5/24/06

To Auto Update or Not to Auto Update

Here is an excellent article on Windows Auto Update that I wish to share to others.
So you decide if auto updating Microsoft is for you.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
To auto-update or not to auto-update

Brian Livingston By Brian Livingston

I published a Woody Leonhard column as the top story last issue while I was traveling, knowing that he's opinionated and always gets strong reactions. Well, he didn't disappoint me.

Reacting to several mistakes Microsoft made in its Automatic Updates downloads in April, Woody railed against Redmond's patching strategy, saying, "Windows auto-update is for chumps."

Woody made some very good points, which Microsoft has done nothing to rebut. There's an important lesson here. I'm going to use this space today to give you the best advice I've been able to pull together.

An April that will live in infamy

For those who don't know the details of what I call Microsoft's April Fool's patches, here's a quick recap, in increasing order of severity:

• An obscure hotfix for XP SP2 machines, patch 900485 from Dec. 2005, was downloaded as a "critical" security patch via Automatic Updates on Apr. 25, two weeks after Redmond's regular Patch Tuesday distribution. Almost no one needed this hotfix, although it seems to have done no harm. It was apparently inserted into the Automatic Updates mechanism by accident, according to some newsgroup comments, although Microsoft still hasn't explained the gaffe.

• Security bulletin MS06-016, released on Apr. 11, made it impossible for some users of Microsoft's free Outlook Express e-mail program to open their Address Books or reply to e-mails. Microsoft acknowledged this on Apr. 26 and published Knowledge Base article 917288. The company describes how to backup, delete, and then import the Address Book to fix OE. But Redmond, six weeks later, hasn't issued a corrected MS06-016 patch to save people from having the problem in the first place.

• MS06-015 , released on the same Patch Tuesday as MS06-016, conflicted with widely used nVidia video drivers, some HP printer/scanner/CD/DVD software, Kerio Personal Firewall, and some other applications, as described in KB 918165. The problem caused Microsoft Office components and some other apps to freeze when accessing files in My Documents or My Pictures, interfered with Windows Explorer and Send To, and prevented Internet Explorer from visiting typed-in Web addresses unless they were prefixed with http. The security bulletin was re-released on Apr. 25 so users could install a version that corrects the problems.

• Windows Genuine Advantage, a Microsoft program that checks Windows installations for valid licenses, was pushed out as a "critical" security update to the U.S., U.K., Australia, and other countries beginning on Apr. 25. It's impossible to use Add/Remove Programs to remove the GA app, which displays warnings (once per hour after 14 days) if the software considers a copy of Windows to be nonlicensed. (Microsoft explains in KB 905474 how to disable the warnings until the next update is installed.)

I consider the surprise Genuine Advantage downloads to be the most severe blunder. Microsoft had previously said the tool would be strictly opt-in, but the midnight installs flooded some companies' help desks with calls from panicked users. No one expects Microsoft to give away its products for free. No responsible company, however, slams its biggest, most legitimate customers with a change of this magnitude with little or no notice other than a press release the day before.

In the face of the missteps described above, Microsoft has said almost nothing by way of explanation. The Redmond company is filled with thousands of talented and well-meaning developers, but they don't drive the corporation's policy in this area. After several inquiries seeking comment, a Microsoft spokeswoman told me: "Unfortunately, we are unable to provide you with an interview at this time due to lack of spokesperson availability."

I've previously said that home users of Windows (as opposed to advanced users) should keep Automatic Updates turned on. That was because Microsoft assured the public that Automatic Updates would only be used to distribute security updates rated as "critical." Microsoft's abuse of its security upgrade mechanism to stealthily install Genuine Advantage, in addition to April's outrageously buggy patches, is inexcusable. It's clear that corporate executives have made a deliberate decision to use Automatic Updates to install software that benefits the company, whether or not it helps users or has any relationship to users' security.

Pros update manually, novices automatically

Because of the April Fool's patches, I want to clarify my recommendations on who should keep Automatic Updates turned on and who should use the Control Panel to turn it off.

• Advanced users (including companies with full-time IT staff) should never use Automatic Updates. Professionals should first test Microsoft patches — and every other company's patches — on isolated machines. Read the free and paid versions of the Windows Secrets Newsletter that are published 2 days after Patch Tuesday with warnings of problems. Then use patch-management techniques to carefully install the needed upgrades to end users.

• Novice users, who can't or won't read up on reported patch problems before updating their machines, should leave Automatic Updates turned on. Beginners have a greater risk of catching a virus than they do of encountering a serious patch incompatibility.

Some advanced users may disagree with my recommendation that novices should leave Automatic Updates turned on. If you're the main tech support for a newbie, I'd say you can disable AU if a PC has the four items in our recommended Security Baseline ( below), which provides good general security. Patches should still be installed manually within a few days of release, after you check news reports for potential conflicts.

Supporting Grandma's PC means auto-update

We received many comments supportive of Woody's distrust of Automatic Updates, which he's been publicly stating for years. We can give you only a overview here of the positive and negative reactions. As a representative of those who dispute Woody's view, reader Dave Nickason writes:

* "It is irresponsible for Woody to argue for people to turn off AU unless he wants to be the one supporting the unpatched machines of all of our parents, grandparents, and siblings. Some novice PC user like my 81-year old Dad will take that advice, never patch again, and I'll be left to reinstall Windows when his system quits working."

I have to agree that Windows amateurs, which probably includes the majority of Windows users, won't update their PCs unless it's done for them automatically. Given the latest round of MS mistakes, people who support relatives' PCs will have to accept that auto-updates may eventually cause some conflict that requires time to unravel. But this will probably be a less serious problem than dealing with an unpatched machine that's caught hard-to-remove viruses.

Microsoft is a business, get used to it

Other readers also made a distinction between novices and power users, while not applauding Microsoft for its behavior. Reader Kevin Gagel writes:

* "I'm writing in response to Woody Leonhard's article about Micro$oft's automatic updates.

"While I agree in principle with Woody's assessment of M$'s trustworthiness, I cannot agree with disabling the auto-update feature.

"I've witnessed first hand the benefit of having it enabled, as well as seeing how it can fail us.

"None the less, I have witnessed far more 'good' (I shudder to think M$ can do good) then bad by updating systems automatically.

"What users out there have the ability to 'test' a patch before applying it? What users out there will 'know' when it is the right time to apply a patch?

"Since M$'s activation of what they call a firewall, I've witnessed a huge reduction of viruses being e-mailed to us.

"Leaving systems vulnerable because of someone's incompetence is not the answer. Woody should know that there is a larger number of technically inept end users then there are technically savvy.

"I think that Woody could have done a better job (and justice to the end users) if he'd presented a better balanced position of pros and cons instead of just espousing his nonconspiracy conspiracy theory.

"M$ is and allways has been a business looking to make a buck. It will do whatever it takes to protect that, including pushing noncritical "critical patches" that verify the system is not running a bootleg copy of Windoze."

In the view of this reader and other readers, Microsoft has spent many years building up a capacity to install software automatically, and it can only be expected that the software giant will use it for business advantage .

Do one thing at work, another at home

A different opinion was provided by those who are required to auto-update by work policies, but disable Automatic Updates on personal machines, to which they're willing to devote more care. A reader who goes by the name Ralphy writes:

* "Unfortunately, some of us don't have the luxury of a corporate environment. I work for a Department of Defense unit and must have our boxes patched within a certain time frame. It is impossible for our office to be able to 'test,' then patch. We have too many boxes stretched over a large area.

"If it weren't for automatic updates, we would be spending a lot more time doing updates rather than other mission-essential items. I do agree that last round was bad, but out of 500 machines only 3 were bothered by the update that you spoke of. Those were the only ones we had to fix.

"Having said all of that, at home, I do the opposite. I wait for 2 weeks before I run the updates manually. I'll let the rest of the world be Microsoft's test bed and see what works and what doesn't.

"However, I still rated it a good article but not for the business world."

This underscores the theme of, "Those who can, patch manually. Those who can't, patch automatically."

Why Security Baseline recommends MS Update

A few readers questioned two lines in our Security Baseline that recommend using Microsoft Update for MS software and whatever auto-update features other vendors' software may have. Reader Russell Atwood writes:

* "In issue 75, I found it humorous to have a long article from Woody Leonhard on the trials and tribulations of Windows Automatic Update (don't let it happen to you), and in the Security Baseline, instruct customers to do exactly what Mr. Leonhard says don't do (turn on Automatic Update).

I understand both sides, but it still makes me smile with the irony of it.

Great newsletter, keep up the good work."

The Security Baseline actually never mentions Windows' Automatic Updates. It says, "Individual users should opt into the new, free Microsoft Update, an improvement over Windows Update." Both Microsoft Update and the older Windows Update allow AU to be enabled, disabled, or set to "notify only," as you please.

To make myself perfectly clear, I'm adding to the Security Baseline a recommendation that advanced users disable AU and study the latest copy of this newsletter before installing any Patch Tuesday upgrades.

Norton Internet Security imposes auto-updates

Norton Internet Security, a software security suite, complains and asserts control over auto-updates if users choose manual updates instead. Reader John Lambert writes:

* "My Norton Security flags me that I have 1 'problem' affecting my system when I take Woody's advice to select a button other than the option to take auto-update. Should I worry about this?"

This is surely a harmless warning, although irritating. A more serious dificulty is that NIS can change Windows' auto-update settings without notifying you. A reader by the name of Scott writes:

* "Turning off Windows' auto-update may not be enough to prevent a nasty update surprise. Those who use Norton Internet Security should be aware that Norton will automatically turn on Windows' Automatic Updates unless you turn off automantic updates in Norton. You will continue to get Windows' Automatic Updates downloaded and installed whether you like it or not.

Turn off automatic updates in Windows and Norton if you want any hope of control over updates."

Again, my advice is that novices should auto-update, which includes auto-updating Norton Internet Security and other security software. Everyone else should learn to read up on patch problems and then install new patches manually within a few days of their release.

The readers named above will receive a gift certificate for a book, CD, or DVD of their choice for sending me comments that I printed. To send more information about auto-updates, or to send a tip on any other subject, visit WindowsSecrets.com/contact.


5/23/06

Patch a Cat 5 Cable

Need an Ethernet connection to connect multiple PC's at home. Save some money by patching some Cat 5 cable. It can be a pain because your going to need cable crimps and Cat 5 plugs. But it's nothing that you can get at your local Lowes or Home Depot store. Usually you only need 4 cables to patch a connection. But if you really want to patch the cable correctly here is how to do it. Now you can wire your home the way you want easily.

Ps: Cat 6 is better shielded and you may want to pay an extra penny to get better reliable connection.

5/22/06

Resize any Picture Online

If you have a picture that you need to resize. Check out this online resizing site to change your picture to a more acceptable size. It's free and if you still need more cropping software to edit your pictures. Make sure you do a google search for cropping pictures online. You'll be amazed on how many site you'll find for free.


5/21/06

Need a Tivo like software for your PC

Take a look at Snap Stream Software for your PC.
It makes it easy compatible with other playback devices such as your pocket PC, TV or wireless network. Watch TV where ever you go.


5/20/06

Canon SD430 - Wireless Digital Camera

Here is a camera with class. Not only is it a 5 Megapixel Camera it's connects wirelessly to your 802.11b devices. Get a hold of a new generation of cameras to come in the future. How nice will it be to easily print a picture you just took wireless via your camera. This is just the beginning of more camera like this one to be developed in the future.


5/19/06

Office Online - The New Generation

Today there are several new online office software that will change the future of office applications. Is it's worth the expense, well that's up to you. But there is no stopping what they are prepared to do to sell you that monthly premium. No more bug's, conflicts and no service pak updates to worry about. Only time will tell if it's an investment for you.

JotSpot

Hyperoffice

Microsoft Office Live


WebEx

Writely

5/18/06

5/17/06

Security with Absolute

Afraid of your laptop, PDA or cell phone going into the wrong hands. This software is your protection. Whether its your local thief or a dishonest employee. When a laptop, PDA or cell phone is lost or stolen. Just logon to Absolute and the item is history. The software can not be un installed and all valuable information is deleted upon request. Plus the software works in invisible mode and could later on help you catch that thief. Never fear about every loosing another item again.


5/16/06

Access files Everywhere

A while back I suggest a link named LogMeIn to access your files anywhere. This site does the same thing and it's also free. I love the freebees and accessing your PC should be a next generation thing and I just hope things remain free forever.
Your computer is your personal library and address book and how nice it would be to easily remotely access it everywhere.


5/15/06

Maps for Mobile

Need directions and don't have time to write down or print out your directions.
Maps for mobile is a new development that gives your the upper hand in making traveling easier for anyone. Yahoo has also incorporated this technology but the software works only with some mobile phones for now. Hopefully the trend will make the software user friendly to all phones in the future.


5/14/06

CellStik

Want to import contacts to another phone. Try Cellstik.
Cellstik will have more upgrades in the months to come but the convenience is that you can save your contacts from one phone and transfer it to another phone.
The old bad thing about it is that if your upgrading to a different manufacture, your out of luck but have no choice but to buy another Cellstik to make it work, hopefully there will be a fix for this in the future.
Easy, Fast and reliable.


5/13/06

Wifi Security Simplified

Looking for a simple Wifi Security system for your home network. This software guarantees just that with a subscription fee. It not only protects you of unwanted intruders but automates windows updates. Too bad no antivirus software is not included. But you can always download the basic version and see if this service works with your home network.


5/12/06

Samsung Blackberry t719

It's about time.
Samsung has integrated the Blackberry and cell phone together so get ready to see copycats from major manufactures. You not only can ditch your blackberry but it will be integrated with your cell phone now and it will be easier to carry.
The keyboard is compressed but this is the start of something more beautiful to come.


5/11/06

Pre-N Routers To Buy or Not to Buy

If your looking to buy Pre-N Routers here some information that you should remember.
Right now companies like D-Link and Linksys are developing Routers with Pre-N Specs that have yet to be finalized. If you do buy now a Pre-N Router you might be out of luck when the standards are finalized. There might not be upgraded via firmware and might have to buy another Pre-N Router in the long run.
These companies are producing products that yet have to meet with other Pre-N products that will marketable in the future. So your more likely will be forced to buy another finalized Pre-N products to work with other Pre-N products.
My main point is that you should wait until everything is finalized otherwise your just throwing your money away.


5/10/06

Get Ready for LaLa

The new music like Napster service lets users trade CD's on the cheap and recommend albums in a new way. Register now and wait for launch in July. But it caters to your needs by comparing it with your current music selection. The more you list the more you get. You trade CD's with other LaLa members similar to the Netflix for movies.
Will the site be successful, depends on how people use the service. But it's a satisfying service for the still young music service world.


5/9/06

Learn How to Play in the Casinos

Here is a great site to learn how to play all those great games they have in the Casinos. It's free and you learn the tricks from the pros. Be ahead make sure you know how to play.


5/8/06

Seen an article but Can't Find it

Hopefully this site will help you end your search and find that missing article your dying to read.

manz

5/7/06

Directory of open access Journals

If you love Journals than this is a great bookmark site to save.
Sit back and enjoy your Journal directory.

5/6/06

My Date with Drew

With all the documentaries out there. Who would every think of doing a documentary of going out with Drew. For starters the web site and publicity will go on for as long as it can go on. Great way to start a small business from scratch. Who could figure this would ever work.
So remember the secret to making money is out there. All you need is a good plan.


5/5/06

Gmail Email Services Done Easier

In the past I showed you have to setup Gmail via Outlook.
So here is it again.

If your currently using Gmail and want to incorporate this email client with your Outlook software it's as easy as 1,2,3.
Gmail making a better tomorrow.

Don't forget to check out other Gmail services

Gmail Services