Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Saturday, March 31, 2007

March 2007 Top Ten Blogs

I noticed that many times when searching for topics I’ve posted folks are frequently directed towards the monthly archive post created by Blogger.  That means, people searching will see the final post of the month and if they care enough, they have to scroll down to find the original post they’re searching for.

I thought it might be a good idea to list the more popular entries as my final post of the month.  Hopefully, this will make it easier on anyone searching a particular topic.

So, here’s the top ten for March in no particular order…

  1. HijackThis Will Remain Free
  2. Congress Tries Again to Define Spyware
  3. Stalker Records Ex-Wifes WiFi Conversation
  4. Are Bloggers Protected as Journalist?
  5. Please Don’t Upgrade to Vista
  6. Remove AOL Free Email Advertising
  7. Vista Accessibility Vulnerability, Not So Much
  8. Great New Dell Vista Laptop but No Internet
  9. Download the Old Version of your Favorite Program
  10. Think Before You Post

Share on Facebook

Friday, March 30, 2007

Animated Cursors, Yet Another Zero-Day Vulnerability

It wasn’t too long ago most security experts told folks that just viewing photos online wouldn’t be dangerous. The warning was never to download an “executable” file but images were just data so, no problem.  Or so it should have been.

Then came news of flaws in the Windows GDI+ module which allowed JPG buffer overflows, and the infamous “Zero-Day WMF Exploit”.   Just by viewing a web site hosting an specially crafted image made you vulnerable.  Since that time a number of Web site analysis programs have been developed like Site Advisor, LinkScanner Monitor and Trend Micro’s new Web Reputation technology.

Microsoft Security Response Center is now investigating a new threat in how Windows handles animated cursor or .ANI files. According to Adrian Stone who writes for the Response Center’s Blog,“Regardless of if you are reading your mail in plain text on Outlook Express you are not protected.”
Microsoft Security Advisory(935423)

Brian Krebs who writes Security Fix for the Washington Post has followed too many zero-day vulnerabilities in Windows and sounded like he’s had enough in his column yesterday.

Microsoft's advice about visiting "untrusted Web sites" is not entirely helpful or complete. We've seen plenty of these attacks executed through legitimate Web sites that attackers have seeded with malicious software. It may be best to choose another browser, such as Mozilla's Firefox or Opera Software's Opera. This is an excellent example of how running Windows under a limited user account can save you from worrying about these kinds of threats.

Update: We have had two confirmed reports of detections of this threat in the form of WINCF.EXE. WinPatrol was able to chew it up and spit it out so, as always I recommend keeping Scotty on patrol along with any other favorite protection programs.

Share on Facebook

Thursday, March 29, 2007

War on Terror may include Targeted Worms

The TrendLabs Malware Blog reported today on a new internet worm called WORM_WALLA.B  The interesting thing about this new threat is that it specially targets Arabic/Persian speaking users. One of its first actions is to check users keyboard layout settings. If it’s not Arabic or Persian the programs exits.

“Detected as WORM_WALLA.B, this worm spreads copies of itself as an attachment to email messages with subject lines and message bodies mostly relating to current events from the said regions (About Iran, Pictures from Gazza, About the Israeli Intelligence, and All the Truth about the American intelligence among others), conforming to the sensational social engineering scheme that has recently become prevalent.”

I don’t think I’m the only one speculating on the source  of
this Trojan but I mention it because it indicates a possible new trend.

Just like we see targeted advertising, I suspect we’ll be seeing an increase in worms and trojans targeting a particular segment of the population.  Perhaps we’ll see something aimed directly at Hillary supporters or the kids who keep voting for Sanjaya.

Share on Facebook

Wednesday, March 28, 2007

WinPatrol 2007 v 11.2

WinPatrol 2007Just a quick note of thanks to all our supporters who make it possible to continue developing new versions of WinPatrol.  If you weren’t telling your friends and readers about WinPatrol I’d be wasting all my time playing with my Wii, instead of improving my best friend Scotty.  Smile and the whole world smiles with you.

The newest build of WinPatrol 2007 is now online.

  • Major performance improvement reading the Windows registry when duplicate reading is being done by other security programs.
  • Right-click access to a programs Folder and Properties including Vista Security settings, Digital Signatures and Shadow copies
  • Fixed a bug moving some Startup Folder items back from Delayed Startup to normal startup folder.
  • Added backup method to launch programs that failed to start at the appropriate time.
  • As always, just go to
    PLUS members, just download the newest free version and Scotty should automatically activate your PLUS features.  Everyone else, just overwrite your old WinPatrol with the newest free build.

    Share on Facebook

    Tuesday, March 27, 2007

    Think Before You Post

    What might seem clear to most isn’t always obvious to the causal observer. If you post information about yourself, it’s public and will remain so forever. It’s a concept kids don’t understand, nor do they get how non-friends can use the information to make their lives miserable.

    There’s a new program hoping to spread the word called “Think Before You Post”. The collaboration between the National Center for Missing & Exploited Children and the Ad Council was announced last week.


    The new PSA Campaign is geared towards teenage girls who frequent popular website like MySpace, Facebook and Sconex. Sixty-one percent of 13-17 year olds have a personal profile on a social networking site and half have also posted pictures of themselves.” 

    “The popularity, easy accessibility and social acceptance of the Internet, particularly social networking sites, among teenagers can put them in a dangerous situation,” said Peggy Conlon, President and CEO of the Ad Council. “It’s our hope that this campaign will educate teenage girls and their parents about the potential dangers of offering personal information on the Internet.”.

    I have viewed all the ads which are available at  My favorite for parents is called “Places” but it still doesn’t have the impact as the ones for the kids like “Everyone” or “Bulletin Board”.  If you have teenagers, watch these videos together and ask them what they think.

    Share on Facebook

    Monday, March 26, 2007

    WinPatrol 2007 Build 2 Pre-Release

    There’s a new version of WinPatrol 2007 which I expect to release later this week. I decided it wouldn’t hurt to open it up to some of Scotty’s best friends.  If you’re a new or casual WinPatrol user please wait for our official release but if you want to help verify our new version, I appreciate the help.

    We’ve added a few new things which you requested and picked off a couple fleas we found. One occurred when moving some Startup Folder items from Delayed Startup back to normal startup. 

    There is also a huge performance improvement which some users will notice.  WinPatrol does a lot of reading of the Windows registry and I’ve developed a way to do so without any redundancy with other security programs.

    Visibly the only change will be when you right-click on a program title. You can now explore the programs folder or view the Properties as defined by Windows.  This is especially a handy feature for Vista users since Microsoft has expanded the Properties screen.  Properties now include Digital Signatures, Security settings and access to previous versions or Shadow copies.  Access will be easier than ever with WinPatrol.

    The Properties dialog in Windows Vista

    You can currently download WinPatrol 2007 build 2 beta at
    Report any new problems to support at  Thank you to everyone in the WinPatrol community who has supported us and provided all the excellent feedback.


    Share on Facebook

    Sunday, March 25, 2007

    Nintendo Wii Replaces PE

    I finally broke down this week and added a Nintendo Wii to the Pytlovany compound family playroom. We already had a GameCube and PlayStation 2, but  after memorizing every episode of Sponge Bob Square Pants I knew it was time for something new.

    Ironically, I’ve never been a “gamer” type computer geek.  I have been involved in the programming of many games but I have never been one to get lost for hours deeply involved in game play.  The new Wii was primarily just a new way to spoil our grand kids.

    Well, it turns out I’m hooked. So far, all I have is the included Wii Sports pack but I’ve already ordered more games and additional controllers. The ability to physically involve yourself in the game play is unlike any other computer or console game play. 

    I love the action.  When I woke up this morning I could feel muscles I haven’t used in years.  I’m confident the new Nintendo Wii will have the following impact on my life.  I’m either going to lose weight or I’m going to pull a muscle.  I do understand why Cindi didn’t want me to hook it up to the 50” plasma screen in the living room but she has to leave the house some day.  BillP Happy Face

    Share on Facebook

    Friday, March 23, 2007

    Stalker Records Ex-Wifes Wi-Fi Conversation

    Last year I wrote “The most damaging Spyware” after meeting Cindy Southworth from the National Network to End Domestic Violence(NNEDV).  Cindy had some compelling examples of how publicly available snopeware was used to spy on ex-spouses, girl friends and other unsuspecting victims.

    A recently divorced Schenectady man was arraigned yesterday for one felony count of eavesdropping and a misdemeanor count of stalking. In this case, he didn’t use a keylogger Trojan sent via an eGreeting,  he just monitored unsecured wireless signals from her computer network.

    “He is accused of using a computer program to intercept his estranged wife’s instant messages between her and her son, prosecutor Jessica Lorusso said. “

    He then (allegedly) created a sexually explicit Blog in her name and E-mailed the link to five of the doctors she worked for. As a result, the victim was fired from her job. Her husband had previously been arrested in April 2006 on misdemeanor charges of stalking and stealing wireless Internet signals. 

    Just today reading Donna’s SercurityFlash I found an article about new paint that will block your neighbors from intercepting your Wi-Fi traffic.

    When you visit Donna’s or any of the many security forums you’ll notice there’s a passion that all their dedicated volunteers share regarding Internet security. We’re not in it just because pop-up ads are annoying or someone is hijacking our browser. Computer users everywhere are being violated. It’s all a matter of degree, but computer violations aren’t much different then having a stranger physically in your home.

    Microsoft: Improve the security of your wireless home network with Windows XP

    PC-World: Step-By-Step: How to Build a Safe, Secure Network

    CNN: Man charged with wireless trespassing

    Share on Facebook

    Thursday, March 22, 2007

    Download the Old Version of your Favorite Program

    As many of you know, I’m not a fan of auto-updates or even downloading new versions on the day they’re available. Well, I have now found a way to access older versions of my favorite programs.  It’s located at

    As of today they have 2470 versions of 179 programs. They have Music Utilities, File Sharing, Web Browsers, Drivers and more. There’s even a section for Mac users with 329 versions of 24 programs.

    I heard about Old Apps from its co-creator Chirag Patel when he asked permission to include old versions of WinPatrol on the site. They’ve acquired 23 different versions of WinPatrol and even I got a chuckle when I downloaded a really old WinPatrol 4.0 pictured below.

    A really old WinPatrol 4.0
    WinPatrol  (© 2002)

    We’ve come a long way baby.  This what the current version of WinPatrol looks like. Click on the image for a clear view.

    WinPatrol's current version 2007
    WinPatrol 11.2.2007 (© 2007)

    On my first visit to I was given a yellow warning by SiteAdvisor.  While all reviews on SiteAdvisor were positive, at one time copies of old versions that included some Adware were detected. Hopefully, SiteAdvisor will update their records.  It’s really a shame that they removed old versions which included adware. As an AntiSpyware researcher myself, it would be handy to still have access to those older versions.

    Share on Facebook

    Wednesday, March 21, 2007

    Great New Dell Vista Laptop but No Internet

    My sister Mary Elizabeth had a huge smile yesterday when she learned her new Dell laptop had been delivered to my office. Her joy quickly faded when we discovered her brand new laptop couldn’t access the internet. It found my Linksys wireless network just fine but only had “Local Access”.

    After I used up all my ideas including unplugging the cable modem, router and rebooting I gave her the bad news. You’re going to have to call Dell Support. ::shudder::

    I can’t adequately describe our experience with Mark at Dell Support. I only wish I had video taped the experience because it would have been a hit on YouTube. My only chuckle came when the rep told us to click on the Start button and select Run. Oops! There is no more Run option on Vista. This was after he told her she had to plug in an ethernet cable to help configure the system. Even then, this brand new machine needed wasn’t properly configured to find the network without help.

    If we had finally resolved the problem I would go into the all the technical steps but there was no solution. Once we did get the hard wire connection established, he had us run a program allowing Dell to connect through a back door and fix things. Unfortunately, the most they could accomplish was a “Limited Access” state but they went away after two minutes and we were back to Local access only. Ultimately, they blamed my router. I think she’s heading to Starbucks today so we’ll see how it does there.

    My brother and daughter are both currently shopping for laptops and until today they were going to take the leap toward Dell and Vista. In the past, we’ve had good luck with Dell but those machines all came with an established OS called Windows XP. When we find the solution, I will post it in hopes it might help others.

    Update: Click Here for final results

    Share on Facebook

    Tuesday, March 20, 2007

    Apple TV is NOT a TiVo

    Today Apple has finally started to ship their greatly anticipated “Apple TV”.  The news has been greeted warmly by Wall Street. I’m guessing the $299 price tag will generate some sales from people who just gotta-have the newest gadget from Apple.

    Unfortunately, new HDTV owners are the only people who should buy the Apple TV. It doesn’t have standard RCA or coaxial cable output. Users will need either component video or HDMI jacks on their TV. Just like the iPod, you won’t download directly to Apple TV. There is no built in tuner so you still need to download everything to your computer first.

    Originally, Apple had talked about building “TiVo-like” capabilities into a new Mac mini to go along with the Apple TV but those rumors have been dismissed by Apple Senior VP Philip Schiller.   He suggested adding video recording would make it to too complicated.

    I am pleased that Apple won’t be putting Apple TV to the TiVo category but it still annoys me when anyone compares any ability to record TV shows as TiVo-like”.  Even in a recent conversation with David Pogue (Windows Vista (Missing Manual)) he referred to Windows Vista having "TiVo-like" functionality. I explained how this wasn’t acceptable and how many TiVo users have become just as passionate about their TiVo as Mac users have been about their machines.

    Just like Google has become a verb for searching the Internet,  TiVo has become the new verb for recording TV shows by any kind of digital video recorder. This is surprising when you consider the folks on Wall Street have been predicting for years that TiVo will never survive.

    In 2004 TiVo was actively trying to discourage the use of their trademark as a verb and sent out letters to many news organizations. The campaign obviously wasn’t very successful.

    Disclaimer: BillP Studios has a minor financial investment in TiVo Inc.

    Share on Facebook

    Saturday, March 17, 2007

    Congress Tries Again to Define Spyware

    I’ve made a number of trips to our nation’s capital to discuss the problem of Spyware. The FTC and all the politicians love to say that they’re going to do something to stop the madness but every time, the number one issue always comes down to “What Defines Spyware”.

    The Webster definition is pretty simple.

    Main Entry: spy·ware
    Pronunciation: 'spI-"wer
    Function: noun
    software that is installed in a computer without the user's knowledge and transmits information about the user's computer activities over the Internet

    The debate began again last week with focus on the H.R. 2929Securely Protect Yourself Against Cyber Trespass Act”.  This bill was first introduced by Mary Bono in July of 2003.  Personally, I think they should have called it the “… Cyber Terrorism Act” and perhaps it would get more attention. 

    In Feb 2004, S.2145 “Software Principles Yielding Better Levels of Consumer Knowledge Act” or SPY BLOCK ACT was introduced into the Senate.

    Watch this week for a new improved bill to be introduced which would stiffen penalties for anyone convicted of installing software in a fraudulent manner. The Adware folks are already circling their wagons to fight any legislation. Their fear is the wrong wording or interpretation of an AntiSpyware bill would criminalize their business.

    According to the Interactive Advertising Bureau, “there is always a risk that legislation that governs complicated technology could result in limiting and/or stifling innovation.”  While the IAB may make some good points, they won’t be offering alternatives.

    According to Dave Morgan, who was expected to testify on behalf of the IAB…

    “In this case, Congressional involvement is good. While I am not a big fan of government intervention, the focus of Congress and folks like Rep. Bono and Rep. Barton on combating spyware has changed the game. Before their interest, spyware was a much bigger problem. Since they focused on the problem, it has largely disappeared.”

    Excuse me? Spyware has largely disappeared?  I can’t help but point out the first line of the IAB Mission is…

    The IAB is the only association dedicated to helping online, Interactive broadcasting, email, wireless and Interactive television media companies increase their revenues.

    Unfortunately, any responsible legislation will continue to hang on an accurate definition of what we consider Spyware.  My opinion hasn’t changed much since I participated in the first FTC Spyware Workshop held in 2004. The FTC still has my official position on file and you can read it at

    This may be a good time to write to your representatives in Congress.  You can click here to find out who they are and how you can contact them.

    Share on Facebook

    Thursday, March 15, 2007

    Download Directly to your TiVo

    Since the mid 90’s “convergence” has been the big buzzword in the industry. Everyone has been searching for the best way to combine all your entertainment options into a single all-in-one device.

    Back then, I worked for Microsoft on something called the “Information Highway PC”. This project morphed into a computer I worked on with Gateway called “Destination” before becoming the Windows Media Center.

    Gateway Destination
    Gateway Destination with 36” monitor

    Unfortunately, the project was ahead of its time. Nobody was ready to surf the internet in their living room. Now we all do it with our laptops while watching TV.

    So far, the device which meets my needs continues to be TiVo. We're now up to four units all talking to each other on our home WiFi network. TiVo recently announced a partnership which allows you to purchase or rent videos directly from Amazon. Instead of downloading to your computer, the video is downloaded directly to your TiVo so you get to watch it on your TV and not your PC. Everyone allows you to download videos to your computer but finally, this is the kind of convergent technology I’ve been waiting for.

    Unbox Video Downloads

    Unfortunately, the price for programming is still a little too steep. New movie releases are $13.99 to download and $3.99 to rent for 24 hours. TV Shows are $1.99.
    I don't know about you, but I never know what surprises will come in my life. If they would just increase rental time to at least 48 hours I might be a regular customer.

    Update: Thanks to a comment for pointing out that the 24 hour time limit doesn't begin until you start to watch the video. This still isn't as good as a 48 hour limit but might make me download more shows.

    Share on Facebook

    Wednesday, March 14, 2007

    HijackThis Will Remain Free

    The buzz around the purchase of HijackThis has begun and I was lucky enough to chat directly with Ed English, CTO at Trend Micro.  I wondered if HijackThis would remain a free program or if it would go the route of Site Advisor after McAfee took it over.

    Ed said…

    “Trend plans to keep HijackThis available as freeware.  It is widely available on dozens of download sites and on the site.  We especially recognize the value of the HijackThis web forums who provide personal support to help users solve PC problems.  Trend wants to work closely with this web forum community.  We are listening carefully to these experts for guidance on what new features to add to future versions of HijackThis.”

    Ed also knows good software when he sees it.

    “HijackThis has received a 5 star rating from CNET editors and members rated HijackThis as the second most popular anti-spyware software.  This is a very honored position to hold, but I would be remiss to not mention that our friend Bill P’s WinPatrol received the number one most popular rating.  Congratulations Bill!  Both HijackThis and WinPatrol are excellent tools in the war against spyware.”

    Top Member Picks on CNet

    Obviously, even for a technical type, he knows how to suckup, err… I mean win people over.

    In past conversations Ed has made clear how important he thinks the online “community” can be.  In a U.S. market dominated by Norton(Symantec) and McAfee he has a big job ahead of him. I’ve never been a fan of either company so I wouldn’t mind some serious competition from someone other than Microsoft.

    Share on Facebook

    Tuesday, March 13, 2007

    Trend Micro Hijack This™

    I’m really surprised that I haven’t been reading more comments about this new relationship. All I can figure is all the MVP’s are out having fun in Seattle and they haven’t been online to chat about this one.

    See the official page at

    I’m haven’t decided yet what this all means but I’ll be writing more soon. What do you think?  Feel free to leave a comment.

    Update From the author

    This is not fake, I sold HijackThis to TrendMicro. Their product incorporates all changes, updates and fixes that I was planning on adding in the v1.99.2 release. I made sure of that and I hope no one will be disappointed with it.While TrendMicro does not officially support HijackThis yet, I expect they will once it goes final.

    I sold HijackThis because I had been sitting on an unfinished update for over a year and I still could not make enough time to finish it. My uni classes are taking up a lot of time and I want to set my goals a bit wider than just the antispyware business (though I still love it). Sitting on an unfinished product until it becomes obsolete is not useful, so I decided to transfer the responsibility to TrendMicro (who have also taken care of my CWShredder) so they can give it proper attention and support. Where the will take HijackThis, I do not know - but I am sure they will respect its goals and what it stands for.

    Share on Facebook

    Vista Accessibility Vulnerabilty, Not So Much

    Yesterday, Vinoo Thomas proclaimed a vulnerability in Vista accessibility feature called StickyKeys.  Vinoo, a McAfee researcher goes on to call this a “legacy backdoor” that has been around since Win2000 and XP. He doesn’t mention that for this to be a problem you need administrative rights to replace the file sethc.exe on your system. .

    I’m not really annoyed at Vinoo for bringing up this issue. More people should be aware of the StickyKeys feature. Application developers should especially be aware of StickyKeys so they can verify their applications support it.

    ( Check out StickyKeys by tapping your Shift key 5 times in a row. )
    Tap Shift  5 Times and this dialog will appear

    While I don’t agree this is a vulnerability, he brings up some good issues.  Calling it a BackDoor is however misleading. You can read what he says and decide for yourself by clicking…  Windows Vista Vulnerable to StickyKeys Backdoor

    I’m more annoyed at the technical press for putting out large headlines that make this out to be some kind of critical flaw for the handicapped.
    ZDNet puts it in the “neat-find-department” but acknowledges it could only occur “under perfect circumstances”.  PC Advisor UK at least called Microsoft for a comment but wasn’t able to connect with a spokesperson. Everyone else just reprinted an article from the IDG News Service which also points out…

    “Although it is interesting that Vista is also vulnerable, it's not clear how useful the backdoor would be to an attacker because one must first gain access to the machine in order to replace the StickyKeys file.”

    Right… so why are you bothering to report on this?


    Share on Facebook

    Saturday, March 10, 2007

    Are Bloggers Protected as Journalist?

    Two years ago Apple Computer went to court after information was posted online about new, still-secret product code named Asteroid.   The court ruled that Apple had the right to subpoena e-mail records from the websites who posted the confidential information.  The judge would not accept arguments about the First Amendment or California’s “shield law” commonly afforded to journalists.  The court ruled that the information was stolen property and compared the dissemination to the fencing of stolen goods.

    Last year the Bloggers fought back.  A California Sixth District Court of Appeals ruled against Apple.  The court wrote…

    "We can think of no workable test or principle that would distinguish 'legitimate' from 'illegitimate' news. Any attempt by courts to draw such a distinction would imperil a fundamental purpose of the First Amendment, which is to identify the best, most important, and most valuable ideas not by any sociological or economic formula, rule of law, or process of government, but through the rough and tumble competition of the memetic marketplace."  

    However, be careful what you say.  Last fall, a court in Georgia upheld a $50,000 libel judgment against Blogger David Milum when he went a little too far.  Mr. Milum felt ripped off by his former attorney Rafe Banks so, he started a Blog to let folks know exactly what he thought.  In his Blog, he went as far as accusing the lawyer of bribing judges on behalf of drug dealers.

    I was surprised to read that this was actually the first case of a blogger in the U.S.A. to lose a libel suit. I doubt it will be the last.  We’ve all felt pretty comfortable but a few bad apples could create a rise in litigation against opinions posted online.

    If you find this topic interesting I recommend you check out information from the “Media Law Resource Center”, especially their page entitled “Libel and Related Lawsuits Against Bloggers”.

    Other sources:
    Media Bloggers Association
    Electronic Frontier Foundation

    Share on Facebook

    Tuesday, March 06, 2007

    Remove AOL Free Email Advertising

    Good ol’ AOL keeps finding ways to piss me off. The current executive team has found another way to insult paying customers in their desperate attempts to make a profit.  After all the blood, sweat and love that we put into the original America Online is saddens me to see users treated this way.

    Last night I noticed that when I send Email from AOL, a footnote is automatically added to MY email.

    “AOL now offers free email to everyone. Find out more about what's free from AOL at“

    I’m sorry but this is just plain wrong.  I’m not using free Email from AOL.  I pay a monthly fee for my AOL account and I don’t want my correspondence and personal Email to include advertising.  If I didn’t care, I would have created an Email account with Yahoo or GMail years ago.

    How long will it be before this AOL ad is replaced with some kind of advertisement for a mortgage company, credit card or HBO special.

    Naturally, I quickly came up with a work around that I can use while I still have my AOL account.  Here’s what you can do.

    Click on the “Write” email icon.
    You’ll see a “Signatures” button and select “Set Up Signatures”
    What you can do is create a signature that is made up of 50 -100 lines with just a blank space.  Or Edit your existing signature and add the blanks to the end of it.  You’ll need at least one blank space in each line or it won’t work.
    AOL will continue to put their advertisement at the end of your Email, but your recipients will have to scroll down to the end if they want to see it.

    Hmmm…   I wonder if anyone would be interested in bidding on my or the plain screen name that I still have.

    Share on Facebook

    Monday, March 05, 2007

    New Daylight Savings Time is Another Y2K

    You all may be hearing a lot about the new disaster coming our way. Congress has changed the dates for Spring-Ahead and Fall-Back. The problem is, most computers won’t know about the change and won’t automatically adjust for the new daylight savings time.

    Comparing this to the Y2K panic is accurate because if you remember correctly, everyone freaked out over nothing. In this case, it’s also a non-event.

    It really wasn’t that long ago that we computer users were responsible for updating their system clock to the new time. We all seemed to handle it ok and nobody died. I’m told my TiVo won’t miss recording American Idol and Desperate Housewives so I’m good.

    The concept of Daylight Saving Time was first published by Benjamin Franklin back in 1784 to save on candle wax. In Paris alone he calculated it would save over sixty four million pounds of wax. It was finally adopted in the US in 1918. From 1942 to 1945 DST was made permanent by Franklin Roosevelt and called “War Time”.

    In old England, there really was reason to a panic. Imagine the birth of twins at the magic hour. Suppose first one comes out before the time change, and then the clocks are moved back before the 2nd was born. In a culture where the oldest child received family property and titles, who was the legitimate heir? I see that being a much bigger problem than anything we will experience on March 11th.

    Share on Facebook

    Saturday, March 03, 2007

    Please Don't Upgrade to Vista

    I’ve kept an open mind regarding the new Vista operating system but I can’t be quiet any longer.  Over 5% of the traffic here on Bits from Bill appears to be coming from Vista users. If Vista fails to take off there really could be an impact on our economy. I really want it to succeed but to be true to my readers, at this time, I must recommend against it.

    I received the following today from my nephew currently serving our country in Iraq

    Hi Uncle Bill,
      Hope all is well.  I have a question about Microsoft Vista.  I bought a new laptop that came with Vista; I am having a lot of problems, it seems that every time that I try to load AOL it causes the computer to “crash”; It has given me the “blue Screen of Death” and won’t shutdown properly. 
    I really like the graphics that Vista has, but I am ready to load XP instead and try to get it (Vista) running correct when I get home.  It takes FOREVER to download on the network, really slow…

    MSG John N. Cavaliere 
    Camp Striker, Iraq

    John is on his 2nd tour in Iraq and still has 5 1/2 months to go. He purchased the laptop to keep in contact with his wife and kids who are struggling with his absence.  While I’ll admit my reaction today is a bit emotional I’m not alone. I’m also willing to blame AOL but I thought the Blue Screen of Death was a thing of the past.

    A number of popular Windows experts have quietly jumped ship and are recommending against upgrading to Vista.  Even Ed Bott who has been defending his promotion of Vista has acknowledged he’s baffled by error messages telling people their version of Vista is invalid.

    BambisMusing: Trouble in Vista Paradise … Paint me surprised.
    USA Today: Vista causes an array of problems
    BBC News: Falling into the Vist trap
    PC Advisor: Vista cuts off broadband users
    Associated Content: Vista Slowing Down Broadband Users Worldwide
    InfomationWeek: Dept of Transportation Bans Vista Upgrades
    Microsoft Channel9: How to uninstall Vista

    Share on Facebook

    Friday, March 02, 2007

    Serious Vista Security Includes Ctrl-Alt-Del

    If you’re serious about security in Vista there is still one hole that will need plugging. One of the oldest and easiest way to leave yourself vulnerable is be caught be a fake login screen which asks for your name and/or password.   If no one will ever have a chance to type on your keyboard and/or insert a USB drive don’t worry. If however your machine is ever left open for someone else to access it you could be a victim.

    Back in college we used it all the time on an old Univac main frame to capture friends and teachers passwords.  It was all in fun of course. Smile
    All it took was a simple program which looked exactly like the normal log on screen. The victim enters their name and password and it’s sent off to someone else's Email box.  Online phishing attacks use the same methodology.

    The best attempt at a solution is to turn on Ctrl-Alt-Del as the only way to bring up your logon screen.  Microsoft once made this a default setting when they introduced Windows NT. Thanks for this tip from Diana Huggins who has been writing a lot of great security articles for the folks at LockerGnome.

    1. Click Start and click Control Panel.
    2. Click System and Maintenance, Administrative Tools and then the Local Security Policy.
    3. Within the console, expand Local Policies.
    4. Click Security Options. The various security options are displayed in the details pane.
    5. Scroll through the options and locate Interactive Logon: Do not require CTRL + ALT + DEL.
    6. Double click the option.
    7. Select Disabled to require users to press CTRL + ALT + DEL.
    8. Click OK.

    Turn on Ctrl Alt Delete

    I’ve been reading some really good tips from Diana lately although the LockerGnome server seems to be having some problems.  If the site is available you can read more from Diana at


    Share on Facebook