Sony A5000 Review

Introduction

The A5000 is the new entry-level model in Sony’s range of compact system cameras. It’s also currently the world’s smallest, lightest interchangeable lens camera with built-in wi-fi connectivity. Successor to last year’s NEX-3N model, the Sony A5000 features a 20.1 megapixel Exmor APS HD CMOS sensor, BIONZ X processor, full HD AVCHD (60i/50i/25p/24p) video recording, 3-inch 180° tiltable LCD panel with 460k-dot resolution, built-in pop-up flash, a zoom lever, 4fps burst shooting, 25-point contrast-detect autofocus system, 1,200-segment exposure meter, Auto Object Framing mode, a range of Picture Effects, NFC connectivity and 480 shot battery life. The Sony A5000 is available now in white, silver or black priced at around £420 / $499.99 with the 16-50mm power zoom lens and £630 with the 16-50mm power zoom and 55-210mm lenses.

Ease of Use

The new Sony A5000 is virtually identical to its predecessor, the NEX-3N, the main design changes being a bigger handgrip and the relocation of the Playback button to the rear of the camera, while internally the main menu system has been completely revamped. Given the recent release of the Panasonic Lumix GM1, Sony are now marketing the A5000 as the smallest interchangeable lens camera with wi-fi in the world, weighing a mere 210g and measuring 109.6 x 62.8 x 35.7mm - and they've still retained the NEX-3N's built-in pop-up flash and 180-dgree tilting LCD screen.

Despite weighing so little (admittedly without the lens and battery fitted), the A5000 still feels solid gripped in the palm, though with a lens attached it's too large for most jacket pockets. It now has a taller, bigger grip than the NEX-3N with a subtle indentation near the top, which slightly improves your grip on the camera. With the supplied 16-50mm power zoom kit lens attached the Sony A5000 doesn't look or feel too top heavy, as the lens retracts back into itself when not in use, making for a very compact overall package.

The 3 inch LCD screen can be tilted back and forward through a full 180° - if not, unfortunately swung outwards at 90° - to allow for low and high angle compositions we might not have attempted without. You can even fully turn it to the front, proving very useful for those ubiquitous selfies, although you can't close it inwards against the camera body to help protect it.

The A5000 offers the High Definition video shooting of the rest of the NEX series, full HD AVCHD (60i/50i/25p/24p) with stereo sound to be precise, which will be more than adequate for the A5000's target audience. It also features a useful dedicated red camcorder-style video record button for instant thumb-operated video access on the rear.

Low light sensitivity without flash also theoretically looks set to show rivals a thing or two by ranging from ISO 100 to a maximum ISO 16000 equivalent setting. Impressive stuff, and matching the sort of spec we're used to seeing on mid-range DSLRs. There's no in-body image stabilisation offered by the A5000 unfortunately, so this is via the lens only. It appears to work well, at least as effectively as the in-camera or lens based anti-shake methodology deployed by rival brands.

Front	Rear

The A5000's design is pleasingly pared-back, particularly when viewed from the front. Sony branding and black plastic DSLR-style lens release button aside, all we find on the faceplate is a small porthole-shaped window for the AF assist/self timer lamp, and the revised handgrip with a dimpled surface for a firmer hold. Oh, and the "APS-C" moniker just in case you want to brag about the size of your sensor to your Micro Four Thirds friends.

The top plate looks similarly functional rather than fashionable. The A5000 is turned on or off via a flick of a chunky, nicely rigid switch to the far right, rather than via the recessed button that we usually find on cameras with a small form factor. Do this and it's a wait of 1-2 seconds before an image materializes on the LCD allowing the first shot to be framed - slightly slower than we expected in this regard, and no match for a DSLR proper.

One feature on the A5000 that's designed to make it more accessible to upgraders is a power zoom switch, very similar to that found on many compact cameras. This allows the 16-50mm kit lens to be zoomed in three different ways; using the zoom lever on top of the camera, which is good for one-handed operation, via the zoom ring on the lens, and finally using the zoom control on the side of the lens. If you don't have a power zoom lens attached, the the zoom lever less adjusts the digital zoom instead (it that's enabled), and it can also be used to zoom during image playback regardless of the lens that's fitted.

Underneath the On/Off switch is the thumb-operated dedicated movie record button. Press this and the user is instantly recording video, whatever alternative shooting mode might previously have been in use. Like the same control found on the Panasonic G-series and Olympus PEN cameras, this proves essential with regard to spur of the moment filming.

Front	Tilting LCD Screen

Also positioned atop the camera is the integrated pop-up flash, positioned inline with the centre of the lens, which borrows a lot of design cues from the flagship NEX-7 model. Note that the A5000 doesn't offer an accessory port for attaching optional accessories like the FDA-EV1S electronic viewfinder or the ECM-SST1 microphone, unlike the more expensive NEX/Alpha models. Two small holes either side of the flash for the stereo sound complete the camera's top-plate.

Press the shutter release button down halfway and, after a blink-and-you'll-miss-it moment of focus/exposure adjustment, the AF point/s highlight in green accompanied by a beep of affirmation to indicate that the user is good to continue on and take the shot. Do so, and in single shot mode to the sound of a satisfying shutter click, a full resolution JPEG is written to memory in about 2 seconds. There is the option to also shoot Raw files, or even more usefully for those who wish to hedge their bets Raw and JPEG images in tandem. You also get Fine or Normal compression levels offered for JPEGs.

Press the Menu button on the rear six icons appear on screen - Camera Settings, Custom Settings, Wireless, Applications, Playback and Setup. Choosing one of these opens a text-based menu system with with white text on a black background aiding visibility. The six Camera Settings folders allow users to select image size, ratio and quality and - if JPEG (RAW and RAW+JPEG also available) - compression rates too, plus features like long exposure and high ISO noise reduction - all in fact activated as a default, and also contains the video quality and audio options, while the four Custom Settings folders allow you to tweak the A5000 to your way of working.

Just like Olympus and Panasonic, the Sony A5000 offers a range of creative Picture Effects, including posterisation, partial colour, retro, high-key, mono and toy camera. These effects can also be applied when using the Intelligent Auto shooting mode. The Soft Skin mode automatically retouches portraits, removing any minor blemishes and wrinkles for a more conventionally good-looking appearance.

Pop-up Flash	Top

The Auto Object Framing mode uses face detection, By Pixel Super Resolution technology and the rule of thirds to automatically take better pictures of still lifes, moving subjects and macro close-ups. Sony's catchily named Pixel Super Resolution Technology ensures that the resulting image is still a full 20 megapixels in size, and the original uncropped image is also saved for easy comparison.

The various shooting modes are rather inconveniently buried away as the first option in the Camera Settings menu, including standard P,A,S,M, 9-strong scene mode, intelligent auto and Sweep Panorama modes. Even in Intelligent Auto mode users still have the ability to get hands on to a degree thanks to the Photo Creativity mode. This provides easy-to-understand control over a number of key parameters via a series of interactive on-screen sliders, with the real-time preview on the LCD providing instant feedback to the beginner target audience.

In addition to controlling the background defocus, with a half moon shaped indicator appealing on-screen to the side of the scroll wheel, defocus at the bottom of the arc, 'crisp' at the top, you can also change the vividness, brightness and colour of the image, plus add a Picture Effect or the Soft Skin Effect, and set the self-timer and burst shooting options. You can even apply more than one option at a time and go back and individually change them if you wish.

The A5000's external backplate is once again a sparse affair, the majority of it taken up by the 3-inch widescreen ratio angle-adjustable LCD that stretches from base to top plate. To the right of this are the main controls, with the aforementioned Menu button at the top. Underneath is a scroll wheel, used to move through the various menu options and make selections, which has its own central, unmarked set button. Th scroll wheel is quite responsive to the touch, which, on a positive note, means that tabbing through options is a swift process, but on the other hand it's easy to slip past the setting you actually wanted when hurrying through them as a photo opportunity suddenly presents itself.

Set at the four points around this scroll wheel/pad are a means of adjusting the Display (top), ISO Speed (right) the Exposure Compensation / Picture Effects (bottom) and the Self-timer/Drive mode options. Note that all of the buttons around the navigation wheel and the center button too can optionally be assigned to a custom function of your choice.

Memory Card Slot	Battery Compartment

Sitting alongside the self-explanatory dedicated playback/review button, the last button on the camera back provides a means of activating the Help function, which Sony no doubt hopes to provide a crutch for new users trading up from a bog-standard point and shoot compact. Examples of textual advice, complete with small pictorial thumbnail alongside, include 'increase the ISO sensitivity to make the shutter speed faster', and then, the thoughtful addition: 'higher ISO sensitivity may make noise stand out.' Hand holding for those who want it then, while more experienced users can reconfigure the button to something more useful.

As denoted by symbols on the side of the camera, the Sony A5000 is wi-fi and NFC capable and the functions can be adjusted in the Wireless main menu. You can choose to transmit the images to either a smartphone computer, or a compatible TV set. One cool feature of the wi-fi is being able to link the camera to your smart phone using the PlayMemories Mobile app. You can then use the phone as a remote so those outstretched arm 'selfies' will be a thing of the past. The A5000 also features NFC (Near Field Communication) technology (the same technology that's used for mobile payments), which allows you to connect it to a compatible internet enabled device or another NFC-enabled camera by simply tapping them together. You can also use the WPS Push option to locate a hot spot, access settings, edit the device name, display the MAC address or format all settings if you wish.

In addition to the built-in wi-fi/nfc connectivity, the A5000 supports PlayMemories Camera Apps. As the name suggests, this is a downloadable service that lets you add new functionality to the camera, either via wi-fi or USB connection. Smart Remote Control, which allows you to control the exposure and shutter release via your smartphone, is preinstalled on the A5000. Other optional apps available include Picture Effect+, Bracket Pro, Multi Frame NR, Photo Retouchand Direct Upload, and Sony plans to provide more new apps in the near future. Note that only some of the apps are free.

Peaking is a feature that provides a level of hand-holding for manual focus users. When turned on to one of the three levels (low, mid, high), this essentially draws a coloured line (red, white or yellow) around the areas of highest contrast in the image when you're manually focusing the camera. Used in conjunction with the magnified focus assist, this makes it a cinch to focus accurately on a specific part of the subject, something that the majority of digital cameras have struggled with. It can even be used in the movie mode, again providing a real boon to your creativity.

At the base of the A5000 we find a metal screw thread for a tripod directly beneath the lens mount, and a compartment storing the rechargeable battery. The memory card slot is located on the left-hand side of the camera when viewed from the rear, here Sony reaching out to a wider audience by offering SD/SDHC/SDXC compatibility alongside its own Memory Stick. The left hand flank is also where users will find a covered port for HDMI connectivity and Sony's Multi port. Only the USB cable was provided with our review sample; there's no standard definition AV output. There's also a small built-in speaker for reviewing audio in the field on the bottom and protruding metal strap eyelets on either side of the camera.

Making Bootable Floppy Disk to Boot into Windows

Tutorial Objective

In this tutorial, it will guide the user on how he/she is able to make a bootable floppy disc that can boot into Windows.


Tutorial Introduction & Background & Facts

Many people are able to boot into an Operating System without any problems. But in one day, what if the boot files that include NTLDR, Boot.ini, and Ntdetect.com[/] file are corrupted due to virus infected, you are not able to boot into the OS. You will end up with reinstalling and repairing the OS in order to be able to boot into the OS again. Doing so will take you a lot of time. Therefore, in this tutorial, it will teach the user how to make the bootable floppy disc that can boot into Windows. So, when the user encounter the OS booting in the future due to boot files corruption, they are still able to boot into the OS and repair the OS bootup in less than a minute.


Pre-requites Tools

* A blank floppy disc

* A PC with running Windows 2000 series, Windows XP series, or 2003 series


Terminology & Explanation

(None)


Implementation

This tutorial and its procedure will guide the user on how he/she make the bootable floppy disc that can boot into Windows so that he/she is able to boot into Windows eventhough the Windows bootup is corrupted. All you have to do,

1-1) Go to [i]My Computer

1-2) Make sure that you unhide hidden system file in order for you to see the OS boot file

If you know how to unhide the hidden system, you can skip the following procedures to procedure # 2-1. Otherwise continue on with the following procedure.

1-3) Go to Tools menu, and choose Folder Options...

1-4) Go to the View tab

1-5) Under the Hidden files and folders, choose the option that says, "Show hidden files and folders"

1-6) Uncheck the checkbox that says, "Hide extensions for known file types"

1-7) Uncheck the checkbox that says, "Hide protected operating system files (Recommended)"

When the message box appears on the screen, just click the OK button to continue.

1-8 ) Click the OK button to continue

Now you should be able to see all the hidden files and the hidden system files.

2-1) Insert the blank floppy disc into the floppy drive

In order to be able to make the bootable floppy disc, you will have to first format it.

2-2) Go to Command Prompt (In Windows mode, that means Start -> Run -> cmd)

2-3) Change to A Drive (Floppy Drive) by typing the following in the Command Prompt and hit [Enter] key:

CODE
a:


2-4) After you change to A Drive in Command Prompt, format the floppy disc by typing the following in the Command Prompt and then press [Enter] key and follow the prompt:

CODE
format a:


Now the formatting floppy disc begins. When the formatting process completed,

2-5) Go back to My Computer

2-6) Go to the primary partition of the primary HDD (that means C Drive)

2-7) Copy all the following files from C Drive into A Drive (Floppy drive)

NTLDR
Boot.ini
Ntdetect.com

NTLDR, Boot.ini, and Ntdetect.com file are the boot files that are required to boot into the OS.

Once you copied those boot files into the A Drive (Floppy Drive), you just created the bootable floppy disc that can boot into Windows. Now you will have to verify it to see if booting from floppy disc works. Before you do that, it is recommended that you take the floppy disc out and set it to write-protected; therefore, your floppy disc is set to read-only. Doing that can prevent that any virus goes onto the floppy disc. After you do that, put that floppy back in.

3-1) Reboot the PC and enter the mobo BIOS setting

3-2) Verify the Boot Sequence to make sure that the Floppy Drive is set to first boot.

3-3) Save and exit the BIOS setting to reboot the system.

Once the system reboots, after the POST process, the system will boot from the floppy drive. If the system is able to boot from the floppy disc and enter to Windows, that means your bootable floppy disc for booting into Windows is working. Be sure that you label the floppy disc and put it in the safe place just for in case of that you need that to troubleshoot the Windows bootup in the future.


Benefical

* So that the user can enjoy the new method for troubleshooting the Windows bootup

* The user is able to boot into the OS by using that bootable floppy disc in case of that the Windows cannot bootup anymore due to the NTLDR is missing or corrupted error message.

* Users can spend their less time to troubleshoot and repair the Windows bootup. To repair the Windows bootup, boot from that bootable floppy drive, and then go to the C Drive (Active Partition from primary partition of primary HDD from My Computer applet. Then copy all bootup files from Floppy Disc into C Drive.


Additional Information

(None)


Search Keyword

boot bootup bootable floppy ntldr boot.ini ntdetect ntdetect.com create windows window missing corrupted

Manage Saved IE Passwords

When you enter a user name and password, Internet Explorer may ask if you want it to remember the password. Click on Yes and it will automatically fill in the password next time you enter that user name. But if you check Don't offer to remember any more passwords, then whether you click on Yes or No, you won't be prompted again. To recover this feature, launch Internet Options from IE's Tools menu, select the Content tab, click on the AutoComplete button, and check Prompt me to save passwords.

To delete an individual saved password entry, go to the log-on box on a Web page and double-click. Your saved AutoComplete entries will drop down. Use the arrow keys to scroll to the one you want to delete, and press the Del key.

Maximize Dial-up Modem Settings

Did you know that by changing a few settings you can make your dial-up modem run better? That's right—you might have a fast modem and a good connection, but you're not getting the best performance. With a few adjustments, you can get faster connection speeds.

NOTE: Since every PC configuration is different, these adjustments might not work for everyone.

With Windows 95, 98 & ME you'll need to open your Control Panel ( Start / Control Panel ). Click "System" then choose "Device Manager". Open up "Ports", highlight your modem port (should be COM2), and choose "Properties" near the bottom. When you click "Port Settings", you will see the modem speed listed under "Bits per second".

With Win XP , just hold down the Alt key and double-click "My Computer" to bring up System Properties. Click the "Hardware" tab, then choose the "Device Manager" button. Scroll down to "Modems" and click the little (—) to show your modem, then double click it.

Selecting the "Modem" tab will allow you to adjust the port speed.


Usually, the Maximum Port Speed is on the highest setting (115,000 bps), but sometimes you will find it on a slower default of 9600 bps. If you have a 56k modem, you can crank it up to the maximum setting without any trouble (in most cases). If you live in a cave and have a 28k modem, then the fastest you can do is 57,600 bps.

Win 9x users should also adjust the "Flow Control" near the bottom. The default for this is usually Xon/Xoff which is the software control—change this to "Hardware" if you want to get the most from your modem. Next, click the "Advanced" button to adjust the Receiver Buffer to its highest setting (all the way to the right). If you run into any problems, just turn this one back to the 2/3 setting.

To check/adjust the Receive-Transmit buffers in XP, click the "Advanced" tab of your modem properties then choose the "Advanced Port Settings" button. Make sure that both are set to their highest settings.

There are many more tweaks that can be done in the registry, but the potential for disaster is too high for the average user. Some folks install dial-up accelerators, which basically tweak these registry settings for you and perform other routines to optimize performance.

Just by changing these few settings, though, you should see better performance.

Microsoft's Really Hidden Files, Reveled Hidden files

Microsoft's Really Hidden Files: A New Look At Forensics. (v2.5b)
By The Riddler
October 14, 2001 (v2.0 finished May 16, 2001; v1.0 finished June 11, 2000)

Written with Windows 9x in mind, but not limited to.

DISCLAIMER:

I will not be liable for any damage or lost information, whether due to
reader's error, or any other reason.

SUMMARY:

There are folders on your computer that Microsoft has tried hard to keep
secret. Within these folders you will find two major things: Microsoft
Internet Explorer has been logging all of the sites you have ever visited --
even after you've cleared your history, and Microsoft's Outlook Express has
been logging all of your e-mail correspondence -- even after you've erased
them from your Deleted Items bin. (This also includes all incoming and
outgoing file attachments.) And believe me, that's not even the half of it.

When I say these files are hidden well, I really mean it. If you don't have
any knowledge of DOS then don't plan on finding these files on your own. I
say this because these files/folders won't be displayed in Windows Explorer at
all -- only DOS. (Even after you have enabled Windows Explorer to "view all
files.") And to top it off, the only way to find them in DOS is if you knew
the exact location of them. Basically, what I'm saying is if you didn't know
the files existed then the chances of you running across them is slim to
slimmer.

It's interesting to note that Microsoft does not explain this behavior
adequately at all. Just try searching on microsoft.com.

FORWARD:

I know there are some people out there that are already aware of some of the
things I mention. I also know that most people are not. The purpose of this
tutorial is teach people what is really going on with Microsoft's products and
how to take control of their privacy again. This tutorial was written by me,
so if you see a mistake somewhere then it is my mistake, and I apologize.

Thanks for reading.

INDEX:

1) DEFINITIONS AND ACRONYMS
2) WHY YOU SHOULD ERASE THESE FILES
3) HOW TO ERASE THE FILES ASAP
3.1) If You Own Microsoft Internet Explorer
3.2) Clearing Your Registry
3.3) If You Own Outlook Express
3.4) Slack files
3.5) Keeping Microsoft's Products
4) STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES (For the savvy.)
5) A LOOK AT OUTLOOK
6) HOW MICROSOFT DOES IT
7) +S MEANS [S]ECRET NOT [S]YSTEM.
8) THE TRUTH ABOUT FIND FAST
8.1) Removing Find Fast
9) CONTACT INFORMATION AND PGP BLOCKS
9.1) Recommended reading
10) SPECIAL THANKS
11) REFERENCES

Coming Soon:

ù pstores.exe
ù Related Windows Tricks.
ù The NSA-Key.
ù Researching the [Microsoft Update] button.
ù Why the temp folders aren't intended to be temporary at all.
ù What's with Outlook Express's .dbx database files?
ù Win2k support.


1. DEFINITIONS AND ACRONYMS

Well, the best definition I have been able to come up with is the following:

I) A "really hidden" file/folder is one that cannot be seen in Windows
Explorer after enabling it to "view all files," and cannot be seen in MS-DOS
after receiving a proper directory listing from root.

a) There is at least one loophole to enabling Windows Explorer to see them.
B) There is at least one loophole to enabling MS-DOS to see them.

(Interesting to note that the "Find: Files or Folders" utility cannot even
search through one of these folders. It doesn't even exist on the [Browse]
menu.)

II) Distinguishes "really hidden" file/folders from just plain +h[idden] ones,
such as your "MSDOS.SYS" or "Sysbckup" folder.

III) Distinguishes from certain "other" intended hidden files, such as a file
with a name with high ascii characters (eg, "?ëï¨?").

DOS = Disk Operating System
MSIE = Microsoft Internet Explorer
TIF = Temporary Internet Files (folder)
HD = Hard Drive
OS = Operating System


2. WHY SHOULD I ERASE THESE FILES?

Just from one of these files I would be able to tell you which web sites you
previously visited, what types of things you search for in search engines, and
probably gather your ethnicity, religion, and sexual preference. Needless to
say, one can build quite a profile on you from these files. It has the
potential to expose and humiliate -- putting your marriage, friendship, and
corporation at risk. Here's one good example of the forensic capabilities...

------------------------------------------------------------------------------

"I've been reading your article as I have a problem with an employee of mine.
He has been using the works pc for the internet and using it to chat and look
at porn sites. He was then deleting the cookies and history in order to cover
his tracks. A friend of mine pointed me in the direction of this site and
your article. I have found it to be incredibly useful,..."

--Concerned Boss, 8/24/01

------------------------------------------------------------------------------


3. HOW TO ERASE THE FILES ASAP

Step by step information on how to erase these files as soon as possible.
This section is recommended for the non-savvy. Further explanation can be
found in Section 4.0. Please note that following these next steps will erase
all your cache files and cookies files. If you use the offline content
feature with MSIE, it will remove this as well. It will not erase your
bookmarks.


3.1. IF YOU OWN A COPY OF MICROSOFT INTERNET EXPLORER

1) Shut your computer down, and turn it back on.
2) While your computer is booting keep pressing the [F8] key until you are
given an option screen.
3) Choose "Command Prompt Only" This will take you to real DOS mode. ME
users must use a bootdisk to get into real DOS mode.
4) When your computer is done booting, you will have a C:\> followed by a
blinking cursor. Type in this hitting enter after each line (sans
parenthesis):

C:\WINDOWS\SMARTDRV (Loads smartdrive to speed things up.)
CD\
DELTREE/Y TEMP (this line removes temporary files.)
CD WINDOWS
DELTREE/Y COOKIES (This line removes cookies.)
DELTREE/Y TEMP (This removes temporary files.)
DELTREE/Y HISTORY (This line removes your browsing history.)
DELTREE/Y TEMPOR~1

(If this last line doesn't work then type this:)

CD\WINDOWS\APPLIC~1
DELTREE/Y TEMPOR~1

(If this doesn't work then type this:)

CD\WINDOWS\LOCALS~1
DELTREE/Y TEMPOR~1

(If this still does not work, and you are sure you are using MSIE5.x, then
please e-mail me. Finding the location of these may be difficult and I'd
certainly like to know where else MSIE likes to hide its cache. I believe
older versions of MSIE keep them under "\windows\content\".)

This last one will take a ridiculous amount of time to process. The reason it
takes so incredibly long is because there is a ton of semi-useless cache
stored on your HD.


3.2. CLEARING YOUR REGISTRY

It was once believed that the registry is the central database of Windows that
stores and maintains the OS configuration information. Well, this is wrong.
Apparently it also maintains a bunch of other doo-dah that has absolutely
nothing to do with the configuration. I won't get into the other stuff, but
for one, your Typed URLs are stored in the registry.

HKEY_USERS/Default/Software/Microsoft/Internet Explorer/TypedURLs/
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/TypedURLs/

These "Typed URLs" come from MSIE's autocomplete feature. It records all URLs
that you've typed in manually in order to save you some time filling out the
address field. By typing "ama" the autocomplete feature might bring up
"amazon.com" for you. Although, I find it annoying, some people prefer this
feature. One thing is for sure, however -- it's an obvious privacy risk. You
wouldn't want a guest to type "ama" and have it autocomplete
"amaturemudwrestlers.com" now would you?

You can clear your Typed URLs out of your registry by doing going to Tools >
Internet Options > Content > [AutoComplete] > and finally [Clear Forms] under
MSIE. If you do not like the AutoComplete feature then uncheck the
appropriate boxes here.


3.3. IF YOU HAVE OUTLOOK OR OUTLOOK EXPRESS INSTALLED

Microsoft's e-mail clients DO NOT delete your messages until a) you really
know how, and B) you go through the redundant process. And besides this,
there's the glaring e-mail virus problems (in which virtually all other e-mail
client's are immune to.) This, alone, should be enough to want to strangle
Slick Willy -- as I like to call him.

My suggestion?

1) Install another e-mail program like Eudora or Pegasus Mail. Make sure
everything is setup correctly. (www.eudora.com / www.pmail.com)
2) Backup any e-mail and address books that you wish to save by making use of
the export/import features.
3) Uninstall Outlook.

Warning: Simply uninstalling Outlook does not erase any of your e-mail
correspondence. The database files are still there on your hard drive. To
find them open up a DOS window and type this:

dir *.mbx /s/p
The files you are looking for are:

INBOX.MBX
OUTBOX.MBX
SENTIT~1.MBX
DELETE~1.MBX
DRAFTS.MBX

If these files come up they should be listed in either of these folders:

C:\Windows\Application Data\Microsoft\Outlook Express\Mail\
C:\Program Files\internet mail and news\%USER%\mail\

Now type either of the following (depending on the location of your .mbx
files...)

*Remember, this will erase all your e-mail correspondence so backup what you
want to keep. By now you should have already imported your mail into Eudora,
or Pegasus Mail.

CD\WINDOWS\APPLIC~1\MICROS~1\OUTLOO~1
DELTREE/Y MAIL

or

CD\PROGRA~1\INTERN~1\%USER%

(replace "%user%" with the proper name.)

DELTREE/Y MAIL

If you have newer versions of Outlook or Outlook Express the databases are
*.dbx, or *.pst files. Five times as creepy as the *.mbx files. I recommend
that you take a look at them yourself.)


3.4. SLACK FILES

As you may already know, deleting files only deletes the references to them.
They are in fact still sitting there on your HD and can still be recovered by
a very motivated person.

ù BCWipe is a nice program that will clear these files. (www.bcwipe.com).
ù For you DOS buffs, there's a freeware file wiper on simtel.net that I use.
(www.simtel.net/pub/dl/45631.shtml).
ù If you are using PGP then there is a "Freespace Wipe" option under PGPtools.
ù The latest version of Norton Utilities has a nice filewiping utility.
ù You might want to check out Evidence Eliminator's 30 day trial. This is
probably the best program as far as your privacy goes.
(www.evidence-eliminator.com)


3.5. KEEPING MICROSOFT'S PRODUCTS

If you insist on using Microsoft Internet Explorer then I strongly recommend
that you check out at least one of these programs:

ù PurgeIE (www.aandrc.com/purgeie)
ù Cache and Cookie Cleaner for IE (www.webroot.com/washie.htm)
ù Anonymizer Window Washer (www.anonymizer.com/anonwash)

Other programs that claim to clear your history don't seem to work, although
I haven't run any tests in a while.

And if you insist on using Outlook or Outlook Express then you should get in
the habit of compacting your mailboxes.

You can do this by going to File > Folder > Compact All if you have Outlook
Express.

or

Tools > Options > Other tab > [Auto Archive] if you have Outlook. Make sure
to set things up here.


4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES

This next section is for those of you who are more interested in learning the
ins and outs of your computer. This section is intended for the savvy user.

The most important files to be paying attention to are your "index.dat" files.
These are database files that reference your history, cache and cookies. The
first thing you should know is that the index.dat files is that they don't
exist in less you know they do. They second thing you should know about them
is that some will *not* get cleared after deleting your history and cache.

The result:

A log of your browsing history hidden away on your computer after you thought
you cleared it.

To view these files, follow these steps:

In MSIE 5.x, you can skip this first step by opening MSIE and going to Tools >
Internet Options > [Settings] > [View Files]. Now write down the names of
your alphanumeric folders on a peice of paper. If you can't see any
alphanumeric folder names then start with step 1 here:

1) First, drop to a DOS box and type this at prompt (in all lower-case) to
bring up Windows Explorer under the correct directory...

c:\windows\explorer /e,c:\windows\tempor~1\content.ie5\

You see all those alphanumeric names listed under "content.ie5?" (left-hand
side.) That's Microsoft's idea of making this project as hard as possible.
Actually, these are your alphanumeric folders that was created to keep your
cache. Write these names down on a peice of paper. (They should look
something like this: 6YQ2GSWF, QRM7KL3F, U7YHQKI4, 7YMZ516U, etc...) If you
click on any of the alphanumeric folders then nothing will be displayed. Not
because there aren't any files here, but because Windows Explorer has lied to
you. If you want to view the contents of these alphanumeric folders you will
have to do so in DOS. (Actually, this is not always true. *Sometimes*
Windows Explorer will display the contents of the alphanumeric folders -- but
mostly it won't. I can't explain this.)

2) Then you must restart in MS-DOS mode. (Start > Shutdown > Restart in
MS-DOS mode. ME users use a bootdisk.)

Note that you must restart to DOS because windows has locked down some of the
files and they can only be accessed in real DOS mode.

3) Type this in at prompt:

CD\WINDOWS\TEMPOR~1\CONTENT.IE5
CD %alphanumeric%
(replace the "%alphanumeric%" with the first name that you just wrote down.)

DIR/P

The cache files you are now looking at are directly responsible for the
mysterious erosion of HD space you may have been noticing. One thing
particularly interesting is the ability to view some your old e-mail if you
happen to have a hotmail account. (Oddly, I've only been able to retreive
hotmail e-mail, and not e-mail from my other web-based e-mail accounts. Send
me your experiences with this.) To see them for yourself you must first copy
them into another directory and then open them with your browser. Don't ask
me why this works.

A note about these files: These are your cache files that help speed up
your internet browsing. It is quite normal to use this cache system, as every
major browser does. On the other hand. It isn't normal for some cache files
to be left behined after you have instructed your browser to erase it.

5) Type this in:

CD\WINDOWS\TEMPOR~1\CONTENT.IE5
EDIT /75 INDEX.DAT

You will be brought to a blue screen with a bunch of binary.

6) Press and hold the [Page Down] button until you start seeing lists of URLs.
These are all the sites that you've ever visited as well as a brief
description of each. You'll notice it records everything you've searched for
in a search engine in plain text, in addition to the URL.

7) When you get done searching around you can go to File > Exit.

8) Next you'll probably want to erase these files by typing this:

C:\WINDOWS\SMARTDRV
CD\WINDOWS
DELTREE/Y TEMPOR~1

(replace "cd\windows" with the location of your TIF folder if different.)

This will take a seriously long time to process. Even with smartdrive loaded.

9) Then check out the contents of your History folder by typing this:

CD\WINDOWS\HISTORY\HISTORY.IE5
EDIT /75 INDEX.DAT

You will be brought to a blue screen with more binary.

10) Press and hold the [Page Down] button until you start seeing lists of URLS
again.

This is another database of the sites you've visited.

11) And if you're still with me type this:

CD\WINDOWS\HISTORY

12) If you see any mmXXXX.dat files here, then check them out (and delete
them.) Then...

CD\WINDOWS\HISTORY\HISTORY.IE5
CD MSHIST~1
EDIT /75 INDEX.DAT

More URLs from your internet history. Note, there are probably other mshist~x
folders here.

3) You can repeat these steps for every occurrence of a mshist~x folder.

4) By now you'll probably want to type in this:

CD\WINDOWS
DELTREE/Y HISTORY

This is about it as far as I know. You may also want to take a look at your
*.mbx files if you own Outlook. (dir *.mbx/s) All your e-mail correspondence
and file attachments are located within these database files. More detailed
information is covered in the next section.


5. A LOOK AT OUTLOOK EXPRESS

Would you think twice about what you said if you knew it was being recorded?
E-mail correspondence leaves a permanent record of everything you've said --
even after you've told Outlook Express to erase it. You are given a false
sense of security sense you've erased it twice, so surely it must be gone.
The first time Outlook simply moves it to your "Deleted Items" folder. The
second time you erase it Outlook simply "pretends" it is gone. The truth is
your messages are still being retained in the database files on your hard
drive. (Same with your e-mail attachments.)

For earlier versions of Outlook Express, they will be located in either of
the following folder:

c:\program files\internet mail and news\%user%\mail\*.mbx

(replace %user% with the name you use.)

or if your lucky, it will be located here:

c:\windows\application data\microsoft\outlook\mail\*.mbx

At this point you have two choices.

a) Get in the habit of compacting your folders all the time.
B) Import the data into another e-mail client such as Pegasus Mail or Eudora
and then delete the mbx files (and thus all your e-mail correspondence) by
typing this:

cd\windows\intern~1\%user%\mail
deltree/y mail

or

cd\windows\applic~1\micros~1\outloo~1\
deltree/y mail

*Typing in the above commands will kill all your e-mail correspondence. Do
not follow those steps in less you have already exported your e-mail and
address book!


6. HOW MICROSOFT DOES IT

TIP: Study this section if you would like to learn how to obscure your files
using Windows' own built-in mechanisms.

How does Microsoft make these folders/files invisible to DOS?

The only thing Microsoft had to do to make the folders/files invisible to a
directory listing is to set them +s[ystem]. That's it. As soon as the dir/s
command hits a system folder, it renders the command useless (unlike normal
folders.) A more detailed explanation is given in Section 7.

So how does Microsoft make these folders/files invisible to Windows Explorer?

The "desktop.ini" is a standard text file that can be added to any folder to
customize certain aspects of the folder's behavior. In these cases, Microsoft
utilized the desktop.ini file to make these files invisible. Invisible to
Windows Explorer and even to the "Find: Files or Folders" utility (so you
wouldn't be able to perform searches in these folders!) All that Microsoft
had to do was create a desktop.ini file with certain CLSID tags and the
folders would disappear like magic.

To show you exactly what's going on:

Found in the c:\windows\temporary internet files\desktop.ini and the
c:\windows\temporary internet files\content.ie5\desktop.ini contains this
text:

[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}

Found in the c:\windows\history\desktop.ini and the
c:\windows\history\history.ie5\desktop.ini contains this text:

[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
CLSID={FF393560-C2A7-11CF-BFF4-444553540000}

The UICLSID line cloaks the folder in Windows Explorer. The CLSID line
disables the "Find" utility from searching through the folder. (Additionally,
it gives a folder the appearance of the "History" folder.)

To see for yourself, you can simply erase the desktop.ini files. You'll see
that it will instantly give Windows Explorer proper viewing functionality
again, and the "Find" utility proper searching capabilities again. Problem
solved right? Actually, no. As it turns out, the desktop.ini files get
reconstructed every single time you restart your computer. Nice one, Slick.

Luckily there is a workaround which will keep Windows from hiding these
folders. You can manually edit the desktop.ini's and remove everything except
for the "[.ShellClassInfo]" line. This will trick windows into thinking they
have still covered their tracks, and wininet won't think to reconstruct them.

I can't stress how rediculous it is that Windows actually makes sure the files
are hidden and in place on every single boot. No other files or folders get
this kind of special treatment. What's the agenda, here?


7. +S MEANS [S]ECRET NOT [S]YSTEM

Executing the "dir/a/s" command from root *should* be the correct command to
display all files in all subdirectories in DOS. However, doing so will not
display the index.dat files. This is because when DOS tries to get a list of
the subdirectories of any +s[ystem] folder it hits a brick wall. No files or
folders will be listed within any system folder. Not only does this defeat
the whole purpose of the "/s" switch in the first place, but I'd say it looks
like Microsoft took extra precautions to keep people from finding the files.
Remember. The only thing you need to do to obscure a file in DOS is to mark
the parent directory +s[ystem].

I was told by a few people that this was due to a very old DOS bug that dates
back many years. Fine. I can accept that. A bug it is.

But, would you consider your Temporary Internet Files to be "system files?"
It would seem that your TIF folder appears to be marked +s[ystem] for no good
reason at all. Just because. Same with your history folder. Just because.
You may not agree, but I tend to think that Microsoft marked the folders as
+s[ystem] solely to hide any directory recursal from DOS.

In case you didn't understand, here's a small experiment that will show you
what I mean...

Since the content.ie5 and history.ie5 subfolders are both located within a
+s[ystem] folder, we will run the experiment with them. The proper command to
locate them *should* be this:

CD\
DIR *.IE5 /as/s

The problem is that you will receive a "No files found" error message.

Since we already know there is a content.ie5 subfolder located here, why is
it giving me the "no files found" message?

But there is a way to get around this brick wall. That is, once you are
inside the system directory, then it no longer has an effect on the dir
listings. For example, if you enter the system folder first, and THEN try to
find any +s[ystem] directories you can see them just fine:

CD\WINDOWS\TEMPOR~1
DIR *.IE5 /as/s

1 folder(s) found.

Now you will get a "1 folder(s) found." message. (But only after you knew the
exact location.)

In other words, if you didn't know the files existed then finding them would
be almost impossible.

And, by the way. To see the "bug" in progress...

CD\
DIR *.IE5 /as/s

It will echo "no files found."

Now, just take away the system attributes from the parent directory...

CD\WINDOWS
ATTRIB -S TEMPOR~1

And retry the test...

CD\
DIR *.IE5 /as/s

It will echo "1 folder(s) found."


8. THE TRUTH ABOUT FIND FAST

Have you ever wondered what that "Find Fast" program was under your control
panel? Here's a hint: It has NOTHING to do with the "Find: Files or Folders"
utility located under the [Start] menu. Up until last month I honestly
thought it was completely useless, but it was finally adequately explained to
me...

------------------------------------------------------------------------------

"In any version of Word after 95, choose File Open and you'll get the Office
App Open dialog. Instead of just a space for the file name, there are text
boxes for file name, files of type, text or property & last modified. These
are search criteria you can use to find one or more files. There is also an
"Advanced" button that opens a dedicated search dialog with more options.
When you use either of these dialogs to perform a search, that search process
uses the indexes built by Find Fast."

--Oblivion

------------------------------------------------------------------------------

That sure answered a lot. Now instead of a "completely useless resource hog,"
I realize Find Fast actually does serve some purpose.

But what would you say if I told you that Find Fast was scanning every single
file on your hard drive? Did you know that in Office 95, the Find Fast
Indexer had an "exclusion list" comprised of .exe, .swp, .dll and other
extensions, but the feature was eliminated? If you were a programmer would
you program Find Fast to index every single file, or just the ones with Office
extensions?

FYI: If you have ever had problems with scandisk or defrag restarting due to
disk writes, it is because Find Fast was indexing your hard drive in the
background. It loads every time you start your computer up.

Now here is a good example of the lengths Microsoft has gone through to keep
people from finding out Find Fast is constantly scanning and indexing their
hard drives. (Always good to have an alibi.) Here's a snippet taken from
microsoft.com:

"When you specify the type of documents to index in the Create Index dialog
box, Find Fast includes the document types that are listed in the following
table.

Document type File name extension
------------- -------------------

MS Office and Web Documents All the Microsoft Excel, Microsoft
PowerPoint, Microsoft
Project, and Microsoft Word document types
listed in this table. Microsoft Binder
(.odb, .obt) and Microsoft Access (.mdb)
files. Note that in .mdb files, only
document properties are indexed.

Word documents .doc (document),
.dot (template), .ht* (Hypertext Markup
Language document), .txt (text file), .rtf
(Rich Text Format) files, Excel workbooks
.xl* files

PowerPoint .ppt (presentation), .pot (template), .pps
(auto-running presentation) files

Microsoft Project files .mpp, .mpw, .mpt, .mpx, .mpd files

All files *.* files"


Did you get that last part? "All files?" Find Fast indexes Office Documents,
Web documents, Word Documents, Power Point files, Project files, and (oh I
forgot) EVERY SINGLE other file on your computer.

Actually, the good news is that this isn't neccessarily true. In another
statement, Microsoft claims that if Find Fast deems the file "unreadable" then
the file will not be included in the index. For example, your command.com
probably wouldn't get indexed because it doesn't have a lot of plain text --
mostly binary.

But, back to the bad news. Every single file that has legible text is going
to be included in the Find Fast database. Do you understand the implication
here? Well, if you don't, then maybe you should check out those Find Fast
database files -- because acording to Microsoft, ALL TEXT SAVED TO YOUR HARD
DRIVE IS INDEXED. Do you see the forensic capabilities now? And don't forget
"all text" also means previously visited webpages from your cache. See for
yourself...

1) Open up a DOS window and type...
2) CD\
3) DIR FF*.* /AH (This will bring up a list of the find fast databases.)
4) EDIT /75 %ff% (insert %ff% with any of the names that were listed.)

Notice the incredible amount of disk accesses to your cache and history
folders? Why do we need two indexes?


8.1. REMOVING THE FIND FAST PROGRAM

You can remove Find Fast using your Office CD, but I recommend you do it
manually...

1) Reboot your computer in MS-DOS Mode.
2) Delete the findfast.cpl file from c:\windows\system\
3) Delete the shortcut (.lnk) under c:\windows\start menu\programs\startup\
4) Delete the findfast.exe file from c:\progra~1\micros~1\office\
5) Delete the find fast databases in your root, by typing this:

cd\
deltree ff*.*

6) You can also safely delete FFNT.exe, FFSetup.dll, FFService.dll, and
FFast_bb.dll if you have them.

Feel free to check out the ffastlog.txt (which is the Find Fast error log).
It's a +h[idden] file under c:\windows\system\.


9. CONTACT INFO AND PGP BLOCKS

This tutorial is being updated all the time. If you have any useful input, or
if you see a mistake somewhere, then please e-mail me so I can compile it into
future versions. You will be able to find the most recent version of this
tutorial at fuckmicrosoft.com

My e-mail address is located at the end of this note. Please let me know
where you heard about this tutorial in your message. If you have something
important to say to me, then please use encryption. My public key blocks are
located below.

Thanks for reading,

-- The Riddler
Contact: theriddler@fuckmicrosoft.com

My PGP 2.6.2 Block:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzu4wRAAAAEEAJnvaDDA9PydmZnnAmo80XZL57OycoCndppYyMv6CBMh+U35
NYtOxFfQiH8JhUN8uF3FgGBxckG0vBJ+RsYBIBXaP/JdxLX4qQnTsByyPEkoIomW
QCDfWXBMbFXxEKc1mrVTRmXpANpIjsj557qzW7dXxuvd5/E/bhviYkNfEe49AAUR
tAt0aGUgcmlkZGxlcg==
=B7ib
-----END PGP PUBLIC KEY BLOCK-----

My GPG 1.0.6 Block:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (MingW32)

mQGhBDu3TSERBACO0Fx9pjMULe6qLQwOgfvdnQconLOMyftZdp9+ZX6t29ebJ/Z5
qQOJ9ce9Xr6Lj4u+M9VDx1FK5ueoD45bUAy0HAvYDV/HEu2vCRimpbreDky/U88a
XL59Pe8qwnmfUzYc/LnH86VCr4lPmpbz6/adXj44xE6EwkhFcq6BD4isCwCg8zZO
Hk9+KEKOyPHIFWq7TUA/JdUD/jWtNrGZ0tfSAS0WDiBifsBr1HW7n2IMDFX1anqC
DN0ToM5IFWGDkOh1NUvP0RvyrnNuBOP/oWxkPLR0nVvifETF0iG9o+kfitC9NmJn
QP/iw4WhCoHRCc5wqnAAXQC9j8JdodQ8E5VnfnNGkttgWz7mNzBongrIoTdfVdtf
o5NwA/d/lwMhGE0HNXnXOgRBcPjGD0LsR8pFoSP/HJ9Hu3zms2cbQqN2O/f99H2G
s9mXR7uvicu9SbKoTwFkptLVbOQIhvBnw0fTlZGrUsaiw4vzt99PffTKq1FPIpQe
K7HcnUK2+ZSVs5PxGiDckobJEjBssSw9Lg5RSNMy9H7s9jv3tAt0aGUgcmlkZGxl
cohXBBMRAgAXBQI7t00iBQsHCgMEAxUDAgMWAgECF4AACgkQ/bqXDRMV1MxyMgCc
CH2uO/f46JgQ0pspQxi7IBv0yNQAn11ebXHbZGuADwuBun1EnQCJb8VIuQINBDu3
UOAQCADKG2mf/FW3kuSAGoFmIMBm4l6m0O7denwUIpZP2jxeNTLmLW6ntGglHP++
wEQpHjKTJfXoSHZH0euuXVZ9hOVdf1+PuRNy0DzrDDiKX7fdQ6eSbw+heSWc0kOF
AB1j3pcovG4K2+bK66039kQLIT3kNUZgh9DdMZjIFzBg90aQnaEm5LLMkv1FNVZP
YehZm3RRIpLAX5vkJJbUA/VVh/FXDG5f21iAGDHgSdKsLW2JNDAWe6/rY0GV5dgx
C0gsqBn1rxNNDyG+z6nFCQtohL/x5zdTzedLQBjIlao91mSWhBsyxiX8mjhvGO97
o6zVUG5KHBKGmvWMqlyOsGY9VSbDAAMGCADIaFAcE+ADY3ku9Fy0NIlJhbj578YY
xpsE6KvZI1OqbHSoBnN06A3Mpxp4QRBXlr9eRRl+zMTQl1VcVWkahZYNapOqq6L3
wHBmf9psggCBxqQdI9n5zxnlkphb50J7G9UevB/IGzlW2fe7WMWjo2GegIvGHVWr
qeZgyaNf/CyMtihAX3O86rpqakq//nJvQ9MPcp/Brr9KT2NxBlpBm6xWY35IL5FG
dZ2hpHaO1TC6bdmWUPhvzmSVtD9f0AnnJEgVc03vBz7xJrc1IEa1DeRdfFNvkoch
+mNjc+fBAIQrVMCQ33u+yP/DWSdThrhxz1tAGWV7SlwxVyg6JPRQJ+moiEYEGBEC
AAYFAju3UOAACgkQ/bqXDRMV1MwVnACfaGrJRv2lgWHQbQWwv55t2cT+QWEAnA/n
ckswjlC9aNcBkcFl7X1SX8JX
=pFTK
-----END PGP PUBLIC KEY BLOCK-----


9.1. RECOMMENDED READING

And if you aren't already paranoid enough here's some sites/articles that I
definitely recommend:

[URL=http://www.theregister.co.uk/content/4/18002.html]http://www.theregister.co.uk/content/4/18002.html[/URL]
[URL=http://www.findarticles.com/m0CGN/3741/55695355/p1/article.jhtml]http://www.findarticles.com/m0CGN/3741/556...1/article.jhtml[/URL]
[URL=http://www.mobtown.org/news/archive/msg00492.html]http://www.mobtown.org/news/archive/msg00492.html[/URL]
[URL=http://194.159.40.109/05069801.htm]http://194.159.40.109/05069801.htm[/URL]
[URL=http://www.yarbles.demon.co.uk/mssniff.html]http://www.yarbles.demon.co.uk/mssniff.html[/URL]
[URL=http://www.macintouch.com/o98security.html]http://www.macintouch.com/o98security.html[/URL]
[URL=http://www.theregister.co.uk/content/archive/3079.html]http://www.theregister.co.uk/content/archive/3079.html[/URL]
[URL=http://www.fsm.nl/ward/]http://www.fsm.nl/ward/[/URL]
[URL=http://slashdot.org]http://slashdot.org[/URL]
[URL=http://www.peacefire.org]http://www.peacefire.org[/URL]
[URL=http://stopcarnivore.org]http://stopcarnivore.org[/URL]
[URL=http://nomorefakenews.com]http://nomorefakenews.com[/URL]
[URL=http://grc.com/steve.htm#project-x]http://grc.com/steve.htm#project-x[/URL]


10. SPECIAL THANKS (and no thanks)

This version I want to give special thanks to Concerned Boss, Oblivion, and
the F-Prot virus scanner.

I also want to take this time to show my dissatisfaction to the New Zealand
Herald. Although partly flattering, it was more disgusting to see a
well-known newspaper try to take credit for my work.


11. REFERENCES

[URL=http://support.microsoft.com/support/kb/articles/Q137/1/13.asp]http://support.microsoft.com/support/kb/ar...s/Q137/1/13.asp[/URL]
[URL=http://support.microsoft.com/support/kb/articles/Q136/3/86.asp]http://support.microsoft.com/support/kb/ar...s/Q136/3/86.asp[/URL]
[URL=http://support.microsoft.com/support/kb/articles/Q169/5/31.ASP]http://support.microsoft.com/support/kb/ar...s/Q169/5/31.ASP[/URL]
[URL=http://support.microsoft.com/support/kb/articles/Q141/0/12.asp]http://support.microsoft.com/support/kb/ar...s/Q141/0/12.asp[/URL]
[URL=http://support.microsoft.com/support/kb/articles/Q205/2/89.ASP]http://support.microsoft.com/support/kb/ar...s/Q205/2/89.ASP[/URL]
[URL=http://support.microsoft.com/support/kb/articles/Q166/3/02.ASP]http://support.microsoft.com/support/kb/ar...s/Q166/3/02.ASP[/URL]
[URL=http://www.insecure.org/sploits/Internet.explorer.web.usage.logs.html]http://www.insecure.org/sploits/Internet.e...usage.logs.html[/URL]
[URL=http://www.parascope.com/cgi-bin/psforum.pl/topic=matrix&disc=514&mmark=all]http://www.parascope.com/cgi-bin/psforum.p...c=514&mmark=all[/URL]
[URL=http://www.hackers.com/bulletin/]http://www.hackers.com/bulletin/[/URL]
[URL=http://slashdot.org/articles/00/05/11/173257.shtml]http://slashdot.org/articles/00/05/11/173257.shtml[/URL]
[URL=http://peacefire.org]http://peacefire.org[/URL]

COPYRIGHT INFORMATION

This article has been under the protection of copyright laws the moment it was
fixed in a tangible form. In less otherwise agreed, this article may ony be
distributed as a whole and without modification. Thank you.

Misc Linux Tips & Tricks

Tips

Speeding up your hard drive (#1)
Get faster file transfer by using 32-bit transfers on your hard drive

Just add the line:

hdparm -c3 /dev/hdX

to a bootup script.

If you use SuSE or other distros based on SYS V,

/sbin/init.d/boot.local
should work for you.

This enables 32-bit transfer on your hard drive. On some systems it can improve transfer performance by 75%.

To test your performance gain, type:

hdparm -t -T /dev/hdX

Protecting yourself from being a spam base(#2)
Sendmail allows for someone to telnet to port 25 and do an expn (expand) to see what users and aliases are on your machine. Also, vrfy (verify) means someone can get legal e-mail addresses from your box and send spam through your machine.

Don't want that, so look in your /etc/sendmail.cf file for a line that looks like this:

###############
# Options #
###############

Now cut and paste these next few lines below that:

# turning off the expand option and requiring a helo from
# a remote computer
Opnoexpn,novrfy,needmailhelo

Now there is no expansion, no verify, and sendmail requires a helo with a legitimate DNS in order to use the mailer.

Then look in your /etc/mail/aliases file and ensure you have only your own boxen and/or subnet in there as OK or RELAY. That will help cut down on spammers' ability to find relay machines to do their dirty work for them.

Cleaning up Netscape crashes(#3)
You have a tip about Netscape leaving copies of itself running below, but you can make a general shell script to clean up a Netscape crash like this:

#!/bin/sh
#kill.netscape
killall -9 netscape
rm ~/.netscape/lock

Then all your users can use it and clean up the dreaded hundred instances of Netscape running when it crashed. Change netscape to netscape-communicator or netscape-navigator as appropriate

More DOS-like commands(#4)
Many people are moving to Linux because they miss the stability of good old DOS. In that light, many users are typing DOS commands (which originated from UNIX in the first place) that look fine but cause errors. The command "cd.." in DOS is perfectly valid, but Linux balks. This is because "cd" is a command, and any parameter for that command must be separated from the command by a space. The same goes for "cd/" and "cd~". A quick fix is here.

Use your favorite text editor in your home directory to edit the file ".bashrc". The period is there on purpose, this hides the file from normal ls display.

Add the lines:

alias cd/="cd /"
alias cd~="cd ~"
alias cd..="cd .."

And I usually add these...

alias md="mkdir"
alias rd="rmdir -i"
alias rm="rm -i"

and my first and still favorite alias...

alias ls="ls --color"

alias is a powerful tool, and can be used in the .bashrc script as well as from the command line. You can, if you want to spend the time, create your own group of shell commands to suit how you work. As long as you put them in your .bashrc file, they'll be there everytime you log in. Note that if you frequently log in as root, you might want to copy /home/username/.bashrc to /root/.bashrc to keep yourself sane.

Resurrecting corrupted floppies(#5)
Here's how to make a floppy disk with "track-0 bad" reusable again:

If the track zero of a floppy disk is found to be bad, no DOS or Windows utility is going to do anything about it--you just have to throw it in your unrecycle bin.

This tip cannot recover the data, but can make the disk carry things again, at least for the time being (moments of desperation).

How to:

(A) Format the disk with Linux. Build a Linux file system (don't use mformat). I did this some time before by invoking the makebootdisk command (in Slakware) and stopped after the formatting was over. There should be better ways to do it in RedHat 5.2 or other recent versions.

( Reformat the disk with Windows. Use the DOS window and the /u option while formatting.

Using DOS-like commands(#6)
There's a package called mtools which is included with most of the distributions out there.

There are several commands for basic DOS stuff. For example, to directory the floppy drive, type mdir a:. This is rather handy--you don't need to mount the floppy drive to use it.

Other commands are: mattrib , mcd, mcopy, mdel, mformat, mlabel, mren (rename), mmd, mrd, and mtype.

This doesn't work for reading from hard disks. In that case, you would add entries to /etc/fstab, drive type msdos for fat16 partitions, and vfat for fat32.

Copying files from Linux to Windows 98 or 95B (FAT32)(#7)
It's as easy as installing the program explore2fs. It uses a Windows Explorer interface and supports drag-and-drop. I have found it reliable and useful for migrating files from my RedHat 6.1 partition to my Win95B partition quickly and with a minimum of fuss.

It's available free--as all software should be--from this URL:
CODE
http://uranus.it.swin.edu.au/~jn/linux/explore2fs.htm


Installing in partitions(#8)
I am using SuSE Linux, which has some interesting options (I don't know if RedHat or other distributions offer you this, too).

1. You can install Linux on a single file in your Windows Partition. Nice to try it out, but I guess it is not that fast then. You can load it then with a DOS program, loadlin.

2. Use Fips or Partition Magic. Defragment your hard drive (you should do this for Point 1, too) and split it up. I guess most users just have one partition, which you should split up into at least three: one for the Linux files, and a smaller swap partition (take about 32 to 64 MB, depending on your RAM--less RAM needs bigger swap partitions). If you decide later to deinstall Linux you can always delete both partitions and create one big one for Windows again.

Fips is a stupid command line program, but if you're too lazy to read at least a little bit, then you should stop thinking about Linux anyway...

Command Pipelines(#9)
Pipes are easy. The Unix shells provide mechanisms which you can use them to allow you to generate remarkably sophisticated `programs' out of simple components. We call that a pipeline. A pipeline is composed of a data generator, a series of filters, and a data consumer. Often that final stage is as simple as displaying the final output on stdout, and sometimes the first stage is as simple as reading from stdin. I think all shells use the "|" character to separate each stage of a pipeline. So:

data-generator | filter | ... | filter | data-consumer

Each stage of the pipeline runs in parallel, within the limits which the system permits. Hey, look closely, because that last phrase is important. Are you on a uni-processor system because if you are, then obviously only one process runs at a time, although that point is simply nitpicking. But pipes are buffers capable of holding only finite data. A process can write into a pipe until that pipe is full. When the pipe is full the process writing into it blocks until some of the data already in the pipe has been read. Similarly, a process can read from a pipe until that pipe is empty. When it's empty the reading process is blocked until some more data has been written into the pipe.

What is IP masquerading and when is it of use?(#10)
IP masquerading is a process where one computer acts as an IP gateway for a network. All computers on the network send their IP packets through the gateway, which replaces the source IP address with its own address and then forwards it to the internet. Perhaps the source IP port number is also replaced with another port number, although that is less interesting. All hosts on the internet see the packet as originating from the gateway.

Any host on the Internet which wishes to send a packet back, ie in reply, must necessarily address that packet to the gateway. Remember that the gateway is the only host seen on the internet. The gateway rewrites the destination address, replacing its own address with the IP address of the machine which is being masqueraded, and forwards that packet on to the local network for delivery.

This procedure sounds simple, and it is. It provides an effective means by which you can provide second class internet connections for a complete LAN using only one (internet) IP address.

Setting UTC or local time(#11)
When Linux boots, one of the initialisation scripts will run the /sbin/hwclock program to copy the current hardware clock time to the system clock. hwclock will assume the hardware clock is set to local time unless it is run with the --utc switch. Rather than editing the startup script, under Red Hat Linux you should edit the /etc/sysconfig/clock file and change the ``UTC'' line to either ``UTC=true'' or ``UTC=false'' as appropriate.
Setting the system clock(#12)
To set the system clock under Linux, use the date command. As an example, to set the current time and date to July 31, 11:16pm, type ``date 07312316'' (note that the time is given in 24 hour notation). If you wanted to change the year as well, you could type ``date 073123161998''. To set the seconds as well, type ``date 07312316.30'' or ``date 073123161998.30''. To see what Linux thinks the current local time is, run date with no arguments.

Setting the hardware clock(#13)
To set the hardware clock, my favourite way is to set the system clock first, and then set the hardware clock to the current system clock by typing ``/sbin/hwclock --systohc'' (or ``/sbin/hwclock --systohc --utc'' if you are keeping the hardware clock in UTC). To see what the hardware clock is currently set to, run hwclock with no arguments. If the hardware clock is in UTC and you want to see the local equivalent, type ``/sbin/hwclock --utc''


Setting your timezone(#14)
The timezone under Linux is set by a symbolic link from /etc/localtime[1] to a file in the /usr/share/zoneinfo[2] directory that corresponds with what timezone you are in. For example, since I'm in South Australia, /etc/localtime is a symlink to /usr/share/zoneinfo/Australia/South. To set this link, type:

ln -sf ../usr/share/zoneinfo/your/zone /etc/localtime

Replace your/zone with something like Australia/NSW or Australia/Perth. Have a look in the directories under /usr/share/zoneinfo to see what timezones are available.

[1] This assumes that /usr/share/zoneinfo is linked to /etc/localtime as it is under Red Hat Linux.

[2] On older systems, you'll find that /usr/lib/zoneinfo is used instead of /usr/share/zoneinfo. See also the later section ``The time in some applications is wrong''.


Zombies(#15)
What are these zombie processes that show up in ps? I kill them but they don't go away!

Zombies are dead processes. You cannot kill the dead. All processes eventually die, and when they do they become zombies. They consume almost no resources, which is to be expected because they are dead! The reason for zombies is so the zombie's parent (process) can retrieve the zombie's exit status and resource usage statistics. The parent signals the operating system that it no longer needs the zombie by using one of the wait() system calls.

When a process dies, its child processes all become children of process number 1, which is the init process. Init is ``always'' waiting for children to die, so that they don't remain as zombies.

If you have zombie processes it means those zombies have not been waited for by their parent (look at PPID displayed by ps -l). You have three choices: Fix the parent process (make it wait); kill the parent; or live with it. Remember that living with it is not so hard because zombies take up little more than one extra line in the output of ps.


How do i give users an ftp only account (no telnet, etc).(#16)

give them shell which doesn't work, but is listed in /etc/shells
for example /bin/false...


How to do backup with tar?(#17)
You can mantain a list of files that you with to backup into a file and tar
it when you wish.

tar czvf tarfile.tar.gz -T list_file

where list_file is a simple list of what you want to include into the tar

i.e:

/etc/smb.conf
/root/myfile
/etc/ppp (all files into the /etc/ppp directory)
/opt/gnome/html/gnome-dev-info.html


How to keep a computer from answering to ping?(#18)

a simple "echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all" will do the
trick... to turn it back on, simply
"echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all"

Customizing your directory colors.(#19)
I know a lot of you know the command ls --color. Which displays your directory with colors. But, a lot of people may not know that those colors are customizable. All you need to do is add the following line to your /etc/bashrc file.


eval `dircolors /etc/DIR_COLORS`


And then all of the color configuration can be found in the file /etc/DIR_COLORS



Frozen Xwindow(#20)
If your Xwindow freezes sometimes, here are two ways that you may try to kill your server. The first is the simple simple way of killing your X server the key combination: Ctrl+Alt+Backspace

The second way is a little more complicated, but it works most of the time. Hit Ctrl+Alt+F2 to startup a virtual console, then log in with your user name and password and run:



# ps -ax | grep startx



This will give you the PID of your Xserver. Then just kill it with:



# kill -9 PID_Number



To go back to your first console, just hit Alt-F1



Converting all files in a directory to lowercase.(#21)
#!/bin/sh
# lowerit
# convert all file names in the current directory to lower case
# only operates on plain files--does not change the name of directories
# will ask for verification before overwriting an existing file
for x in `ls`
do
if [ ! -f $x ]; then
continue
fi
lc=`echo $x | tr '[A-Z]' '[a-z]'`
if [ $lc != $x ]; then
mv -i $x $lc
fi
done

Wow. That's a long script. I wouldn't write a script to do that; instead, I would use this command:


for i in * ; do [ -f $i ] && mv -i $i `echo $i | tr '[A-Z]' '[a-z]'`;
done;

on the command line.


Script to view those compressed HOWTOs.(#22)
From a newbie to another, here is a short script that eases looking for and viewing howto documents. My howto's are in /usr/doc/faq/howto/ and are gzipped. The file names are XXX-HOWTO.gz, XXX being the subject. I created the following script called "howto" in the /usr/local/sbin directory:

#!/bin/sh
if [ "$1" = "" ]; then
ls /usr/doc/faq/howto | less
else
gunzip -c /usr/doc/faq/howto/$1-HOWTO.gz | less
fi

When called without argument, it displays a directory of the available howto's. Then when entered with the first part of the file name (before the hyphen) as an argument, it unzips (keeping the original intact) then displays the document.
For instance, to view the Serial-HOWTO.gz document, enter:

$ howto Serial



Util to clean up your logfiles.(#23)
If you're like me, you have a list with 430 subscribers, plus 100+ messages per day coming in over UUCP. Well, what's a hacker to do with these huge logs? Install chklogs, that's what. Chklogs is written by Emilio Grimaldo, grimaldo@panama.iaehv.nl, and the current version 1.8 available from ftp.iaehv.nl:/pub/users/grimaldo/chklogs-1.8.tar.gz. It's pretty self explanatory to install(you will, of course, check out the info in the doc subdirectory). Once you've got it installed, add a crontab entry like this:

# Run chklogs at 9:00PM daily.
00 21 * * * /usr/local/sbin/chklogs -m

Handy Script to Clean Up Corefiles.(#24)
Create a file called rmcores(the author calls it handle-cores) with the following in it:

#!/bin/sh
USAGE="$0 "

if [ $# != 2 ] ; then
echo $USAGE
exit
fi

echo Deleting...
find $1 -name core -atime 7 -print -type f -exec rm {} \;

echo e-mailing
for name in `find $1 -name core -exec ls -l {} \; | cut -c16-24`
do
echo $name
cat $2 | mail $name
done

And have a cron job run it every so often.

Moving directories between filesystems.Quick way to move an entire tree of files from one disk to another (#25)
(cd /source/directory && tar cf - . ) | (cd /dest/directory && tar xvfp -)

[ Change from cd /source/directory; tar....etc. to prevent possibility of trashing directory in case of disaster.]

Finding out which directories are the largest.Ever wondered which directories are the biggest on your computer? Here's how to find out.(#26)
du -S | sort -n

How do I stop my system from fscking on each reboot?(#27)
When you rebuild the kernel, the filesystem is marked as 'dirty' and so your disk will be checked with each boot. The fix is to run:

rdev -R /zImage 1

This fixes the kernel so that it is no longer convinced that the filesystem is dirty.

Note: If using lilo, then add read-only to your linux setup in your lilo config file (Usually /etc/lilo.conf)

How to avoid fscks caused by "device busy" at reboot time.(#28)
If you often get device busy errors on shutdown that leave the filesystem in need of an fsck upon reboot, here is a simple fix:
To /etc/rc.d/init.d/halt or /etc/rc.d/rc.0, add the line

mount -o remount,ro /mount.dir

for all your mounted filesystems except /, before the call to umount -a. This means if, for some reason, shutdown fails to kill all processes and umount the disks they will still be clean on reboot. Saves a lot of time at reboot for me.

How to find the biggest files on your hard-drive.(#29)


ls -l | sort +4n

Or, for those of you really scrunched for space this takes awhile but works great:

cd /
ls -lR | sort +4n

A script for cleaning up after programs that create autosave and backup files.(#30)
Here is a simple two-liner which recursively descends a directory hierarchy removing emacs auto-save (#) and backup (~) files, .o files, and TeX .log files. It also compresses .tex files and README files. I call it 'squeeze' on my system.

#!/bin/sh
#SQUEEZE removes unnecessary files and compresses .tex and README files
#By Barry tolnas, tolnas@sun1.engr.utk.edu
#
echo squeezing $PWD
find $PWD \( -name \*~ -or -name \*.o -or -name \*.log -or -name \*\#\) -exec
rm -f {} \;
find $PWD \( -name \*.tex -or -name \*README\* -or -name \*readme\* \) -exec gzip -9 {} \;

How to find out what process is eating the most memory.(#31)
ps -aux | sort +4n

-OR-
ps -aux | sort +5n

How do I find which library in /usr/lib holds a certain function?(#32)
What if you're compiling and you've missed a library that needed linking in? All gcc reports are function names... Here's a simple command that'll find what you're looking for:

for i in *; do echo $i:;nm $i|grep tgetnum 2>/dev/null;done

Where tgetnum is the name of the function you're looking for.

I compiled a small test program in C, but when I run it, I get no output!(#32)
You probably compiled the program into a binary named test, didn't you? Linux has a program called test, which tests if a certain condition is true, it never produces any output on the screen. Instead of just typing test, try: ./test