Terry's Computer Tips - computer tips articles and newsletters
Subscribe to my free
Terry's Computer Tips
email newsletter.
 Your Name: E-mail Address:

Terry's Computer Tips - Newsletter
November 7, 2005

Terry's Computer Tips Newsletter
http://www.terryscomputertips.com
A computer tips newsletter for users of PC's.

Volume 1, Number 21 -- Monday, November 7, 2005

IN THIS ISSUE:
   1.   Sony's Music CD Rootkit Fiasco
   2.   Updates This Week
   3.   Keeping the Correct Time on Your Computer
   4.   New Firefox extension — PDF Download manager
   5.   Hard Drive "Direct Memory Access" Modes
   6.   Followup: Screen-Printing from your Computer Screen
   7.   Another Look at Blocking Spam
   8.   Just for Fun - NetDisaster
   9.   Visit Terry's Computer Tips - the Blog every day
   10.   Recommend Terry's Computer Tips to Your Friends
   11.   Send me some email!

Welcome to the Terry's Computer Tips newsletter.  This free, emailed newsletter includes a special "Just for Subscribers" article, an announcement that the new issue of Terry's Computer Tips has been published online, and the table of contents for the issue.

The emailed newsletter is sent weekly to individuals who have subscribed to the newsletter, have received an email confirmation notice that required them to confirm their subscription request, and who confirmed their request.


1.  Sony's Music CD Rootkit Fiasco

Surprisingly, not many people have heard about this yet, although it is getting some mention on the various tech news sites and services.

Security guru Mark Russinovich reported in his blog on Monday 10/31/05 that he had tracked a rootkit on his computer back to a Sony BMG music CD. The Sony BMG Music CD could not be played on a computer without installing the included music player -- which also included a rootkit as part of its Digital Rights Management (anti-copying) system.

A rootkit, for those who are not familiar with the term, is a program which hides itself by modifying Windows so that it can intercept a number of Windows system routines - and basically is designed to hide its program components and the programs it is protecting from discovery.

   

Of significant concern, the rootkit linked into the Windows operating system to hide any files, directories, registry entries and programs/processes whose name started with a specific string of characters. Russinovich immediatedly recognized and warned of the capability of this "digital rights management" program to hide malware (worms, viruses, trojans, dialers, downloaders, spam programs, etc.).

Of course, the technical news services, such as Cnet's News.com quickly picked up on the issue and started to make noise.

After getting caught spreading the rootkit on the music CD, as part of ts misguided Digital Rights Management effort, on 10/2/05 Sony announced that it was sharing information with anti-virus companies to unhide the files hidden by its rootkit. Of course, this miniscule attempt at preventing any resulting problems on their CD customers computers was greeted with scepticism, at best.

Later the same day, Sony took the next step and released a downloadable removal tool for the rootkit.

While this is a good first step, Sony has a long way to go on this one. How are CD purchasers, including purchasers of CDs still on the store shelves, supposed to know that this removal tool is available -- or even needed?

Sony needs to go one more step, and publicize the existance of, and the and need to use, the rootkit removal tool. The bad guys surely know of it by now -- Sony's customers need to know that they are vulnerable and how to solve the problem.

By the weekend, reports indicated that some online gamers, who play Blizzard's World of Warcraft, have purchased the Sony CD in order to install the rootkit -- they want to take advantage of its security opening. Simply by renaming the cheat programs that they want to use to automate their online characters (making it easy for their characters to kill other characters), simply by renaming the file names of their cheat programs.

Slashdot (www.slashdot.org) has an entry today reporting that the Sony DRM system "calls home." According to the story, Sony's DRM software uses your Internet connection to check for a new banner advertisement to display. One can only hope that is all that is happening. Of course, unless they have disabled the function, their web server will automatically log the request and your IP address, too.

2.  Updates This Week

Firefox, Opera, Mozilla Suite, Thunderbird:   None.

Microsoft:   None. "Update Tuesday" is next week.

Counterspy:   New version 1.5.81 is available. This version did not download automatically, even through I had Counterspy set to download automatically — maybe that's just for the definition updates. Counterspy checks for definition and software updates when you reboot. It will also get definition updates occasionally while you are running — but, even with automatic updates set, it does not download and install updated software versions automatically. {This is a good thing. I'm not complaining.}

If you leave your computer on, be sure to start the Counterspy user interface occasionally and manually check for updates. This is similar to the procedure we had to go through with Norton Antivirus -- definitions came in automatically, but you had to run LiveUpdate to get program changes.

Right-click on the Counterspy icon in your status bar, then click Open), and click on File, Check for Updates. If there is new software, Counterspy will tell you and give you a "Apply Software Update" button, which will trigger the download and installation of the update.

3.  Keeping the Correct Time on Your Computer

Once upon a time, I heard a (certainly fake) "Confucius says" saying:

"Confucius says: Man who have one clock knows what time it is. Man who have two clocks does not know what time it is."

Fortunately, for most purposes, this is not really important on your computer. You do want the time to be about right, so your files are tagged with appropriate dates and times. More important is the interval between events on your computer -- as in, which is my most recent version of this file?

However, for some purposes like home theater pc, keeping the correct time is important. Recording a TV show and starting late, or worse, ending too early, just is not acceptable. We can always set padding on both ends of the record time -- just like on a VCR -- record a minute early and continue recording for a couple minutes extra.

It's nice to have the right time, though, and not worry about the computer's clock drifting earlier and earlier (or later and later). We have several options to make sure our computers stay in sync.

Some media center software, such as SageTV, can be set to automatically synchronize the computer's clock when they connect to get the program guide each day. I do this.

Another option is to run a separate program on the computer to synchronize to some standard time source. There are a number of programs that are available to use NTP (Network Time Protocol) to synchronize with other computers that are set up to be NTP servers.

The most well known of these servers is the National Institute of Standards and Technology in Phoenix. The NIST even has its own public-domain program that you can download from their site called, of course, NISTime. There are versions for Windows 95 and later (including 32bit and 64 bit computers) and Windows 3.1, including source code and instruction files. You can read about and download NISTime from the NIST at http://tf.nist.gov/service/its.htm

Another free program that links to time servers (time sources for your clock) is Atomic Clock Sync, which is freeware and can be downloaded from Cnet's Download.com site. I tried Atomic Clock Sync on my notebook and it adjusted the time by 21 seconds -- not bad. I'll try it again in a few days to see how it does. ACS can be set to automatically synchronize each day; the default is manual. It also includes a number of timeservers that you can choose.

Update 11/11/05: Sunbelt Software's Counterspy, during a full system scan of my computer, complained about Atomic Clock Sync. It referred to "Adw.BestOffersNetworks.AtomicClockSync Adware" and classified it as "Risk: High." Counterspy's description says the application is not a threat, but that it is installed with several adware threats.

I have seen nothing unusual in my system operation. Counterspy only reacted during a system scan. Counterspy did not react based on any system activity, nor did anything else, including my ZoneAlarm firewall. I also checked with two other anti-spyware products: XoftSpy and Microsoft Antispyware (beta) software packages. Neither identified anything wrong with the Atomic Clock Sync files.

More comments to come, in the November 14th issue of Terry's Computer Tips.

Windows XP actually has a time synchronization function built in called w32tm. All I can say is that the documentation probaby means something to someone. Whether it is helping or not, I'm running the command "w32tm /config /update" twice a day on my home theater pc. I was having problems with the computer's clock running slow, even measurable within a day. Running this twice a day in addition to sync'ing with SageTV's servers once a day (which I was already doing) seems to have resolved the problem.

Continued in Part 2



Volume 1, Number 21 -- Monday, November 7, 2005
Part 1 | Part 2 | Part 3

Copyright © 2005 Terry A. Stockdale.  All rights reserved.

 

Thank you for visiting my site — I hope you found the site and articles helpful. If you did, please consider supporting my efforts by making a purchase (if you have one to make) via one of the links in my articles, one of my recommendations, or in my "Ads by Terry" to purchase the item. You can also shop via these links to major Internet retailers
Amazon.com and NewEgg.com or this my Amazon store...

TerrysComputerTips.com
Contact | Join Mailing List
Hosted at HostGator Copyright © 2005-2010 Terry A. Stockdale. All rights reserved.
Terms & Conditions Disclaimer Privacy Sitemap