ModusOperandi


.

 

Subject: What's your modus operandi?

 

1

Date: Mon, May 22 2006 11:56 am

From: Susan Bugher

 

Software is a "black box" - a door that's waiting to be opened. What's

the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

What's your modus operandi before downloading/ installing a program?

What checks do you make? What order do you make them in? IMO (YMMV) the

first order of business is to find out about the author. If they are

well known and trusted little additional checking is needed. . .

 

I think this subject might make a nice web page - a guide for newbies to

the wonderful world of Freeware - perhaps organized somewhat along these

lines:

 

1. investigating the author

a)

b)

c)

2. investigating the program

a)

b)

c)

3. protecting your existing computer set-up

a)

b)

c)

4. recovering from disaster

a)

b)

c)

 

ISTM a guide should hi-lite the most importants steps and of course the

simpler the procedures are the more likely people are to actually

implement them.

 

Please climb on your soapboxes and offer your words of wisdom. Tidbits

of advice or essays on the whole process. . .

 

TIA :)

 

Susan


 

2

Date: Mon, May 22 2006 12:22 pm

From: bIGGy

 

 

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

> What's your modus operandi before downloading/ installing a program?

> What checks do you make? What order do you make them in? IMO (YMMV) the

> first order of business is to find out about the author. If they are

> well known and trusted little additional checking is needed. . .

 

> I think this subject might make a nice web page - a guide for newbies to

> the wonderful world of Freeware - perhaps organized somewhat along these

> lines:

 

> 1. investigating the author

> a)

> b)

> c)

> 2. investigating the program

> a)

> b)

> c)

 

I usually check the program and it's authour out on the slelect few

download sites that I trust, NoNags, SnapFiles, PricelesswareHome, and

John Hood's Best of Freeware. I may also investigate a freeware program

that has gotten a very good review in PC Utilities Magazine or PC World

Magazine.

 

The posting of adware, spyware, and other malware in this group (some,

but not all, of it by Tramp) has meant that I won't uncatagorically

trust the opinions offered in this group. If I find something

interesting posted here I will check it out on one of the above web sites.

 

> 3. protecting your existing computer set-up

> a)

> b)

> c)

 

I don't expect others to protect my computer from viruses and malware,

so I run my own virus and anti-spyware scans prior to installation. I

would also recommend that those using Windows ME or XP create a restore

point with System Restore prior to installation. It is also a good idea

to use a tool like Total Uninstall to monitor the installation.

 

> 4. recovering from disaster

> a)

> b)

> c)

 

Disaster recovery shouldn't be necessary if you followed the above. If

it does become necessary then you will have the options of doing an

uninstall with Total Uninstall or rolling back your OS.

 

> ISTM a guide should hi-lite the most importants steps and of course the

> simpler the procedures are the more likely people are to actually

> implement them.

 

The above isn't perfect, but it should at least reduce the number of

problems some people have with freeware.

 

> Please climb on your soapboxes and offer your words of wisdom. Tidbits

> of advice or essays on the whole process. . .

 

> TIA :)

 

> Susan


 

3

Date: Mon, May 22 2006 4:03 pm

From: Susan Bugher

 

bIGGy wrote:

> * Susan Bugher:

 

>> Software is a "black box" - a door that's waiting to be opened. What's

>> the best way to find out what's behind the door? (Is it a lady or a

>> tiger?)

> I usually check the program and it's authour out on the slelect few

> download sites that I trust, NoNags, SnapFiles, PricelesswareHome, and

> John Hood's Best of Freeware. I may also investigate a freeware program

> that has gotten a very good review in PC Utilities Magazine or PC World

> Magazine.

 

I'm not sure which sites *test* apps or what they test for (I know

Softpedia tests for Malware). . . be nice if we could spell out who

tests what. . . maybe link to a page with that info if there is one. . .

 

PLEASE NOTE: the Pricelessware List is a *recommendation* - the ACF list

most emphatically is NOT - some of those programs have only been

*mentioned* in ACF - and opinion may be divided on those that have been

discussed. Google the newsgroup archives to see what was posted. When

there is a consensus that an app is bad it may "earn" ;) a NR (not

recommended) notation on the ACF pages - NR is pretty much reserved for

the worst of the worst).

 

> The posting of adware, spyware, and other malware in this group (some,

> but not all, of it by Tramp) has meant that I won't uncatagorically

> trust the opinions offered in this group. If I find something

> interesting posted here I will check it out on one of the above web sites.

> I don't expect others to protect my computer from viruses and malware,

> so I run my own virus and anti-spyware scans prior to installation. I

> would also recommend that those using Windows ME or XP create a restore

> point with System Restore prior to installation. It is also a good idea

> to use a tool like Total Uninstall to monitor the installation.

> The above isn't perfect, but it should at least reduce the number of

> problems some people have with freeware.

 

Good advice. Thanks. :)

 

re organizing this topic. . . ISTM the questions people ask (or

*should* ask) about using free apps are something like this:

 

Is it really free? Are there any strings attached?

Is it safe (not Malware/Spyware etc.)?

Is it good/useful?

Will installing it harm my computer?

 

ISTM it would be nice if we could tell them how/where to find the

answers. . .

 

Susan


 

4

Date: Mon, May 22 2006 7:55 pm

From: The Six Million Dollar Man

 

 

> I'm not sure which sites *test* apps or what they test for (I know

> Softpedia tests for Malware). . . be nice if we could spell out who

> tests what. . . maybe link to a page with that info if there is one. . .

 

NoNags and Snapfiles both test their software, and assign easy to

understand ratings. John Hood also tests the software on his pages, but

has a much more limited variety.

 

> PLEASE NOTE: the Pricelessware List is a *recommendation* - the ACF list

> most emphatically is NOT - some of those programs have only been

> *mentioned* in ACF - and opinion may be divided on those that have been

> discussed. Google the newsgroup archives to see what was posted. When

> there is a consensus that an app is bad it may "earn" ;) a NR (not

> recommended) notation on the ACF pages - NR is pretty much reserved for

> the worst of the worst).

 

Thank you for that clarification. I did ofcourse mean to say that I

trust the results of the annual Pricelessware selection that appears on

the PricelesswareHome page.

 

 

 

> Is it really free? Are there any strings attached?

> Is it safe (not Malware/Spyware etc.)?

> Is it good/useful?

> Will installing it harm my computer?

 

> ISTM it would be nice if we could tell them how/where to find the

> answers. . .

 

> Susan


 

5

Date: Mon, May 22 2006 12:23 pm

From: Al Klein

 

On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher

wrote:

 

>Software is a "black box" - a door that's waiting to be opened. What's

>the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

>What's your modus operandi before downloading/ installing a program?

 

Everyone's MO is going to be different. I have a few spare boxes

(different OSs) that I try unknown downloads on. Not everyone has a

spare computer, though.

 

I also depend on what I read in acf - if enough people in whom I have

some trust pan a program, I don't waste my time downloading it.


 

6

Date: Mon, May 22 2006 4:11 pm

From: Susan Bugher

 

Al Klein wrote:

> On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher

> wrote:

 

>>Software is a "black box" - a door that's waiting to be opened. What's

>>the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

>>What's your modus operandi before downloading/ installing a program?

 

> Everyone's MO is going to be different. I have a few spare boxes

> (different OSs) that I try unknown downloads on. Not everyone has a

> spare computer, though.

 

> I also depend on what I read in acf - if enough people in whom I have

> some trust pan a program, I don't waste my time downloading it.

 

Sure, but *somebody* has to go first ;) and ISTM there's often a certain

reluctance to do that - perhaps because people don't know how to do it

safely. . . Where/how to start and what precautions to take is the

topic under discussion.

 

Susan


 

7

Date: Mon, May 22 2006 4:04 pm

From: m...@invalid.com"

 

 

Susan Bugher wrote in news:4de4sbF1a27svU1

@individual.net:

 

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a

tiger?)

 

> What's your modus operandi before downloading/ installing a program?

> What checks do you make? What order do you make them in? IMO (YMMV) the

> first order of business is to find out about the author. If they are

> well known and trusted little additional checking is needed. . .

 

> I think this subject might make a nice web page - a guide for newbies to

> the wonderful world of Freeware - perhaps organized somewhat along these

> lines:

 

> 1. investigating the author

 

Here, I try to use trusted websites, sometimes a really interesting program

is a one-of from an unknown.

 

> 2. investigating the program

 

Desirable if someone else here has commented on it.

 

> 3. protecting your existing computer set-up

 

I try to only use no-installs, run AV check before unzipping. If a setup

file, I run it on another trial computer, copy the executable back to my

main box.

 

> 4. recovering from disaster

Long subject.

 

> ISTM a guide should hi-lite the most importants steps and of course the

> simpler the procedures are the more likely people are to actually

> implement them.

 

> Please climb on your soapboxes and offer your words of wisdom. Tidbits

> of advice or essays on the whole process. . .

 

> TIA :)

 

Gradually, I find I am using less new programs, always a risk, if an older

program does my job.

 

Good topic, thanks, Susan.

 

Mike Sa


 

8

Date: Mon, May 22 2006 4:24 pm

From: Susan Bugher

 

m...@invalid.com wrote:

> Susan Bugher wrote in news:4de4sbF1a27svU1

> @individual.net:

> Here, I try to use trusted websites, sometimes a really interesting program

> is a one-of from an unknown.

 

dunno what your definition of "trusted websites" is. Could you expand a

bit on that?

 

Susan


 

9

Date: Tues, May 23 2006 11:49 am

From: m...@invalid.com"

 

Susan Bugher wrote in

news:4dekifF19raklU1@individual.net:

 

> m...@invalid.com wrote:

>> Susan Bugher wrote in news:4de4sbF1a27svU1

>> @individual.net:

 

>> Here, I try to use trusted websites, sometimes a really interesting

>> program is a one-of from an unknown.

 

> dunno what your definition of "trusted websites" is. Could you expand a

> bit on that?

 

> Susan

 

ACF of course, Nils Sofer, Steve Burn, Mark Russinovich, Pablo VanMeer,

...they come immediately to mind.

 

Mike Sa


 

10

Date: Tues, May 23 2006 12:50 pm

From: Susan Bugher

 

m...@invalid.com wrote:

> Susan Bugher wrote in

> news:4dekifF19raklU1@individual.net:

>>m...@invalid.com wrote:

>>>Here, I try to use trusted websites, sometimes a really interesting

>>>program is a one-of from an unknown.

 

>>dunno what your definition of "trusted websites" is. Could you expand a

>>bit on that?

> ACF of course, Nils Sofer, Steve Burn, Mark Russinovich, Pablo VanMeer,

> ...they come immediately to mind.

 

Thanks Mike. ISTM "trusted author" is a pretty good guide.

 

Susan


 

11

Date: Mon, May 22 2006 4:38 pm

From: MLC

 

lunedì 22 maggio 2006 Susan Bugher ha scritto:

 

> What's your modus operandi before downloading/ installing a program?

> What checks do you make? What order do you make them in?

 

First, I check if the program was never mentioned here in acf (I use a

bookmarklet to automatize this search in Google) and read what was written

about it. Sometimes I search also other users reviews on the web.

 

If I decide to download and install it, I make a registry backup with Erunt

and monitor the install with Total Uninstall.

 

Then I look closely at the registry entries (especially at the changes, if

they can be dangerous for other programs, or I don't like them...) and at

the RAM used by the new running program, because I prefer not bloated

software.

 

Passed these tests I'll keep it, otherwise I uninstall it immediately with

TUN, and only if needed I restore the registry with Erdnt.

 

That's all from my soapbox ;-)


 

12

Date: Mon, May 22 2006 5:16 pm

From: Susan Bugher

 

MLC wrote:

> lunedì 22 maggio 2006 Susan Bugher ha scritto:

> First, I check if the program was never mentioned here in acf (I use a

> bookmarklet to automatize this search in Google) and read what was written

> about it. Sometimes I search also other users reviews on the web.

 

Hi Maria,

 

Could you be specific about what you search *for* when you're trying to

locate posts about a program? (I've seen a lot of reviews/

recommendations that don't include the program's name. . .

 

Susan


 

13

Date: Mon, May 22 2006 6:17 pm

From: MLC

 

lunedì 22 maggio 2006 Susan Bugher ha scritto:

 

> Hi Maria,

> Could you be specific about what you search *for* when you're trying to

> locate posts about a program? (I've seen a lot of reviews/

> recommendations that don't include the program's name. . .

 

Uhmm, I search for the program name and read the thread.

I can miss some reviews, but I think it's unlikely to have an entire thread

with the name never mentioned.


 

14

Date: Mon, May 22 2006 7:29 pm

From: Susan Bugher

 

MLC wrote:

> lunedì 22 maggio 2006 Susan Bugher ha scritto:

>>Hi Maria,

>>Could you be specific about what you search *for* when you're trying to

>>locate posts about a program? (I've seen a lot of reviews/

>>recommendations that don't include the program's name. . .

> Uhmm, I search for the program name and read the thread.

> I can miss some reviews, but I think it's unlikely to have an entire thread

> with the name never mentioned.

 

It's been known to happen ;) AND authors often use several name

variations for the same program - between those problems and spelling

mistakes if you only try *one* spelling for the program name I think

it's *very* easy to miss posts/threads about an app.

 

FWIW - the results of an ACF archive search I just did for a well known app:

 

zonealarm

Results 1 - 100 of 2,230 for "zonealarm"

 

zone alarm

Results 1 - 100 of 1,430 for "zone alarm"

 

If name searches don't work an additional search for the home page URL

may bring up something new. . .

Results 1 - 100 of 191 for "www.zonelabs.com"

 

FWIW - if you find an app on the ACF pages and can't find *any* ACF

posts/threads - as a last resort feel free to ping me (I usually save at

least one ACF post about each app).

 

Susan


 

15

Date: Tues, May 23 2006 2:58 am

From: MLC

 

martedì 23 maggio 2006 Susan Bugher ha scritto:

 

> FWIW - if you find an app on the ACF pages and can't find *any* ACF

> posts/threads - as a last resort feel free to ping me (I usually save at

> least one ACF post about each app).

 

Thak you Susan, you'll be my second Google ;-D

 

--

Maria Luisa C - 23/05/2006 8.58.01

He was dull in a new way, and that made many think him great.

Samuel Johnson


 

16

Date: Tues, May 23 2006 9:55 am

From: Susan Bugher

 

MLC wrote:

> martedì 23 maggio 2006 Susan Bugher ha scritto:

>>FWIW - if you find an app on the ACF pages and can't find *any* ACF

>>posts/threads - as a last resort feel free to ping me (I usually save at

>>least one ACF post about each app).

 

> Thak you Susan, you'll be my second Google ;-D

 

:) FWIW I'm *supersensitized* to name variations because I do so much

checking re the ACF pages - I use several searches to see if apps are

*already* listed. That's fairly simple - digging info out of the ng

archives is much harder.

 

Susan


 

17

Date: Mon, May 22 2006 5:22 pm

From: philo"

 

Susan Bugher" wrote in message

 

news:4de4sbF1a27svU1@individual.net...

 

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a

tiger?)

 

> What's your modus operandi before downloading/ installing a program?

> What checks do you make? What order do you make them in? IMO (YMMV) the

> first order of business is to find out about the author. If they are

> well known and trusted little additional checking is needed. . .

 

I have quite a few older computers here with no real value...

If some software comes out that I'd not want to test on one of my good

machines...

I try it on one of my old junkers...

If worst comes to worst...I can just format the drive and reinstall the OS.

 

Heck...out of curiosity I even tried one of those free AOL cd's...

and can assure you that you DO NOT...want to even try one.

There is NO way to cancel out once you start


 

18

Date: Mon, May 22 2006 1:57 pm

From: El Gee

 

Susan Bugher wrote in

news:4de4sbF1a27svU1@individual.net:

 

 

 

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a

> tiger?)

 

> What's your modus operandi before downloading/ installing a program?

> What checks do you make? What order do you make them in? IMO (YMMV)

> the first order of business is to find out about the author. If they

> are well known and trusted little additional checking is needed. . .

 

> I think this subject might make a nice web page - a guide for newbies

> to the wonderful world of Freeware - perhaps organized somewhat along

> these lines:

 

> 1. investigating the author

> a)

> b)

> c)

> 2. investigating the program

> a)

> b)

> c)

> 3. protecting your existing computer set-up

> a)

> b)

> c)

> 4. recovering from disaster

> a)

> b)

> c)

 

> ISTM a guide should hi-lite the most importants steps and of course

> the simpler the procedures are the more likely people are to actually

> implement them.

 

> Please climb on your soapboxes and offer your words of wisdom. Tidbits

> of advice or essays on the whole process. . .

 

> TIA :)

 

> Susan

 

1) check out the software / author on reputible sites

2) install on a non-networked spare box

3) virus check

4) spyware chceck

5) phone home check

 

JMHO / YMMV

 


 

19

Date: Wed, May 24 2006 3:44 pm

From: Susan Bugher

 

El Gee wrote:

>>ISTM a guide should hi-lite the most importants steps and of course

>>the simpler the procedures are the more likely people are to actually

>>implement them.

 

>>Please climb on your soapboxes and offer your words of wisdom. Tidbits

>>of advice or essays on the whole process. . .

> 1) check out the software / author on reputible sites

> 2) install on a non-networked spare box

 

love this suggestion but. . .

What OS are you talking about?

Is this workable for Windows XP users?

 

> 3) virus check

> 4) spyware chceck

> 5) phone home check

 

> JMHO / YMMV

 

Susan


 

20

Date: Wed, May 24 2006 4:34 pm

From: El Gee

 

Susan Bugher wrote in

news:4djr0gF19ep2mU1@individual.net:

 

 

 

> El Gee wrote:

 

>>>ISTM a guide should hi-lite the most importants steps and of course

>>>the simpler the procedures are the more likely people are to actually

>>>implement them.

 

>>>Please climb on your soapboxes and offer your words of wisdom.

>>>Tidbits of advice or essays on the whole process. . .

 

>> 1) check out the software / author on reputible sites

>> 2) install on a non-networked spare box

 

> love this suggestion but. . .

> What OS are you talking about?

> Is this workable for Windows XP users?

 

>> 3) virus check

>> 4) spyware chceck

>> 5) phone home check

 

>> JMHO / YMMV

 

> Susan

 

This is the process I use for WinXP. On linux, there is little to worry

about, but I do install it on a test box...just in case.


 

21

Date: Wed, May 24 2006 5:42 pm

From: Susan Bugher

 

El Gee wrote:

> Susan Bugher wrote in

> news:4djr0gF19ep2mU1@individual.net:

>>El Gee wrote:

>>>2) install on a non-networked spare box

 

>>love this suggestion but. . .

>>What OS are you talking about?

>>Is this workable for Windows XP users?

> This is the process I use for WinXP.

 

Does that mean you have more than one license for XP?

 

Susan


 

22

Date: Thurs, May 25 2006 9:07 am

From: El Gee

 

Susan Bugher wrote in

news:4dk1trF1ah490U1@individual.net:

 

 

 

> El Gee wrote:

>> Susan Bugher wrote in

>> news:4djr0gF19ep2mU1@individual.net:

>>>El Gee wrote:

 

>>>>2) install on a non-networked spare box

 

>>>love this suggestion but. . .

>>>What OS are you talking about?

>>>Is this workable for Windows XP users?

 

>> This is the process I use for WinXP.

 

> Does that mean you have more than one license for XP?

 

> Susan

 

No, I have licenses for Win98, Win2K and WinXP. MOST things that are

safe on Win2k work on WinXP. If they are different, I take them to work

and test them on test boxes there...off the network.


 

23

Date: Mon, May 22 2006 6:16 pm

From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>

 

On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher

wrote:

 

>What's your modus operandi before downloading/ installing a program?

>What checks do you make? What order do you make them in? IMO (YMMV) the

>first order of business is to find out about the author. If they are

>well known and trusted little additional checking is needed. . .

 

Nothing special; my antivirus checks software while downloading, I

have System restore switched ON, I have firewall which tells me if

software wants to visit some site, always work (and install software)

as power user, so it can't mess up my system files (there are few

exceptions, but filemanager or archiver doesn't really have to need

admin rights for installation), using Total Uninstall for monitoring,

and most important, a bit of inteligence.

 

Most important thing is, as I see it, regular updating and NOT WORKING

as Administrators (or root) on computers. There is no need for that.

You can install about 95% of everything as Power user, and no messing

up system files.

 

Ivan.


 

24

Date: Wed, May 24 2006 3:50 pm

From: Susan Bugher

 

Ivan Tisljar wrote:

> On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher

> wrote:

>>What's your modus operandi before downloading/ installing a program?

>>What checks do you make? What order do you make them in? IMO (YMMV) the

>>first order of business is to find out about the author. If they are

>>well known and trusted little additional checking is needed. . .

 

> Nothing special; my antivirus checks software while downloading, I

> have System restore switched ON, I have firewall which tells me if

> software wants to visit some site, always work (and install software)

> as power user, so it can't mess up my system files (there are few

> exceptions, but filemanager or archiver doesn't really have to need

> admin rights for installation), using Total Uninstall for monitoring,

> and most important, a bit of inteligence.

 

> Most important thing is, as I see it, regular updating and NOT WORKING

> as Administrators (or root) on computers. There is no need for that.

> You can install about 95% of everything as Power user, and no messing

> up system files.

 

Thanks Ivan. Which OS does that advice apply to?

 

Susan


 

25

Date: Wed, May 24 2006 4:00 pm

From: Helen" <@abuse.roman.gov>

 

 

 

 

Susan Bugher wrote:

> Ivan Tisljar wrote:

>> On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher

>> wrote:

 

>>> What's your modus operandi before downloading/ installing a program?

>>> What checks do you make? What order do you make them in? IMO (YMMV)

>>> the first order of business is to find out about the author. If

>>> they are well known and trusted little additional checking is

>>> needed. . .

 

>> Nothing special; my antivirus checks software while downloading, I

>> have System restore switched ON, I have firewall which tells me if

>> software wants to visit some site, always work (and install software)

>> as power user, so it can't mess up my system files (there are few

>> exceptions, but filemanager or archiver doesn't really have to need

>> admin rights for installation), using Total Uninstall for monitoring,

>> and most important, a bit of inteligence.

 

>> Most important thing is, as I see it, regular updating and NOT

>> WORKING as Administrators (or root) on computers. There is no need

>> for that. You can install about 95% of everything as Power user, and

>> no messing up system files.

 

> Thanks Ivan. Which OS does that advice apply to?

 

> Susan

 

The reference to 'power user' seems to indicate XP or 2000 network.

I essentially do the same thing on a stand alone using XP home SP2

with Scotty on patrol along with Spyware Blaster, PopUpStopper, Kerio and secure settings.

 

I don't know what 'restore switched on' means, but I have it current just in case

I need to uninstall and/or return to a former civil install date. And I don't have Word set as

my text editor in IE. I do use it but don't allow it as my html editor.

Helen


 

26

Date: Wed, May 24 2006 4:34 pm

From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>

 

On Wed, 24 May 2006 16:00:42 -0400, "Helen" <@abuse.roman.gov> wrote:

>I don't know what 'restore switched on' means, but I have it current just in case

 

I met a lot of people, stupid people IMHO, who think that they can

outsmart the computer, which noone can :o) and first thing they are

doing on clean installation is disabling System Restore which doesn't

take much system resources anymore as it did in Windows Me. They feel

hackerish" when doing so. And then, one day, some driver update

messes up registry, and while they could fix it with restoring

computer, they end up reinstalling the whole OS.

 

Ivan.


 

27

Date: Wed, May 24 2006 4:29 pm

From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>

 

On Wed, 24 May 2006 15:50:21 -0400, Susan Bugher

wrote:

 

>Thanks Ivan. Which OS does that advice apply to?

 

It applies to Windows 2000 and Windows XP.

 

Ivan.


 

28

Date: Wed, May 24 2006 4:40 pm

From: Mel"

 

Susan Bugher" wrote in message news:4djrb9F1ar0s8U1@individual.net...

> Ivan Tisljar wrote:

 

> > Most important thing is, as I see it, regular updating and NOT WORKING

> > as Administrators (or root) on computers. There is no need for that.

> > You can install about 95% of everything as Power user, and no messing

> > up system files.

 

> Thanks Ivan. Which OS does that advice apply to?

 

There's an item about power users in Mark's Sysinternals blog here

http://www.sysinternals.com/Blog/

 

Placing Windows user accounts in the Power Users security group is a

common approach IT organizations take to get users into a least-privilege

environment while avoiding the many pains of truly running as a limited user.

The Power Users group is able to install software, manage power and

time-zone settings, and install ActiveX controls, actions that limited

Users are denied.

 

What many administrators fail to realize, however, is that this power comes

at the price of true limited-user security. Many articles, including this

Microsoft Knowledge Base article and this blog post by Microsoft security

specialist Jesper Johansen, point out that a user that belongs to the Power

Users group can easily elevate themselves to fully-privileged administrators,

but I was unable to find a detailed description of the elevation mechanisms

they refer to. I therefore decided to investigate.

..."


 

29

Date: Thurs, May 25 2006 6:02 am

From: Ivan Tisljar <_system_hllo...@hi.htnet.hr>

 

On Wed, 24 May 2006 21:40:58 +0100, "Mel"

 

wrote:

>There's an item about power users in Mark's Sysinternals blog here

>http://www.sysinternals.com/Blog/

 

I've read it, it's very interesting... will try it at work, I have

some test machines that I can crash :o)

 

But my statement still stands: working as Power User is the best

tradeoff between elevated security and comfort. It's much better than

working as Administrator, and also better as working as User - you

can't overwrite core system files, therefore you can always boot into

at least safe mode and repair damage, and you can install software

without constant logging in as admin. And I am sorry to say, but as

far as freeware is concerned, some programs are just expecting full

read/write privileges on their folder (settings etc.), because they

don't use user profiles to store their settings. And when running in

User account, you have to change permissions on program installation

folder, and that's not very good thing to do :o)

 

Ivan.


 

30

Date: Mon, May 22 2006 7:00 pm

From: Mel"

 

Susan Bugher" wrote in message news:4de4sbF1a27svU1@individual.net...

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

> What's your modus operandi before downloading/ installing a program?

> What checks do you make? What order do you make them in? IMO (YMMV) the

> first order of business is to find out about the author. If they are

> well known and trusted little additional checking is needed. . .

 

I usually just take a quick look at the author's site. Sometimes

I google for the program name and look for any references

to spyware. Also if the author's site attempts to install any activex

components I check them out (one of the reasons I stopped

using kill-bits to block spyware in IE).

 

My hard drive is divide into three partitions, I have a small system

partition which I keep an image of on a cd-rw so I can revert back to

a known good install. This takes under 10 minutes + about half an

hour to install the latest Microsoft security fixes and to create an

updated image.

 

If I have some reservation or other about a program, I keep the last

partition on my hard drive as a small test partition which I can restore

from the same disk image.(I have a boot manager installed on floppy)

 

I also have windows 98 installed as a virtual machine

(using vmware player) which I can very quickly unzip a fresh

copy of and install stuff on. The virtual drive image expands

(and can be shrunk back down) so it doesn't take a huge amount

of space.

 

If I have problems with a program not uninstalling cleanly, and for

some reason or other don't want to revert to my image, providing

it wasn't installed when I made my image. I install and run the

program on my test partition while monitoring with Total uninstall,

then transfer the "tun" file to my data partition and use a script

to remove all the registry keys the program added. I can

usually manually recover any modified system files from my disk image.

 

Mel.


 

31

Date: Mon, May 22 2006 7:05 pm

From: Frank Bohan"

 

Susan Bugher" wrote in message

 

news:4de4sbF1a27svU1@individual.net...

 

> Software is a "black box" - a door that's waiting to be opened. What's the

> best way to find out what's behind the door? (Is it a lady or a tiger?)

 

> What's your modus operandi before downloading/ installing a program? What

> checks do you make? What order do you make them in? IMO (YMMV) the first

> order of business is to find out about the author. If they are well known

> and trusted little additional checking is needed. . .

 

> I think this subject might make a nice web page - a guide for newbies to

> the wonderful world of Freeware - perhaps organized somewhat along these

> lines:

 

> 1. investigating the author

> a)

> b)

> c)

> 2. investigating the program

> a)

> b)

> c)

> 3. protecting your existing computer set-up

> a)

> b)

> c)

> 4. recovering from disaster

> a)

> b)

> c)

 

> ISTM a guide should hi-lite the most importants steps and of course the

> simpler the procedures are the more likely people are to actually

> implement them.

 

> Please climb on your soapboxes and offer your words of wisdom. Tidbits of

> advice or essays on the whole process. . .

 

> TIA :)

 

> Susan

 

A nice suggestion, Susan. Please post the webpage if it materialises. Here's

my procedure.

 

1. I usually install a batch of programs together one a month.

 

2. Backup registry with Erunt (Before MONTH installs).

 

3. Virus check setup files.

 

4. For each program:

(a) Set a restore point before installing.

(b) Install using Inctrl5 where appropriate.

(c) Rename Inctrl5 file to name of program.

(d) Test and evaluate (including virus and trojan checks).

(e) Where necessary remove (and restore if there are any problems).

 

5. Keep the setup files in a separate folder.

 

6. Backup registry with Erunt (After MONTH installs).

 

7. Virus/trojan check and backup hard drive.

 

Useful URLs:

For avoiding dodgy sites http://www.siteadvisor.com/

For checking programs before downloading http://spywarewarrior.com/

For checking suspect files http://virusscan.jotti.org/


 

32

Date: Mon, May 22 2006 7:53 pm

From: Susan Bugher

 

Frank Bohan wrote:

> 1. I usually install a batch of programs together one a month.

 

> 2. Backup registry with Erunt (Before MONTH installs).

 

> 3. Virus check setup files.

 

> 4. For each program:

> (a) Set a restore point before installing.

> (b) Install using Inctrl5 where appropriate.

> (c) Rename Inctrl5 file to name of program.

> (d) Test and evaluate (including virus and trojan checks).

> (e) Where necessary remove (and restore if there are any problems).

 

> 5. Keep the setup files in a separate folder.

 

> 6. Backup registry with Erunt (After MONTH installs).

 

 

> 7. Virus/trojan check and backup hard drive.

 

> Useful URLs:

> For avoiding dodgy sites http://www.siteadvisor.com/

> For checking programs before downloading http://spywarewarrior.com/

> For checking suspect files http://virusscan.jotti.org/

 

Great post! Clear, concise and specific. Keep those cards and letters

coming folks, I think this thread may lead to a very useful web page. . .

 

FWIW - my own "installation skills" are practically nil. . . IOW I have

a *personal* interest in the thread too. . . ;)

 

Susan


 

33

Date: Tues, May 23 2006 4:03 am

From: Ben

 

Susan Bugher wrote:

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

 

> 3. protecting your existing computer set-up

> 4. recovering from disaster

 

3 & 4 - SandboxIE! It's been mentioned here before, but may be

considered to be borderline OT as many posters in previous discussions

seem to view it as more nagware than freeware - after 30 days use it

will remind you at every reboot that there is an improved version for

paying users. However, it's miles ahead of using System Restore, one

step beyond using Total Uninstall but just behind using a separate

virtual machine for testing. Although the name implies it's for running

IE in a safe mode, it is capable of running virtually any application -

including setup files - in a sandbox.

 

All changes made by an application are kept in a virtual sandbox - after

running an installer, it's easy to explore the sandbox and see exactly

which files have been added to the system. If it turns out the

application included any spyware or behaves in a way you don't approve

of, you empty the sandbox and you're back to square one - no traces of

the rogue application left on your system. If the application appears

clean, you can empty the sandbox and install it normally...

 

My 2c worth :)

 

Ben


 

34

Date: Wed, May 24 2006 4:31 am

From: Ctrl¤/Alt¤/Del¤® <""Alt-Ctrl-Del\"@________------------{{{{ }}}}.net">

 

Great thread. I use just about all freeware, and like to think that I

have pretty high quality programs. The reason I think this is because

almost 100 percent of the freeware that I use comes from the

Pricelessware site.

 

Unlike many of you, I blindly and trustingly install any program

whatsoever that is listed at the Pricelessware site. No virus scans,

no checking for malware afterwards, etc... I simply download and

install and place my trust in the fact that if it has made it to

Pricelessware, it is good enough for me.

 

It is uplifting to not have to worry about things like a virus or

various forms of adware, spyware, etc... It is wonderful to be able

to have access to a site such as Pricelessware, where if it is listed

it must be good. You don't have to worry, you don't have to fret, no

problems, all is recommended and supposedly tested and checked out by

people that know what they are doing.

 

Alt


 

35

 

Date: Wed, May 24 2006 8:19 am

From: Pete

 

I'm currently playing with the free VMware Player at work, which allows

you to set up a virtual operating system that runs inside your existing

operating system. You can then install or test or otherwise live

dangerously to your heart's content without affecting your "real" PC.

 

http://www.vmware.com/products/player/

 

To create a virtual Windows XP system for the player, you'll need your

XP CD and these instructions (or one of the gazillions of other sets of

instructions you can find on the net with google):

 

http://johnbokma.com/mexit/2005/10/26/vmware-player-windows-xp.html

 

This seems like an ideal way to test software on your main PC without

any ill effects.

 

Google will also help you find a large number of pre-configured linux

and other OS configurations for the VMware player so that you can easily

and safely try out other operating systems without messing up your PC.

 

Peter


 

36

Date: Wed, May 24 2006 9:57 pm

From: meow2...@care2.com

 

There's just one last thing I can think of, everything else having been

mentioned. That is to look for open source or gpl software in

preference to others. Ethicalinessin the writing of this type of

software is far more reliable than with apps written by a single

unknown person. I've not yet come across any bad news open source app.

I may yet, but so far its been a very good indicator of

trustworthiness.

 

NT

 

ps sorry bout context snip, will get this fixed soon


 

37

Date: Wed, May 24 2006 4:33 pm

From: Susan Bugher

 

Susan Bugher wrote:

> Software is a "black box" - a door that's waiting to be opened. What's

> the best way to find out what's behind the door? (Is it a lady or a tiger?)

> I think this subject might make a nice web page - a guide for newbies to

> the wonderful world of Freeware - perhaps organized somewhat along these

> lines:

 

I forgot to ask an obvious question. Are there any existing web pages

that offer good advice? If some of the work has already been done we

could link to those pages.

 

Susan


 

From: Stardust

Date: Thu, 1 Jun 2006 17:11:14 +0200

 

On Mon, 22 May 2006 11:56:17 -0400, Susan Bugher wrote:

 

 

>> Software is a "black box" - a door that's waiting to be opened. What's

>> the best way to find out what's behind the door? (Is it a lady or a tiger?)

 

 

Well this is my MO for installing new software...

 

1. visit http://fileforum.betanews.com/ and check out user comments for

program. If it has adware/spyware, or is in some other way dangerous,

or too many users complain about it being crap, I don't install it.

 

2. on that site there is always link to program homepage, so I check it

out. If author uses frames, or if homepage looks generally ugly, I take

this into account. Also I check out info about author, from what country

he comes, etc..

 

3. if all looks good I download program, check setup file with

Kaspersky, Avast, Sophos.

http://www.avast.com/

 

4. turn of all unimportant running programs. Rrun InCtrl5/EasyClean

combo and save system state.

 

5. install and run program, go through settings, configure each one to

my liking.

 

6. reboot

 

7. run InCtrl5, record and save changes in file named after that program

with extension _install. Run EasyClean and do the same, then inspect

changes made by the program to my system using EasyClean interface.

 

8. run ad-aware and spybotSD and check out system for spyware.

http://www.lavasoft.de/

http://www.safer-networking.org/

 

9. check program memory usage with Process Explorer

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

 

10. check if program pushed it's way into system startup with Autoruns

http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml

 

11. compare program with my existing program for that purpose.

The weaker program of the two has got to go. There can be only ONE! ;)

 

12. run InCtrl5, save system state.

 

13. uninstall program via normal windows add/remove programs applet.

 

14. reboot

 

15. run InCtrl5 and save uninstall info in file named after program with

extension _uninstall.

 

16. use ExamDiff to compare _install and _uninstall file.

http://www.prestosoft.com/ps.asp?page=edp_examdiff

 

17. if something didn't get uninstalled I delete it manually using

TotalCommadner (freeCommander is also good) for files, and RegExitX

for registry.

http://www.freecommander.com/

http://www.dcsoft.com/products/regeditx/

 

That's about it.


 

.

 

.

 

.

 

.

 

.

 

.