Scot’s Newsletter

Windows and Broadband Information You Can Use.

Get Free Delivery of this Email Newsletter.

Please Recommend Scot’s Newsletter to a Friend.

Read Scot’s Newsletter on the Web instead.

July 2006 - Vol. 6, Issue No. 82

By Scot Finnie

In This Issue

  • Whence Windows Vista and Office 2007?
  • Looking for the Right Antivirus, Part IV
  • Accessing the True Administrator Account in Vista
  • Review: Dell Dual-Core Inspiron E1505 | Top Product!
  • How to Install Windows Vista for Testing
  • Linux Explorer: Guarding Linux Against Rootkits
  • Call for Contributions
  • Link of the Month:
  • Newsletter Schedule
  • Subscribe, Unsubscribe, Change Address, Change Format

     Quick Links

     August 2006

     July 2006

     June 2006

     Read Back Issues

     Print This Issue

     Newsletter Home

     Subscription Manager

     The SNF Forums

     Donate via PayPal

     Donate via Letter Mail


    jv16 PowerTools Discount Offer
    New supercharged jv16 PowerTools 2006 can fix, repair and tune up your computer!
    Dozens of new powerful features, yet still lightweight and un-bloated.
    Special 25% discount for the first 500 buyers.

    A Message from Macecraft Software

    Whence Windows Vista and Office 2007?
    Last month I offered Part I of my two-part Computerworld series on Windows Vista Beta 2 — 20 Things You Won't Like about Windows Vista — which turned out to be very popular story. This month, I have part II, Visual Tour: 20 Reasons Why Windows Vista Will Be Your Next OS. Here's where you can read both stories:

  • Visual Tour: 20 Reasons Why Windows Vista Will Be Your Next OS
  • Visual Tour: 20 Things You Won't Like About Windows Vista

    An interim build of Vista, 5456, was released to Microsoft beta testers a couple weeks ago that reportedly offers significant improvements over Beta 2. Microsoft isn't saying when the next major public beta release of Vista will arrive, but it will be called Release Candidate 1 (RC1), and my guess is that I'll receive it in mid-to-late August. If my guess is right, I hope to offer a first look at it in the September issue of the newsletter. It's very likely that Microsoft will also issue RC2, and that it will be the last pre-release version before the product ships. Even though Microsoft isn't shipping Vista before January 2007 (and all signs are that the ship date may slip), it will have to freeze Vista's core code base a couple of months earlier to offer it to enterprises, as previously announced. The extra time in the schedule isn't so much for extra development as it is time for OEM PC makers, Windows manufacturing, and stores to do the work they need to do to stock store shelves with retail product.

    That could mean that mainstream computer magazines will race to release early reviews of Vista long before you can actually buy it. Or it could mean that Microsoft will hold out on reviewers. Nothing about the Vista development cycle is anything like previous Windows development cycles.

    Microsoft's recent decision to push Office 2007's release date to "early 2007" for consumers and "the end of the year" for businesses is interesting. According to some published reports, Microsoft is delaying the product to incorporate changes based on feedback from 2.5 million Office 2007 beta testers.

    To read the feedback of this Office 2007 beta tester, please check out my latest PC Today column, Exploring Office 2007's Radically New Interface.

    The office 2007 scheduling change may actually be the first step in yet another Windows Vista slip. Office 2007 is much more polished right now than Windows Vista. A March final delivery date to consumers for Windows Vista and Office 2007 seems like a much more likely outcome right now.

    How bad is that? Let me answer a question with a question: What's so bad about it? The mainstream press almost universally makes out a ship-date slippage on a major Microsoft development effort to be a delicious embarrassment for the software giant. There was a time when Microsoft was sometimes goaded into shipping bad code in order to avoid the public embarrassment of late code. I'd a whole lot rather see Vista and Office 2007 work right than ship earlier. I meant every word I wrote in all those columns and articles about the paramount importance of software quality back in the early part of this decade. Whatever time Microsoft needs to get it right is the amount of time the company should take.

    But let's be realistic about what the import of a delay to, say, March really means. What it means is that the next beta of Vista, currently slated to be called Release Candidate 1, will really be Vista Beta 3 in that more significant changes will likely be made than just refinements, performance, and bug fixes. It could also mean we'll see RC2 and RC3.

    Keep a close watch on Office 2007 for more clues. Are substantial changes being incorporated based on feedback? I expect we'll learn a lot more in the next four to six weeks.


    Looking for the Right Antivirus, Part IV
    When last we left my ongoing research into the next, best antivirus program, in Looking for the Right Antivirus Program, Part III, I talked about the issues with Nod32 and BitDefender that are keeping them off my list of finalists, despite things about each of these programs that I like very much.

    One aspect of Nod32 I didn't talk about last time was pointed out to me by SFNL readers: Nod32 does not scan Eudora mailbox (.MBX) files. While this isn't absolutely terrible, since it's not the mailboxes themselves but primarily the files attached to email messages that contain most threats. But Nod32 does scan Outlook and Outlook Express mailbox files, which to me means that Eset has a double standard. The antivirus maker is not concerned about Eudora and other non-Microsoft email software. Even though Nod32 operates very reliably, with very little system overhead — an admirable trait — I can't pick a product that disses non-Microsoft email apps. It's just who I am.

    BitDefender is now into release candidates of BitDefender 10. I can find no reference to any fixes to the problems I had with SMTP-Authorization and Eudora with BitDefender, but I will do a quick check of BitDefender 10 RC1 to check whether this might have been fixed. Note: I believe that SMTP-Auth is the best first step email ISPs should take in the war against spam. SMTP-Auth is also an open standard specification. Bottom line: Outbound email authentication would greatly reduce the ability of spammers to commandeer otherwise completely aboveboard SMTP servers and use them to spew spam mail around the Internet.

    If all SMTP servers required user authentication, spam would be reduced significantly, and it would also be much easier to localize spam servers. It's not the only solution needed on the spam issue, but it's our best non-proprietary first step. For this reason, I can't support any antivirus program that does not support SMTP-Auth.

    Last time I also covered the traits that go into my ideal antivirus program, how I'm evaluating the security levels provided by antivirus products, and I also printed the list of products still on the consideration list.

    I have now performed my initial tests of all the antivirus products that at least two SFNL readers recommended that also fit my ideal antivirus criteria. (I've received well over 400 AV recommendations from newsletter readers to date.) Remember, I am requiring some sort of outbound email scanning, a functionality that eliminated several products, including Avira AntiVir and Eset Nod32. With the completion of the initial tests, some decisions have emerged.

    Computer Associates-Based Antivirus Solutions
    I have eliminated all forms of the Computer Associates antivirus product. The one I liked best was the eTrust Antivirus r8, which is the corporate client for CA's enterprise-class AV server. You can buy the r8 client for $40, but without the enterprise server, r8 doesn't perform email scanning, which lets it out of the running.

    I did not like the CA consumer product, EZ Antivirus, which lacks sufficient configuration options and whose on-demand scan is the slowest of all those I've tried.

    I also tested Zone Labs ZoneAlarm AntiVirus, which includes a Zone Labs-customized version of the CA antivirus engine. Unfortunately, I had no end of trouble with both the firewall and the antivirus aspects of this program. I still maintain that Zone's firewall is among the best out there, but it causes a lot of problems on more complex networks. Even with the firewall turned off, I had problems I couldn't easily resolve, and the antivirus was not much better than the CA consumer product. I went the extra mile on the CA solutions, and it didn't pan out. They are off the list.

    The Remaining Contenders
    During the last month, I've been testing F-Secure Anti-Virus 2006, Grisoft AVG 7.1, and Kaspersky 6. Of the three, I've had the most trouble with Kaspersky, although, since I got through the initial troubles, it has worked well. I'm still considering Kaspersky.

    I like AVG a lot. My only gripe with it is that on my production computer, it appeared to slow Windows boot times. Its user interface is also the weakest, although it's easy to understand. AVG is now running on Cyndy's production computer to test her environment. [Editor's Note: This is what happens when the new PC you gave me has no antivirus on it? I become an unwitting "SFNL Labs" tester? --Cyndy][Didn't you read the EULA? ;-) --Scot.]

    The big surprise is F-Secure. This is one of the few programs I've screened that I've never tried before. So far, I can't find anything really wrong with it. One of the aspects I keep a close watch on is the number and total memory usage of the background apps that each AV program installs. F-Secure has more applets of an overall larger collective memory size than the other contenders. But the total number isn't huge (compared to many other applications) and I haven't noticed any ill effects yet.

    The thing I liked about F-Secure is that it just did what I wanted it to with a minimum of fuss. The user interface is good. It's easy to use. So far, so good.

    So it's down to these three, with BitDefender getting one last chance to solve its SMTP-Auth woes. I'm getting closer to making a final determination. I'm going to live with each product for at least a week or two week before I decide which one is best.


    Accessing the True Administrator Account in Vista
    In early June, Computerworld published the story, Visual Tour: 20 Things You Won't Like About Windows Vista. I linked to that piece in the last issue of this newsletter (as well as in the first article above). On the bottom of page 5 of that story, I wrote about how the Administrator account is inaccessible in Vista Beta 2.

    Several days after the story was published, I added the Update note in italics with a link to a Registry hack that resuscitates the Administrator account in Vista. But that bit of information is now obsolete. I've learned from Microsoft that there are two prescribed ways to access the Administrator account, and I'm going to tell you how.

    A little background is in order before I get to the instructions. Unlike previous versions of Windows, there are differences between accounts with "computer administrator" privileges and the Administrator account. One of those differences is that the Administrator account does not have User Account Control enabled. Another difference is certain programs require Administrator authorization, but the Administrator account is pre-authorized. (There may also be differences in the ability to remove restrictive object permissions, although that's a completely different story that I hope to explore in the months to come.) Finally, by default, the Administrator account is created but disabled (for clean installs).

    It's even possible to create an "administrator" account, with a lowercase A. But that won't be the full-fledged Administrator account, it's just another account with computer administrator privileges.

    Please follow these directions precisely, because there are some negative possibilities if you jump ahead and explore on your own. Do not create a password for your Administrator account. There's a bug in Vista Beta 2 that can cause you woe if you do. Also, my instructions relate to clean installs of Windows Vista Beta 2, the only option I'm currently recommending. Things are a little bit different on upgrade installations. I recommend that those performing an upgrade installation of Vista Beta 2 create a user account with computer administrator privileges (if you don't already have one) before you install Vista. But SFNL reader Stuart Bouchey, who has been exploring this on upgrade installations, reports that if you have an Administrator account in XP before an upgrade installation, it will be available to your Vista upgrade installation.

    Figuring It Out
    Since the Administrator account is created in Vista, but just disabled, your obvious conclusion when you first look at Vista might probably be that all you need to do is enable the Administrator account, restart Windows, and then log into the Administrator account. But, uh, that would be wrong. There's an added step that Microsoft doesn't make plain. Not only do you have to enable the Administrator account, you also have to disable all other accounts. And since Vista's clean install setup routine forces you to create a new user account with computer administrator privileges, you definitely have at least one other Vista account.

    So, here's the process you need to follow. Boot your computer to Vista. Open the Administrative Tools Control Panel. Double-click the Computer Management item open it. Authorize UAC by clicking the Continue button. Double-click Local Users and Groups to open it. Click on the Users folder. On the right side of Computer Management, you should see icons for all of the user accounts created on your computer. The ones that have small red circles with an X through them are disabled.

    Left-click to select the Administrator icon and then right-click it to open its context menu. Choose Properties. Now remove the check mark from the Account Is Disabled box and click OK.

    The next step is to restart your computer and press F8 when the character mode part of the boot-up says something to the effect of "Starting Windows ...". In a dual-boot environment, you can do that from the boot menu. Once the boot menu is showing, paused for your OS selection, use the arrow or tab keys to select "Microsoft Windows" (the option that runs Windows Vista). Don't press Enter, though. Press the F8 key and you'll progress to the Safe Mode boot screen. Choose the first option, "Safe Mode" and press Enter.

    After a time Vista will show you the login screen with two options, Administrator and Other User. click the Administrator icon. If you created a password for your Administrator account, you'll also need to type that at this point.

    Running Safe Mode as Administrator both limits and extends your privileges. But for quick access to the Administrator account, this is about as good as it gets in Vista Beta 2.

    Method 2
    There is an alternative method for accessing the Administrator account that is a bit risky — unless you know how to work around it. There's a bug in Vista Beta 2 that can cause you to be locked out of Vista permanently. Please follow these directions closely, as I'm navigating you around the potential problem. I'll also explain the bug, and tell you how to work with it.

    The second method allows you to log into the Administrator account just like you would any normal account. So you get the full-fledged Administrator privileges in a normal boot mode, not Safe Mode. There's a trick you need to know to make it work. And also something you need to watch out for.

    Start by enabling the Administrator account in Computer Management just as described above. IMPORTANT: Do NOT create a password for the Administrator's account in Computer Management. Doing so could lock you out of your Vista installation in Vista Beta 2.

    The second step — the trick — is to disable any other accounts in the Users area that are enabled. Look for account icons that lack the red disable mark. You should find at least one. Follow the same steps to open Properties, but this time, click to add a check mark in the box labeled "Account Is Disabled."

    Double check that your Administrator account is enabled. Close Computer Management and restart Windows. When it comes back up it will just load the Administrator account, since you haven't set a password.

    For security reasons, this method should only be used on a temporary basis. Your Administrator account should not be left enabled without a password. So, have a look around, but don't move in. And when you're done, I strongly urge you to re-enable your user account(s) and promptly disable the Administrator account.

    There is another possible wrinkle on Method 2. It is possible to set a password for your Administrator account, so long as you know how to do it without getting into trouble. The bug with setting the Administrator account is in the Computer Management part of the Administrative Tools. But there's another way to manage user accounts, the User Accounts Control Panel.

    User Accounts doesn't display any settings for the Administrator account until you're booted into it. But once you're booted into Administrator, it lets you set a password for it. So this is a workaround if you'd like to leave your Administrator account enabled. Enable it in Computer Management and then set a password for it in the User Accounts Control Panel. It's important to protect it with a password that's not easy to guess or arrive at by trial and error.

    Although Microsoft has not acknowledged this bug to me, I did pass along the particulars of it shortly after Beta 2 was released. Hopefully it will be fixed in RC1.

    I'm still in the process of researching the Administrator login changes, and Microsoft isn't talking a lot about this area of Windows Vista. So if you've learned something that contradicts or expands on what I've written, please send email and let me know.

    Something needs to be said about Administrator access in Vista. Microsoft's changes to the Vista Administrator login process have solved only part of the problem: Security. Linux makes it much easier to access its version of Administrator, known as "root." The key point is that you don't have to restart Linux to access root and make the Administrator-level changes you need to make. Microsoft took a different tack, attempting to make it easier for users to authorize their Administrator changes from other user accounts. It's also made it more difficult to access Administrator. That's a lot more like how the Macintosh's OS X works.

    Microsoft's approach is sound, but the implementation is flawed. The Vista user experience (to date) is both less convenient and more complex than either the Mac or the Linux methods. If Vista users wind up circumventing the new security controls because the whole thing becomes a bother, that will undermine Vista's security. If Microsoft decides to make it impossible to circumvent its security measures, a lot of more experienced users are going to be very turned off to this operating system.

    Microsoft needs to get this right.


    Review: Dell Dual-Core Inspiron E1505 Notebook | Top Product!
    Don't you wish reviewers would give you the bottom line in the first paragraph? Here's your wish. Dell's Inspiron E1505 notebook PC summed up in a few words: excellent value, gorgeous glossy widescreen, fast, thick, annoying pointing device, the best desktop replacement for the money.

    The value proposition is the big advantage. I bought the machine a couple of months ago and paid $1,800 for an Intel Core Duo T2500 2GHz processor with a 667MHz front-side bus and 2MB cache, 2GB of RAM, a 15.4-inch UltraSharp widescreen that displays 1,680-by-1050-pixel resolution, a 100GB 7,200-RPM SATA hard drive, Windows XP Media Center Edition 2005 with an USB-connected TV tuner and remote control, an 8x DVD+/-RW drive, 10/100Mb Ethernet card, Intel Pro/Wireless 3945 802.11a/g internal Wi-Fi card, Bluetooth, and front-mounted speakers with decent sound quality. It also provides these ports: four USB, one Firewire, S-Video, a multiple-format card reader (doesn't support CF), headphones out, microphone in, VGA, modem, Ethernet, 1 ExpressCard slot. What this list lacks is a standard PC Card slot, a DVI video port, and a 10/100/1000 Ethernet port. But in terms of bang for the buck, the Inspiron is tricked out very well.

    For video, I selected the "256MB" ATI Mobility Radeon X1400 HyperMemory. It comes with 128MB of dedicated video memory and can use another 128MB of main system RAM as needed. The X1400 fully supports Vista's Aero video mode.

    For comparison sake, comparably-equipped machines from my two favorite notebook makers, Lenovo and Apple, cost between $2,400 and $2,800. So the Dell, at $1,800, was a very good deal. One thing that's worth noting is that I got my Inspiron E1505 on one of Dell's many pop-up sales for Web buyers. The sale was "34% off" and "free shipping." The 34% deal only lasted a couple of weeks. According to Dell, my total savings were over $900. One way to find deals like this is by spending time at the website (see the Link of the Month later in this issue). I didn't happen to find my deal through But I know two people who got very good savings on Inspiron E1505s via SlickDeals. They are both very happy with their purchases.

    I found my deal the old fashioned way: I spent a lot of time hunting and pecking on the Dell site, and stumbled across it. In other words, I found it the same way that the people who post on find deals. As soon as I found it, I spec'ed it out and saved it to my Dell cart so that I wouldn't lose it. Later I called Dell and went over the deal with a sales rep to make sure there weren't any further savings to be had.

    Another aspect of E1505's great value is that it's highly configurable, so you can get it at the price point you can afford. My test model was purchased at the top end, with almost every possible option of substance (not software or peripherals). You can specify the same model with a single-core CPU, lower resolution LCD, smaller hard drive, and less RAM. When you do, the price drops considerably.

    What I Don't Like
    There's very little I don't like about this computer. The main thing is the pointing device. You may have heard this before from me ... how much better the IBM/Lenovo UltraNav pointing device is over all other notebook pointing devices. For me, the UltraNav is better than a desktop mouse when working at a desk. And no trackpad in creation will ever be anywhere near as good. The Dell trackpad is better than most. Nicely modulated vertical and horizontal scroll bars along the right and bottom edges. (I still prefer Apple's simple but effective two-finger scroll.) The big problem with the Dell trackpad is its flat buttons. I find that my thumb hits the button surround when I attempt to click. The buttons should be raised or the bezel recessed (or both).

    To compensate for the E1505's pointing device deficiencies, I wound up purchasing a Logitech wireless laser ergonomic scroll-wheel mouse, which fits my hand like a glove. I've read some bad reviews of these laser mice, but the bottom line is this: You have to turn down the acceleration and perhaps turn off the "enhance pointer precision" setting in Windows XP's standard mouse driver to make the mouse work normally. Once you do that, it feels great.

    But even though I love the freedom of the wireless mouse, I still have to take my hand away from the keyboard, and the mild carpal tunnel I have is, you guessed it, less apparent when I use the UltraNav. Get the picture? All notebooks should have the UltraNav. I love the UltraNav. UltraNav for President.

    Fair warning: The thing you may dislike the most about the E1505 is all the software guck that comes pre-loaded on this computer — some of which was very questionable. This is the first consumer computer I've purchased in a long while because I grew sick and tired of OEM PC maker bundled software abuse. Dell clearly hasn't given up this disreputable practice. There is a business version of this computer, the 6400, but it appears to be the same computer with slower CPUs and lesser configurations. I elected to work out the software problems. I came very close to wiping the disk though. Very close.

    The other thing I don't like about the Inspiron E1505 is the plastic case. I kid you not. The bottom of this thing looks like it was cast by Rubbermaid. And both the keyboard area and lid have silver-colored plating that looks more like it was painted to look like metal, but is really just hard plastic.

    Another pet-peeve, an undesirable characteristic the E1505 shares with direct competitor ThinkPad Z60m, which I reviewed last year, is the fact that the lid mechanism engages power standby or hibernation too early in its swing toward closed. I like to leave my computers on with the lids nearly closed if I think I'm coming back in the near future. Years of torture-testing notebook PCs at PC/Computing in the 90s taught me that the two most vulnerable parts of a notebook are the screen and the keyboard. Of the two, the keyboard is far more vulnerable on most notebooks. Even a little bit of liquid spilled in a keyboard can fry your notebook permanently, or result in hundreds of dollars of damage requiring a trip back the factory. Then there's the fact that I have three kids and a 75-lb. dog. And my computers spend a lot of time in the family room. My ThinkPad T series notebooks, and the Compaq models that were my standard before them, let me close the lid all but two inches to protect the computer. This Inspiron E1505 does not. I'm constantly sending it to hibernation by accident.

    Like every Intel Core Duo machine I've tested, the E1505 runs a little hot. But I'm using the Dell on my lap to write this story, and I'm wearing shorts. So how bad could it be?

    The Truly Stupendous
    The 15.4-inch WSXGA+ (1680 x 1050) screen is the perfect size for a notebook PC. It's the best cross between screen real estate and physical size of the screen. It makes things look a bit small, but not so small as 1600 x 1200 on a 15-inch display (which I find illegible). On a notebook PC, this size is acceptable to me. Plus, the 16:9 aspect ratio is perfect for displaying widescreen DVD movies. And while I don't do that a lot with my computer, it can come in handy on a long plane flight. Add Dell's glossy UltraSharp LCD technology to the perfect notebook LCD form factor, and let me tell you, it's a powerful advantage. It wasn't until I actually saw an E1505 with UltraSharp that I was completely sold on this model.

    Dell doesn't have a corner on the 15.4-inch LCD market, but when you compare the 15.4-inch E1505 to Lenovo and Apple computers with the same 1,680 x 1,050 resolution, it's clear that the Dell product is superior. Why? Because the other two computers are larger. The Z60m and the new Z61m arrive in a truly bulky case design that feels ungainly next to the E1505. And the Apple MacBook Pro only offers 1,680 x 1,050 screen resolution only in it much larger 17-inch model. Apple's MacBook Pro 17 is only one inch thick, a good deal thinner than the E1505's 1.44-inch thickness. But the Dell is both considerably smaller overall and considerably lighter at 6.2 lbs than the 6.8-lb., 17-inch MacBook Pro.

    For touch typists, Dell's keyboard isn't quite the equal of the IBM keyboard on Lenovo notebooks. But then, no manufacturer's keyboard rivals Lenovo's. If the Dell keyboard's keys were a tad concave on the top to help the fingertips grip — instead of being perfectly flat — that would go a long way. Key placement is quite good.

    I tested the Media Center features, an optional add-on, and was quite impressed with how well they worked. I have an older HP Media Center desktop computer that didn't accept a Windows Vista installation gracefully. But the Inspiron took on Vista Beta 2's flavor of Media Center without serious issue once I upgraded the video driver and the system BIOS.

    If you haven't tried a dual-core AMD or Intel PC yet, they are noticeably faster than single-core units. My next computer may be an IBM ThinkPad T60 dual-core machine, because I can't seem to get away from the UltraNav. But I'm betting that isn't as important to you as it is to me. If you can find a deal anything like I did, I think you'll be happy with the Inspiron E1505.

      Fact Box
    Top Product! | Inspiron E1505, Dell, 800-915-3355, Press Release, $1,800


    How to Install Windows Vista for Testing
    Last month Microsoft made Windows Vista Beta 2 publicly available for download or delivery on DVD via its windows Vista Consumer Preview Program (CPP). The CPP closed to new registrations on June 30th, and it appears Microsoft will not re-open it when Vista Release Candidate 1 arrives, but all registered CPP users will be offered RC1 as well.

    I'm betting that a large number of SFNL readers have signed up for Vista Beta 2. And others may buy the retail software when it ships. What's the best way to install and test Windows Vista? There are three main ways to do so gracefully. There are also one or two tricks of the trade.

    First, though, some things you should know: The downloadable version is an ISO file, which is designed to be burned to a DVD and then installed from the DVD. That means the computer you're installing Vista on needs a DVD drive. It is, though, possible to get around that requirement by installing Vista over a network from a machine that has a DVD drive to a machine that does not. My recommendation is to use a wired, not wireless, connection when you're doing this.

    If you order the DVD, you'll get the 32-bit and 64-bit versions on two separate DVDs. You can also download the 64-bit version. Go with the 32-bit one, even if you're installing on a 64-bit machine — unless you have a specific need to test 64-bit Vista. You'll encounter fewer hassles this way.

    The Consumer Preview Program offers Windows Vista Ultimate only. Ultimate, as I've described in past, has all the features of all other versions of Windows Vista. So you'll get to see everything. It won't, however, help you understand the differences among lesser versions. For a heads up on the differences between Vista versions, see the Vista versions comparison table on page 12 of of my Computerworld story, 20 Things You Won't Like About Windows Vista (scroll down).

    Finally, there is no information in this article about installing Vista Beta 2 or RC1 as an upgrade to an existing Windows installation. That's because performing upgrade installations is a bad idea. Microsoft would really like you to do it, because it wants information about what happens in the wild when people upgrade their systems. But don't be a Vista guinea pig. Upgrade installations never work as well as they should. And, while the final version of Vista may offer an uninstall option, the beta version does not. Even if you could uninstall it, there's no guarantee it would properly uninstall. If you install Vista as an upgrade, you will have to wipe your hard drive and reinstall your previous version of Windows after the test version expires. Every pre-release version of Vista expires, by the way, usually in three to six months. Did I make this plain enough? Your only rational choices for installing Vista Beta 2 are:

    1. Installing to a new partition with a dual-boot arrangement.
    2. Installing cleanly on a wiped hard disk.
    3. Installing in a virtual machine in conjunction with a virtualization utility.

    Dual-Booting with XP
    I vastly prefer to install Vista beta software to a second partition running in Microsoft's dual-boot configuration with Windows XP. This arrangement gives you more control over the Vista partition. For example, if — as happened to me recently — Vista Beta 2's Product Activation module spews several greasy gaskets and leaks about three quarts of hot motor oil on the floor and decides you're no longer activated, you don't have to resort to some sort of boot disc to wipe the drive. Just boot back into Windows XP and use a decent disk utility to blow away the Vista Partition and start over again.

    Windows Vista, like other versions of Windows before it, automatically creates a boot-menu that lets you choose between launching Vista and your previous version of Windows each time your computer starts. All you have to do is create a new NTFS partition on your hard drive and install Vista as a new installation to that partition.

    The setup routines of some previous versions of Windows, including Windows XP, have been able to create new partitions as part of the Windows installation process. The betas of Vista display this functionality, but it's grayed out. I recommend the use of a third-party utility called PartitionMagic.

    I've been an active PartitionMagic user for over a decade. PartitionMagic, developed by PowerQuest, was the first non-destructive, dynamic partitioning utility. What that means is that you can install PartitionMagic on any Windows computer and use it to create a new partition on your hard drive from the unused storage capacity on the drive. PartitionMagic will shrink your existing partition to a size you specify, create a new partition, assign it a drive letter, and format the new partition. And it will do all that without harming any of the data in your original partition. PartitionMagic, which Symantec purchased a few years ago, supports Fat32, NTFS, and a wide range of other file systems. There are many other disk-partitioning utilities that perform the same functions, and even a few that are free. I haven't tried them all, though. (I have used and like Paragon Software's Partition Manager.) For a list of other partitioning products, see this Wikipedia entry on disk partitioning.

    To install Vista smartly in a new partition, you need at least 20GB of free storage capacity. Create a new 15GB drive, and leave a minimum of 5GB free to your existing Windows installation. That will leave you a bit of room to install apps on your Vista partition. This configuration is fine for a temporary installation of Vista just to see what it's like. When you're done, delete the Vista partition and restore things as they were. If you plan to make this a long-term Vista installation and you're planning to move data over and install Office 2007 there, make it a 20GB or 25GB Vista partition. You also don't want to choke off the OS in your main volume or your ability to add new apps and data there. So leave at least 10GB free, and 15GB would be better. If you don't have 20GB to 40GB of hard disk space free, upgrade your drive capacity, clean install Vista on a different machine (wiping the drive), or use the virtual memory solution I detail later in this article.

    Partitioning Your Drive
    Start by making sure you've backed up all important data on your hard drive. Install PartitionMagic. Restart Windows. Run PartitionMagic. Select your main drive volume (your C: drive) and then from the Partition menu, choose Resize/Move. Use the slider to move the right edge of your main drive to the left, to reduce the size of your main drive. Then choose Partition > Create. Let Partition Magic assign the drive letter. Finally, choose Partition > Format, and format the new partition with NTFS (required for Vista Beta 2).

    Partition Magic carries out the changes you direct in batch mode. So, when you're done, click the Apply button in the Operations Pending area. PartitionMagic will need to restart your computer to carry out some of these operations, just let it do so. PartitionMagic wants you to create backup disks. I'll be frank, I don't do this. And I've never needed them. That doesn't mean you'll lead so charmed a life. If it's the first time you're using PartitionMagic, I recommend doing this.

    When your computer boots back into Windows, you should find a new drive in My Computer. Double check that you can open it.

    Your next step is to install Vista. You can either do this by booting to the Vista disc or just inserting the disc while your previous version of Windows is running. I find the second method to be a little faster, but not if you have to wait to boot your old version of Windows. The results are the same either way. Among the first several screens is one that asks you where you want to install Windows. Be sure to choose the partition whose drive letter matches the one you just created. Because that partition is empty, Vista will perform a clean installation.

    Dealing with the new Boot Loader
    What I'm about to describe is in a state of flux. And it's possible Microsoft will rectify this issue before Vista ships. The problem is this, when you attempt to remove a Vista beta from your system, some people have gotten into a situation where, after deleting the Vista partition, their computers continued to attempt to boot to Vista, which resulted in a dead-end in which no version of Windows boots.

    I wrote about this in greater detail based on my examination of the December 2005 CTP release of Vista in the January 2006 issue of the newsletter: Windows Vista Gets Harder to Multiboot?

    The underlying problem is that Microsoft has significantly changed the code that handles the boot menu in Vista. Under Windows XP, this is controlled by a simple text file called boot.ini, located in the root directory. Vista ignores this file, and creates its own more secure Vista boot registry database, called Boot Configuration Data (BCD). So far so good. But the tool Microsoft offers for editing the BCD, bcdedit.exe, is difficult to use.

    I will be covering this more in the future, but there are two solutions. The first solution is to merely delete the C:\Boot folder that Vista installs. It turns out that's a relatively easy proposition, so long as you start by setting the Vista boot loader's BCD to default to loading your Windows XP installation. Then you can boot into Windows XP, delete your Vista partition, then reboot Windows XP. After you reboot to XP, you should be able to delete the C:\Boot folder, completing the uninstall of dual-booted Windows Vista.

    Just to be clear, you should only attempt to delete the C:\Boot folder after you have deleted or wiped the Vista partition. Managing this process has become a bit easier with a third-party utility called VistaBootPro.

    Editing the BCD is a simple process with VistaBootPro. You can install and use it from Windows XP or Vista, and also Longhorn Server, Server 2003, and Windows 2000 Pro and Server. Among the many useful things it offers is the ability to disable and later re-enable the BCD. Although it doesn't actually delete the Boot folder, it does eliminate the problem I described above. The only hitch is that you have to do this after you delete Vista and before you restart your computer. Change the order, and even VistaBootPro can't help you. So, wouldn't it be nice if VistaBootPro came with its own boot disc? A 2.0 version of VistaBootPro is due out shortly. We'll see what new features it offers. But every Vista beta tester should have this tool. And it's currently free. VistaBootPro is a Scot's Newsletter "Program of the Month."

    Microsoft is also in the process of making changes to BCD and bcedit.exe, although it's not clear what changes it's making. For more information from Microsoft about BCD, see this FAQ.

    One key point to remember is that your Windows XP boot.ini file must remain in place so long as XP remains on your system. It controls XP's boot, while BCD controls Vista's boot. Editing the boot.ini file will have no effect on Vista, but it does impact the way XP boots, even with Vista installed.

    Installing Vista in a Virtual Machine
    If you've never tried a modern virtualization utility, you're in for a treat. Nowadays such utilities are very easy to use. They don't require gobs of RAM or disk space. And so long as they support ACPI (Advanced Configuration and Power Interface), they more than likely offer the ability to let you install and run Windows Vista Beta 2 in a virtual machine running from Windows XP.

    I'm a big fan of Parallels virtual utility for running Windows on a Macintosh. Parallels does an excellent job of that. But the Parallels Windows virtualization utility doesn't support ACPI, which is required by Vista. My favorite virtual utility under Windows is VMware Workstation 5.5.

    A virtual machine is a virtualized "computer" running as a separate instance. It has virtualized disk capacity, RAM, as well as a share of the CPU and I/O. Naturally, it also has its own operating system. Most modern virtualization utilities reduce the size of the disk space needed and expand drive space automatically as you add software and data. Most also let you manually reconfigure a virtual disk's storage capacity, RAM, and other particulars.

    What's especially nice about virtual machines is that you can leave them running. So, for example, you could be running Windows XP and have a virtual machine window running Vista, giving you ready access to both operating systems.

    For use with Vista, one of the shortcomings of virtualization utilities is that in order to be truly usable, they all provide a custom driver set that allows you to use your mouse seamlessly, copy and paste between the virtual machine and host operating system, display the virtual machine operating system's native screen resolution, and share the networking functionality of the host computer. (The VMware product refers to this driver set as the "VMware Tools.") Because Windows Vista isn't a finished product yet, no virtual machine product I've tried has a full and complete custom driver pack.

    VMware Workstation does a pretty good job of running Vista Beta 2. Some of the little extras of Vista don't show up with VMware, such as Vista's Aero graphics mode (at least in my tests). But works well enough in other regards. All in all, it's a very simple way to try out Vista without going through a lot of machinations.

    Now that you're armed with a little inside information, you're good to go on your testing of the next version of Windows.

    If there's one thing I've learned in my 15 years of testing Windows, it's that people come up with ingenious ways of working with beta software. If you think you've got another good way, perhaps a better way to install or work with Vista, why not tell me about it.


    Linux Explorer: Guarding Linux Against Rootkits
    By Bruno of Amsterdam

    Viruses, schmiruses. If you want something really scary to worry about on your Linux box, worry about rootkits. They are far more dangerous than a pesky virus. A rootkit is a toolkit typically installed by a cracker looking to gain access to information on your computer and any network it's attached to. Rootkits are self-hiding toolkits that are activated on system boot up. They typically go active before the operating system completes start up, so they can be difficult for the average antivirus scanner to detect.

    A rootkit is completely customized to the hacker who installs it. It may include trojans, viruses and other malware. Rootkits are also able to intercept data from network connections and the keyboard, to steal passwords and attack other computers. They can also alter log files and processes to hide their presence on your computer. For more information on rootkits, see Wikipedia.

    Many rootkits will be stopped by a decent firewall, but virus scanners are no protection against rootkits. Running a rootkit checker regularly is strongly recommended. It will scan for rootkits, backdoors, and local exploits.

    There are two tools I recommend: chkrootkit and rkhunter.

    IMPORTANT: The tips in this document require the use of command-line commands. For more information about how to read and execute Linux command-line prompts and commands, please check the Linux Clues Linux Cheat Sheet, especially Linux Prompt Basics and Linux Command-Line Nomenclature.

    chkrootkit is an easy to use tool and included with many distros. Log in as root and run:

    # chkrootkit

    For a reminder on how to log in as root, check the Linux Cheat Sheet at (the navigable, searchable companion site to Linux Explorer): Logging in and out as Root.

    If your distro hasn't installed it, download the latest chkrootkit.tar.gz.

    Then unzip it with this command:

    # tar -xvzf chkrootkit.tar.gz

    That extracts files into a folder called chkrootkit-0.46a (for the version we tested). Then type:

    # cd chkrootkit-0.46a

    Compile the program:

    # make sense

    You'll see in the terminal something like:

    gcc -DHAVE_LASTLOG_H -o chklastlog chklastlog.c
    gcc -DHAVE_LASTLOG_H -o chkwtmp chkwtmp.c
    gcc -DHAVE_LASTLOG_H -D_FILE_OFFSET_BITS=64 -o ifpromisc ifpromisc.c
    gcc -o chkproc chkproc.c
    gcc -o chkdirs chkdirs.c
    gcc -o check_wtmpx check_wtmpx.c
    gcc -static -o strings-static strings.c
    gcc -o chkutmp chkutmp.c

    From there you can run the chkrootkit:

    # ./chkrootkit

    In terminal, you should see something like:

    ROOTDIR is `/'
    Checking `amd'... not found
    Checking `basename'... not infected
    Checking `biff'... not infected
    Checking `chfn'... not infected
    Checking `chsh'... not infected
    Checking `cron'... not infected
    Checking `date'... not infected
    Checking `du'... not infected
    Checking `dirname'... not infected
    Checking `echo'... not infected
    Checking `egrep'... not infected
    Checking `env'... not infected
    Checking `find'... not infected
    Checking `fingerd'... not infected

    The actual list will be considerably longer, of course, covering all the files. If chkrootkit finds something it writes "INFECTED" to the log file. You may be able to restore the process that has been compromised, but you'll probably need to re-install the operating system. In severe cases you may need to wipe the hard disk and re-install.

    You could keep chkrootkit on your system and re-run it every week, but that's not good security. Chkrootkit doesn't prevent rootkits from being installed, it merely detects them after the fact. So a hacker could conceivably install a rootkit in between your scans. And any hacker worth his salt would be able to change the configuration to avoid chkrootkit's detection.

    Better security is to burn chkrootkit to a CD and run it from there next time. And for the most up-to-date protection, delete the chkrootkit directory after each scan, then download and compile a fresh copy of chkrootkit. It doesn't take long and that way you will be confident of a reliable scan.

    Big Game Hunting
    Another option for protection against rootkits is rkhunter. It does a bit more than just looking for rootkits. It performs a system-wide check for vulnerable files and dependencies on your system, including:

  • MD5 hash compare
  • Look for default files used by rootkits
  • Wrong file permissions for binaries
  • Look for suspected strings in LKM and KLD modules
  • Look for hidden files
  • Optional scan within plaintext and binary files

    The rkhunterinstall file is available as tarball. Complete download, decompress, and install instructions are available in the Rootkit Hunder FAQ.

    An RPM version for Mandrake/Mandriva is also available, maintained by a third party. Some distros (Slackware for example) also require "Perl-Digest-SHA1" for a successful install.

    You can find more installation tips from this thread on the Scot's Newsletter forums.

    Once installed, run the program by typing:

    # rkhunter -c --createlogfile

    Rkhunter runs its scans and writes results and tips to the log file.

    To ensure security of your system, don't rely on yourself to perform manual scans. Make rkhunter a daily cron job and have it mail you the scan results. To do that, type:

    # rkhunter --cronjob

    For more on cron jobs, see Taming the Cron Daemon on Linux Clues.

    Have fun securing your system.

    Most of the material found in Linux Explorer comes from Bruno of Amsterdam, lead moderator of the popular All Things Linux forum at Scot's Newsletter Forums. Bruno is helped by All Things Linux co-moderators Peachy, BarryB, and Teacher, as well as other forum members who have posted in the highly useful Tips for Linux Explorers thread (from which Linux Explorer and the site are adapted). All previous installments of this section of the newsletter can be found at, a service of Scot's Newsletter. For more from Bruno, please see his Tips for Linux Explorers website.

    Linux Explorer is edited by Cyndy and copyedited by Scot.


    Call for Contributions
    I've resisted this for quite a long while, but the time has come to take off my hat and ask regular readers of this newsletter — especially those who have not contributed recently (or heavily at any time) — to give something to help keep the newsletter going. Please offer what you can afford.

    The newsletter can accept contributions by check, cash, or PayPal. For instructions on contributing by check or cash, please read and print this document.

    To use PayPal, please read the document linked above first. If you're already a PayPal member, my PayPal address is:

    Please initiate your payment here.

    To sign-up to PayPal, please start here.

    Thanks in advance for your help. I will put it to good use for research of future Scot's Newsletters.


    Link of the Month:
    Take a trip over to, and very likely you will find something there that's a very good deal. It may not be the product you're looking for right at the moment, but if you frequent this website, eventually something you want to buy will be a bargain. Sometimes, it's a very, very hot find, indeed. But the best deals go fast. If you're looking for a bargain on computers, electronics, and other things besides, is a good bet. Not only does it find the deals, but it helps you walk through the sometimes arcane steps needed to make the price break appear in your Web browser. Just be sure you thoroughly read the fine print on any deal you find. Happy hunting!

    Have you discovered a relatively unknown, technology-prelated website that's a little amazing? Please send me the URL so I can check it out and let everyone know about it.


    Newsletter Schedule
    Scot's Newsletter is a monthly e-zine delivered by email. My aim is to send each issue near the first of each month.

    I had intended to take a month off this summer, but I've decided to postpone that, possibly until October. Currently the August issue is scheduled to mail around August 1. The actual timing of Microsoft's Vista RC1 could affect the schedule of a late summer or early fall issue of the newsletter. In other words, I might delay the arrival of an issue in order to write a first look of Vista RC1.

    You can always find out when the next issue of Scot's Newsletter is expected to appear by visiting the Scot's Newsletter home page.


    The Fine Print
    If you like this newsletter, I need your help spreading the word. Please tell your friends and co-workers, and encourage them to sign up! It's free.

    While you're at it, visit the new Scot's Newsletter Forums.

    Subscribe, Unsubscribe, Change Email Address or Message Format
    You can unsubscribe at any time; I don't believe in captive audiences. The website subscription center is the easiest way to manage your Scot’s Newsletter subscription. Changes take only a minute or two. You must select your message format — Text or HTML — even for address changes or unsubscribes. All subscription changes are now handled on the same page with a database-look-up feature that ensures greater accuracy:

    The Scot’s Newsletter Subscription Center:

    To help with the cost of creating and distributing the newsletter, I accept contributions via PayPal and Letter Mail. For more information on donations:

  • Sign-up for PayPal (if you don't already have it)
  • Option #1: Donate via PayPal
  • Option #2: Donate via Letter Mail

    Send comments, suggestions, or questions about this newsletter. Don't be bashful about telling me what you like or don't like. Send emails related to editorial content (only) to scot[@]

    Please address advertising inquires (only) to: sales[@]

    Sign-up for PayPal.

    Support this Newsletter by Donating Today.
    Or donate via Letter Mail.

    How to Link to Scot’s Newsletter

    Copyright © 2001-2007 Scot Finnie. All Rights Reserved.
    Ten Myths About Copyright Explained.