> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a tiger?)
> What's your modus operandi before downloading/ installing a program?
> What checks do you make? What order do you make them in? IMO (YMMV) the
> first order of business is to find out about the author. If they are
> well known and trusted little additional checking is needed. . .
> I think this subject might make a nice web page - a guide for newbies to
> the wonderful world of Freeware - perhaps organized somewhat along these
> lines:
> 1. investigating the author
> a)
> b)
> c)
> 2. investigating the program
> a)
> b)
> c)
I usually check the program and it's authour out on the slelect few
download sites that I trust, NoNags, SnapFiles, PricelesswareHome, and
John Hood's Best of Freeware. I may also investigate a freeware program
that has gotten a very good review in PC Utilities Magazine or PC World
Magazine.
The posting of adware, spyware, and other malware in this group (some,
but not all, of it by Tramp) has meant that I won't uncatagorically
trust the opinions offered in this group. If I find something
interesting posted here I will check it out on one of the above web sites.
> 3. protecting your existing computer set-up
> a)
> b)
> c)
I don't expect others to protect my computer from viruses and malware,
so I run my own virus and anti-spyware scans prior to installation. I
would also recommend that those using Windows ME or XP create a restore
point with System Restore prior to installation. It is also a good idea
to use a tool like Total Uninstall to monitor the installation.
> 4. recovering from disaster
> a)
> b)
> c)
Disaster recovery shouldn't be necessary if you followed the above. If
it does become necessary then you will have the options of doing an
uninstall with Total Uninstall or rolling back your OS.
> ISTM a guide should hi-lite the most importants steps and of course the
> simpler the procedures are the more likely people are to actually
> implement them.
The above isn't perfect, but it should at least reduce the number of
problems some people have with freeware.
> Please climb on your soapboxes and offer your words of wisdom. Tidbits
> of advice or essays on the whole process. . .
> TIA :)
> Susan
3
Date: Mon, May 22 2006 4:03 pm
From: Susan Bugher
bIGGy wrote:
> * Susan Bugher:
>> Software is a "black box" - a door that's waiting to be opened. What's
>> the best way to find out what's behind the door? (Is it a lady or a
>> tiger?)
> I usually check the program and it's authour out on the slelect few
> download sites that I trust, NoNags, SnapFiles, PricelesswareHome, and
> John Hood's Best of Freeware. I may also investigate a freeware program
> that has gotten a very good review in PC Utilities Magazine or PC World
> Magazine.
I'm not sure which sites *test* apps or what they test for (I know
Softpedia tests for Malware). . . be nice if we could spell out who
tests what. . . maybe link to a page with that info if there is one. . .
PLEASE NOTE: the Pricelessware List is a *recommendation* - the ACF list
most emphatically is NOT - some of those programs have only been
*mentioned* in ACF - and opinion may be divided on those that have been
discussed. Google the newsgroup archives to see what was posted. When
there is a consensus that an app is bad it may "earn" ;) a NR (not
recommended) notation on the ACF pages - NR is pretty much reserved for
the worst of the worst).
> The posting of adware, spyware, and other malware in this group (some,
> but not all, of it by Tramp) has meant that I won't uncatagorically
> trust the opinions offered in this group. If I find something
> interesting posted here I will check it out on one of the above web sites.
> I don't expect others to protect my computer from viruses and malware,
> so I run my own virus and anti-spyware scans prior to installation. I
> would also recommend that those using Windows ME or XP create a restore
> point with System Restore prior to installation. It is also a good idea
> to use a tool like Total Uninstall to monitor the installation.
> The above isn't perfect, but it should at least reduce the number of
> problems some people have with freeware.
Good advice. Thanks. :)
re organizing this topic. . . ISTM the questions people ask (or
*should* ask) about using free apps are something like this:
Is it really free? Are there any strings attached?
Is it safe (not Malware/Spyware etc.)?
Is it good/useful?
Will installing it harm my computer?
ISTM it would be nice if we could tell them how/where to find the
answers. . .
Susan
4
Date: Mon, May 22 2006 7:55 pm
From: The Six Million Dollar Man
> I'm not sure which sites *test* apps or what they test for (I know
> Softpedia tests for Malware). . . be nice if we could spell out who
> tests what. . . maybe link to a page with that info if there is one. . .
NoNags and Snapfiles both test their software, and assign easy to
understand ratings. John Hood also tests the software on his pages, but
has a much more limited variety.
> PLEASE NOTE: the Pricelessware List is a *recommendation* - the ACF list
> most emphatically is NOT - some of those programs have only been
> *mentioned* in ACF - and opinion may be divided on those that have been
> discussed. Google the newsgroup archives to see what was posted. When
> there is a consensus that an app is bad it may "earn" ;) a NR (not
> recommended) notation on the ACF pages - NR is pretty much reserved for
> the worst of the worst).
Thank you for that clarification. I did ofcourse mean to say that I
trust the results of the annual Pricelessware selection that appears on
the PricelesswareHome page.
> Is it really free? Are there any strings attached?
> Is it safe (not Malware/Spyware etc.)?
> Is it good/useful?
> Will installing it harm my computer?
> ISTM it would be nice if we could tell them how/where to find the
> answers. . .
> Susan
5
Date: Mon, May 22 2006 12:23 pm
From: Al Klein
On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher
wrote:
>Software is a "black box" - a door that's waiting to be opened. What's
>the best way to find out what's behind the door? (Is it a lady or a tiger?)
>What's your modus operandi before downloading/ installing a program?
Everyone's MO is going to be different. I have a few spare boxes
(different OSs) that I try unknown downloads on. Not everyone has a
spare computer, though.
I also depend on what I read in acf - if enough people in whom I have
some trust pan a program, I don't waste my time downloading it.
6
Date: Mon, May 22 2006 4:11 pm
From: Susan Bugher
Al Klein wrote:
> On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher
> wrote:
>>Software is a "black box" - a door that's waiting to be opened. What's
>>the best way to find out what's behind the door? (Is it a lady or a tiger?)
>>What's your modus operandi before downloading/ installing a program?
> Everyone's MO is going to be different. I have a few spare boxes
> (different OSs) that I try unknown downloads on. Not everyone has a
> spare computer, though.
> I also depend on what I read in acf - if enough people in whom I have
> some trust pan a program, I don't waste my time downloading it.
Sure, but *somebody* has to go first ;) and ISTM there's often a certain
reluctance to do that - perhaps because people don't know how to do it
safely. . . Where/how to start and what precautions to take is the
topic under discussion.
Susan
7
Date: Mon, May 22 2006 4:04 pm
From: m...@invalid.com"
Susan Bugher wrote in news:4de4sbF1a27svU1
@individual.net:
> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a
tiger?)
> What's your modus operandi before downloading/ installing a program?
> What checks do you make? What order do you make them in? IMO (YMMV) the
> first order of business is to find out about the author. If they are
> well known and trusted little additional checking is needed. . .
> I think this subject might make a nice web page - a guide for newbies to
> the wonderful world of Freeware - perhaps organized somewhat along these
> lines:
> 1. investigating the author
Here, I try to use trusted websites, sometimes a really interesting program
is a one-of from an unknown.
> 2. investigating the program
Desirable if someone else here has commented on it.
> 3. protecting your existing computer set-up
I try to only use no-installs, run AV check before unzipping. If a setup
file, I run it on another trial computer, copy the executable back to my
main box.
> 4. recovering from disaster
Long subject.
> ISTM a guide should hi-lite the most importants steps and of course the
> simpler the procedures are the more likely people are to actually
> implement them.
> Please climb on your soapboxes and offer your words of wisdom. Tidbits
> of advice or essays on the whole process. . .
> TIA :)
Gradually, I find I am using less new programs, always a risk, if an older
program does my job.
Good topic, thanks, Susan.
Mike Sa
8
Date: Mon, May 22 2006 4:24 pm
From: Susan Bugher
m...@invalid.com wrote:
> Susan Bugher wrote in news:4de4sbF1a27svU1
> @individual.net:
> Here, I try to use trusted websites, sometimes a really interesting program
> is a one-of from an unknown.
dunno what your definition of "trusted websites" is. Could you expand a
bit on that?
Susan
9
Date: Tues, May 23 2006 11:49 am
From: m...@invalid.com"
Susan Bugher wrote in
news:4dekifF19raklU1@individual.net:
> m...@invalid.com wrote:
>> Susan Bugher wrote in news:4de4sbF1a27svU1
>> @individual.net:
>> Here, I try to use trusted websites, sometimes a really interesting
>> program is a one-of from an unknown.
> dunno what your definition of "trusted websites" is. Could you expand a
> bit on that?
> Susan
ACF of course, Nils Sofer, Steve Burn, Mark Russinovich, Pablo VanMeer,
...they come immediately to mind.
Mike Sa
10
Date: Tues, May 23 2006 12:50 pm
From: Susan Bugher
m...@invalid.com wrote:
> Susan Bugher wrote in
> news:4dekifF19raklU1@individual.net:
>>m...@invalid.com wrote:
>>>Here, I try to use trusted websites, sometimes a really interesting
>>>program is a one-of from an unknown.
>>dunno what your definition of "trusted websites" is. Could you expand a
>>bit on that?
> ACF of course, Nils Sofer, Steve Burn, Mark Russinovich, Pablo VanMeer,
> ...they come immediately to mind.
Thanks Mike. ISTM "trusted author" is a pretty good guide.
Susan
11
Date: Mon, May 22 2006 4:38 pm
From: MLC
lunedì 22 maggio 2006 Susan Bugher ha scritto:
> What's your modus operandi before downloading/ installing a program?
> What checks do you make? What order do you make them in?
First, I check if the program was never mentioned here in acf (I use a
bookmarklet to automatize this search in Google) and read what was written
about it. Sometimes I search also other users reviews on the web.
If I decide to download and install it, I make a registry backup with Erunt
and monitor the install with Total Uninstall.
Then I look closely at the registry entries (especially at the changes, if
they can be dangerous for other programs, or I don't like them...) and at
the RAM used by the new running program, because I prefer not bloated
software.
Passed these tests I'll keep it, otherwise I uninstall it immediately with
TUN, and only if needed I restore the registry with Erdnt.
That's all from my soapbox ;-)
12
Date: Mon, May 22 2006 5:16 pm
From: Susan Bugher
MLC wrote:
> lunedì 22 maggio 2006 Susan Bugher ha scritto:
> First, I check if the program was never mentioned here in acf (I use a
> bookmarklet to automatize this search in Google) and read what was written
> about it. Sometimes I search also other users reviews on the web.
Hi Maria,
Could you be specific about what you search *for* when you're trying to
locate posts about a program? (I've seen a lot of reviews/
recommendations that don't include the program's name. . .
Susan
13
Date: Mon, May 22 2006 6:17 pm
From: MLC
lunedì 22 maggio 2006 Susan Bugher ha scritto:
> Hi Maria,
> Could you be specific about what you search *for* when you're trying to
> locate posts about a program? (I've seen a lot of reviews/
> recommendations that don't include the program's name. . .
Uhmm, I search for the program name and read the thread.
I can miss some reviews, but I think it's unlikely to have an entire thread
with the name never mentioned.
14
Date: Mon, May 22 2006 7:29 pm
From: Susan Bugher
MLC wrote:
> lunedì 22 maggio 2006 Susan Bugher ha scritto:
>>Hi Maria,
>>Could you be specific about what you search *for* when you're trying to
>>locate posts about a program? (I've seen a lot of reviews/
>>recommendations that don't include the program's name. . .
> Uhmm, I search for the program name and read the thread.
> I can miss some reviews, but I think it's unlikely to have an entire thread
> with the name never mentioned.
It's been known to happen ;) AND authors often use several name
variations for the same program - between those problems and spelling
mistakes if you only try *one* spelling for the program name I think
it's *very* easy to miss posts/threads about an app.
FWIW - the results of an ACF archive search I just did for a well known app:
zonealarm
Results 1 - 100 of 2,230 for "zonealarm"
zone alarm
Results 1 - 100 of 1,430 for "zone alarm"
If name searches don't work an additional search for the home page URL
may bring up something new. . .
Results 1 - 100 of 191 for "www.zonelabs.com"
FWIW - if you find an app on the ACF pages and can't find *any* ACF
posts/threads - as a last resort feel free to ping me (I usually save at
least one ACF post about each app).
Susan
15
Date: Tues, May 23 2006 2:58 am
From: MLC
martedì 23 maggio 2006 Susan Bugher ha scritto:
> FWIW - if you find an app on the ACF pages and can't find *any* ACF
> posts/threads - as a last resort feel free to ping me (I usually save at
> least one ACF post about each app).
Thak you Susan, you'll be my second Google ;-D
--
Maria Luisa C - 23/05/2006 8.58.01
He was dull in a new way, and that made many think him great.
Samuel Johnson
16
Date: Tues, May 23 2006 9:55 am
From: Susan Bugher
MLC wrote:
> martedì 23 maggio 2006 Susan Bugher ha scritto:
>>FWIW - if you find an app on the ACF pages and can't find *any* ACF
>>posts/threads - as a last resort feel free to ping me (I usually save at
>>least one ACF post about each app).
> Thak you Susan, you'll be my second Google ;-D
:) FWIW I'm *supersensitized* to name variations because I do so much
checking re the ACF pages - I use several searches to see if apps are
*already* listed. That's fairly simple - digging info out of the ng
archives is much harder.
Susan
17
Date: Mon, May 22 2006 5:22 pm
From: philo"
Susan Bugher" wrote in message
news:4de4sbF1a27svU1@individual.net...
> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a
tiger?)
> What's your modus operandi before downloading/ installing a program?
> What checks do you make? What order do you make them in? IMO (YMMV) the
> first order of business is to find out about the author. If they are
> well known and trusted little additional checking is needed. . .
I have quite a few older computers here with no real value...
If some software comes out that I'd not want to test on one of my good
machines...
I try it on one of my old junkers...
If worst comes to worst...I can just format the drive and reinstall the OS.
Heck...out of curiosity I even tried one of those free AOL cd's...
and can assure you that you DO NOT...want to even try one.
There is NO way to cancel out once you start
18
Date: Mon, May 22 2006 1:57 pm
From: El Gee
Susan Bugher wrote in
news:4de4sbF1a27svU1@individual.net:
> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a
> tiger?)
> What's your modus operandi before downloading/ installing a program?
> What checks do you make? What order do you make them in? IMO (YMMV)
> the first order of business is to find out about the author. If they
> are well known and trusted little additional checking is needed. . .
> I think this subject might make a nice web page - a guide for newbies
> to the wonderful world of Freeware - perhaps organized somewhat along
> these lines:
> 1. investigating the author
> a)
> b)
> c)
> 2. investigating the program
> a)
> b)
> c)
> 3. protecting your existing computer set-up
> a)
> b)
> c)
> 4. recovering from disaster
> a)
> b)
> c)
> ISTM a guide should hi-lite the most importants steps and of course
> the simpler the procedures are the more likely people are to actually
> implement them.
> Please climb on your soapboxes and offer your words of wisdom. Tidbits
> of advice or essays on the whole process. . .
> TIA :)
> Susan
1) check out the software / author on reputible sites
2) install on a non-networked spare box
3) virus check
4) spyware chceck
5) phone home check
JMHO / YMMV
19
Date: Wed, May 24 2006 3:44 pm
From: Susan Bugher
El Gee wrote:
>>ISTM a guide should hi-lite the most importants steps and of course
>>the simpler the procedures are the more likely people are to actually
>>implement them.
>>Please climb on your soapboxes and offer your words of wisdom. Tidbits
>>of advice or essays on the whole process. . .
> 1) check out the software / author on reputible sites
> 2) install on a non-networked spare box
love this suggestion but. . .
What OS are you talking about?
Is this workable for Windows XP users?
> 3) virus check
> 4) spyware chceck
> 5) phone home check
> JMHO / YMMV
Susan
20
Date: Wed, May 24 2006 4:34 pm
From: El Gee
Susan Bugher wrote in
news:4djr0gF19ep2mU1@individual.net:
> El Gee wrote:
>>>ISTM a guide should hi-lite the most importants steps and of course
>>>the simpler the procedures are the more likely people are to actually
>>>implement them.
>>>Please climb on your soapboxes and offer your words of wisdom.
>>>Tidbits of advice or essays on the whole process. . .
>> 1) check out the software / author on reputible sites
>> 2) install on a non-networked spare box
> love this suggestion but. . .
> What OS are you talking about?
> Is this workable for Windows XP users?
>> 3) virus check
>> 4) spyware chceck
>> 5) phone home check
>> JMHO / YMMV
> Susan
This is the process I use for WinXP. On linux, there is little to worry
about, but I do install it on a test box...just in case.
21
Date: Wed, May 24 2006 5:42 pm
From: Susan Bugher
El Gee wrote:
> Susan Bugher wrote in
> news:4djr0gF19ep2mU1@individual.net:
>>El Gee wrote:
>>>2) install on a non-networked spare box
>>love this suggestion but. . .
>>What OS are you talking about?
>>Is this workable for Windows XP users?
> This is the process I use for WinXP.
Does that mean you have more than one license for XP?
Susan
22
Date: Thurs, May 25 2006 9:07 am
From: El Gee
Susan Bugher wrote in
news:4dk1trF1ah490U1@individual.net:
> El Gee wrote:
>> Susan Bugher wrote in
>> news:4djr0gF19ep2mU1@individual.net:
>>>El Gee wrote:
>>>>2) install on a non-networked spare box
>>>love this suggestion but. . .
>>>What OS are you talking about?
>>>Is this workable for Windows XP users?
>> This is the process I use for WinXP.
> Does that mean you have more than one license for XP?
> Susan
No, I have licenses for Win98, Win2K and WinXP. MOST things that are
safe on Win2k work on WinXP. If they are different, I take them to work
and test them on test boxes there...off the network.
23
Date: Mon, May 22 2006 6:16 pm
From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>
On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher
wrote:
>What's your modus operandi before downloading/ installing a program?
>What checks do you make? What order do you make them in? IMO (YMMV) the
>first order of business is to find out about the author. If they are
>well known and trusted little additional checking is needed. . .
Nothing special; my antivirus checks software while downloading, I
have System restore switched ON, I have firewall which tells me if
software wants to visit some site, always work (and install software)
as power user, so it can't mess up my system files (there are few
exceptions, but filemanager or archiver doesn't really have to need
admin rights for installation), using Total Uninstall for monitoring,
and most important, a bit of inteligence.
Most important thing is, as I see it, regular updating and NOT WORKING
as Administrators (or root) on computers. There is no need for that.
You can install about 95% of everything as Power user, and no messing
up system files.
Ivan.
24
Date: Wed, May 24 2006 3:50 pm
From: Susan Bugher
Ivan Tisljar wrote:
> On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher
> wrote:
>>What's your modus operandi before downloading/ installing a program?
>>What checks do you make? What order do you make them in? IMO (YMMV) the
>>first order of business is to find out about the author. If they are
>>well known and trusted little additional checking is needed. . .
> Nothing special; my antivirus checks software while downloading, I
> have System restore switched ON, I have firewall which tells me if
> software wants to visit some site, always work (and install software)
> as power user, so it can't mess up my system files (there are few
> exceptions, but filemanager or archiver doesn't really have to need
> admin rights for installation), using Total Uninstall for monitoring,
> and most important, a bit of inteligence.
> Most important thing is, as I see it, regular updating and NOT WORKING
> as Administrators (or root) on computers. There is no need for that.
> You can install about 95% of everything as Power user, and no messing
> up system files.
Thanks Ivan. Which OS does that advice apply to?
Susan
25
Date: Wed, May 24 2006 4:00 pm
From: Helen" <@abuse.roman.gov>
Susan Bugher wrote:
> Ivan Tisljar wrote:
>> On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher
>> wrote:
>>> What's your modus operandi before downloading/ installing a program?
>>> What checks do you make? What order do you make them in? IMO (YMMV)
>>> the first order of business is to find out about the author. If
>>> they are well known and trusted little additional checking is
>>> needed. . .
>> Nothing special; my antivirus checks software while downloading, I
>> have System restore switched ON, I have firewall which tells me if
>> software wants to visit some site, always work (and install software)
>> as power user, so it can't mess up my system files (there are few
>> exceptions, but filemanager or archiver doesn't really have to need
>> admin rights for installation), using Total Uninstall for monitoring,
>> and most important, a bit of inteligence.
>> Most important thing is, as I see it, regular updating and NOT
>> WORKING as Administrators (or root) on computers. There is no need
>> for that. You can install about 95% of everything as Power user, and
>> no messing up system files.
> Thanks Ivan. Which OS does that advice apply to?
> Susan
The reference to 'power user' seems to indicate XP or 2000 network.
I essentially do the same thing on a stand alone using XP home SP2
with Scotty on patrol along with Spyware Blaster, PopUpStopper, Kerio and secure settings.
I don't know what 'restore switched on' means, but I have it current just in case
I need to uninstall and/or return to a former civil install date. And I don't have Word set as
my text editor in IE. I do use it but don't allow it as my html editor.
Helen
26
Date: Wed, May 24 2006 4:34 pm
From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>
On Wed, 24 May 2006 16:00:42 -0400, "Helen" <@abuse.roman.gov> wrote:
>I don't know what 'restore switched on' means, but I have it current just in case
I met a lot of people, stupid people IMHO, who think that they can
outsmart the computer, which noone can :o) and first thing they are
doing on clean installation is disabling System Restore which doesn't
take much system resources anymore as it did in Windows Me. They feel
hackerish" when doing so. And then, one day, some driver update
messes up registry, and while they could fix it with restoring
computer, they end up reinstalling the whole OS.
Ivan.
27
Date: Wed, May 24 2006 4:29 pm
From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>
On Wed, 24 May 2006 15:50:21 -0400, Susan Bugher
wrote:
>Thanks Ivan. Which OS does that advice apply to?
It applies to Windows 2000 and Windows XP.
Ivan.
28
Date: Wed, May 24 2006 4:40 pm
From: Mel"
Susan Bugher" wrote in message news:4djrb9F1ar0s8U1@individual.net...
> Ivan Tisljar wrote:
> > Most important thing is, as I see it, regular updating and NOT WORKING
> > as Administrators (or root) on computers. There is no need for that.
> > You can install about 95% of everything as Power user, and no messing
> > up system files.
> Thanks Ivan. Which OS does that advice apply to?
There's an item about power users in Mark's Sysinternals blog here
http://www.sysinternals.com/Blog/
Placing Windows user accounts in the Power Users security group is a
common approach IT organizations take to get users into a least-privilege
environment while avoiding the many pains of truly running as a limited user.
The Power Users group is able to install software, manage power and
time-zone settings, and install ActiveX controls, actions that limited
Users are denied.
What many administrators fail to realize, however, is that this power comes
at the price of true limited-user security. Many articles, including this
Microsoft Knowledge Base article and this blog post by Microsoft security
specialist Jesper Johansen, point out that a user that belongs to the Power
Users group can easily elevate themselves to fully-privileged administrators,
but I was unable to find a detailed description of the elevation mechanisms
they refer to. I therefore decided to investigate.
..."
29
Date: Thurs, May 25 2006 6:02 am
From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>
On Wed, 24 May 2006 21:40:58 +0100, "Mel"
wrote:
>There's an item about power users in Mark's Sysinternals blog here
>http://www.sysinternals.com/Blog/
I've read it, it's very interesting... will try it at work, I have
some test machines that I can crash :o)
But my statement still stands: working as Power User is the best
tradeoff between elevated security and comfort. It's much better than
working as Administrator, and also better as working as User - you
can't overwrite core system files, therefore you can always boot into
at least safe mode and repair damage, and you can install software
without constant logging in as admin. And I am sorry to say, but as
far as freeware is concerned, some programs are just expecting full
read/write privileges on their folder (settings etc.), because they
don't use user profiles to store their settings. And when running in
User account, you have to change permissions on program installation
folder, and that's not very good thing to do :o)
Ivan.
30
Date: Mon, May 22 2006 7:00 pm
From: Mel"
Susan Bugher" wrote in message news:4de4sbF1a27svU1@individual.net...
> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a tiger?)
> What's your modus operandi before downloading/ installing a program?
> What checks do you make? What order do you make them in? IMO (YMMV) the
> first order of business is to find out about the author. If they are
> well known and trusted little additional checking is needed. . .
I usually just take a quick look at the author's site. Sometimes
I google for the program name and look for any references
to spyware. Also if the author's site attempts to install any activex
components I check them out (one of the reasons I stopped
using kill-bits to block spyware in IE).
My hard drive is divide into three partitions, I have a small system
partition which I keep an image of on a cd-rw so I can revert back to
a known good install. This takes under 10 minutes + about half an
hour to install the latest Microsoft security fixes and to create an
updated image.
If I have some reservation or other about a program, I keep the last
partition on my hard drive as a small test partition which I can restore
from the same disk image.(I have a boot manager installed on floppy)
I also have windows 98 installed as a virtual machine
(using vmware player) which I can very quickly unzip a fresh
copy of and install stuff on. The virtual drive image expands
(and can be shrunk back down) so it doesn't take a huge amount
of space.
If I have problems with a program not uninstalling cleanly, and for
some reason or other don't want to revert to my image, providing
it wasn't installed when I made my image. I install and run the
program on my test partition while monitoring with Total uninstall,
then transfer the "tun" file to my data partition and use a script
to remove all the registry keys the program added. I can
usually manually recover any modified system files from my disk image.
Mel.
31
Date: Mon, May 22 2006 7:05 pm
From: Frank Bohan"
Susan Bugher" wrote in message
news:4de4sbF1a27svU1@individual.net...
> Software is a "black box" - a door that's waiting to be opened. What's the
> best way to find out what's behind the door? (Is it a lady or a tiger?)
> What's your modus operandi before downloading/ installing a program? What
> checks do you make? What order do you make them in? IMO (YMMV) the first
> order of business is to find out about the author. If they are well known
> and trusted little additional checking is needed. . .
> I think this subject might make a nice web page - a guide for newbies to
> the wonderful world of Freeware - perhaps organized somewhat along these
> lines:
> 1. investigating the author
> a)
> b)
> c)
> 2. investigating the program
> a)
> b)
> c)
> 3. protecting your existing computer set-up
> a)
> b)
> c)
> 4. recovering from disaster
> a)
> b)
> c)
> ISTM a guide should hi-lite the most importants steps and of course the
> simpler the procedures are the more likely people are to actually
> implement them.
> Please climb on your soapboxes and offer your words of wisdom. Tidbits of
> advice or essays on the whole process. . .
> TIA :)
> Susan
A nice suggestion, Susan. Please post the webpage if it materialises. Here's
my procedure.
1. I usually install a batch of programs together one a month.
2. Backup registry with Erunt (Before MONTH installs).
3. Virus check setup files.
4. For each program:
(a) Set a restore point before installing.
(b) Install using Inctrl5 where appropriate.
(c) Rename Inctrl5 file to name of program.
(d) Test and evaluate (including virus and trojan checks).
(e) Where necessary remove (and restore if there are any problems).
5. Keep the setup files in a separate folder.
6. Backup registry with Erunt (After MONTH installs).
7. Virus/trojan check and backup hard drive.
Useful URLs:
For avoiding dodgy sites http://www.siteadvisor.com/
For checking programs before downloading http://spywarewarrior.com/
For checking suspect files http://virusscan.jotti.org/
32
Date: Mon, May 22 2006 7:53 pm
From: Susan Bugher
Frank Bohan wrote:
> 1. I usually install a batch of programs together one a month.
> 2. Backup registry with Erunt (Before MONTH installs).
> 3. Virus check setup files.
> 4. For each program:
> (a) Set a restore point before installing.
> (b) Install using Inctrl5 where appropriate.
> (c) Rename Inctrl5 file to name of program.
> (d) Test and evaluate (including virus and trojan checks).
> (e) Where necessary remove (and restore if there are any problems).
> 5. Keep the setup files in a separate folder.
> 6. Backup registry with Erunt (After MONTH installs).
> 7. Virus/trojan check and backup hard drive.
> Useful URLs:
> For avoiding dodgy sites http://www.siteadvisor.com/
> For checking programs before downloading http://spywarewarrior.com/
> For checking suspect files http://virusscan.jotti.org/
Great post! Clear, concise and specific. Keep those cards and letters
coming folks, I think this thread may lead to a very useful web page. . .
FWIW - my own "installation skills" are practically nil. . . IOW I have
a *personal* interest in the thread too. . . ;)
Susan
33
Date: Tues, May 23 2006 4:03 am
From: Ben
Susan Bugher wrote:
> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a tiger?)
> 3. protecting your existing computer set-up
> 4. recovering from disaster
3 & 4 - SandboxIE! It's been mentioned here before, but may be
considered to be borderline OT as many posters in previous discussions
seem to view it as more nagware than freeware - after 30 days use it
will remind you at every reboot that there is an improved version for
paying users. However, it's miles ahead of using System Restore, one
step beyond using Total Uninstall but just behind using a separate
virtual machine for testing. Although the name implies it's for running
IE in a safe mode, it is capable of running virtually any application -
including setup files - in a sandbox.
All changes made by an application are kept in a virtual sandbox - after
running an installer, it's easy to explore the sandbox and see exactly
which files have been added to the system. If it turns out the
application included any spyware or behaves in a way you don't approve
of, you empty the sandbox and you're back to square one - no traces of
the rogue application left on your system. If the application appears
clean, you can empty the sandbox and install it normally...
My 2c worth :)
Ben
34
Date: Wed, May 24 2006 4:31 am
From: Ctrl¤/Alt¤/Del¤® <""Alt-Ctrl-Del\"@________------------{{{{ }}}}.net">
Great thread. I use just about all freeware, and like to think that I
have pretty high quality programs. The reason I think this is because
almost 100 percent of the freeware that I use comes from the
Pricelessware site.
Unlike many of you, I blindly and trustingly install any program
whatsoever that is listed at the Pricelessware site. No virus scans,
no checking for malware afterwards, etc... I simply download and
install and place my trust in the fact that if it has made it to
Pricelessware, it is good enough for me.
It is uplifting to not have to worry about things like a virus or
various forms of adware, spyware, etc... It is wonderful to be able
to have access to a site such as Pricelessware, where if it is listed
it must be good. You don't have to worry, you don't have to fret, no
problems, all is recommended and supposedly tested and checked out by
people that know what they are doing.
Alt
35
Date: Wed, May 24 2006 8:19 am
From: Pete
I'm currently playing with the free VMware Player at work, which allows
you to set up a virtual operating system that runs inside your existing
operating system. You can then install or test or otherwise live
dangerously to your heart's content without affecting your "real" PC.
http://www.vmware.com/products/player/
To create a virtual Windows XP system for the player, you'll need your
XP CD and these instructions (or one of the gazillions of other sets of
instructions you can find on the net with google):
http://johnbokma.com/mexit/2005/10/26/vmware-player-windows-xp.html
This seems like an ideal way to test software on your main PC without
any ill effects.
Google will also help you find a large number of pre-configured linux
and other OS configurations for the VMware player so that you can easily
and safely try out other operating systems without messing up your PC.
Peter
36
Date: Wed, May 24 2006 9:57 pm
From: meow2...@care2.com
There's just one last thing I can think of, everything else having been
mentioned. That is to look for open source or gpl software in
preference to others. Ethicalinessin the writing of this type of
software is far more reliable than with apps written by a single
unknown person. I've not yet come across any bad news open source app.
I may yet, but so far its been a very good indicator of
trustworthiness.
NT
ps sorry bout context snip, will get this fixed soon
37
Date: Wed, May 24 2006 4:33 pm
From: Susan Bugher
Susan Bugher wrote:
> Software is a "black box" - a door that's waiting to be opened. What's
> the best way to find out what's behind the door? (Is it a lady or a tiger?)
> I think this subject might make a nice web page - a guide for newbies to
> the wonderful world of Freeware - perhaps organized somewhat along these
> lines:
I forgot to ask an obvious question. Are there any existing web pages
that offer good advice? If some of the work has already been done we
could link to those pages.
Susan
From: Stardust
Date: Thu, 1 Jun 2006 17:11:14 +0200
On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher wrote:
>> Software is a "black box" - a door that's waiting to be opened. What's
>> the best way to find out what's behind the door? (Is it a lady or a tiger?)
Well this is my MO for installing new software...
1. visit http://fileforum.betanews.com/ and check out user comments for
program. If it has adware/spyware, or is in some other way dangerous,
or too many users complain about it being crap, I don't install it.
2. on that site there is always link to program homepage, so I check it
out. If author uses frames, or if homepage looks generally ugly, I take
this into account. Also I check out info about author, from what country
he comes, etc..
3. if all looks good I download program, check setup file with
Kaspersky, Avast, Sophos.
http://www.avast.com/
4. turn of all unimportant running programs. Rrun InCtrl5/EasyClean
combo and save system state.
5. install and run program, go through settings, configure each one to
my liking.
6. reboot
7. run InCtrl5, record and save changes in file named after that program
with extension _install. Run EasyClean and do the same, then inspect
changes made by the program to my system using EasyClean interface.
8. run ad-aware and spybotSD and check out system for spyware.
http://www.lavasoft.de/
http://www.safer-networking.org/
9. check program memory usage with Process Explorer
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
10. check if program pushed it's way into system startup with Autoruns
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
11. compare program with my existing program for that purpose.
The weaker program of the two has got to go. There can be only ONE! ;)
12. run InCtrl5, save system state.
13. uninstall program via normal windows add/remove programs applet.
14. reboot
15. run InCtrl5 and save uninstall info in file named after program with
extension _uninstall.
16. use ExamDiff to compare _install and _uninstall file.
http://www.prestosoft.com/ps.asp?page=edp_examdiff
17. if something didn't get uninstalled I delete it manually using
TotalCommadner (freeCommander is also good) for files, and RegExitX
for registry.
http://www.freecommander.com/
http://www.dcsoft.com/products/regeditx/
That's about it.
.
.
.
.
.
.
Comments (0)
You don't have permission to comment on this page.