Software that updates your other software

In case you need to go on an information diet

If you’ve ever tried to reduce the amount of food you tuck into, you’ll recognize the metaphor that runs through The Information Diet by Clay A. Johnson. Just as many of us eat too much, many of us stagger under the weight of largely meaningless, trivial, or unreliable data. All day and night, we allow the Internet, e-mail, text messages, cable television, radio — you name the source — to take up our available attention and blunt our judgment. This month, Windows Secrets subscribers can download an excerpt: Chapter 10, “How to Consume,” in which Johnson gives us wise and practical advice for managing the intake. If you want to download this free excerpt, simply visit your preferences page and save any changes; a download link will appear. Info on the printed book: United States

Software that updates your other software

The release of Secunia Personal Software Inspector (PSI) 3.0 prompts a test drive of the new version, plus six alternative general-purpose auto-update tools.

One surprise: Some of these automatic-update programs can worsen your PC’s condition.

The promise and perils of effortless updating

The theory is great: general-purpose automatic software updaters work to keep your entire PC up to date with minimal hassle.

Typical auto-updaters scan your system to learn the version numbers of the software you’ve installed. Then they compare those version numbers against their databases of current version numbers. If a given piece of installed software isn’t current, the updater software either notifies you that a newer version is available or (if you authorize it) automatically downloads and installs the new version for you.

But there can be problems.

For one thing, a higher version number shouldn’t be an automatic green light for updating because newer versions aren’t always better than the old. Sometimes a patch or an update creates new problems that are worse than whatever issue the update was designed to correct.

This is especially true with experimental or unfinished alpha and beta software releases and with drivers (software that Windows uses to control a system’s hardware).

Why newer versions aren’t always better

For example, in recent years hardware vendors have tried to simplify their driver libraries with unified driver architectures, where one driver package may support a wide range of hardware products and versions.

A new release of the driver package may be intended to correct a bug or glitch within any one of the many products and versions the package supports. But the new driver version might have absolutely nothing to do with your specific setup. If you constantly chase the newest driver versions, you could be churning your system to no purpose. You risk introducing new bugs, instabilities, and other trouble for no good reason.

This kind of problem illustrates why all update tools (including Windows Update) need to be approached and used with caution. In that regard, Susan Bradley’s regular Patch Watch column here in Windows Secrets can be a godsend.

I never let Windows Update, or any other tool, automatically update drivers on my systems. In fact, I update drivers only if my hardware isn’t working properly or if I’m notified that my current driver contains a serious security vulnerability. Absent those problems, if a driver ain’t broke, I don’t fix it.

I’m more relaxed about updating my other software, for two main reasons. First, the tools I use (mostly Windows Update and Secunia PSI) have proved themselves acceptably reliable on my specific setups and rarely cause trouble with bad or unnecessary updates.

Second, I’m fanatical about backups. In those relatively rare cases when an update causes a problem, I can easily and rapidly — often in just a minute or two — roll the system back to its pre-trouble state. (Want to see how? Check out the May 12, 2011, Top Story, “Build a complete Windows 7 safety net.”)

Secunia recently released a major upgrade to PSI, so it was a good time to stop and survey the auto-updater landscape before moving ahead. I test-drove the new PSI version 3.0, plus six competing products. Here’s what I found.

Secunia Personal Software Inspector 3.0

I’ve long been a fan of Secunia Personal Software Inspector (PSI) [free; site]. Although I use the locally installed version, Secunia also offers a free online version here. (Commercial versions of both the local and online tools are also available here.) I have PSI installed on all my systems and have recommended it many times in these pages.

The new version still does what its predecessors did: It monitors the software on your PC and automatically updates, by default, any out-of-date software it finds. I’ve found PSI reliable enough that I allow these auto-updates to occur, but PSI also lets you disable the auto-updates if you prefer to manually verify the need for any recommended update.

In non-automatic mode, PSI presents you with links to newer versions of your software. PSI doesn’t force-feed you updates you don’t want.

In the same vein, you can also tell PSI to ignore certain software. I’ve found this useful when I don’t like a new version of a favorite program. I can keep my older version and tell PSI not to worry about updating that particular software anymore.

PSI also makes no attempt to monitor your drivers. I like that, for the reasons stated earlier.

In short, PSI 3.0 kept all the best parts of earlier versions. The most obvious change in version 3.0 is a completely new look. (See Figures 1 through 3.)

Figure 1. Secunia PSI 3.0's interface has been greatly simplified. When everything's up to date, no details are shown.

Figure 2. You can still drill down for program-by-program information if you wish.

Some software (such as VLC Media Player) requires that you manually trigger updates. In those cases (or if you’ve opted for all-manual operation), PSI provides preconfigured links by which you can authorize and trigger each separate update, as you see in Figure 3.

Figure 3. When you want or need to operate manually, PSI provides preconfigured links for you to work with.

PSI installs without unwanted toolbars, unrelated software, or other extra downloads. It’s ad-free. And if you ever need to uninstall PSI, it removes itself cleanly.

It’s excellent software, and I highly recommend it.

CNET’s TechTracker auto-update tool

CNET’s free TechTracker (site) works much like Secunia PSI and with similar options. Here, I’ll focus on what’s different.

TechTracker installs easily, but the download includes several “special offers” for unrelated software. You can opt out of these; if you do opt out, the extra software is not installed.

When you run TechTracker, it scans your system and produces a small window that contains a list of any out-of-date software it found. You then click on a Get Updates button to open an ad-supported webpage in your default browser. (See Figure 4.)

Figure 4. After scanning your system, TechTracker lists suggested software updates.

CNET is in the software-download business — it runs the huge Download.com software library. With this vested interest in promoting download activity, TechTracker may be a bit too aggressive in suggesting updates. In fact, the TechTracker site even makes the dubious assertion that “New software is the best software.”

Because of this philosophy, TechTracker routinely offers beta versions among its recommended updates, such as the beta version of 7-Zip 9.22 shown listed in Figure 4. Unless you’re very careful to read the fine print of the download details, you could end up replacing stable, working software with incomplete, buggy beta versions.

But if you use it cautiously (to avoid installing unfinished software on your machine), TechTracker can do a good job. It earns my provisional recommendation.

FileHippo.com’s Update Checker tool

FileHippo.com’s free Update Checker (site) is very much like TechTracker (see above) in execution and overall philosophy.

Like TechTracker, Update Checker scans your system and then opens an ad-supported webpage in your default browser. (See Figure 5.)

Figure 5. FileHippo.com's Update Checker strives for simplicity in its presentation, but you can still drill down to obtain detailed information.

Like CNET, FileHippo is in the download business, so Update Checker shares TechTracker’s philosophy of aggressively pushing new software, including potentially dangerous beta versions. But as Figure 5 shows, Update Checker’s graphic design makes these beta versions very obvious, which should help you avoid accidental installations of potentially destabilizing software.

If used judiciously, Update Checker can do a good job and so also earns my provisional recommendation.

Four unrecommended auto-update tools

I won’t waste your time in long descriptions of tools I don’t recommend. Instead, let me just cut to the chase and tell you why I dislike these offerings.

► SUMo, the Software Update Monitor (site), was a total disaster for me. It’s bundled with very aggressively installed foistware toolbars and something called “Powerpack” software. It also tries hard to coerce you into providing demographic information. I opted out of all the extras and bundled apps that I could, and I did not provide the demographic information.

At the end of the SUMo install, my copy of Malwarebytes popped up a warning that it had detected “Trojan.downloader.”

I ran SUMo’s uninstall routine, but later found left-behind Registry settings and some kind of still-installed software called “Relevant Knowledge.” There had been no mention of that software at any point during the installation process.

SUMo also changed my default browser’s home page.

In my opinion, SUMo is complete junk. I recommend that you avoid it entirely.

► Glarysoft is a reputable publisher with some very good tools, but I can’t count its Software Update (site) among them.

It misidentified one fully current software utility as being three versions behind and reported that a number of OEM-installed programs and drivers on a brand-new laptop were out of date. (They were not: I checked on the manufacturer’s site.) I’m guessing that Software Update was judging driver update suitability solely by version number &#8212 the “version chasing” problem I mentioned at the top of this article.

There were other minor issues, too, but the above is enough for me to not recommend this product.

► The Carambis Software Updater (site) is a rough piece of work with numerous issues. But to me, its worst failing is the inclusion of alpha software in its list of updates. Alpha software is first-draft stuff. Installing alpha software isn’t an update; it’s an experiment!

Software Updater also generated false alarms, incorrectly flagging some fully current software as out of date, and it did not uninstall cleanly.

► Nabber.org’s open-source Appupdater (site) initially looked promising, but I found it very hard to set up and use. In fact, I never got it to work correctly — not even once.

Some final (for now) recommendations

After these informal test drives of seven auto-update tools, I believe that Secunia PSI is still the best of the current bunch. It’s well behaved and has worked reliably for me. It’s free for personal use and ships without foistware add-ons, toolbars, and other unwanted baggage.

But if Secunia PSI doesn’t work for you — no software works for everyone, on all systems, all the time — either CNET’s TechTracker or FileHippo’s Update Checker can get the job done. Just be sure to read the fine print and avoid accidentally installing beta software.

Managing your e-mail by understanding it

When you upgrade your mail system, it’s helpful to understand the underlying software that delivers your messages.

After Lounge member MauryS migrated an Outlook 2003 mail account to Outlook 2010, he found that the mail folders weren’t stored as he expected. He asked for a refresher course on POP and IMAP. Happily, he was directed to an excellent description of the POP and IMAP characteristics and differences, which you can learn from, too. More.

The following links are this week’s most interesting Lounge threads, including several new questions that you may be able to provide responses to:

Office Applications
General Productivity	Looking for file-comparison programs
Word Processing	Opening older document in Word Starter 2010
Spreadsheets	Cell doesn’t display formula results
Databases	How to synchronize main and slave forms?
Visual Basic for Apps	Call userform from another template
Microsoft Outlook	POP, IMAP, and Outlook 2010
Non-Outlook E-mail	Hotmail/IE 9 problem on single PC
Windows
Windows 8	Has Win8 anything to offer this desktop user?
General Windows	Nondestructive Vista reinstall using HP RECOVERY discs?
Windows 7	How to retrieve an overwritten image backup?
	C:Windowssystem folder is empty
	Security for Windows 7
Windows Vista	High-definition audio misidentified as SPDIF in Vista
Windows XP	Windows Firewall won’t start
Internet/Connectivity
Internet Explorer	Can’t get to nbcnews.com/msnbc.com site
Third-Party Browsers	Home page redirecting to google.co.uk/services/
Networking	Intermittent wireless connection
Social Media	Locked out of Facebook; unauthorized ads message
Software Development
Web Design & Development	Need Web hosting with good spam filtering
Other Technologies
Security & Backups	Problem with Linux restore on Macrium Reflect
Hardware	Hung dismount of external drive
Graphics/Multimedia	Nvidia graphics driver: confusing update
Other Applications	Flash Player in Windows 8 RP

starred posts: particularly useful

If you’re not already a Lounge member, use the quick registration form to sign up for free. The ability to post comments and take advantage of other Lounge features is available only to registered members.

If you’re already registered, you can jump right in to today’s discussions in the Lounge.

SYSTEM_DRV and other mystery partitions

Many PCs ship with OEM-installed partitions whose purpose can be puzzling.

Here’s a description of two common types of OEM partitions — and how to handle them as they apply to backups, System Restore, and the like.

Do OEM partitions need routine maintenance?

Allen Benton hit a snag when following the how-to in the July 4 article, “What makes ‘Restore Previous Versions’ fail?”

• “My system has a SYSTEM_DRV and a Lenovo_Recovery partition. Should I enable protection for them?”

Generally, the drives and partitions you want to protect are those whose contents change as you use the PC — your C: drive, for example — or any other drive/partition with stored user files and data. If the contents of drives and partitions don’t change, then it doesn’t need much protection.

In your case, SYSTEM_DRV is where Lenovo (and some other manufacturers) put boot files and the Windows Recovery Environment, which lets you launch Windows’ built-in repair modes in case of trouble (Microsoft info). These files rarely, if ever, change.

Lenovo_Recovery (and similarly named partitions from other manufacturers) contains the factory-recovery software and data files. These are the programs and files you use if you want to wipe out everything on your PC and return the system to its as-delivered state. Factory-recovery files usually never change.

So, I don’t enable any routine maintenance or protection (backups, System Restore, RPV, etc.) on partitions such as SYSTEM_DRV and RECOVERY. I typically make an image backup of them just once, burning the files to CDs or DVDs. I then tuck the discs away in a safe place, just in case I ever need them.

On the C: drive and other partitions where the files do change, I use all of Win7’s data-protection features, as described in the May 12, 2011, Top Story, “Build a complete Windows 7 safety net.”

In short: You can safely omit System Restore and RPV protection for your SYSTEM_DRV and Lenovo_Recovery partitions, but you should definitely enable it on all drives/partitions where system, program, and data files change.

Duplicating old 3.5-inch floppies in Win7

John Bousquet is trying to make copies of an ancient, bootable floppy disk.

• “I am a Mac person. I have a PC 3.5-inch disk that I need to duplicate. Is there any way to make exact copies of a diskette under Windows 7? I am not very PC-literate.”

No problem, John. In fact, you have several options.

I suggest you start by trying Win7’s built-in diskcopy command. (Although most new PCs no longer ship with floppy drives, Win7 still supports this legacy command, just for situations like yours!)

Here’s how to use it:

• Open a Command window: Click the Start orb, then click All Programs and Accessories. Right-click Command Prompt and select Run as administrator.
• Put your diskette into the floppy drive. (Let’s assume it’s drive A:.)
• In the command window, type diskcopy a: and press Enter. Windows copies the entire contents of the floppy and stores it on your hard drive.
• When that transfer is done, you’ll be prompted to remove the original (source) floppy and insert a new, blank floppy. Windows then copies the files off the hard drive and puts them onto the new floppy — exactly like the original.

That’s all it takes!

There are additional options, if you want them. Diskcopy is fully documented on an MS TechNet Command-line Reference page.

If you prefer, you can also move the floppy contents into a single .iso file, which you can use later to create new floppies or bootable CDs, DVDs, or USB flash drives. This is a good option, now that floppy drives are nearly extinct. Fellow columnist Woody Leonhard suggests Alex Feinman’s ISO Recorder (site). EHow offers a step-by-step article, “How to convert a floppy to an ISO file.”

But with luck — and a working floppy drive — Win7’s built-in diskcopy command will be all you need! (And if you need to pick up a floppy drive, you’ll find USB versions on sale for under U.S. $30.)

Restoring a system after massive failure

After his PC suffered a motherboard meltdown, Jim Halpin had to jump through some hoops to get everything working again.

• “I had an interesting few days trying to overcome a failed motherboard on my main computer.

  “I had everything backed up in several places, including a clone of my entire hard drive, but the motherboard and CPU combo is more than 2 years old and therefore no longer in stock. It seemed unlikely that the repair place would be able to locate exact replacements.

  “On the other hand, driver differences might prevent a new motherboard and/or CPU from running my existing (and perfectly good) setup. This would mean a lot of work getting back up and running: manually reinstalling software, finding disks and product keys, etc.

  “On a new machine, I booted Windows and installed a copy of WAIK, the free Windows Automated Installation Kit [MS info/download] and a copy of Paragon’s Hard Disk Manager 12 [$50; site].

  “This enabled me to make a WinPE boot CD with the correct drivers for the new machine’s basic parts (the motherboard, CPU, and disk-drive interface). I then powered down the new machine and removed its hard drive, replacing it with the drive from the broken machine. This drive would not boot initially because the Windows hardware abstraction layer (HAL) was set up to connect the OS to the old hardware.

  “To fix HAL, I booted from the WinPE disk and used Paragon’s P2P Adjust OS utility to inject the correct drivers into the original disk’s copy of Windows (into HAL). I could then boot my old hard drive — the video was wrong and the NIC didn’t work, but it booted. I installed the correct video and NIC drivers for the new machine, and everything was there, ready to run.

  “I needed to activate Windows and Office again, but that was easy (I just used my existing keys). No software to reinstall, no data to restore. Best $50 I’ve spent in a while.”

Nice work, Jim. Recovering from a major hardware failure is always a joy, isn’t it? But you might not have needed to spend the $50.

If you have access to a Win7 setup DVD, you likely could have used Win7’s Startup Repair to correct the “missing HAL” and other boot problems — for free.

Here’s how:

• Boot from any retail Win7 DVD that’s the same bittedness (32-bit or 64-bit) as your installation.
• Work through the first few screens as if you were going to install Windows, but select the Repair your computer option when it’s offered (see Figure 1).
  

  Figure 1. Using Repair Your Computer can correct boot errors and other serious problems.

The automated repair process searches the hard drive for the existing Windows installation and repairs the startup files, as needed. You can then remove the DVD and reboot your system; Windows should start.

It’s perfectly fine to use someone else’s setup disc for a repair (or even a full reinstall) because the standard, retail-version, Windows 7 setup discs are generic. You just have to use your own, bought-and-paid-for license key.

In most cases, the automated startup repair is sufficient to correct boot errors. But when it isn’t, try the manual BootRec command to build new boot files. The process is described in MS Support article 927392, “How to use the Bootrec.exe tool in the Windows Recovery Environment to troubleshoot and repair startup issues in Windows.”

After running the startup repair, your new system probably would have booted from the old drive; however, just as with the method you used, many of the drivers would be incorrect. But once Windows was running — or limping along — you then could install the correct drivers to restore full functionality.

Your way certainly works, but I think it’s a “Plan B.” Next time (hopefully, there won’t be a next time), try Windows’ built-in tools first. You might just find that Windows can get itself running well enough so you can go online and refine your setup without additional tools.

Is MSE still a good choice for AV protection?

Andras Deri needs to renew his AV subscription and seeks an update on Microsoft Security Essentials.

• “You last reviewed Microsoft Security Essentials in a Jan. 13, 2011, article. I am now ready to renew (or not) my old virus-checker, AVG, and I wanted to ask whether you still have the same positive opinion of MSE.”

Yes, I do, Andras. My main lines of defense on all my PCs are Windows’ built-in firewall and free Microsoft Security Essentials (site).

I supplement these with Secunia PSI (free and paid; site) to keep all my software up to date. I also run the paid version of Malwarebytes Anti-Malware (site) on my main PC and the free version on my casual-use machines.

Other than the one time I deliberately let my PC become infected as a test and learning experience (see the April 7, 2011, Top Story), all my PCs have remained malware- and virus-free — a fact I verify with standalone malware scans from time to time.

Of course, no tool works for everyone all the time, and I can’t guarantee you’ll get the same outstanding results that I have. But MSE is free, so why not give it a try?

These days, it's all about connections

Our digital landscape is no longer just about how peripherals connect to PCs; it’s how our many digital devices connect to the Net.

Here’s a quartet of new hardware that handles input/output particularly well.

WD router offers screaming streaming speed

Although best known for its internal and external hard drives, Western Digital (WD) has aggressively branched out into wireless home-networking routers. When you’re breaking into an already-crowded market, you have to find a way to differentiate your product — and WD seems to have succeeded.

The WD My Net N900 (info) is engineered to accelerate movies, videos, and gaming by providing fast throughput to multiple users simultaneously. The router’s new FasTrack technology detects multimedia traffic on the network and gives high-demand media streams top priority, regardless of whether the recipients are smart TVs, tablets, smartphones, gaming set-top boxes, and, oh yes, computers, too. The NB900 handles all network traffic prioritization in real time.

The My Net N900 is the easiest router I have ever set up — I was on the Net in about five minutes. The package includes a CD with a PDF manual, but you probably won’t need it. After attaching a couple of Ethernet cables, I launched the exceptionally simple installation program, which automatically detected all my wired and wireless connections. A step-by-step setup process walked me through establishing an SSID, security pass codes, and permissions for attaching to the router’s dual 2.4GHz and 5 GHz bands. The default 2.4GHz band is for guests, who can sign in to the Net but not my network; the 5GHz is for my network alone. In fact, the 2.4 band defaults to Western Digital-Guest.

Figure 1. WD's My Net N900 router is built to maximize streaming-media throughput.

My older Linksys dual-band, wireless-N router included only four LAN Ethernet ports — typical for most home routers on the market. The N900 includes seven LAN (and one WAN) ports supporting 10/100/1000Mbps wired-connection speeds. The box also has two USB ports for attaching external hard drives, printers, and suitable peripherals. Integrated, amplified antennas give the box a sleek look and extended range.

WD claims that the N900 can achieve speeds up to 900Mbps by combining its 2.4GHz and 5GHz bands (450 maximum from each band). To put this throughput to the test, I streamed a Netflix movie on my living room HD-TV via a wireless Roku box, streamed an Amazon movie on my bedroom Internet-ready HD-TV, and played a YouTube video on my iPad — all at the same time.

The N900’s ability to manage all three videos was impressive. On my TVs, the 720i HD movies loaded much faster with the N900 than they had on the older Linksys N router, and there wasn’t a flicker or a hiccup during playback. Ditto for the YouTube running on the iPad. (Previously, when I fast-forwarded or rewound streaming Netflix videos, reloads would come through haltingly.)

The list price for WD’s My Net N900 is U.S. $180 — or $300 with a built-in 1TB hard drive. The days of the dumb router are over.

Bargain-priced tablet does Windows — sort of

Google’s over-the-top hype of its just-released $199 Nexus 7 tablet (info) was taken hook, line, and sinker by the media. You’d think it was as revolutionary as, say, Congress suddenly acting agreeable. Reviews about the 7.8-inch-by-4.7-inch tablet have been uniformly positive. This review is positive, too, but with a few reservations.

Following in the footsteps of Amazon’s similarly priced and sized Kindle Fire, Google designed the Nexus so that users have to buy apps, music, video, and books through the Google Play store. But thanks to the inclusion of Google’s Chrome browser and Google Docs, you can also write and edit Microsoft Word documents. Of course, performing this on a seven-inch screen has its limitations — even if you forgo the Nexus 7’s on-screen keypad and add a third-party Bluetooth keyboard.

Overall, the Nexus 7 is well designed. Wirelessly connected to the aforementioned WD My Net N900 router, the Nexus 7 delivered dazzling wireless networking speeds and quick browser-page refreshes. It also comes with a scratch-resistant, Corning glass, 1280-by-800-pixel HD display that produces crisp images. (Scratch-resistant, but not fingerprint-resistant: after modest use, fingerprint smudges abounded. Hint: Invest in an inexpensive tablet stylus.)

The promised 10-hour battery life is no lie — if you turn off Wi-Fi and Bluetooth broadcasting. With both turned on, you can still eke out close to nine hours of HD-video playback. I didn’t test the 300 hours of standby mode, but judging from regular usage, I bet that’s accurate.

Figure 2. Google's Nexus 7 does Google apps with style — anywhere there's a Net connection.

Built by ASUS, the Nexus is powered by an Nvidia Tegra 3 quad-core processor, has 8GB of storage (before formatting), and is loaded with Google’s new Android 4.1 (Jelly Bean) OS.

Like the iPad, the Nexus has a built-in, automatic, screen-rotating gyroscope. But when I used it, it switched from the default portrait orientation to landscape only when I viewed videos; it did not automatically change when I flipped the tablet to a horizontal wide-screen view.

The Google Play store offers thousands of book, music, and app titles, but I think its best attribute is its facile handling of Google apps such as Chrome, Gmail, Picasa, and Google Docs. With a Google account, documents, images, media, Gmail messages and contacts — you name it — automatically sync with other Google-connected devices and Google Cloud (where you get 10GB of free storage).

With cross-platform synching, I can create a Word document or Excel worksheet on my notebook, edit at a later time on the Nexus, and then save it to the Cloud, where I can access it from anywhere. Swiping makes flipping between e-mail threads easier, and you can search through Gmail messages whether online or off.

The $199 Nexus 7 should make a formidable competitor to Amazon’s Kindle.

Keyboard takes a licking and keeps on clicking

My friend Alan is a hunt-and-peck typist who pounds his keyboard until the painted letters on the keys wear off. He’s gone through three keyboards in as many years. Like the keyboards most of us use, Alan’s has membrane contacts. What he needs is a mechanically based keyboard — and depending on how you type, maybe you do, too.

Let me explain the difference. The now-common membrane keyboard is made as a single, uniform unit with rubber domes under each key. Because the key mechanism is one complete unit, the keyboard is cheaper to produce and better at keeping out dirt and liquids. But keyboards of this type also often have a spongy feel and give little feedback. Moreover, their rubber innards are not especially durable — especially for typists such as Alan. Most of today’s desktop PCs and all notebooks use membrane keyboards.

Those of us of a certain age remember the original IBM keyboard. Many believe it was the ultimate digit-based input device. As was true of all mechanical keyboards, it was built with separate moving parts under each key. The design offered various levels of resistance, a tactile feedback with an audible click, and in some cases, laser-etched (not painted) letters.

There’s a handful of manufacturers still making mechanical keyboards, and Das Keyboard (info) offers some of the best. I checked out the Das Keyboard Model S Professional Silent to see whether mechanical keyboards are still worth their thunder.

Figure 3. The Das Keyboard uses mechanical switches to give an old-school feel to typing.

At first, I was put off by Das Keyboard’s need for two USB ports. But it soon became clear that one connector was for the keyboard and the other for a pair of high-speed USB ports on the keyboard’s right side. Peeve canceled. The keyboard comes with a 6.5-foot cable and a PS/2 adapter. (Remember those?)

The key switches are gold-plated and rated for 50 million operations. (Das Keyboard uses Cherry MX Blue mechanisms; Cherry Corporation is the largest producer of key switches and produces them in various sensitivities.) The key caps are laser-etched to prevent fading.

The proof is in the typing, and I found touch-typing on the Model S was faster and produced fewer typos. Although dubbed Silent, there was still a noticeable — but not particularly disagreeable — key click. I did need a tad more force to press the keys, but that only added to the responsive feedback.

When I returned to typing on a Logitech keyboard, it felt mushy by comparison.

Choosing a keyboard is much like selecting your mattress — you go through some trial-and-error time before discovering what’s right for you. But I bet most folks would go mechanical if they could afford it. Oh, yeah — the price for the Das Keyboard Model S Professional? $135.

Stick your USB ports into a wall outlet

Newer Technology’s Power2U (info) requires some basic electrical skills. But once installed, it provides a convenient way to charge all your USB-dependent portable devices and free up the limited USB ports on your computer. The $25 wall unit looks like the conventional, two-plug wall outlet found in every home. But a closer look reveals two high-power, USB ports hidden behind spring-loaded safety shutters. The entire kit includes mounting screws and wall bracket plus in-depth, step-by-step installation instructions. (There’s an online installation video, as well.)

A smart-power feature outputs the exact charging power required for each USB device and cuts the power when the device is fully charged. Available in different colors, the Power2U is best when installed above desktop level and not near the floor, where most electrical sockets are found.

Figure 4. The Power2U adds two USB power ports alongside standard AC outlets.

Depending on the location of your current outlets and your skills with a screwdriver, it takes about half an hour to switch out an old socket for the Power2U. But before purchasing a unit, go to the Newer Technology website for information on whether your electrical boxes are compatible — most are, but there are some exceptions.

And one more very important note: Make sure you switch off the appropriate circuit breaker before you take the plate off that old outlet!

Better system security: Patch it or remove it

A recent phishing attempt is a reminder that the bad guys never stop trying to gain access to our PCs and accounts.

Take some time for a close look at your Windows machines, to ensure they’re as patched as they could and should be.

Tipped off by a suspect Facebook alert

It all started with a shocking e-mail. Like many (most?) PC users, I have a Facebook account and try to engage in some social-media interactions. When someone posts to your wall, it’s normal to get an e-mail alerting you to the new post. But I received an alert that was both shocking and extremely rude — certainly something that I would never have expected. Curious as to why someone had posted such an unwarranted remark on my Facebook wall, I put my mouse pointer on the usual “see comment” link and almost clicked. Some small doubt entered my mind, and I simply hovered over the link.

That saved me from a possible phishing attack. Hovering over the link popped up the full URL, and it was immediately obvious that the link wasn’t going to Facebook. The link looked suspicious, so I went to Wepawet, a site that checks for malicious scripts on other websites. Run by several universities to study ways to diagnose malicious code, it’s also a way for all of us to examine sites without clicking their links.

Using the Wepawet site, I determined that a malicious iframe HTML element (more info) was being used to call another malicious site. The Wepawet report indicated that the malicious website was trying to use the Windows Help and Support Center vulnerability we patched way back in 2010 with KB 2229593 in MS10-042.

Seeing such an old threat should make me feel comfortable that, as long as I stay reasonably up to date with patching, I’ll be okay. But instead I was reminded of a recent blog post that described how many Java script attacks use several vulnerabilities (including the Help Center vulnerability) to attack systems. (These are called Blacole [definition] attacks.)

A TechNet MS Security blog points out that the exploits look for Adobe Flash Player, Adobe Reader, Microsoft Data Access Components, the Oracle Java Runtime Environment, and other popular products and components to attack. The malicious website can change its attack strategy to go after one or more of these vulnerabilities.

Older Java versions might leave you at risk

The TechNet blog goes on to say that it’s critical to remove any older and unnecessary versions of Java. If you connect to a bank site that requires an older, unpatched Java, you should let the bank know that it’s putting you at risk.

Secunia 3.0 (site) — reviewed in this week’s Top Story — has tools for identifying many out-of-date applications on your computer. But it didn’t find the three dated versions of Java on my computer, including Java 6 Versions 15, 26, and 33, as shown in Figure 1. (While Java 6 Version 33 is the latest of the “6” line, Java 7 Version 5 (download site) is the latest edition of the Java platform.)

Figure 1. One aspect of system updating is removing out-of-date software such as these Java versions, highlighted in yellow.

I highly recommend manually scanning your system to see what Java versions are installed. To do so, use Windows’ Add or Remove Programs (XP) or Programs and Features (Visa and Win7) tools in the Control Panel. Uninstall all versions of Java and then go to the platform’s site and download Java 7. (The lesson? Keeping a system updated can also mean removing obsolete components.)

Secunia 3.0 did point out that I was running dated versions of Adobe Shockwave, Mozilla’s Thunderbird, and Skype.

Although Secunia is good at keeping your software current, this example shows that you can’t rely just on automatic tools. On a regular basis, use Windows’ built-in software removal tool to remove applications you no longer use or just don’t remember ever installing. If you don’t recognize a particular app, back up your PC before uninstalling it, just in case it was something your system needed to run properly. You can also post a question in the Windows Secrets Lounge and get help from a fellow member.

It’s time to do some patch housecleaning

Most computer security experts are probably baking in the Las Vegas sun this week and listening to esoteric presentations at the annual Black Hat security conference.

Meanwhile, we get a bit of a summer break, too, from Windows updates — so take some time to ponder the use of Windows gadgets, patch Firefox, and say goodbye to Thunderbird.

2719662

Waiting for details on the gadget threat

This week, we’ll find out exactly what AV researchers Mickey Shkatov and Toby Kohlenberg know about the insecurities of Vista and Win7 gadgets when they deliver their presentation at Black Hat. Woody Leonhard gave a preview of this problem (and some advice) in his July 19 Top Story, and Microsoft posted Support article 2719662, which contains a fixit for disabling gadgets.

I hope Shkatov and Kohlenberg tell us that the threat from malicious gadgets is relatively low for home users. I’d love to keep using my favorite weather and calendar gadgets. If Microsoft truly thought the risk was high, it would most likely have rolled out a patch instead of the optional security advisory it posted.

Once this article is published, I’ll post some thoughts on this issue in the Windows Secrets Lounge and will also revisit it in the last Patch Watch for August. I welcome your comments; you’ll find a link to this column’s Lounge post at the bottom of this article.

What to do: Until we have more information on the threats to Vista and Win7 gadgets, take Woody’s advice to disable them with the fixit in 2719662.

MSXML Core Services 5.0 patch still MIA

As reported in the July 12 Patch Watch, we received updates for Microsoft XML Core Services 3.0, 4.0, and 6.0. But an update for XML 5.0 was missing in action — and still is. According to an MS Security Research & Defense blog, Office 2003 and 2007 users should apply MS fixit 50908.

This is one of those threats that are easily avoided. According to the aforementioned blog, the default configurations of IE Versions 7, 8, and 9 will display a warning box when a webpage tries to run the MSXML 5.0 control. The user then has to specifically allow the XML control to run. Unfortunately, the warning doesn’t distinguish between malicious and safe sites, so when a website gets flagged, you might wonder whether to proceed or not.

What to do: Run fixit 50908 — especially if you have Office 2003 or 2007 installed. With luck, we’ll have a patch soon, and we’ll have one less thing to worry about.

Mozilla adds secure searching by default

In the latest version of Firefox (14.0.1), any Google search now automatically uses secure socket layer (SSL) security by default. According to the new version’s release blog, Google is the first and only search engine to use HTTPS by default with Firefox, but Mozilla plans to add the feature to other search engines down the road.

Version 14.0.1 also has numerous critical security fixes — including several that protect from remote code-execution attacks — as detailed in the update’s release notes.

What to do: Keeping your browser up to date is one of the best ways to keep cyber criminals at bay.

Thunderbird put out to ‘stable’ pasture

If, like me, you’re a fan of Thunderbird, you’ll be sad to know that Mozilla is effectively retiring its venerable e-mail client. As noted in a lizardwrangler.com blog, Thunderbird will be placed into a stable deployment cycle. This means Mozilla will continue to release security updates, but any new features will have to come from the outside developer community. Practically speaking, it might not get the bug-fix attention it used to.

I’ve always liked Thunderbird because it gave me the ability to combine e-mail with an NNTP-based (more info) news client. It also lets me easily view e-mail headers (unlike Outlook, which makes header information nearly impossible to find), hover over links to get full URL info, and generally have more control over how I view and interact with e-mail. I use Outlook for my business mail, but I’ve used Thunderbird since its inception for all my community interaction.

Mozilla blames the change on the rise of webmail, such as Gmail and Hotmail, and on the company’s need to apply more of its resources to other projects. But I don’t find webmail clients nearly as robust as Thunderbird.

What to do: If you’re a Thunderbird user, make sure you’ve updated to Version 14 (site).

Time to install (or skip) some previous updates

This week I’ve updated some recommendations in the Patch Watch chart. For example, I think it’s time to install the two SharePoint patches. However, if you’re updating SharePoint 2010, remember to run the psconfig command after installing the patches. You’ll find more information on exactly how to do that in a TechNet Windows Server Essentials and Small Business Server blog.

For XP users, I now recommend skipping KB 2686509, the Windows Kernel Mode Driver patch related to keyboard-layout problems. If you’ve installed it, fantastic! But if you’ve been unsuccessful getting it installed — even after following the various wiki recommendations — I’m cutting you some slack and suggesting you simply hide the update.

Finally, there are several nonsecurity Office updates that you might as well skip: KB 2553248, KB 2553267, and KB 2553406.

What to do: Review the updated Patch Watch chart below for all the latest recommendations.

Regularly updated problem-patch chart

This table provides the status of problem patches reported in previous Patch Watch columns. Patches listed below as safe to install will be removed from the next updated table. For Microsoft’s list of recently released patches, go to the MS Safety & Security Center PC Security page.

Status recommendations: Skip — patch not needed; Hold — do not install until its problems are resolved; Wait — hold off temporarily while the patch is tested; Optional — not critical, use if wanted; Install — OK to apply.

Three inanimate dancers: kite choreography

Ray Bethell is a world-champion, professional kite flyer from Vancouver, British Columbia. He has managed stacks of kites in the air — as many as 39 at a time. In this video, he flies three kites balletically. Enjoy the show. Play the video