August 30, 2008

4 Things to Consider When Buying A Laptop

Tech Tip 182

By Bryan Lambert – Sunday, August 24, 2008

PullQuote 182In 2005, here at Tech Tips we published an article “5 Things To Consider When Buying A Laptop Computer We have decided to blow the dust off the article, update, and present to you a ‘made for today’ version:

4 Things to Consider When Buying A Laptop

With laptops now well established, and having a commanding share of the computer parts market, it is only fair to consider a few points when purchasing your new laptop computer.  When we are talking “laptops”, (or as some prefer to call them, notebooks), buyers today have a virtual cornucopia of extras and features to choose from. 

1) Primary Functionality

A favorite mantra of mine to any who are considering which laptop to purchase (really, this would apply to desktops computers as well) is asking yourself: What are you planning to use the computer for?  The answer to this question in many ways dictates the direction to focus your computer buying attention.  Are you planning on gaming or just tooling around the Internet? Is it for the kids' homework, or is it something that needs a bit more power to do some video editing?  A computer bought for the kids' homework may only need a low end (basic) processor, while something for gaming would call for a far more powerful processor.  For many people, it is a delicate balance of performance and pocketbook. 

2) Who Made What?

Most of the laptops sold today are actually made by a handful of Taiwanese companies.  The top five companies (Quanta, Compal, Wistron, Inventec, and Asus) actually manufacturer over 85% of all laptops sold worldwide.  All the top tier computer “manufacturers” (for example: Acer, Apple, Dell, HP/Compaq, Gateway, Fujitsu, Lenovo, Sony, Toshiba, etc. etc) generally are not really “manufacturing” laptops per se, but rather contracting one or more of these companies to manufacturer their laptops for them.  Because such a small number of companies make the majority of laptops today, the modern laptop is essentially a commodity product, differentiated by its features and casing – the internal components are pretty much the same. The good news in all of this is that top tier manufacturers’ laptops pretty much have the same reliability – the bad news if when an “oops” occurs, (such as the recent issue with nVidia video chipsets it tends to affect more than just one computer manufacturer.


3) Faster, Higher, Stronger

With the delicate balance of performance and pocketbook to keep in mind, the three BIG things that will determine your laptop's performance out of the gate will be: processor, memory, and video. Other things will affect it as well, but these seem to be the “big three.”

• Processors

ProcessorsMainstream high-end processors are generally considered to be the Intel Core 2 Duo with the AMD Turion 64 X2 coming up behind it. The mainstream middle-end processors would be the AMD Athlon 64 X2 and the Intel Pentium Dual Core. If at all possible, and in that order, these four proceeding processors would be the ones to look for.  That being said, the mainstream bargain (the nice way of saying “low-end”) processors would be the Intel Celeron Dual Core, Intel Celeron M, and AMD Sempron. Both AMD and Intel use model numbers for their processors (to distinguish as the core use, processor megaHertz, bus speed, and cache) and these can be confusing.  I’d recommend using a table (such as many that are found on to be able to differentiate, say, a T5550 from a T7200.

Memory_IMpropecia over the counter height=”200″ align=”right” />

• Memory

Computer memory is pretty simple – the more you have the better it goes. One Gigabyte of RAM is usually considered the starting point that you’d want to look at, 2GB is even better (except on bargain units, where 512 megabytes would be ok).

• Video

On video memory, the way the market currently stands, there are two distinct options:  using a “discrete” (separate) video chipset with dedicated memory, or using an “integrated” video chipset that shares the computer main memory.  ATI and nVidia Videooffer discrete chipsets of various flavors and amounts of dedicated memory, while Intel, ATI and nVidia all offer integrated solutions. Generally speaking, discrete video chips perform much better in gaming (in fact, gaming is not really recommended when using integrated chipsets), video editing, etc.  If you plan to use your laptop for
e-mail, writing and surfing the web, then getting a laptop with a discrete chipset would be a waste of money.

eee_PC4) It’s Small and Cheap … It Must Be Good??

One of the big trends currently is small, very, basic cheap laptops commonly called “Netbooks”.  These are ultraportable laptops with very basic processors (read that as “slow”), low memory and hard drive capacity, and may include an operating system you’re not familiar with (read that as “Linux”). These laptops are great for travel and as a second laptop or for the kids – but for any kind of serious computing, they are not really recommended.

Manufacturers have also been racing to get thin and light units to the marketplace such as the Apple MacBook Air and the Lenovo X300 laptops as well as using material other than plastic for the outer casing (such as carbon-fiber and magnesium alloy). Large screened desktop replacement and entertainment laptops are also popular models as well and usually feature extras such as a TV card, Blu-ray player and remote control (sometime more than one!) Tablet and Convertible Laptops (“normal” laptops whose screens flip around to become a tablet) also have their legion of followers as do the rugged industrial strength laptops such as Panasonic’s Toughbook series.


Fait Accompli – La Fin!

Though by no means exhaustive, and some things painted in broad strokes, it is our hope that this Tech Tip will help you to navigate the rivers of uncertainty in the laptop jungle and help you reel in the perfect laptop!

Permalink • Print • Comment

How do I… scan a hard drive for sensitive data with Spider?

  • Date: August 20th, 2008
  • Author: Jack Wallen

A tool like Spider 3 can protect sensitive data with little effort or cost.


There are many reasons why you would want to do a thorough scan on a PC for specific data. You could be recycling computers, bringing in new employees (to take over previous employees’ machines), or simply removing sensitive information from a permanently networked machine. Regardless of your reason, a 120GB hard drive is a large drive to manually search for strings of data. But with the help of Cornell University’s Spider tool, this task becomes quite a bit easier.

Spider works by scanning archive, normal, compressed, and temporary files (so long as the file isn’t locked for use or encrypted) for data types such as U.S. Social Security numbers, Canadian Social Security numbers, credit card numbers, U.K. National Health Insurance numbers, and any data type for which the user supplies a regular expression. Spider can be run in two different ways: GUI and command line. And best of all, Spider is open source and crossplatform (Windows, OS X, UNIX.)

This blog post is also available in PDF format in a TechRepublic download.

Getting and installing

You first need to download the correct binary package (which includes the source) from the download Cornell University security tools page. For Windows you will be downloading a compressed .zip archive. Uncompress that file, and you will have a new directory called “Spider_release.” Inside this folder is a README, a installation binary, and a directory containing the source propecia order code. Double-click on the installer package to install Spider 3.

The installation is a no-brainer. Just let it do its thing, and you will wind up with a new entry in your Start menu. This entry, Spider 3, contains three subentries:

  • RegexLibraryBuilder.exe
  • spider_3.0.exe, and
  • SpiderRegConvert.exe.

Starting Spider 3

From the Spider 3 menu, click the spider_3.0.exe entry to fire up Spider 3. The first window you will see is the main window (there is no initial configuration). Figure A shows the main window ready for a scan.

Figure A

Not much to it on the outside. It’s what’s on the inside that counts.

If you click Run Spider, you are going to initiate a default scan that will scan drive and network shares for strings matching: 15-string credit card numbers and U.S. social security numbers. This scan will create a log on your local drive (it is critical that this file be deleted when you are finished examining Spiders’ findings).

So click Run Spider. The window will only change by showing what file the application is scanning (see Figure B).

Figure B

If Spider is taking a long time on a particular file, you can skip that file by hitting the Esc key.

During the scan you will probably notice when Spider locates any multimedia files because it will slow down. This is only because of the size of the file. As stated above you can skip this file by hitting the Esc key. If you have a lot of these, this process can be a pain. Fortunately Spider 3 has a way around this.

Configuring Spider 3

From the main window, click on the Configure menu and select the only entry: Settings. From this window (Figure C) you can take care of every possible Spider configuration you could hope for.

Figure C

Any time you feel you have monkeyed with the options beyond recognition you can reset to default.

Say you do not want Spider 3 spending too much time with your music collection (and any file associated with said collection). To avoid this, you will want to go to the File Extension Management tool. To get there, click on the Scan Options tab and then click the File Extension Management button (see Figure D).

Figure D

As you can see the default skip list is fairly lengthy.

By default most media extensions are already included in the skip list. But say you have another type of file (or even an in-house file type) that you want to skip. To add a new extension to skip is simple. Click on the Add button under File Extensions to Skip, which will open up a new window (Figure E).

Figure E

Once you have added the new extension, click OK and the window will close.

Naturally, depending on the size of the drive and the amount of files on the drive, the scan can take quite some time. But once the scan is done, the log viewer will open to show you the complete results of the scan.

Viewing the results

Once the scan is complete, the Spider 3 log viewer will automatically open. This log viewer is a very helpful tool in that it gives you instant information on each file and what hit type Spider 3 has found. Take a look at Figure F. You will see a number of files that drew flags from Spider 3.

Figure F

I actually had more hits than I thought I would.

When you highlight a suspected file, below the file listing you will see all the information you will need to have. In the example above you can see that the file klein.pdf is flagged with a credit card number. I happen to know this is a false positive, so I can ignore that file. However there were file listings (not shown) that did have bank account information. Those files had been backed up, and their location was mostly obfuscated. So I most likely would have completely forgotten of their existence. Thanks to Spider 3 I can delete them.

Taking action

To take action on a file (which basically means to delete the file), you do not have to open up Explorer and navigate to said file. Instead you can simply highlight the file within the log viewer and click the Erase or Delete File button.

Now the Run button is interesting. Say the file flagged has an associated application (for example Adobe Reader for PDF files). If you have a PDF file highlighted, clicking the Run button will open that highlighted file in Adobe Reader. This is a quick way to view the file to make sure Spider hasn’t hit a false positive.

Final thoughts

Without applications like Spider 3 many people would be exchanging PC hard drives with very sensitive data on them. But thankfully applications like this do exist and they are simple to use. I would highly recommend Spider 3 to any IT admin (or even home user) who wants to make sure sensitive data is not found on their hard drives.

Permalink • Print • Comment

How do I… create a Suspend mode shortcut in Windows XP?

  • Date: August 20th, 2008
  • Author: Greg Shultz

On the Advanced tab of the Power Options Properties dialog box, Microsoft Windows XP provides you with several built-in shortcuts for putting your computer in Suspend mode — either Standby or Hibernation. These shortcuts allow you to reconfigure the operation performed when pressing either the Power or Sleep buttons. (If you’ve enabled the Hibernation feature from the Power Options Properties dialog box, using these shortcuts will put your computer into Hibernation mode. If you haven’t, using these shortcuts will put your computer into Standby mode.)

Figure A

Power Options dialog box — Advanced tab

This blog post is also available in PDF format in a TechRepublic download.

propecia or proscar

However, if you wish to expand your alternatives, you can create a standard shortcut that will put your computer in Suspend mode. You can the put the shortcut on your desktop or place it on the Quick Launch bar, where you can easily put your computer in a suspended state with a click of your mouse.

Here’s how:

  1. Right-click the desktop and select New | Shortcut.
  2. When the Create Shortcut wizard’s location text box appears, type:
    rundll32.exe PowrProf.dll, SetSuspendState
  3. Give the shortcut a name like Suspend Now!
Permalink • Print • Comment

CPU-Z 1.47

CPU-Z 1.47

CPU-Z is a diagnostic tool that provides information on your CPU, including: processor name and vendor, core stepping and process, processor package, internal and external clocks, clock multiplier, partial overclock detection, propecia online processor features, supported instructions sets, L1 and L2 cache information, location, size, speed, and technology.

Permalink • Print • Comment

Revealed: The Internet’s Biggest Security Hole

By Kim Zetter
August 26, 2008 | 8:00:00

Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.

The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.

The demonstration is only the latest attack to highlight fundamental security weaknesses propecia online prescription in some of the internet's core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy.  The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.

"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago…. We described this to intelligence agencies and to the National Security Council, in detail."

The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper's network.

Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can't always vacuum in traffic within a network — say, from one AT&T customer to another.

The method conceivably could be used for corporate espionage, nation-state spying or even by intelligence agencies looking to mine internet data without needing the cooperation of ISPs.

BGP eavesdropping has long been a theoretical weakness, but no one is known to have publicly demonstrated it until Anton "Tony" Kapela, data center and network director at 5Nines Data, and Alex Pilosov, CEO of Pilosoft, showed their technique at the recent DefCon hacker conference. The pair successfully intercepted traffic bound for the conference network and redirected it to a system they controlled in New York before routing it back to DefCon in Las Vegas.

The technique, devised by Pilosov, doesn't exploit a bug or flaw in BGP. It simply exploits the natural way BGP works.

"We're not doing anything out of the ordinary," Kapela told "There's no vulnerabilities, no protocol errors, there are no software problems. The problem arises (from) the level of interconnectivity that's needed to maintain this mess, to keep it all working."

The issue exists because BGP's architecture is based on trust. To make it easy, say, for e-mail from Sprint customers in California to reach Telefonica customers in Spain, networks for these companies and others communicate through BGP routers to indicate when they're the quickest, most efficient route for the data to reach its destination. But BGP assumes that when a router says it's the best path, it's telling the truth. That gullibility makes it easy for eavesdroppers to fool routers into sending them traffic.

Here's how it works. When a user types a website name into his browser or clicks "send" to launch an e-mail, a Domain Name System server produces an IP address for the destination. A router belonging to the user's ISP then consults a BGP table for the best route. That table is built from announcements, or "advertisements," issued by ISPs and other networks — also known as Autonomous Systems, or ASes — declaring the range of IP addresses, or IP prefixes, to which they'll deliver traffic.

The routing table searches for the destination IP address among those prefixes. If two ASes deliver to the address, the one with the more specific prefix "wins" the traffic. For example, one AS may advertise that it delivers to a group of 90,000 IP addresses, while another delivers to a subset of 24,000 of those addresses. If the destination IP address falls within both announcements, BGP will send data to the narrower, more specific one.

To intercept data, an eavesdropper would advertise a range of IP addresses he wished to target that was narrower than the chunk advertised by other networks. The advertisement would take just minutes to propagate worldwide, before data headed to those addresses would begin arriving to his network.

The attack is called an IP hijack and, on its face, isn't new.

But in the past, known IP hijacks have created outages, which, because they were so obvious, were quickly noticed and fixed. That's what occurred earlier this year when Pakistan Telecom inadvertently hijacked YouTube traffic from around the world. The traffic hit a dead-end in Pakistan, so it was apparent to everyone trying to visit YouTube that something was amiss.

Pilosov's innovation is to forward the intercepted data silently to the actual destination, so that no outage occurs.

Ordinarily, this shouldn't work — the data would boomerang back to the eavesdropper. But Pilosov and Kapela use a method called AS path prepending that causes a select number of BGP routers to reject their deceptive advertisement. They then use these ASes to forward the stolen data to its rightful recipients.

"Everyone … has assumed until now that you have to break something for a hijack to be useful," Kapela said. "But what we showed here is that you don't have to break anything. And if nothing breaks, who notices?"

Stephen Kent, chief scientist for information security at BBN Technologies, who has been working on solutions to fix the issue, said he demonstrated a similar BGP interception privately for the Departments of Defense and Homeland Security a few years ago.

Kapela said network engineers might notice an interception if they knew how to read BGP routing tables, but it would take expertise to interpret the data.

A handful of academic groups collect BGP routing information from cooperating ASes to monitor BGP updates that change traffic's path. But without context, it can be difficult to distinguish a legitimate change from a malicious hijacking. There are reasons traffic that ordinarily travels one path could suddenly switch to another — say, if companies with separate ASes merged, or if a natural disaster put one network out of commission and another AS adopted its traffic. On good days, routing paths can remain fairly static. But "when the internet has a bad hair day," Kent said, "the rate of (BGP path) updates goes up by a factor of 200 to 400."

Kapela said eavesdropping could be thwarted if ISPs aggressively filtered to allow only authorized peers to draw traffic from their routers, and only for specific IP prefixes. But filtering is labor intensive, and if just one ISP declines to participate, it "breaks it for the rest of us," he said.

"Providers can prevent our attack absolutely 100 percent," Kapela said. "They simply don't because it takes work, and to do sufficient filtering to prevent these kinds of attacks on a global scale is cost prohibitive."

Filtering also requires ISPs to disclose the address space for all their customers, which is not information they want to hand competitors.

Filtering isn't the only solution, though. Kent and others are devising processes to authenticate ownership of IP blocks, and validate the advertisements that ASes send to routers so they don't just send traffic to whoever requests it.

Under the scheme, the five regional internet address registries would issue signed certificates to ISPs attesting to their address space and AS numbers. The ASes would then sign an authorization to initiate routes for their address space, which would be stored with the certificates in a repository accessible to all ISPs. If an AS advertised a new route for an IP prefix, it would be easy to verify if it had the right to do so.

The solution would authenticate only the first hop in a route to prevent unintentional hijacks, like Pakistan Telecom's, but wouldn't stop an eavesdropper from hijacking the second or third hop.

For this, Kent and BBN colleagues developed Secure BGP (SBGP), which would require BGP routers to digitally sign with a private key any prefix advertisement they propagated. An ISP would give peer routers certificates authorizing them to route its traffic; each peer on a route would sign a route advertisement and forward it to the next authorized hop.

"That means that nobody could put themselves into the chain, into the path, unless they had been authorized to do so by the preceding AS router in the path," Kent said.

The drawback to this solution is that current routers lack the memory and processing power to generate and validate signatures. And router vendors have resisted upgrading them because their clients, ISPs, haven't demanded it, due to the cost and man hours involved in swapping out routers.

Douglas Maughan, cybersecurity research program manager for the DHS's Science and Technology Directorate, has helped fund research at BBN and elsewhere to resolve the BGP issue. But he's had little luck convincing ISPs and router vendors to take steps to secure BGP.

"We haven't seen the attacks, and so a lot of times people don't start working on things and trying to fix them until they get attacked," Maughan said. "(But) the YouTube (case) is the perfect example of an attack where somebody could have done much worse than what they did."

ISPs, he said, have been holding their breath, "hoping that people don’t discover (this) and exploit it."

"The only thing that can force them (to fix BGP) is if their customers … start to demand security solutions," Maughan said.

Permalink • Print • Comment
Next Page »
Made with WordPress and a search engine optimized WordPress theme • Sky Gold skin by Denis de Bernardy