Block those Firefox popups!

My logs show a lot of people visiting this site looking for advice on how to stop Firefox pop-ups and pop-unders, which seem to have increased in frequency lately. Here’s an interesting bit of inside information from Asa Dotzler of the Mozilla Organization:

A number of pundits and bloggers have been wondering aloud whether or not we’ll be able to keep up with the pop-up spammers now that more of them are focused on us. Well, we shipped 1.0 with the capability to block these pop-ups and pop-unders but we didn’t enable it because we were concerned about breaking legitimate uses. If you’d like to turn it on, it’s a fairly simple change — and would be absolutely trivial for us to enable once we determine whether or not lots of websites are depending on the feature.

Here are the specific configuration steps to take to turn on the capability to block pop-ups from plug-ins, according to Asa:

Open your Firefox 1.0 or 1.0.1 browser.

Type about:config in the address field and press Enter.

Right-click in the resulting config page somewhere and click New, Integer.

Type privacy.popups.disable_from_plugins in the New Integer Value dialog box and click OK.

Type 2 in the Enter Integer Value dialog box and click OK.

That’s all you need to do. Note that there are three possible values allowed in this dialog box:

0: open allowed
1: the opened windows are treated as popups, but they’re allowed to open (Firefox limits the number of these types of popups)
2: the window is a popup, block it

If you try this and encounter problems, be sure to let Asa know.

Protect yourself at hotspots

The Security Mentor has some interesting comments on the Windows Firewall that’s included with Windows XP SP2. He notes that, unlike the Internet Connection Firewall in SP1 and earlier, the Windows Firewall assumes that you want to trust all computers on your local network:

So the built-in Windows firewall hides file and print sharing from the Internet at large but makes them completely available to your local area network. That way you can share a printer with your wife but keep your files safe(r) from strangers on the Internet.

Q: You’re about to point out a catch, aren’t you?

Yes.

What happens when you’re at a coffee shop?

The whole coffee shop is one local area network. The firewall is going to assume that since all the other customers are on the same local network that it can trust them.

Ah, but the designers of the Windows Firewall were clever enough to plan for that scenario. The next time you’re out and about with your WiFi-equipped notebook and decide to connect to a wireless network, do this first:

Click Start, and then click Control Panel.
Double-click the Windows Firewall icon. (If you’re using the Category view of Control Panel, click Security Center and then click the Windows Firewall icon at the bottom of the dialog box.)
On the General tab of the Windows Firewall dialog box, make sure On is selected and then click to select the Don’t allow exceptions check box.
Click OK. Traffic from all local network sources is now blocked.

Win_firewall

Remember to clear this check box when you get back to your trusted network.

Test your antivirus software

So, you want to show one of your kids or co-workers how your anti-virus software works. You don’t need a live virus to trigger a virus alert. Instead, download a copy of the official antivirus test file from the European Institute for Computer Anti-Virus Research (EICAR). This is a simple text file consisting of a unique string of 68 ASCII characters that you can embed in a file to trigger a reaction from their programs. Note: This is a completely harmless file. The text string doesn’t do anything, and you would never type it by accident, I guarantee!

I won’t post the string here (to avoid setting off warning bells in virus scanners that are set with a hair trigger). But you can find details for creating this file on the EICAR page, along with links to download four different versions of the file. Be sure to download the Zip version of the file to demonstrate what happens when a virus is embedded in a compressed file.

It’s a great educational tool

The history of the Windows PowerToys

Raymond Chen wrote the original Tweak UI for Windows 95. In a post on his most excellent blog, The Old New Thing, he tells the history of the Windows PowerToys. It’s fun reading, especially given that this is the 10th anniversary of Windows 95. But I’m linking to it here because it also includes this most excellent list of all the other PowerToys that have since snuck out of other groups at Microsoft and are available for various Windows platforms:

(Plus, of course, the Windows XP PowerToys, which does come from the shell team. The Internet Explorer team originally called their stuff PowerToys, but they later changed the name to Web Accessories, perhaps to avoid the very confusion I’m discussing here.)

Until I read this post, I didn’t know that Raymond also wrote the original Kernel Toys for Windows 95. Nor did I know that Raymond wrote the whimsical blurb that introduced the original PowerToys. But I’m not surprised, given the cleaver, clear writing and insight that is the hallmark of Raymond’s blog.

From PowerPoint to your TV screen

My sister-in-law Teri asked last week if I knew how to get a PowerPoint presentation onto DVD. She had a 180–slide PowerPoint presentation (made by someone else for a friend’s 50th wedding anniversary party), and they wanted to be able to pop a DVD into a player and watch the show on a big-screen TV.

I’ve written a few chapters on PowerPoint for various revisions of Special Edition Using Microsoft Office, but I’m far from an expert. I know that PowerPoint doesn’t natively support any video formats, and I found an interesting discussion of the topic here. But aside from those leads, I was stumped. So I was glad to get the follow-up today:

Got the 50th Anniversary project done via…

PowerPoint PPT to PPS (less memory use during screen capture)

Screen capture w/ CapturePad shareware 14-day non-crippled tryout (600×800 at 30 fps)

NeroVision Express to burn DVD Video w/Menu (It failed twice trying to burn directly from NeroVision Express, so had to burn to the hard drive first then copy via Nero Recode to DVD)

GoVideo VCR/DVD Player to copy from DVD to VHS tape

This would have been much easier if the author had created the original slide show in MS Movie Maker! PowerPoint is a bitch to match audio to video timing. I had a lot of cleaning up to do to get rid of awkward transitions and I had to shorten one of the WAV files with Creative Wave Studio–which is kinda like cutting sushi with a hatchet.

There were no fancy slide transitions or sound effects used in this 20-minute presentation–just an approximate 6-sec transition between still photo slides and background WAV music files. I don’t know how (or if) a fancy transition or effect would capture (or convert) to AVI–and I don’t have time to test it right now.

I screen-captured presentation with CapturePad to AVI with both video and audio UNCOMPRESSED. (The WAV files were already compressed.) I also noticed that there is a HUGE color loss going from the computer screen to NTSC. I think attention should be paid to colors used (as we do with web page art) and saturation of photos should be pumped up. I also set NeroVision to the highest quality video configuration and configured audio to Dolby 2.0. Make sure that any MICROPHONES (like soundcard headset or other inputs) are turned off (both in soundcard and CapturePad), or CapturePad will over-dubb the audio track with background noise (like me kindly yelling at the dog to get out of the office). The 22-minute, 186-slide presentation w/6 audio files ended up as only 858Mb on DVD.

I’m a happy camper.

I’ll have to try this one of these days!

File association fixes

You install a program. You decide you don’t like it. You uninstall it. But it changed your associations for a whole group of files, and now your original program doesn’t work. What do you do?

Visit Doug Knox’s site and pick one of these handy-dandy downloadable Windows XP File Assocation Fixes. He’s got 24 in all, from Batch Files to Zip Folders.

This also comes in handy if you inadvertently make a wrong choice when using the File Types tab on the Folder Options dialog box.

Two smart things you can do for your data

I just got a call from a friend who had a hard drive crash. It appears his video card is toast, too, and this was the latest in a string of several hardware failures. He blames it on Mercury being in retrograde. I think there’s a more rational explanation: bad power.

Look, hardware can fail at any time. Circuit boards and chips are really sensitive to surges and spikes in your power supply. A simple power strip does nothing to protect you, even if it claims to be a surge protector. Most of those devices are just junk. What you really need is ~~a universal~~ an uninterruptible power supply (UPS), which is basically a big battery in a case that plugs into the wall and to which you can in turn plug your PC, monitor, and other sensitive devices. (But not your printer, which draws too much power).

You can find sales on decent UPS products regularly. I’ve got a couple of Belkin models here that work very well and cost around $30 when I bought them. I’ve also used APC products and wouldn’t hesitate to recommend them. When you get a power surge or spike, the device kicks in and filters the current. If you have a momentary power failure, the UPS keeps you running so you don’t lose anything. And if your power goes out for long enough, you can shut down gracefully and save what you’re working on.

The other thing everyone should have is an external hard drive for backing up important files. You can find DIY USB 2.0 drive enclosures just about anywhere, for around $20-30. Get yourself a cheap 80-120GB hard drive and put the pieces together. Voila! Instant backup device.

Update: Thanks to Ryan Walters for the correction on what UPS really means.

The amazing hidden backup program

My brother-in-law is never afraid to ask a question. This week, he’s concerned that his copy of Windows XP Home Edition is missing the backup program. Where is it?

Its on your Windows XP CD.

From Windows XP Inside Out, Second Edition:

If you’re running Windows XP Home Edition, you won’t find Backup Utility on the Start menu or even in Add Or Remove Programs. It is included, though; you just need to know where to look. To install Backup Utility, you need your Windows XP Home Edition CD. Use Windows Explorer to open the Valueadd\Msft\Ntbackup folder, and then double-click Ntbackup.msi.

Mission accomplished.

Update: The Windows XP Backup program is installed by default with Windows XP Pro. Based on user surveys, Microsoft decided (incorrectly, in my opinion) that anyone using Windows XP Home Edition wouldn’t be interested in the Backup program. That’s why you have to manually install it. Thanks to Woody for asking this question in the comments.

Update 2: If you have a recovery CD instead of a “real” Windows XP Home Edition CD, you can install the Ntbackup program from a borrowed CD. If you can’t find one of those, download the installer from this site.

Update 3: If you’re looking for advice on how to actually use the backup program after it’s installed, see this article I wrote last year: Windows XP Backup Made Easy.

Seven rules for e-mail

Andrew Tobias has come up with seven rules for e-mail that make excellent sense to me. I’ve excerpted them here; click the link and read the whole thing if you’re curious.

1. If your entire message can fit on the subject line, put it on the subject line – followed by EOM (end of message). Nothing more.

2. Make the subject line descriptive. If you make it: SUBJ: check this out and it turns out to be yet another copy of Bush’s resume (“I was arrested twice for drunk driving . . .”) that we’ve all seen 50 times by now, it is annoying. But if you make it: SUBJ: Bush’s resume, then we can smile faintly and delete it in three-tenths of a second.

3. If your message is to one person, begin the subject line with that person’s first name.

4. If you’re sending to a large group, use “blind copies” (unless there’s an awfully good reason to have everyone see the e-addresses of all 215 recipients).

5. If you’re responding to a group e-mail, hit REPLY rather than REPLY ALL unless you really think the whole group wants to see your reply. (Ah, the boorish irony of those who REPLY ALL with the message, “I do not appreciate your cluttering my inbox – please take me off your list.”)

6. If you’re attaching a letter or a newsclip, also cut and paste it into the body of the e-mail to spare the recipient’s having to open the attachment.

7. Place post scripts before your sign off, for reasons amply elucidated in the only really important column I have ever posted in this space.

I’m not so sure about #3. I get a lot of spam that tries to fool me into opening the message by using my name on the Subject line. But otherwise, this is good advice. And as Andy notes, if he can come with three more he’ll have a set of Commandments suitable for burning onto stone tablets.

For those who don’t know Andrew Tobias, he is an expert on money management (I first learned of him by using Andrew Tobias’ Managing Your Money back in the good old MS-DOS days, before Quicken, before Windows, before even color monitors). Andy is the author of some superb books and he’s also Treasurer of the Democratic Party. He was blogging at Andrewtobias.com years ago, before the word blog had even been coined.

Check it out. This site is a daily must-read for me.

Using the RunAs command

Aaron Margosis’s WebLog has some excellent observations on what should be an obvious security precaution for Windows XP users. In a perfect world, you would run as a Limited user, logging in as Administrator only when you need to perform an administrative task. Windows even has a RunAs command you can use to do this on the fly without the tedium of logging in and logging out.

The problem is that running as a Limited user is difficult. Too many programs just assume that you’re running as Administrator and refuse to run properly for a Limited user.

Anyway, props to Aaron for some excellent information on this site. If you’re security-conscious and want to give it a try, go for it!