Operating Systems. Broadband. Issues. Info You Can Use.
September 2006 - Vol. 6, Issue No. 85
By Scot Finnie
In This Issue
- Windows Vista and XP Dual-Boot Issues
- Finally Going Gigabit
- Firefox 2.0 Beta 2
- All the Way on WGA
- Scot's Newsletter Living Documents
Right now I'm working on an upgrade installation test of Vista RC1 with a wide range of applications on a production machine. Very initial notes on that test are that Vista does not support utility software well at all. But mainstream business apps seem to work OK. More later when I've formed full conclusions.
Just as interesting as the new code were last week's formal announcement of Vista's pricing and the many ways in which RC1 will be distributed and tested.
Many SFNL readers tested Vista Beta 2, and because of that, I'm passing along some information that hasn't been generally reported about how you can get RC1. These bullet points also put information at your fingertips for testing RC1:
Windows Vista Pricing
Would you pay $400 retail for a full version of Windows Vista Ultimate? It's a lot to pay for your operating system. Here's the pricing as announced:
Vista Ultimate Full-install price: $399; Upgrade price: $259
Vista Business Full-install price: $299; Upgrade price: $199
Vista Home Premium Full-install price: $239; Upgrade price: $159
Vista Home Basic Full-install price: $199; Upgrade price: $99
As with other versions of Windows, the expectation is that you will be able to do a clean install with an upgrade DVD as long as you have the retail media for the previous version available at the time of Vista installation. The only previous versions of Windows that are upgradeable are Windows XP and Windows 2000. For more information about upgrade scenarios and limitations, see this Microsoft document: Upgrade Planning for Windows Vista.
The most important thing I want to say about pricing is that Windows Vista Home Basic is overpriced. In my opinion, Home Basic is even more hobbled than Windows XP Home. Don't buy a cheapo PC or notebook with Vista Home Basic on it.
The differences between Vista Business and Vista Home Premium don't amount to a $70 price delta. Of course, there are features in the Vista Business that some businesses just have to have. So Microsoft has them over a barrel. But if you're buying for yourself, and you don't use Remote Desktop Connection, get Vista Home Premium. On the other hand, if you can do without parental controls, Media Center functionality, Windows DVD Maker, and BitLocker full-volume encryption, Vista Business is a lot cheaper than Vista Ultimate. For what it's worth, I'll be using vista Ultimate.
The chart at the bottom of this Computerworld page gives a very good summation of the differences between the Vista versions.
Prior to Microsoft's pricing announcement, I had expected Vista Ultimate to be priced around $379, with the upgrade version being $239. That's all it's worth. The high pricing for Ultimate is disappointing. Even so, it's the version that most people reading this would probably prefer. If there's any version that might have considerably lower pricing on the street, it would be Ultimate though.
As you might imagine, I've spent a lot of time reviewing messages from over 300 readers who have tried F-Secure on my say so. I've also had two in-depth conversations with the folks at F-Secure. I've learned a lot, but here's the short form:
1. F-Secure is still tops. My determination that F-Secure Anti-Virus 2006 (not F-Secure Internet Security Suite 2006) is the best first-line-of-defense antivirus/anti-spyware product hasn't wavered. I'm still using it on my main PC. And I've received scores of messages from SFNL readers who've tried it and had no issues. Here's an example of one of those messages:
I wanted to give you some feedback on any issues regarding installation and application of F-Secure Antivirus. First of all, having used all of them, I completely agree with your assessments of the various antivirus programs. In particular Kaspersky, which is so good at catching even variants of malicious code, is just a pain to deal with. Anyway, I now use Nod32 and F-Secure on my PCs (not together on the same systems, mind you), and I like both programs. As for F-Secure, I had no problems installing the program or running it. My current installation includes F-Secure AV 5.44, F-Secure BackWeb 6.31, and F-Secure Management Agent 5.00. The package coexists with Spy Sweeper 5.0.7 (1608) and XoftSpy 4.29 without any apparent difficulties. It is true that no other antivirus products run on the system with F-Secure, so I can't comment on that scenario. Robert Long
I have many more like this. Most people who go along with F-Secure's limitations have no trouble with this software.
Also, for those who doubted F-Secure's security, take a look at the latest test results from AV-Comparative's August 2006 On-Demand Comparative. Check the "certification level" line to compare overall effectiveness of the tested products. F-Secure and Nod32 received the highest rating. This is just one test, but it happens to have been recently released.
2. Most reader problems were security software conflicts. More than 85% of the people who wrote me about problems with F-Secure experienced an antivirus conflict. In other words, they tried to install F-Secure when a product like Zone Labs' ZoneAlarm Antivirus had been previously installed and not removed from their systems. ZoneAlarm was by far and away the most common point of conflict with F-Secure.
Important: F-Secure has promised one way or another to resolve any problems that Scot's Newsletter readers have encountered with F-Secure Anti-Virus 2006. If you've had a problem with F-Secure, please send an email to this address, and be sure to include my name in the subject line:
Subject line: Scot Finnie
By sending your message this way, I've been told you'll bypass F-Secure's recently opened Malaysian tech support center and directly escalate to the U.S. support team.
I also sent 25 or so reader messages about problems I couldn't figure out solutions for to F-Secure. The company has promised to reach out to those readers to help them.
3. Don't forget Nod32. It seems to me that many people overlooked my recommendation of Eset's Nod32 as the second-best antivirus product in 2006. If you've read the entire series, you know that I went to great pains to detail my concerns about Nod32 2.5. I did that because I truly admire and trust the protective qualities of this little-known antivirus product. The combination of Nod32 and Webroot's Spy Sweeper is running on four of my computers. If you use Microsoft Outlook 2002 or 2003, or your computer is on a corporate network whose mail server is scanned on the server, I recommend Nod32 and Webroot's Spy Sweeper (version 5.0.7 or later) over F-Secure Anti-Virus 2006. If you use any email product but Outlook, Nod32 doesn't offer outbound scanning, but there is no risk to your computer in that. I'm not sanguine about that approach personally, because I strongly believe in outbound scanning, but it's our choice. Only if you use Qualcomm's Eudora email program have a specifically recommended that you give Nod32 a miss. Unfortunately, I use Eudora on my primary production computer, so that made Nod32 second fiddle for me.
4. About anti-spyware. F-Secure's anti-spyware protection is adequate as a first line of defense. Its real-time monitor stays out of your face, and it protects better than Microsoft's Windows Defender beta. Because of a spate of problems, I have crossed Windows Defender off my list and removed it from most of my computers. Even so, I keep additional anti-spyware products such as Spy Sweeper, Spyware Doctor, CounterSpy, SpywareBlaster, and Spybot in my security arsenal. On machines where I'm running F-Secure, they remain uninstalled but ready to be installed as needed.
5. Tech support is a problem. Despite remaining at the top of my recommended list, I am very disturbed about the quality of F-Secure's tech support, which I have tested personally over the last month. In a product category rife with poor tech support, F-Secure's support is among the worst I've come across. Its tech support is on par with Symantec, which is to say, very poor indeed.
What Is F-Secure Anti-Virus 2006?
F-Secure Anti-Virus 2006 uses the layered security approach to protecting your Windows or Linux PC. It combines four different security engines. Those engines are:
1. AVP - Kaspersky's antivirus engine
2. Orion - F-Secure's heuristic/behavioral engine
3. Draco - Lavasoft's Ad-Aware anti-spyware engine
4. Libra - F-Secure's signature/program-updates engine
F-Secure employs BackWeb, a technology provided by another company, as part of its signatures-and-program-updating system. According to F-Secure, F-Secure Anti-Virus 2006 also includes a version of the company's BlackLight rootkit protection.
The 2007 version of F-Secure Anti-Virus will arrive in late October (as will new versions from most consumer-oriented security software providers). F-Secure's Internet Security Suite 2007 will have additional security modules built into it, as may F-Secure Anti-Virus 2007. My selection of F-Secure Anti-Virus 2006 does not automatically extend to the 2007 version, by the way. But I will certainly be testing it and reporting on my findings.
F-Secure is currently offering a six-month free trial of F-Secure Anti-Virus 2006, as well as a discount on the 12-month license. Scroll to the bottom for the six-month trial.
Many readers got their copies of F-Secure from their ISPs. In most cases, those versions of F-Secure, which may have different names, are the Internet Security Suite, which includes a firewall and parental controls. In other words, more things to conflict with other security products on your system.
F-Secure and Antivirus Conflicts
As I've already written, F-Secure is more susceptible than most security products I've tested to conflicts with other security products. And sometimes the results are severe. But if you suspect that the company is using this as some sort of anticompetitive measure, you might want to think that through. That sort of strategy makes more sense for an established player, like McAfee or Symantec products that come pre-installed on many PCs. F-Secure's approach has been to distribute its software through ISPs, and in that setting, its software doesn't come pre-installed, and so it has to be extra careful about conflicts with other software.
When it comes to antivirus, this isn't just an F-Secure problem. You can run into severe conflicts with two AV products from any number of vendors. F-Secure takes the correct approach in declining to be installed when any other antivirus product is present. Where a lot of SFNL readers got into trouble was in attempting to disable an antivirus program and then installing F-Secure. While not every AV product reacts as strongly in that setting as F-Secure, one thing is quite sure: running two antivirus products simultaneously doesn't double your protection. In fact, it likely diminishes it. Two AV scanners are not better than one.
I have to insert a warning note about ZoneAlarm. Zone Labs has at least four different versions of ZoneAlarm, not including the free basic firewall (which by the way, is not very effective). I have reports of conflicts with F-Secure with all four of those paid versions, even though only two of them contain antivirus and three contain anti-spyware. Make ZoneAlarm and F-Secure an either-or proposition. Here's a ZoneAlarm version comparison chart
Of the three SFNL readers who initially reported severe problems with their F-Secure installations including one man who wound up bringing his computer to a repair shop all three have resolved those problems, and two opted to keep F-Secure. The machine that went to the repair shop was fixed the right way, by uninstalling the conflicting software.
Many other readers who ran into trouble with F-Secure, and who wrote to me, either figured out the problem on their own and resolved it, or were able to do so with my advice.
I didn't call for email messages in support of F-Secure, but in the end, I received at least as many messages from people who said they liked F-Secure and had no trouble with it than from those who had problems.
Bottom line: My goal in starting my antivirus search was to greatly reduce system resource usage and select a tool that quietly and competently resolves routine security problems while also offering protection when the, ah, stinky stuff hits the fan. The last thing I wanted to do was to replace Norton's overblown software for my own security cocktail of multiple security products that do the thing in some sort of wayward belt-and-suspenders approach to safeguarding my PCs.
So, let me say this again (to the tune of a politically incorrect George Thorogood and the Destroyers' song):
One antivirus, one anti-spyware, one firewall.
Having additional anti-spyware products at hand for manual scans is a smart move. But keep the lid on multiple background scanners. Otherwise, you might as well just use McAfee or Norton. (For more on my firewall recommendations, look elsewhere in this issue of the newsletter.)
Perhaps the biggest surprise to me is the number of anti-spyware products F-Secure Anti-Virus 2006 conflicts with. I asked a group of F-Secure execs about that, and they listed these conflicts:
There are more, though, that F-Secure's U.S. representatives probably aren't aware of. I've had numerous reports of conflicts of all versions of ZoneAlarm (including the three anti-spyware versions) and also one strong report of F-Secure insisting that Javacool Software's SpywareBlaster be uninstalled before it will run. (Although, I personally have had no trouble with SpywareBlaster and F-Secure running together.) The F-Secure developers seem to have taken the approach that anti-spyware products cannot and should not coexist, so the installation routine often identifies other security products and tells you to uninstall them. You can sometimes re-install the other products after you install F-Secure.
This is F-Secure's single biggest faux pas, and it's something I'd like to see the company change. I believe F-Secure may be overreacting on the anti-spyware front primarily in an effort to cut back on anticipated tech support costs especially for its ISP distributors.
It doesn't get much worse than this. In a product that purportedly doesn't include firewall functionality (which is reserved for the more expensive F-Secure Internet Security 2006), conflicts with firewalls are not what you'd expect. F-Secure seems a bit conflicted on this point, because while company execs tell me that there are no conflicts with firewalls, F-Secure's tech support has repeatedly told me and others that products like ZoneAlarm the firewall conflict with F-Secure.
Great, so here's a product that doesn't have a full firewall in it that conflicts with other firewalls. How smart is that? Not smart.
The reality is that I've tested F-Secure with both Kerio and Comodo running, and it works fine with those firewall products. When security products get more complex, as do both ZoneAlarm and F-Secure (at least in some of their versions), they may conflict.
But there can be no doubt that conflicts between F-Secure and other security products are more common.
If this bugs you, use Nod32. Its tendencies are the opposite; it's hugely tolerant of other security products.
My considered advice on this subject is to start by choosing a hardware firewall of some sort, and then layer in a software firewall on every machine. This combination maximizes your protection and also provides you the most flexibility and convenience.
Firewall routers for home use are not expensive. Most are available in 1, 4, or 8-port switch combinations, with the 4-port models selling for as little as $25 with rebates. The average price is in the $50 range.
Generally speaking, the weakness of these low-cost products has to do with issues with firmware and tech support. If you're a heavy broadband user, you may also find that you'll burn these things out quickly. A good tip to remember is that you power off your router for a few minutes every once in a while to reset them. Update firmware when you have a problem, but review the firmware notes on the company's website every once in a while to make sure you're not experiencing something that might be fixed by a firmware update.
Opting for a gigabit router brings you a bit more reliability as well as gigabit networking functionality for gigabit-equipped computers connected to the router. It offers zero improvement for your broadband throughput.
The popular products sold in this category from makers like D-Link, Linksys, and Netgear all offer Network Address Translation (NAT) and Stateful Packet Inspection (SPI), which, when combined, provide Internet stealthing and inbound firewall protection.
Firewall routers generally provide no outbound protection, or they may offer outbound protection that's far less convenient to configure than that of a well-designed software firewall.
I'm currently using the first product on the list below, a wired D-Link home-user-level firewall router. It's been working for me for three years or so without a single problem. There are wireless versions of several of these products, although I prefer a wired router with wireless access points.
Recommended Firewall Routers
For Home Use, in the $25-$60 Range:
Gigabit Firewall Routers in the $110-$125 Range:
Software Firewalls and Outbound Protection
This test grid shows the results of a long list of firewalls tested on a wide variety of outbound leak tests. It provides an interesting set of data that's worth a look. (Note: Scroll to bottom and click "View Tests.")
While it's only one aspect of firewall protection, outbound blocking is especially important because hardware firewall routers aren't the best tools for outbound protection. You want a software firewall that evaluates inbound and outbound transmissions, catches potential security threats, and makes it easy to make temporary or permanent decisions about outbound transmissions from applications and services.
I'm also big on the ability to configure networks so they work, without having to constantly tend them. Windows networking is bad enough as it is; any software firewall that gets in the way of basic networking functionality will not last long in my environment and shouldn't in yours. No one should become a slave to their firewall.
With that introduction, here are some of the firewalls I'm currently planning to evaluate in this long-term test:
People who've been around the block may wonder why I'm leaving out the best old-guard products, including ZoneAlarm, Norton Personal Firewall, and Sygate Personal Firewall. Well, here's why.
Like my antivirus test, this one aims at getting a lowest-common-denominator product, not one that's bloatware. So I'm looking for a product that focuses on being a software firewall, not a whole bunch of other stuff. I'm fed up with jack-of-all-trades security software that masters none.
So that lets out all the Internet security suites, including all four of the paid versions of ZoneAlarm. ZoneAlarm's free basic firewall hasn't been significantly updated in a long time. All those glowing reviews of ZoneAlarm's firewall have been focused on one of the four paid versions of ZoneAlarm. The few tests I've examined that have tested the free ZoneAlarm have found it wanting. Zone Labs' product page makes it clear that two out of the three firewalls components are missing from the free version of its firewall.
I recently looked at Norton Personal Firewall again, both on a corporate network and on my home network. The product hasn't kept pace with the rest of the field. Its most annoying aspect is that it prompts over and over again for the same DHCP network because you're dynamically assigned a new IP address. It's also difficult to find the settings, which are buried in several different locations. It's not worthy. So what's wrong with Sygate? Nothing, really. It's always been a great basic firewall aimed at more experienced users who understand how to configure a firewall. The only problem is that Symantec bought Sygate, so the product is no longer supported.
That said, there are many other lesser-known software firewalls out there. If you've got one you think I should consider, let me know. But be advised, I'm also looking for *why* you think a specific software firewall is great. Can you offer a link to a test or review that says so? Can you describe why you like it? Tell me what firewall you like and why
I will share with you that I've looked at Comodo and Kerio so far. Over the past four weeks, I must have received 50 recommendations for Comodo. But so far, I don't see why. It reminds me of Norton Personal Firewall. It's very noisy, always popping up boxes, repeatedly even when I tell it to remember settings. In one browsing session with Firefox, I had to say "Yes, let it work and remember this" eight or nine times. And I had trouble networking with Comodo; its settings for allowing networking were tough to configure.
Feel free to write me about why Comodo is so good. I know that Neil Reubenking over at PC Magazine loved it. What I want to know is what *you* think though.
I like Kerio a lot better, but it may have some opposite problems. It may not be fully set up to protect you by default, which is something of a firewall no-no. Also, people who use DHCP to assign IP addresses to printers on their networks have reported printing troubles with Kerio. The user interface is terrific though. It's more like ZoneAlarm, the software I used to prefer. And I had no difficulty configuring it.
I'll be looking at LooknStop and Jetico next. Outpost may be too multifunction for my tastes, since it includes anti-spyware functionality. But Agnitum is working on a new version, so I'll wait for it and give it a shot. Tiny Personal Firewall was purchased by Computer Associates last year and hasn't been updated since. I've been running it on my 64-bit Windows x64 machine for about a year, since Tiny offered one of the earliest x64 firewalls. I like it, but don't use that machine frequently.
Have You Considered Advertising in Scot’s Newsletter?
It’s a great way to support the newsletter, while getting something back in return.
For more information, please review our online rate card or contact us by email.
One thing I can tell you, this isn't going to change with Vista's launch. This is a permanent issue.
Finally Going Gigabit
What do you do when your "home" network uses a 24-port switch and all the ports are filled?
It was time to go gigabit. I got tired of pushing files around my network at 100Mbps. My mail store, documents, and other user data on my primary computer amount to almost 10GB. You do the math. Backing up has been an overnight job for a long time. One day several weeks ago I finally snapped. Luckily I installed Cat5e when I wired my house for Ethernet over five years ago. Now I wish it was Cat6, but I'll take Cat5e.
I started with an enterprise-class 24-port Gigabit switch from Linksys. It's noisy, two of the ports are dead, and the thing is huge. So I know I'll wind up replacing it sooner rather than later. But for now, it's going to do. Then I bought two Linksys 5-port gigabit switches. I also picked up some gigabit NICs for three of the four desktops I'm still using. And one of my newer notebooks, the Dell Inspiron E1505, came with a 100Mbps NIC, so I'll grab a gigabit PC Card NIC at some point.
So far, we've done the easy part. The hard part, it turns out, has been the ongoing process of weeding out all the Cat5 patch cables I've been using all over the place, replacing them with Cat6 patch cable, and running new wires all over the place.
The advantage was instantly apparent, even before I got everything completely worked out. I had an urgent need to back up my main computer after a scare, and I was able to do the whole job while drinking a cup of coffee one morning.
That was one satisfying cup of joe, let me tell ya.
One last bit isn't absolutely necessary, but I'm going to replace my 4-port firewall router with a gigabit firewall router too.
Firefox 2.0 Beta 2
Firefox 2.0 Beta 2 has been available for a while. Mozilla's Firefox 2 Beta 2 release notes provide information on what's new and the download link. Remember: Don't install Firefox 2.0 Beta 2 over your production Firefox 1.x or 1.5x installation. If you're not sure how to manage your user profile, hold off on the betas. It'll be final in the relatively near future. This FAQ on Firefox user profiles may help you get up to speed.
All the Way on WGA
Last month I sent out a special issue notifying you that I had discovered that Microsoft's Knowledgebase article about how to remove WGA Notifications, as well as added parts in my original article on the subject, removed both halves of WGA, WGA Validation and WGA Notification. There was no profound downside to following those directions. The next time you used Microsoft Update or Windows Update, WGA Validation would be offered to you. If you took it, you would have WGA Validation, but not WGA Notifications, installed on your system.
But what if you want to remove WGA Validation too? As long as you realize that you can never again use Microsoft Update, Windows Update, or download many items from any of Microsoft's Download pages such as Windows Defender and Windows Media Player the simple solution is to remove the LegitCheckControl.dll file. Microsoft tells you how to do that (Steps 5 and 8) in this KB article under the Manually Uninstall WGA Notifications subhead.
Note: Despite the words in the subhead of the Microsoft KB article, these instructions remove both WGA Validation and WGA Notification. My instructions, which have been updated several times for accuracy and completeness, remove WGA Notifications only.
Scot's Newsletter Living Documents
Every Scot's Newsletter reader should be aware that I treat some stories in Scot's Newsletter, such as the WGA article, as being works in progress. I can't update the stories in the copies of the newsletter already sent to your inbox, but I can update the website version. Something like half a dozen articles a year get this treatment. Whenever it happens, you'll see a "Last updated" date under the article headline.
In general, I think my subscribers should be more aware of this. When I'm writing about something that's emerging or evolving, or it involves a set of instructions, I urge you to check the website edition of the newsletter especially if you're looking at your mailed copy of the newsletter several days, weeks, or months after it was sent.
Some of my best content arises from the "living document" approach to updating them. For example, the Best Firefox Extensions and Customizing Tips living document which is due for an update offers my tried-and-true set of extensions and Firefox customizing tips. It started out as a simple how-to document in the newsletter that I decided to update, partly for personal use, and it has become a reference work on the Internet.
Usually when living documents elevate to this level, I add them to the "Best Of" page on the Scot's Newsletter website, which you can check out here:
Make sure, in particular, that you view this Jeff Han demo given at the Technology Entertainment Design conference held in February 2006. (Thanks to Chris Smith for sending in this link.)
Han, a consultant in the department of computer science at NYU, is part of a crop of pioneers dreaming up starting points for the computer interfaces of the future.
This earlier video, Multi-Touch Sensing through Frustrated Total Internal Reflection, shows the evolution.
Check out other stuff on Han's NYU home page.
It's going to make you think about where we might all be going.
Have you discovered a relatively unknown, technology-related website that's a little amazing? Please send me the URL so I can check it out and let everyone know about it.
Scot's Newsletter will not be published in the month of October, since I'll be taking a much needed late summer/early autumn vacation. The newsletter will return for November.
You can always find out when the next issue of Scot's Newsletter is expected to appear by visiting the Scot's Newsletter home page.
The Fine Print
If you like this newsletter, I need your help spreading the word. Please tell your friends and co-workers, and encourage them to sign up! It's free.
While you're at it, visit the new Scot's Newsletter Forums.
Subscribe, Unsubscribe, Change Email Address or Message Format
You can unsubscribe at any time; I don't believe in captive audiences. The website subscription center is the easiest way to manage your Scot’s Newsletter subscription. Changes take only a minute or two. You must select your message format Text or HTML even for address changes or unsubscribes. All subscription changes are handled on the same page with a database-look-up feature that ensures greater accuracy:
The Scot’s Newsletter Subscription Center:
To help with the cost of creating and distributing the newsletter, I accept contributions via PayPal and by check via conventional letter mail. For more information on donations:
Send comments, suggestions, or questions about this newsletter. Don't be bashful about telling me what you like or don't like. Send emails related to editorial content (only) to scot[@]scotfinnie.com/snl.
Please address advertising inquiries (only) to: sales[@]scotfinnie.com/snl
How to Link to Scot’s Newsletter
Copyright © 2001-2007 Scot Finnie. All Rights Reserved.
Ten Myths About Copyright Explained.
You are subscribed to Scot's Newsletter HTML EDITION as: $subst('Recip.EmailAddr')