Tech Bitch

Criminals are never at a loss for new materials. They’re also a pain in the friggin’ ass. Professional malcode authors are constantly evolving their tactics at the expense of unsuspecting victims, driven by the goal of detection evasion and greater profitability. Authors, like those behind Storm Worm, have automation systems designed to pump out new variants every hour, minute, or even second. With malware authors releasing new variants at a blazing pace, 2008 will be another record year of malware.

There is a raft of anti-malware solutions on the market, but Comodo Firewall Pro 3.0 is a little different - it’s a highly effective and totally free software firewall application. It’s a proactive solution based on Comodo’s new ‘A-VSMART’ technology architecture - short for ‘Anti-Virus, Spyware, Malware, Rootkit and Trojan’ - and helps prevent virtually all types of threats from penetrating your computer. Yet despite its sophisticated level of prevention, the software remains easy to install and use, and offers plenty of customisation options for the advanced user.

Comodo Firewall Pro 3.0 does a great job of protecting computers from malware because it operates from a prevention rather than a detection perspective, and incorporates a sophisticated, layered threat management approach. Unlike detection/signature-based firewalls and anti-virus solutions that allow all applications to gain access to system resources and then try to detect previously identified viruses by their signature, Comodo Firewall Pro takes the opposite approach - it allows only those applications known to be safe to gain access to computer resources, greatly reducing the probability of damage occurring.

Comodo Firewall Pro 3.0 uses an advanced Host Intrusion Prevention System (HIPS) that proactively monitors system and system processes to detect and prevent system changes such as rootkit installations, inter-process memory injections, and key-loggers. HIPS technology is driven by a white list architecture which identifies trusted applications and prevents untrusted applications being installed onto your computer. Comodo says it has one of the largest white lists in the industry, with a database of nearly 1 million safe executables. The integrity of every executable is checked against this database to determine whether or not it is genuine before it is given installation rights. With this system, potentially damaging applications should be prevented from being ever being installed.

How much interaction you have with the software relies on how you install and configure it. Typically, if you choose ‘Basic’ mode you don’t need to do much at all - you get a simple personal firewall that protects against attack from outside and controls which programs can access the Internet, much like ZoneLabs’ ZoneAlarm. Opting for ‘Advanced’ monitors and protects many other critical system resources, meaning you’ll get a lot more queries and notifications which need actioning. Thankfully, you can minimise pop-ups by allowing the software to automatically approve any program found in Comodo’s database of safe programs.

It also provides you with the ability to install the solution in Clean PC mode, which is useful for new PCs. In these cases, Comodo Firewall Pro creates a profile of the computer with all existing applications registered as safe. The firewall then prevents any unrecognised applications from being installed unless the application is recognized by Comodo’s white list, or you grant installation permissions. It also prevents any suspicious system processes from running. Furthermore, ‘Stealth’ mode helps to make your PC ‘completely’ invisible to opportunistic port scans, there’s a Wizard-based auto-detection of trusted zones, and you can password protect all firewall settings.

Version 3.0 sports a redesigned user interface without the separate Comodo Launch Pad used by Version 2.0. The updated software also offers a default summary screen displaying an immediate heads-up on all vital security settings and provides a central point of navigation to every part of the application. Pop-Up alerts also provide critical security information, such as when the firewall detects a potential security threat. Version 3.0 gives you more control over security settings. For instance, you can quickly set granular Internet access rights and privileges on a global or per application basis using the flexible and easy to understand interface, and the introduction of pre-set security policies allow you to deploy a relatively sophisticated hierarchy of firewall rules with a couple of mouse clicks. A vastly improved log management module allows you to export records of firewall activity according to several user-defined filters.

Comodo Personal Firewall locks down your system against internal attacks such as Trojans, viruses, malicious software and external attacks by hackers. It supports Windows Vista, a new interface and a whole host of improved security features, including host intrusion protection, network-based firewall and an application analysis engine. As malware writers use a variety of techniques to evade simple program control, virtually every such technique is covered by Comodo Personal Firewall’s monitoring. If you are still using the Windows Firewall (or worse, no firewall at all), give Comodo a try - it’s free and you’ve got nothing to lose … [8.5]

The concept of computer imaging is a Godsend for anyone who’s endured the Setup program for Windows more than 10 times in their lives. You can create a single system image and send it out across your network to keep all your workstations uniform and up-to-date.

Cloning was originally developed as a method of quickly setting-up new Windows computers and rolling out applications and updates. An ‘ideal’ desktop computer’s software and configuration is captured as an ‘image’ that is then replicated onto multiple machines using cloning software. The IT landscape, however, has become vastly more complex, with constant updates to applications, configuration software, plug-ins, intelligent chips and motherboards. This means that two otherwise identical desktop computers (let alone adding laptops to the mix) can have enough driver differences to cause the cloning process to render machines inoperable without considerable manual modification.

Universal Imaging Utility (UIU) was developed to resolve this issue by simplifying the process, ensuring that when an image is taken of the ideal machine, all the driver combinations required by each machine are made available to each machine. The software therefore enables IT departments to reduce the time and money spent on image creation and deployment by streamlining the cloning process. It works with leading cloning applications such as Symantec’s Ghost, PowerQuest’s Drive Image Pro, Altiris’ Migration Suite, Novell’s ZENworks and Acronis’ TrueImage, making it possible for these programs to create a single, clean disk image. The image created will then work with virtually any Windows platform or configuration.

So how does the software work? Used in conjunction with your regular hard disk drive imaging software it creates a disk image that can be successfully deployed to nearly any PC in your environment, regardless of HAL type, processor, PC make or model. Maintaining individual images for PCs from Dell, HP, IBM, etc. is no longer required. Designed for Microsoft Windows Vista, XP and 2000 systems specifically, UIU resets your existing Windows installation to a similar state, allowing for correct detection of different hardware platforms upon image deployment without crashing the systems. A regularly updated driver database is also installed, assuring greater compatibility with new hardware components. So, as you get new hardware, with new video, network and audio components, you need not maintain those drivers.

How difficult is it to use? The procedure is actually relatively easy: you setup your Master Windows 2000, XP or Vista computer and capture a base image using the guidelines provided. This is the most time consuming step of the process. UIU will then modify your system, install drivers, launch Sysprep, and then shut your PC down - all in less than 10 minutes. At that point you need to take a normal image in DOS or Win PE (do not reboot to Windows!) using your disk imaging software. That’s it. No drivers, no Plug-n-Play IDs, no need to sweat through Sysprep. UIU even creates your Sysprep.inf or Sysprep.xml file for you. You can then deploy the image to your other PCs the way you always have.

Support for Microsoft’s System Preparation tool (Sysprep) helps keep you in compliance with Microsoft’s standards for disk imaging, and UIU uses it to help detect the hardware components on a machine receiving a Universal Image. Additionally, Sysprep will change the Security ID (SID) on your recipient PCs, allowing for consistent interaction with any Active Directory domain structure. UIU handles Sysprep for you though, so there is no need to build a custom Sysprep answer file.

Because UIU strips the image to its bare bones, you could potentially take an image built on an IDE-based machine and port it directly to a SCSI or SATA platform. It also incorporates other Hardware Abstraction Layer (HAL) configurations into the base image and resets the original HAL, so you don’t even have to confine your image to similarly configured machines (the HAL acts as the interface between hardware and software). During the UIU master image installation process, you can specify these as additional options. You can also use your own .INF file. Sysprep doesn’t achieve nearly as much as this as it mainly does things like initiate the mini-setup to search for new hardware, reset user/machine details and rewrite SIDs.

Licensing for UIU 2.0 is per-seat and is based on the number of computers that receive an Image which was prepared with the assistance of UIU. Corporate pricing starts at under £11 per-seat for up to 99 computers and goes down to less than £5 per-seat for 5000 or more licenses. Academic and Government pricing is also available. Almost as important as the software itself, when you license UIU, you get the driver database, which Binary Research updates on a regular basis. These regular updates are most helpful if you frequently refresh your images. If you have a great diversity of workstations, desktops and laptops on your network, UIU can save you tons of time in terms of keeping your images up-to-date.

There are some limitations, however. Windows Server installations aren’t supported, even if the imaging software can create server images, and RAID disks aren’t supported. SCSI drives can’t be used as sources either, so although an image can be installed to a SCSI drive it can’t be created from one. Furthermore, an image created on an ACPI-compliant system won’t be happy on a system that isn’t. And finally, your disk-imaging software must be able to run from a DOS prompt - Windows-based imaging software isn’t supported. It’s definitely worth a look though. [7.5]

Earlier this month Apple dropped the price of its smallest flash memory player to just £32. Wow! It also bumped its capacity to 2GB (around 500 songs in 128Kbps AAC format) and charges just £45 for the pleasure (1GB model still available). So I thought now was as good a time as any to get one in for review and see what I’ve been missing.

The immensely popular iPod Shuffle is a sight to believe - it’s just half a cubic inch in volume, weighs an unnoticeable 14g, features a minimalistic aluminium design with a built-in clip and comes in five metallic colours - silver, blue, green, purple and a (PRODUCT) RED special edition. There simply isn’t anything else on the market that’s as portable or as hard wearing.

The iPod Shuffle is also the world’s most wearable iPod - just take a look around the next time you’re in the gym! Now let’s not get carried away - the iPod Shuffle’s features list is almost non-existent and you have to use iTunes to get your music onto in. On the plus side there’s a vast ecosystem of accessories with over 4000 products made specifically for the iPod including cases, fitness accessories, and speaker systems. It should work with a lot of modern automobile stereo systems, too.

There’s no display on the iPod Shuffle, so it’s not great for discovering new artists, but using it is a snap. Tactile controls on the front let you alter volume levels and skip tracks, and there’s a dedicated on/off switch and shuffle switch - the latter either randomly mixes up the song order or resets back to the order in which the tracks were synced from iTunes. I was pleasantly surprised to find that the player actually outperformed Apple’s 12-hour battery life rating, and not by just a few minutes, but a few hours - I managed to get 15 hours!

The iPod Shuffle requires a Mac with a USB 2.0 port, Mac OS X 10.4.8 or later and iTunes 7.4; or a Windows PC with a USB 2.0 port and Windows Vista or Windows XP Home or Professional (Service Pack 2) or later and iTunes 7.4 or later (not supplied). The headphone jack doubles as a dock connector - simply flip the player upside-down and drop it into the included dock.

The iPod Shuffle isn’t about features or sound quality - it epitomises ease of use, portability and convenience. It’s time to join the revolution! [8]