C C C C N E W S L E T T E R
CENTRAL COAST COMPUTER CLUB
Santa Maria, California
VOLUME XXI: NUMBER 5 MAY, 2006
Meetings are held on the third Tuesday of every month at the Knollwood
Village Clubhouse 4012 S. Bradley Dr., Santa Maria.
General meeting at 7:00 PM. System Special Interest Group session is at
5:45pm. Guests are welcome.
Check out our web site: http//member.apcug.org/fourseas for the latest
program schedule information.
Membership is $15 for twelve months for individuals, $20 for families.
For this you receive: Monthly newsletters, EXTRA4C E-mail Messages,
Help-line support, Monthly presentations, Valuable door prizes, Question
and answer sessions.
NEXT MEETING: May 16, 2006 KNOLLWOOD VILLAGE 4012 S. BRADLEY
PRESENTATION: The May meeting presentation will be Sharon Allen on Microsoft
Publisher.
**********************************************************
******** MAY COOKIE PROVIDER IS SHARON ALLEN *********
**********************************************************
-----------------------------------
| |
| CONTENTS |
| |
-----------------------------------
(1) OFFICERS, HELPLINES, S.I.G.S
(2) PRESIDENT'S CORNER Ray Isenson
(3) EDITOR'S COMMENTS Dick Trissel
(4) WEB WANDERINGS
(5) SYSTEMS S.I.G. Dick Trissel
(6) WINDOWS TROUBLESHOOTING TOOLS SmartComputing
(7) THE SECRET OF PHISHERS' SUCCESS Martyn Williams
(8) EXAMINE E-MAIL REAL ORIGINS Jonathan Yarden
------------------------------------------------------------------------
OFFICERS HELPLINES
President Juno
Ray Isenson 937-6938 Dick Trissel 937-7572
risenson@juno.com rtrissel@juno.com
Vice President Windows 95/98/ME/XP & VoiceControl
Spence Stimler 938-0217 Amy Malicki 925-5780
SPENCE923@msn.com savvyforseniors@juno.com
Secretary Hardware and Windows XP
Barbara Godwin 934-9885 Ray Isenson 937-6938
yung.bag@verizon.net risenson@juno.com
Treasurer AOL
Gerry Miller 934-1396 Frank Maciel 922-2318
2741 Banyan Way frm8198@aol.com
Santa Maria CA 93455
gandamiller@verizon.net
Publicity Visual Basic and Genealogy
Bill Corning 934-0775 Gerald Miller 934-1396
foster95@juno.com gandamiller@verizon.net
Newsletter Editor Help With Any Problem
Dick Trissel 937-7572 Ray Isenson 937-6938
rtrissel@juno.com risenson@juno.com
SPECIAL INTEREST GROUP (S.I.G.)
Systems (5:45pm)
Dick Trissel
rtrissel@juno.com
-----------------------------------------------------------------------
CCCC Page 2 May 2006
PRESIDENT'S CORNER by Ray Isenson
A few months ago I spoke of the role played by the early PC user groups.
Specifically, since in those days many of us wrote some or all of our own
software, note was made of the practice of sharing with other members newly
written software or "discovered" freeware or shareware. That function, to
me, was one of the most valuable aspects of the user group movement. You
may recall that I suggested a desire to recoup that group function.
It was with that in mind that I asked Dick Trissel to introduce the text
editing program, Jarte, and the dictionary, WordWeb, at the April meeting.
Like many good programs, Jarte requires a bit of learning before it becomes
fully useful. In my opinion, however, once in hand it is a powerful tool.
WordWeb, from the time it's installed, is a wonderful tool. For anyone who
writes, the immediate availability of a dictionary and thesaurus, and free
ones at that, is immeasurably valuable. I do hope that the members agree
with me that we should continue with presentations of the type and nature
that Dick gave. I promise that there will be more forthcoming in the months
ahead.
The guest speaker at the May meeting will be our own Sharon Allen. Her
topic will be Microsoft Publisher. Microsoft used the word publisher in its
broadest context in naming this program. It is for anyone who publishes a
letter a folder, a newspaper or a book. I'll guarantee that you'll leave
the meeting with a fuller appreciation of what Publisher can do for you.
Don't miss it.
At least four of the members present at the April meeting neglected to get
their tickets for the Christmas Computer drawing. The only cost of the
ticket is your presence at the meeting. Those who didn't get a ticket are
loosing out on a great opportunity.
-----------------------------------------------------------------------
CCCC Page 3 May 2006
EDITOR'S COMMENTS by Dick Trissel
As most of you know, the April presentation included a program named JARTE,
a rather strange name for a text editor. Ray suggested it stood for "Just
Another Regular Text Editor". Actually, an extensive Google search turned
up references to areas in Sweden, Finland, Ethiopia, and a 1514 Jarte war.
If anyone knows the true meaning of the name JARTE, please let me know.
I know, I said I wouldn't use anymore Komando articles because most of you
already subscribe to her e-mail newsletters. But, I am occasionally using a
few articles in the CCCC newsletter and the EXTRA4C bulletins because I feel
they are worth repeating.
You may have noticed the few EXTRA4C bulletins during the month of April.
That's because I've been very busy fixing old computers (some I've acquired
recently, and some member's computers). In the process I've gained a
healthy respect for brand name computers, even though some are proprietary
in their hardware. At least it all works together.
The custom built computers (either by individuals or computer shops) are
usually a "kludge" of strange hardware with a scarcity of drivers. And not
all of the equipment is of high quality. The Dell, Gateway, E-machine and
even the Compaq systems seem to be worth just what you pay for them.
However, one thing that is lacking in most computer purchases these days is
the operating system CD. So, this makes system backups very important (more
about this at the Systems S.I.G.
-----------------------------------------------------------------------
CCCC Page 4 May 2006
WEB WANDERINGS
AN EYE IN SPACE
When work takes its toll, go enjoy a short space trip, especially the Hubble
Site, which is dedicated to the Hubble Telescope.
This site is a one-stop source for all things Hubble. It is hard to know
where to start. You’ll find photos, news, games, information and more.
You will find instructions on making a handheld Hubble. With a printer and
craft supplies, you can make a realistic model.
The only danger you will encounter is spending too much time on this site.
It's hard to break away from the videos.
Before you return to earth, take a souvenir. A new wallpaper image is
available to download every week. Each image features a detailed photo taken
from the Hubble Telescope.
hubblesite.org
THE SCIENCE BEHIND THE NEWS
The advances we've made in science are nothing short of amazing. You will be
stunned by what you read in the latest science news.
Want to learn more about what's covered in the news? Head over to
LiveScience. It provides good coverage on recent headlines. You're bound to
find what you want. It's fun to browse this site, particularly if you have
children.
LiveScience's home page can get a little cluttered. The Latest Stories
section in particular gets a little difficult to read. But that is to be
expected when there's so much great information!
www.livescience.com
HISTORY OF FORENSICS
These days, public interest in forensics is running high. A number of
popular TV shows follow forensics experts as they solve crimes. It is simply
amazing that we can use technology and scientific advances to sift through
evidence in criminal cases. Unfortunately, some of what you'll see on
television isn't entirely accurate. So take it with a grain of salt.
But you can learn more about true forensics at the National Library of
Medicine's Visible Proofs site. It will take you through the history of
forensics and show you what is possible today. You can even learn about the
role science played in specific crimes. One caution, though: Some of the
material may disturb children.
www.nlm.nih.gov/visibleproofsl
IS YOUR MEMORY FAILING?
As you probably know, there are many things that can go wrong with your
computer. The toughest part of solving a computer problem is identifying its
cause.
When Windows starts misbehaving it may be a problem with memory. You could
swap out the RAM easily. But instead, run a memory test first. Microsoft
offers a handy one called Windows Memory Diagnostic. The test is accurate,
and it's easy to use – provided you read the instructions first.
Download this program. It could save you a lot of trouble next time computer
problems come knocking.
oca.microsoft.com/en/windiag.asp
OPEN DICTIONARY
It's fun learning new words. It is so much fun finding a new way to express
a thought. A good source is the Merriam-Webster's Open Dictionary. It truly
is an extounding site! If you know a word that isn't in the dictionary, you
can add it to this one.
You can go to the site to browse the definitions. Some are fun, and others
are enlightening. And there are entries that are implausible. But it casts
light on the way people invent new words in the course of conversation.
Be forewarned: You may find some of these words creeping into your
vocabulary. So be prepared to explain them. For example, look up the word
"extounding" in Open Dictionary.
www3.merriam-webster.com/opendictionary
-----------------------------------------------------------------------
CCCC Page 5 May 2006
SYSTEMS S.I.G. by Dick Trissel
At the April Systems S.I.G. I made a warning about using the ToniArts
EasyClean Registry cleaner on an XP system. I said to be sure to put the
word help in the skip window, otherwise you will lose the Help and Support
capability of XP. A member stated he didn't put in the help word and had no
problem. The difference is the version of EasyClean you are using. If you
are using EasyClean version 1.x you must put in the help word--this early
version was developed before XP. If you are using version 2.x it is not
necessary because it was developed with XP in mind.
I had earlier reported the free EasyClean was no available. A few members
said the got the free version a few weeks ago. Yep, it is at:
http://personal.inet.fi/business/toniarts/ecleane.htm
At the business meeting I demonstrated the program SIW. I mentioned there
was the capability to "dump" the BIOS. That option is at Tools / Test /
Dump BIOS. However, as near as I can tell, it does not dump the CMOS
settings. This may have some value for someone, but I don't know what. If
anyone finds a use for it, let me know.
It is important to have the BIOS/CMOS settings recorded for future
reference. The older computers would let you use PrintScreen to print the
displays after going into the BIOS setup at bootup. For the newer
computers, instead of recording the settings by hand, use a digital camera
to shoot each screen display. These graphics can then be printed.
-----------------------------------------------------------------------
CCCC Page 6 May 2006
WINDOWS TROUBLESHOOTING TOOLS
from SmartComputing Magazine
TOOL
FUNCTION
OPERATING SYSTEM
RUN COMMAND
MENU ACCESS
Backup
Protects against failure by backing up applications and data to tape,
disk, or network.
Win95/98/ME
Msbackup.exe (backup,exe in /win95)
Start, Programs, Accessories, System tools, Backup.
Win2000/XP
Ntbackup.exe
Start, Programs, Accessories, System tools, Backup.
Disk Cleanup
Frees hard drive space by eliminating unnecessary files.
Win98/ME/2000/XP
Cleanmgr.exe
Start, Programs, Accessories, System Tools, Disk Cleanup.
Disk Defragmenter
Organizes hard drive files for improved performance.
Win 95/98/ME
Defrag.exe
Start, Programs, Accessories, System Tools, Disk Defragmenter.
Win2000/XP
Dfrg.msc
Open My Computer, right-click a disk icon, select Properties, click
Tools tab, click Defragment Now... button.
Network Diagnostics
Scans system for network hardware and software configuration information.
WinXP
N/A
Start, Programs, Accessories, System Tools, System Information,
Tools, click Net Diagnostics.
Registry Checker
Provides direct access to the Windows Registry to add, remove, or edit
configuration settings.
Win95/98/ME/2000/XP
Regedit.exe (or Regedit32.exe Win2000/XP).
N/A
Safe Mode
Loads a simplified configuration so you can circumvent serious system
problems and get to your data.
Win95/98/ME/2000/XP
N/A
Press F8 during initial system boot (F5 in Win95).
ScanDisk
Checks for and repairs problems with hard drive files.
Win95/98/ME
Scandskw.exe
Start, Programs, Accessories, System Tools, ScanDisk.
Win2000/XP
N/A
Open My Computer, right-click a disk icon, select Properties, click
the Toolstab, click Check Now... button.
System Configuration Utility
Lets you view and edit startup files and selectively disable settings and
applications to aid in system troubleshooting.
Win98/ME/XP
Msconfig.exe
N/A
System File Checker
Checks for damaged or missing system files and lets you replace any
changed files with the original versions.
Win98/ME
N/A
Start, Programs, Accessories, System Tools, System Information,
Tools, System File Checker.
Win2000/XP
Sfc.exe /scannow
N/A
System Information
Provides detailed information on system hardware, software and settings.
Serves as launching point for various system utilities.
Win98/ME/2000/XP
Msinfo32.exe
Start, Programs, Accessories, System Tools, System Information.
System Restore
Lets you undo changes by restoring system settings to a previous state.
WinME/XP
(WinXP only %systemroot%\system32\restore\
rstrui.exe)
Start, Programs, Accessories, System Tools, System Restore.
-----------------------------------------------------------------------
CCCC Page 7 May 2006
THE SECRET OF PHISHERS' SUCCESS
By Will Sturgeon
Three U.S. academics have published research into why phishing scams are
still finding success, years after widespread public warnings first
appeared.
Most people have received an e-mail purporting to be from a bank or other
online service that asks for personal and financial details. Occasionally,
it has been for a bank or service for which the recipient is a customer.
Even in that situation, many people still know to be wary.
For their paper, titled "Why Phishing Works," Rachna Dhamija of Harvard
University and Marti Hearst and J.D. Tygar of the University of California
at Berkeley, conducted tests on a small sample of users. They found that 90
percent of subjects were unable to pick out a highly effective phishing e-
mail when simply judging whether or not it was genuine.
Equally relevant, in terms of ensuring that e-commerce and online banking
can survive the damage to consumer confidence created by phishing, a large
number of subjects were unable to pick out genuine e-mails. This could lead
to wary consumers avoiding such online services altogether.
The researchers put together a carefully spoofed Bank Of the West e-mail
that directed recipients to the phishing Web site www.bankofthevvest.com
(with a double "v" instead of "w"), complete with a padlock in the content,
spoofed VeriSign logo and certificate validation seal, and a pop-up consumer
security alert. Presented with this, 91 percent of participants guessed it
was legitimate.
Presented with a genuine E*Trade e-mail that directed recipients to a
legitimate secure site with a simple, graphic-free design optimized for
mobile browsers, 77 percent of participants guessed it to be a fake.
One of the reasons consumers fall for phishing scams could be because too
many simply blunder into the trap. Nearly a quarter of participants in the
research study didn't look at the address bar, status bar or security
indicators on the phishing sites.
This makes them easy targets for those criminals exploiting tactics such as
URLs that differ from a legitimate one by just one character, replacing the
letter "l" with a number "1" or even an uppercase "I" in the e-mail message,
where the HTML in the URL can hide its true identity, for example.
Similarly, the paper adds, people don't understand the syntax of domain
names. "They may think www.ebay-members-security.com belongs to
www.ebay.com," it states.
Other visual items can be deceptive. Users may see a familiar padlock icon
in the HTML of the page and assume that is a guarantee of security. However,
such icons can easily be added to the page.
Speaking at the E-Crime Congress in London last week, Bernhard Otupal, a
crime intelligence officer for high-tech crime at Interpol, said consumers
are not only still falling for this kind of scam in large numbers, but
they're even making matters easier for the criminals with shocking levels of
ignorance.
"There needs to be some responsibility from users," Otupal said. "Recently a
number of users fell victim to phishing attacks from a group claiming to be
a well-known bank. People entered bank details who weren't even the bank's
customers."
-----------------------------------------------------------------------
CCCC Page 8 May 2006
EXAMINE E-MAIL REAL ORIGINS
Examine e-mail headers to determine their real origin
by Jonathan Yarden
E-mail forgeries are becoming more difficult to identify, but learning how
to examine e-mail headers can help you separate the good from the bad. In
this edition of Internet Security Focus, Jonathan Yarden tells you how.
In previous columns, I've mentioned that it's possible to identify forged e-
mail by reading the e-mail headers. This generated a lot of feedback, mostly
from readers wanting to know how to do it.
E-mail headers, as a topic for Internet security, aren't as exciting as an
exploit or the latest Internet worm. But learning how to quickly determine
the authenticity of e-mail is important—especially if someone is abusing an
open SMTP relay on your network.
I remember when forging e-mail was unthinkable. Now, I get so many forged e-
mails that I hardly consider any subject to be valid unless I know the
sender personally—with the exception of forged e-mails that claim to have
come from my own e-mail account. There's nothing that can stop people from
manipulating e-mail headers, and they're generally not verifiable unless you
understand how to read them.
When you receive a letter via postal mail, it has a postmark. If e-mail
followed the same logic, you'd be able to see where the message originated
before you opened it. Encrypted e-mails are the exception to this rule, but
the vast majority of e-mail travels as clear text.
While e-mail headers show the path the message took in reverse order, this
doesn't conclusively identify the e-mail as genuine and sourced from the
specified sender. It's no surprise that thousands of e-mail plagues continue
to eat bandwidth and infest the Internet.
Every e-mail program that I've seen can display message headers. How you
view the headers depends on the program that you use.
You can toggle some programs, such as Mutt (the UNIX console e-mail
program), to always show e-mail headers. In Mutt, simply press the [H] key
to toggle the display of message headers.
To display e-mail headers in Microsoft Outlook, right-click a message,
choose Options, and scroll through the Internet Headers section that's
located at the bottom of the Options dialog box. For Outlook Express, right-
click the e-mail, select Properties, and choose the Details tab. If you use
a different e-mail program, the Help file should provide adequate
instructions.
Here are the actual headers from a forged unsolicited commercial e-mail
(UCE) that I received in one of my e-mail accounts. The only thing I've
altered is my actual e-mail account to somebody@someplace.com:
From collegebabe@aol.com Mon Mar 27 16:54:12 2006
Return-Path: collegebabe@aol.com
Received: from trademeca.co.kr (unknown [211.219.20.86])
by mail.someplace.com (Postfix) with SMTP id 2304964253A
for ; Mon, 27 Mar 2006 16:54:10 -0500 (EST)
Received: from smtp0422.mail.yahoo.com (80.237.200.67)
by trademeca.co.kr (211.219.20.86) with [Nmail V3.1 20010905(S)]
for from ;
Thu, 23 Mar 2006 15:55:00 +0900
Date: Thu, 23 Mar 2006 11:34:52 GMT
From: "Prendawen" collegebabe@aol.com
Subject: Hey buddie! What's going on?
The Received: headers tell the real story of this poor forgery, but you have
to examine several of these to truly understand the details. This particular
e-mail is identifiable because it doesn't make any sense for a person with
an AOL account to use one of Yahoo's e-mail servers to relay e-mail through
a server in the .kr top-level domain, which is Korea.
Furthermore, a DNS lookup failed to find smtp0422.mail.yahoo.com, so this IP
address doesn't exist. Even if it did, the IP address 80.237.200.67 belongs
to a network in Germany, which I discovered by checking the online American
Registry for Internet Numbers (ARIN) database. So don't waste your time
sending a nasty reply, because chances are that collegebabe@aol.com didn't
have anything to do with it.
If it's so important to view e-mail headers, why don't all commercial e-mail
programs display them by default? That's a good question, but I don't have
the answer. In today's UCE-infested inboxes, companies should automatically
display e-mail headers with the message. Despite the numerous e-mail
filtering tools that are available, it's impossible to filter e-mail
perfectly—unless you have the in-depth header information.
Since forgeries are becoming more difficult to identify, gain experience
examining e-mail headers so you can differentiate the good from the bad.
This knowledge will help you report junk e-mails to ISPs or reporting
agencies that track junk e-mailers.
For example, Julian Haight's SpamCop service (www.spamcop.net) scans e-mail
headers and identifies forged e-mail, plus it tells the ISP where the
message originated. SpamCop's output will, at the very least, give you a
better understanding of how to read e-mail headers.
-----------------------------------------------------------------------