Showing posts from 2009

Make Windows remote login more secure without using a longer password: set a login lockout

This page has some useful info for making your WinXp remote desktop more secure. I wouldn't follow all the advice, but some of it is certainly useful. I'm a fan of changing the account lockout policy, in particular, since it makes it very hard to remotely connect and guess the password by trying a large dictionary of possible passwords. In short, it sets a limit on the number of failed attempts (per user), after which the account is locked for a specified amount of time (no login allowed, even if the password is right). They suggest a lockout rate of 3/3/3 (attempts/lockout time/reset failure count time), which would limit you to 1 password test a minute. This is the right idea, but for butterfingers here it could potentially lock me out, which I don't like. A better setting is 10/10/10, which would also limit the throughput to 1 guess/min, but would allow me to make up to 10 mistakes before any limit is encountered.

Note: this applies to everything, not just remote desktop. So you can use this to secure other remote login options, like SSHD (I use Cygwin's implementation).

Review: Bit Defender Free Edition - On demand Virus Scan

Many people say you *need* a real-time anti-virus program on your computer that constantly checks for virus infections every time you launch a program or load a document. I say: real time virus scan software can cause almost as much slowdown and crashes as the virus/malware you are trying to protect against. Better to run the scanner just once (on demand) - when you first download a new program. You save on computer resources, and avoid compatibility issues.

Bit Defender offers a free version of their anti-virus/malware scanner that only runs on demand - the big 'feature' they are offering in the non-free version is real-time protection. The download link is here. Note that they give you the hard sell - you have to repeatedly confirm that you really want the free version. A bad sign.

The installation is pretty invasive. Several programs are loaded into memory even when you aren't running a scan - the whole point of on-demand scanning is to avoid this kind of bloat! Also, an item is added to your context menu in explorer, with no clear way to turn it off.

When you start the program it also takes the opportunity to remind you that it's only the free version, and that you should upgrade. Well, that's fair game for any shareware app, but it is annoying, given that other free scanners don't do that. To top it off - the free program expires (in about 100 days, in my case), after which you must reinstall again. I don't think hassling users is a good way to get them to upgrade to the full version.

All in all, it seems that Bit Defender Free Edition is a reasonable choice for cleaning out a known infection, but is too annoying to regularly use as a on-demand scanner. The context menu does make it very easy to scan a file on demand, but at the cost of making your menu all that much more bloated. Give me a "send to" option, or let me drag and drop the file I want to scan. Within the main program have an option where you can select a particular folder for scanning (say, your download folder), and save that as a pre-defined 'task' you can activate with one click next time you start the program. That would be a fine option if didn't insist on nagging you about registering and loading needless programs into memory even when not scanning.

On the whole, I'm unimpressed. HouseCall seems to be a better option; it has fewer options, but works more or less how you want right out of the box, and isn't so annoying.

Review: Trend Micro "House Call" - free On demand Virus Scan

Many people say you *need* a real-time anti-virus program on your computer that constantly checks for virus infections every time you launch a program or load a document. I say: real time virus scan software can cause almost as much slowdown and crashes as the virus/malware you are trying to protect against. Better to run the scanner just once (on demand) - when you first download a new program. You save on computer resources, and avoid compatibility issues.

Today I consider a free On Demand anti-virus program: Trend Micro HouseCall (7.1 beta). This program will scan for spyware and viruses on the folder or disk drive of your choice, and each time you run it, it automatically checks for new updates. Since it's from a major Anti-Virus vendor, it's likely to be updated very frequently. And the interface, as you can see, is very simple. To install, you download HousecallLauncher.exe, which is deceptively small, and actually creates an installation in your Windows Temp dir, and downloads the latest anti-virus signatures. This installation seems to persist after you close the program (nothing stays resident in RAM, however).

Scanning is very fast if you select the default option, but this doesn't check all of your installed programs, so it's a bit misleading. A full scan checks every single file on your computer (independent of file time), and takes a really long time. For on-demand use, select the custom option, and then the directory where the newly downloaded file lives. The program can search inside ZIP files; I don't know about other archive types.

As an on-demand scanner, it's very reasonable, but not 100% optimal, for two reasons. First, it takes a while to load, and second, you have to navigate through the gui to select the target folder to scan (no drag-and-drop or command line options).

How to pause animation in PowerPoint

If you have a long animation looping animation that you want to be able to pause and then resume, there's an easy way to do so with the keyboard. Press the 1 key, which puts you in the mode where you can type in a slide number to jump to. In this mode, all animation is paused. To get out of this mode without jumping to another slide press the ~ key.

There are lots of keyboard shortcuts in Powerpoint; press F1 to get a list. Note that one of them is listed as "pause" (S key or + key) but this doesn't actually seem to work in all the situations that the trick described above does.

Tested an known to work in PPT 2003.

Add 960x600 resolution (16x10 aspect ratio) to ATI Radeon display drivers

ATI doesn't offer a lot of different resolutions built into their drivers. If you have a wide aspect monitor (16x10, for instance) and you want to run at a lower resolution that preserves the aspect ratio, you'll need this hack (I do it to make full-screen flash videos play smoothly 0n my 1920x1200 LCD). All it takes is regedit and a bit of attention to detail.

First, you need to determine the registry key you need to edit. This will vary by computer, but can be looked up in the catalyst control panel (see first pic). Note the "2D driver file path". Now open regedit (start>run>regedit), and navigate to that key, which will be something like HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Video\{random numbers here which you just looked up}\0000]

Next you want to edit DALNonStandardModesBCD1; just follow the format of the binary data, and add the resolution (+ refresh rate) to the end of the key.

See second pic for example that adds 960x600 at 60hz. Note the leading zeros, required if the resolution is less than 1000. The order of the lines does not matter, but those leading zeros (and the zeros between the resolution and the refresh rate) must be preserved.

Finally, reboot. Tested and known to work with the 6.9 drivers. Thanks where it's due: I first figured this out from this forum post.

Convert PDF to PNGs for free using ghostscript

Ghostscript is PDF and PS rendering program for Unix ported to pretty much all OSes, modern ones included (AKA Windows). With this free, GNU program, you can make high resolution PNG files from PDFs, which you can then edit with any regular drawing program, such as PhotoShop or the Gimp.

Just open the PDF in GSview, and select convert from the file menu. The dialog box will let you select the output file type (I suggest PNG16m if you want color, otherwise PNG256 is fine if you just plan to print the file). Use 600DPI (aka resolution) if you plan to print the files and want sharp text (lower DPI is fine for screen use). After you hit OK ghostscript will ask you for the output filename. The non-obvious but important trick is that the file name should include the following text: %03d this will cause ghost script to output a separate PNG file for each page in the PDF. For instance, you can use the output filename output%03d.png. Otherwise you just get the first page.

Google Chrome now supports spell-check in blogger posts

I've been using Google Chrome for a while, and on the whole it's a nice web browser. Given that the main job of a web browser is just to render webpages, how much value added can there really be? In truth, not that much, but Chrome does a very nice job of handling tabs, wastes less screen space than any other browser, and is quite fast. It also uses less RAM than IE and Firefox, if you run it in single process mode, though that does eliminate one of its nicest features: if the browser crashes, it only kills the current tab, and all others remain running.

There was just one nagging little problem, up to version Though chrome has a built-in spell checker (not the very best, but it does a good enough job at making suggestions for most people), it only works on a subset of web forms. Most notably, it never worked properly in Blogger. Now, however, it does. Just right click in the form, and select Spellchecker options to enable it.

If you do come across a misspelling that Chrome cannot correct, you might try FreeSpell, which adds a very high quality spelling suggestions to all windows programs.

Remap keys under windows without TSR!

SharpKey is a simple, free program that uses the built-in keyboard map (via the windows registry) to change the meaning of keys on your keyboard. The classic use for this is to remap the left caps lock key to be a control key. On older Thinkpads it can also be used to give yourself a Windows key (I like to remap the useless browser keys for this purpose). Since it just changes the underlying keyboard map there is no possibility of macros, or fancy things like that. But that also means that you don't have to have the program resident in memory in order for the remapping to work (hence the old DOS joke in the title of this post). Highly recommended.

Free or low cost tax 2008 prep online - 2009 pricelist

The IRS has a website listing the free online tax preparation websites for your 2008 taxes for the 2009 April 15th deadline.  All the sites offer free Federal filing, but most charge you for state filing. Turbo tax does both for free if you make less than $30K and live a select set of states. I live in California, so that doesn't help me. Tax slayer has free prep for both fed and state if you are below 25, or make less than $10 k.

California also has a website that lists free state tax prep. I've never heard of most of those companies, so I'm a little hesitant to use them. The also have a state-developed "calfile" site that is free to most all Californians (here's a less then ecstatic review from 2005). The ultimate cheap option is to use one free site for your fed taxes and one for your state taxes, but as you will see below that only saves you $10, vs. the cheapest reputable pay sites.  Doing both taxes on one site is nice because you don't have to double-enter anything. 

If you can't do it for free, how much does it cost from the major providers to do both if you make less than $55k (unless otherwise noted)? (prices as of 2-5-09)

Tax$imple $10
H & R block: $30
TaxAct $14
Turbo Tax Freedom Edition (if you make less than $30k) $10
Tax slayer $10
Complete Tax: $15 (if you make less than $31k).

(note to get these prices you may have to follow the link from the IRS website).

I've used all of these, over the years, and they are all OK. I've been most please with Turbo Tax and H&R block over the years, interface wise. But none of them stand out as being all that different, really. 

Netbooks compared on price and features

I made a matrix of Netbooks, split by OS (Linux or Windows) and Hard disk (SSD or HHD):
OS / HD Linux OS Windows OS
SSD Asus
Eee PC4g
512MB/4GB/4cell $250

Aspire One
1GM/8GB/3cell $280

Aspire One
512MB/8GB/3cell $329

Aspire One
512MB/16GB/3cell $350
mechanical ASUS
EeePC 900HA
1GB/160/4cell $329

1GB/160/4cell $340

Aspire One
1GB/160GB/6cell $380

Wind U100
1GB/120GB/3cell $350

Lenovo IdeaPad S10
512MB/80GB/3cell $350

Notice anything interesting? Netbooks only appear along the diagonal of the matrix. It seems you can't get a Windows netbook with a solid state disk, or a Linux netbook with a mechanical hard drive. A strange set of optimizations, if you ask me. Given how much excitement there is about this category, you'd think that there would be at least some examples in the other two cells of the matrix. True, not every netbook is listed here, but this is a representative sample of what I could find on Amazon and Newegg. I'd welcome reader comments on netbooks I missed.

Reducing Chrome memory footprint & comparison to Firefox

Google's Chrome is the newest web browser to challenge IE's dominance. One of it's claims to fame is that each Tab (or now, each website) runs in its own process. This means that if a Tab crashes it doesn't effect the rest of the open Tabs.

While great in theory, in practice this turns out to be relatively useless. Chrome is actually about as stable as Firefox, so crashes really are not a problem. Using a separate process for each Tab does use more memory, however. All of the program code is shared between processes, but data is not, and this means that each new Tab has some overhead that would not be consumed in a single process browser. My limited testing, to be described below suggests that each tab takes about 10MB extra RAM, which won't be a big deal of you have Gigs of RAM installed on your machine, but could be quite a problem on lower-end machines.

The good news is that Chrome can be run in a single process mode - which is incidentally how I estimated the amount of overhead for each tab.

To switch Chrome to a single process mode, you need to change the command line arguments to Chrome.exe. I use an icon/shortcut on the desktop to start Chrome, so I just right clicked to get the properties of that shortcut, and then added --single-process to the end of the Target edit field.

I did a really quick before and after test to see how much of a change this made, by loading three websites: gmail,, and These websites are relatively graphic, javascript, and flash rich, which should actually minimize the relative contribution of multi-process overhead to the total memory usage.

The memory usage for these websites, immediately after loading all 3:

multi-process: 120MB
single-process: 90MB

Firefox 3.0.5: 135MB (no extensions or addons)

As you can see, the single process mode does make a difference. More surprisingly, it looks like Chrome is actually a lot more memory efficient than Firefox. More comprehensive testing would be a good idea here, but at the least, it appears that Chrome is no worse than Firefox.

So for now, I strongly recommend you check out Chrome, and run your own tests. It also has a nice interface, and doesn't waste screen space with lots of "chrome" :-). The only big downside I have seen so far is that it's built in spell-checking facility is really weak. It often doesn't have any good suggestions for more phonetically based spellings, and even typos can sometimes stymie its suggestions. Furthermore, the spell-checking facility doesn't even load on some websites (notably, blogspot). In the mean time, I use FreeSpell, which makes excellent suggestions and works with all websites (and applications) [Disclaimer: I wrote FreeSpell].

Email me


Email *

Message *