbies, who might not know how to recognize scams or know how to handle spam.
From domain contact points.
Every domain has one to three contact points - administration, technical, and billing. The contact point includes the email address of the contact person.
As the contact points are freely available, e.g. using the 'whois' command, spammers harvest the email addresses from the contact points for lists of domains (the list of domain is usually made available to the public by the domain registries). This is a tempting methods for spammers, as those email addresses are most usually valid and mail sent to it is being read regularly.
By guessing & cleaning.
Some spammers guess email addresses, send a test message (or a real spam) to a list which includes the guessed addresses. Then they wait for either an error message to return by email, indicating that the email address is correct, or for a confirmation. A confirmation could be solicited by inserting non-standard but commonly used mail headers requesting that the delivery system and/or mail client send a confirmation of delivery or reading. No news are, of course, good news for the spammer.
Specifically, the headers are - Return-Receipt-To: email-address which causes a delivery confirmation to be sent, and X-Confirm-Reading-To: email-address which causes a reading confirmation to be sent.
Another method of confirming valid email addresses is sending HTML in the email's body (that is sending a web page as the email's content), and embedding in the HTML an image. Mail clients that decode HTML, e.g. as Outlook and Eudora do in the preview pane, will attempt fetching the image - and some spammers put the recipient's email address in the image's URL, and check the web server's log for the email addresses of recipients who viewed the spam.
So it's good advice to set the mail client to *not* preview rich media emails, which would protect the recipient from both accidentally confirming their email addresses to spammers and viruses.
Guessing could be done based on the fact that email addresses are based on people's names, usually in commonly used ways (first.last@domain or an initial of one name followed / preceded by the other @domain)
Also, some email addresses are standard - postmaster is mandated by the RFCs for internet mail. Other common email addresses are postmaster, hostmaster, root [for unix hosts], etc.
From white & yellow pages.
There are various sites that serve as white pages, sometimes named people finders web sites. Yellow pages now have an email directory on the web.
Those white/yellow pages contain addresses from various sources, e.g. from UseNet, but sometimes your E-mail address will be registered for you. Example - HotMail will add E-mail addresses to BigFoot by default, making new addresses available to the public.
Spammers go through those directories in order to get email addresses. Most directories prohibit email address harvesting by spammers, but as those databases have a large databases of email addresses + names, it's a tempting target for spammers.
By having access to the same computer.
If a spammer has an access to a computer, he can usually get a list of valid usernames (and therefore email addresses) on that computer.
On unix computers the users file (/etc/passwd) is commonly world readable, and the list of currently logged-in users is listed via the 'who' command.
From a previous owner of the email address.
An email address might have been owned by someone else, who disposed of it. This might happen with dialup usernames at ISPs - somebody signs up for an ISP, has his/her email address harvested by spammers, and cancel the account. When somebody else signs up with the same ISP with the same username, spammers already know of it.
Similar things can happen with AOL screen names - somebody uses a screen name, gets tired of it, releases it. Later on somebody else might take the same screen name.
Using social engineering.
This method means the spammer uses a hoax to convince people into giving him valid E-mail addresses.
A good example is Richard Douche's "Free CD's" chain letter. The letter promises a free CD for every person to whom the letter is forwarded to as long as it is CC'ed to Richard.
Richard claimed to be associated with Amazon and Music blvd, among other companies, who authorized him to make this offer. Yet he supplied no references to web pages and used a free E-mail address.
All Richard wanted was to get people to send him valid E-mail addresses in order to build a list of addresses to spam and/or sell.
Buying lists from others.
This one covers two types of trades. The first type consists of buying a list of email addresses (often on CD) that were harvested via other methods, e.g. someone harvesting email addresses from UseNet and sells the list either to a company that wishes to advertise via email (sometimes passing off the list as that of people who opted-in for emailed advertisements) or to others who resell the list.
The second type consists of a company who got the email addresses legitimately (e.g. a magazine that asks subscribers for their email in order to keep in touch over the Internet) and sells the list for the extra income. This extends to selling of email addresses a company got via other means, e.g. people who just emailed the company with inquiries in any context.
The third type consist of technical staff selling the email address for money to spammers. There was a news story about an AOL employee who sold AOL email addresses to a spammer.
By hacking into sites.
I've heard rumors that sites that supply free email addresses were hacked in order to get the list of email addresses, somewhat like e-commerce sites being hacked to get a list of credit cards.
If your address was harvested and you get spammed, the following pages could assist you in tracking the spammer down :
MindSpring's page explaining how to get an email's headers http://help.mindspring.com/features/emailheaders/extended.htm
The spam FAQ, maintained by Ken Hollis. http://digital.net/~gandalf/spamfaq.html http://www.cs.ruu.nl/wais/html/na-dir/net-abuse-faq/spam-faq.html
The Reporting Spam page, an excellent resource. http://www.ao.net/waytosuccess/
Reading Mail headers. http://www.stopspam.org/email/headers/headers.html
Julian Haight's Spam Cop page. http://spamcop.net/
Chris Hibbert's Junk Mail FAQ. http://www.fortnet.org/WidowNet/faqs/junkmail.htm
UXN Spam Combat page. http://www.ultradesign.com/engineering/uxn/
Sam Spade, Spam hunter. http://samspade.org/t/
Penn's Page of Spam. http://home.att.net/~penn/spam.htm
WD Baseley's Address Munging FAQ http://members.aol.com/emailfaq/mungfaq.html
Fight Spam on the Internet site http://spam.abuse.net/
The Spam Recycling Center http://www.spamrecycle.com/
The Junk Busters Site http://www.junkbusters.com/
The Junk Email site http://www.junkemail.org/
The "Bytes" Beg, Bargain & Barter Basement
 |
Ken Spence (941) 922-4123
|
Got something "computer related" to sell? Looking for that rare peripheral? If it's computer related you can submit a short classified ad for exposure in Dave "Bytes". Be sure to include your name and e-mail address in the ad. You can also include a picture of the item. Now some would suggest that there be a charge for this feature but alas, since my bookkeeping skills leave much to be desired I've determined that this will be a free service to all SPCUG members in good standing. "Bytes" is currently sent to almost 1500 homes in the area. Ad requests will be included as soon as possible. I assume absolutely no responsibility as to the accuracy or completeness of supplied info. All transactions are between consulting adults which leaves me entirely off the hook. Please let me know by clicking HERE when your merchandise is sold so that I can remove it from the listing. I will try to run each ad for a month.
Click Here To Submit Your Ad
From "Smart Computing" Magazine
Optical vs. digital zoom
Digital cameras have two types of zoom: optical and digital. Optical zoom works the same way as the zoom lens on a film camera. As you zoom in, the lens actually gets closer to the subject and the subject fills more of the resulting photo. There will be no decline in photo quality when you use optical zoom. When you use digital zoom, however, you will lose some image quality. This is because when you apply digital zoom, the lens doesn’t move. Instead, the camera captures the same image data as it would without the zoom applied. The camera’s internal software then crops the image and enlarges it to fill the same space as the original image. The result is a loss of image quality. When you buy a digital camera, look for a camera with high optical zoom and disregard the digital or combined zoom.
Why not give the gift that keeps on giving all year round? I'm referring to a subscription to either Smart Computing, PC Today, CE Tips or CPU Magazines. If you are a current subscriber and order a gift subscription, the folks at Smart Computing will add 2 additional issues to your current subscription at no charge. And remember that even gift subscriptions will be credited to the SPCUG account so that we can accumulate free subscriptions to give away to our membership. If you aren't a subscriber you should be. These publications are geared towards the very same thing that caused you to join a PC User Group which is easy to read and understand computer information for folks at any level. If you already subscribe, be sure to use the appropriate SPCUG code when you renew !!!
To order call 1-800-733-3809 and be sure to give the following Code Numbers so that SPCUG gets proper credit. Please Sign The Dave "Bytes" Guestbook Click Image to Sign While Wandering The Web Pt. 2 If reading the manual gives you a headache, or you’re new to Paint Shop Pro and need a kickstart to get you going, then this is the right place. This site has tutorials on how to use the program, rather than instructions on how to make a copy of someone elses image. Click the logo to visit Here's The Latest Virus Information From Trend Micro & Symantec
Web-Based Tool Helps Voters Find Polls Pause For Thought And Now Here's Dave's Cool Download
Smart Computing (11607) CPU Magazine (272) PC Today (146) CE Tips (219)
If you are looking for a step by step tutorial for making cuddly furry animals or snowglobes, this is the wrong site. (I hate snowglobes !!) The idea of this site is to help you learn the program, then you can use the skills to make and edit your own images.
This site includes information for Versions 7 8 and 9, but not the new ‘PSP Studio' version. The information in the tutorials for Versions 7 and 8 is not obsolete for Version 9 users, in fact its still the same basic program and new users to any version will benefit from the majority of information found in the pages of this site.
With most states reporting massive new voter registrations and many political observers worrying about potential voter confusion and allegations of fraud on Nov. 2, one organization has created a Web-based tool to answer questions and provide information.
The site, www.mypollingplace.com, is sponsored by the People for the American Way Foundation, a group that has dedicated significant resources toward voter access projects since the contested election in Florida in 2000.
By typing in their home address and zip code into the searchable data base, voters are given the location of their polling place, a map to reach it, and information on the type of voting equipment used at the polling place and how to operate it. 
The project is the brainchild of Andrew and Deborah Rappaport, Silicon Valley venture capitalists and major Democratic Party donors who have also been active in boosting voter turnout among young people. Using research, they found that many young people simply didn't know where to vote or were worried about making errors when they voted.
"We were thinking that it couldn't be that hard to put together a tool young people could use to figure out how and where to vote," Andrew Rappaport said. "Then it dawned on us that it's useful for all voters. We think it's an integral part of voter protection."
The Rappaports assembled a team of technicians to build the site, gathering data from all 50 states and trying to make it all compatible. About 90 percent of American homes in the country are now covered in the site, a figure that could reach 95 percent by Nov. 2.
Ralph Neas, president of People for the American Way, said he hoped the tool would be particularly useful in offsetting problems with provisional ballots, which are intended to be backups for eligible voters whose names do not appear on the rolls. Courts in several battleground states, including Ohio, Florida and Michigan, have ruled that a provisional ballot must be cast in the voter's correct precinct in order to be counted.
Despite the Rappaports' and PFAW's Democratic political leanings, Neas insisted the site is completely nonpartisan. It is specifically operated by PFAW's foundation, which as a tax-exempt nonprofit organization is barred from partisan political activity.
"The goal of this is to have everyone enfranchised," he said. "It's national and can be accessed by every American. The only thing this is supposed to do is help voters."
On the Net:
www.mypollingplace.com 
| MyAlbum (with thanks to Herb Goldstein) |
2.2mb
Click here for the Dave "Bytes" Archives
P.S. Don't forget to say "Hi" at the meeting!!
Sarasota Personal Computer User Group, Inc
Phone: 877-SPCUG-HI
|
To Send A Message To Dave Click Below
Sign the "Bytes" Book
 |  |  |
Mentioned In The LangaList Newsletter | As Seen In |
Website: http://www.spcug.org
© 2004. All Rights Reserved
Last Updated
04/13/2007 06:53 AM
SPCUG Home Page | Officers | Newsletter | SIGs | Regular Meetings | Sarasota | Join NOW! |
| Coming Attractions | Favorite Links | Calendar | Search | Site Map | Dave "Bytes"
When you download photos from your digital camera, they often have unrecognizable names. You can rename several similar files at once with the following procedure. This also works for renaming other types of files.
A free picture cataloger for building easily digital photo albums.