Академический Документы
Профессиональный Документы
Культура Документы
0 74470 81182 4
®
June 2006 • Vol 6 Issue 06
Frontside
6 What’s Happening
12 Digital Economy
14 The Saint
Going . . . Going . . . Gone . . . .
The Experts
56 Rootkit Madness
Rob “CmdrTaco”
Why & How These “Silent” Apps Are Used
Malda
Copyright 2006 by Sandhills Publishing Company. Computer Power User is a trademark of Sandhills Publishing
Company. All rights reserved. Reproduction of material appearing in Computer Power User is strictly prohibited
without written permission. Printed in the U.S.A. GST # 123482788RT0001 (ISSN 1536-7568) CPU Computer
Pete Loshin
Power User USPS 020-801 is published monthly for $29 per year by Sandhills Publishing Company, 131 West Chris Pirillo Open Sauce
Grand Drive, P.O. Box 82667, Lincoln, NE 68501. Subscriber Services: (800) 424-7900. Periodicals postage paid at Dialogue Box page 81
Lincoln, NE. POSTMASTER: Send address changes to Computer Power User, P.O. Box 82667, Lincoln, NE 68501. page 80
Did you find the hidden CPU logo on our cover? Turn the page for the answer.
Elder Scrols IV Oblivion
Page 89
P
Online Customer Service & Subscription Center
ersonal computer security was so much easier back in the day; seemed http://www.cpumag.com
like all you had to do was make sure you didn’t load any strange floppies
Web Services
from the wrong side of the tracks, and you were pretty much guaranteed (For questions about our Web site.)
to avoid any sort of malware infestation. webhelp@cpumag.com
(800) 733-3809
Now, of course, things are different. Achieving any level of computer security
requires the proactive installation, configuration, and upkeep of multiple security Authorization For Reprints
Reprint Management Services
apps, a hardware firewall, encryption for your WLAN, and so on. That’s before Toll Free: 800-290-5460
you even consider encryption for your VoIP calls, physical security to prevent 717-399-1900 ext. 100
unauthorized onsite access, antitheft devices for notebooks, and yada, yada, yada. Fax: 717-399-8900
ComputerPowerUser@reprintbuyer.com
And after all is said and done, if someone who really knows what he’s doing www.reprintbuyer.com
decides he wants into your system, all that stuff might not make the slightest dif- Editorial Staff
ference. Much like the physical security of our homes, PC security ultimately editor@cpumag.com
comes down to the common-sense application of a reasonable array of tools and FAX: (402) 479-2104
131 W. Grand Drive
methods that give us better-than-average odds against the garden-variety intruder. Lincoln, NE 68521
Unlike home security, though, the threats to our PCs and networks are constant- Subscription Renewals
ly changing in order to beat our countermeasures, so it’s not safe to assume that (800) 382-4552
because you had your system locked up tight as a drum last year, it’s still that secure. FAX: (402) 479-2193
http://www.cpumag.com
Thus we present this month’s Spotlight section on PC security. Head to page 46 for
in-depth discussions of the latest virus, Trojan, and worm threats, a look at the Advertising Staff
(800) 848-1478
growing spyware menace, a piece on rootkits, and info on the most sophisticated 120 W. Harvest Dr.
social engineering threats. We’ll discuss hands-on steps Lincoln, NE 68521
FAX: (402) 479-2193
you can take to beat this stuff that go beyond
clicking your antivirus software’s Scan button, The Gang
and we’ll even look at some hardware that can Editorial Staff: Ronald D. Kobler / Christopher Trumble / Blaine
Flamig / Trista Kunce / Corey Russman / Rod Scher / Calvin
boost your overall state of secureness. Clinchard / Katie Sommer / Kimberly Fitzke / Katie Dolan /
Elsewhere this month you’ll find our takes on Raejean Brooks / Sally Curran / Michael Sweet / Nate Hoppe /
some of your options where uninterruptible power Sheila Allen / Linne Ourada / Joy Martin / Ashley Finter / Marty
Sems / Chad Denton / Nathan Chandler / Kylee Dickey / Josh
supplies are concerned (page 16), interviews with Gulick / Andrew Leibman / Vince Cogley / Sam Evans / Jennifer
the Garriott brothers (page 108) and RFID Johnson / Brian Weed / Holly Zach Web Staff: Dorene
watchdog Katherine Albrecht (page 104), Krausnick / Laura Curry / Kristen Miller Customer Service:
Lindsay Albers Subscription Renewals: Connie Beatty / Matt
and an excellent mod that turns a mild-man- Bolling / Patrick Kean / Charmaine Vondra / Miden Ebert /
nered Pentium D 805 into a blazing power- Kathy DeCoito / Stephanie Contreras / Nicole Buckendahl
house that rivals the Extreme Edition 965 in Art & Design: Lesa Call / Aaron D. Clark / Fred Schneider /
Aaron Weston / Carrie Benes / Ginger Falldorf / Sonja Warner /
several metrics. This issue also marks the sec- Lori Garris / Jason Codr / Andria Schultz / Erin Rodriguez /
ond installment of Barry Brenesal’s “Cutting Lindsay Anker Newsstand: Garth Lienemann / Jeff Schnittker
Edge” column, so check that out on page 94. Advertising Sales: Grant Ossenkop / Liz Kohout / Cindy Pieper /
Brooke Wolzen / Eric Cobb / Ryan Donohue Marketing: Mark
We'll see you again in about 30, and thanks Peery / Marcy Gunn / Kelly Richardson / Travis Brock / Jen
for reading. Clausen / Scot Banks / Ashley Hannant / Luke Vavricek / Becky
Rezabek / Lana Matic / Jeff Ashelford
Gotcha.
Here it is.
W h a t ’s H a p p e n i n g • H a rd w a re
Compiled by Steve Smith
Your Cursor
Comes To Life
With Mus2
PC peripheral design goes all postmodern
on us with the Mus2 wireless mouse.
Using the same shape as the Windows
cursor it controls on-screen, the Mus2
plants the two action buttons at the tip
with a power indicator in the handle to
warn that your batteries are low. The opti-
cal sensor works at 800dpi, and it accepts
standard or rechargeable cells. Art
Lebedev, who also gave us OLED key-
boards and emoticon cushions, brings us
this curious “innovation.” The Mus2 will
be available this month and cost about
$60 (as of this writing). The site says that
this mutant mouse actually fits the hand Art Lebedev’s Web site says that his
quite nicely. Sure, if you like wielding a cursor-shaped wireless mouse
saber to control your PC. ▲ “doesn’t cause any discomfort.”
H a r d w a r e M o l e
LG Straddles The Next-Gen DVD Fence
Can’t decide whether to go BD (Blu-ray Disc) or HD DVD? If other manufacturers follow LG
Electronics’ lead, you may not have to commit to one side in this frustrating war over next-gen
formats. Even though LG has supported the Sony-led BD camp in the past, the hardware
maker told dealers to expect a dual-mode device that will play back both BD and HD DVD Can next-gen DVD
discs later this year. Analysts say that the hardware manufacturers finally realize that everyone players bring peace to
will lose in a protracted battle over formats, so expect to see more consumer-friendly devices the hi-def format wars?
that play on both sides of the fence. ▲
CPU Released Original Last month’s Current Luminary Micro has a memorable
price price price price for its 32-bit microcon-
AMD Athlon 64 FX-57 6/27/2005 $1,031** $898 $898 troller: $1. The Austin, Texas,-
AMD Athlon 64 FX-60 1/10/2006 $999** $1,011 $1,011
based startup uses an ARM
AMD Athlon 64 X2 Dual-Core 3800+ 8/1/2005 $354** $292 $287
AMD Athlon 64 X2 Dual-Core 4200+ 5/31/2005 $537** $350 $347
Cortex-M3 32-bit core in its chip,
AMD Athlon 64 X2 Dual-Core 4400+ 5/31/2005 $581** $447 $447 running at 20MHz. A wide range
AMD Athlon 64 X2 Dual-Core 4600+ 5/31/2005 $803** $556* $543 of applications that are currently
AMD Athlon 64 X2 Dual-Core 4800+ 5/31/2005 $1,001** $625 $619 dominated by slower 8-bit and
Intel Pentium Processor Extreme Edition 955 3.46GHz dual-core 12/27/2005 $999** $1,011 $1,018 16-bit microcontrollers can use
Intel Pentium 4 631 3Ghz 2MB cache 800MHz FSB 65nm 12/27/2005 $178** $145* $174*
the 32-bit processor, says Wendell
Intel Pentium 4 640 3.2GHz 2MB cache 800MHz FSB 90nm 2/21/2005 $273** $212* $208*
Intel Pentium 4 641 3.2GHz 2MB cache 800MHz FSB 65nm 12/27/2005 $218** $215* $216*
Smith, director of marketing at
Intel Pentium 4 650 3.4GHz 2MB cache 800MHz FSB 90nm 2/21/2005 $401** $249* $270* Luminary Micro. At the April
Intel Pentium 4 651 3.4GHz 2MB cache 800MHz FSB 65nm 12/27/2005 $273** $278* $272* 2006 Embedded Systems Confer-
Intel Pentium 4 660 3.6GHz 2MB cache 800MHz FSB 90nm 2/21/2005 $605** $329* $329* ence, the company showed off the
Intel Pentium 4 661 3.6GHz 2MB cache 800MHz FSB 65nm 12/27/2005 $401** $408* $400* microcontroller in a robotic toy
Intel Pentium 4 670 3.8GHz 2MB cache 800MHz FSB 90nm 5/26/2005 $849** $610* $603* car that could sense obstacles and
Intel Pentium D 820 2.8GHz dual-core 2MB cache 800MHz FSB 90nm 5/26/2005 $241** $212* $197*
move around them. The micro-
Intel Pentium D 830 3GHz dual-core 2MB cache 800MHz FSB 90nm 5/26/2005 $316** $235* $254*
Intel Pentium D 840 3.2GHz dual-core 2MB cache 800MHz FSB 90nm 5/26/2005 $530** $352* $341*
controller has onboard memory
Intel Pentium D 920 2.8GHz dual-core 2MB 800MHz FSB 65nm 12/27/2005 $241** $251* $229* and is targeted at access control,
Intel Pentium D 930 3GHz dual-core 2MB 800MHz FSB 65nm 12/27/2005 $316** $324* $317* motor control, and other embed-
Intel Pentium D 940 3.2GHz dual-core 2MB 800MHz FSB 65nm 12/27/2005 $423** $437* $421* ded applications. ▲
Intel Pentium D 950 3.2GHz dual-core 2MB 800MHz FSB 65nm 12/27/2005 $637** $651* $625*
S i t e
Wikipedia vs. Britannica S e e i n g
Wikipedia has had its share of inaccuracies, and because of the nature of this online You’ve Got Game: Online
beast that anyone can edit, these errors have all been made public. (You might
remember the “biography” written about John Seigenthaler and his association If you want to find game online for
with the Kennedy assassinations, which the man himself proved false.) But what free—get your head outta the basement;
about errors in other online encyclopedias such as Britannica? Nature recently pub- we’re talking sports here—check out
lished a study (www.nature.com/nature/journal/v438/n7070/full/438900a.html) Sportsvite.com. Maybe you’re looking to
comparing Wikipedia and hook up with someone to show off your
Britannica revealing “numerous mad one-on-one
errors in both encyclopedias.” hoops skills or
Britannica, however, says the assemble a group
study was “sloppy and careless” of competitive
and seemed to take a “pro- spirits to play poker; on Sportsvite.com
Wikipedia” position. If and you could find the perfect match (or
when this debate gains force, it’s matches) for you. ▲
important for users to acknowl- P2P Internet TV Sharing
edge that we all make mistakes,
and we should all double-check Veoh.com is not just another Web site
our resources before blindly where you can watch amateurs’ bad video
believing or even criticizing clips; it’s an “unregulated Internet TV
information we find online. ▲ network” that uses PeerCasting (similar to
traditional P2P file sharing but for TV-
www.keepyouronlinestufforganized.tel quality video sharing). OK, so there are
some unpleasant video clips on Veoh.com,
June seems to be the month for online organization. (See the “Keep Track Of Your but there are some pretty good ones, too.
Life With Google Calendar” article.) ICANN is contemplating the introduction of a And why not check it out when you can
new domain to help you organize all your online (and some offline) stuff. A .TEL upload your newest home-grown sitcom
domain Web site would help you sort your email and instant messaging accounts, (any length, any size file) free? ▲
Web sites, and phone numbers and easily provide all of this information to others
on one .TEL Web site. Whether this new domain will be useful or just another
thing for us to remember remains to be seen; ICANN reviewed the plans for .TEL
in April, but we might not see a decision for months. ▲
MediaCoder Brings
Super-Translation Open Source
Here’s one open-source program that will leave you openmouthed with its
power to transcode huge batches of every imaginable audio and video file
across formats. Author Yi-Chun Huang has gathered into the nicely pol-
ished MediaCoder (mediacoder.sourceforge.net) all of the codecs and
translation tools from the worldwide open-source community into what
seems like a universal translator. You can convert entire folders of MP3,
FLAC, Ogg Vorbis, H.264, MOV, and loads of others without having to
install their native media players or confusing piles of clashing codecs.
MediaCoder isn’t for the fainthearted novice, to be sure, because there are
more obscurely labeled codec options here than we’ve ever seen. For mul- Just name a codec, and MediaCoder probably
timedia swine like us, however, this is hog heaven. ▲ can transcode it.
S o f t w a r e
S h o r t s
Apple joins the PC
BAPCo Gets Apple To Bite benchmarking
Are the historically divided worlds of Apple and club; there goes
PC finally converging after all of these years? the neighborhood.
Not only is Apple allowing Windows onto its
systems (see “Apple’s Window Of Opportu-
nity”), but the company also joined the BAPCo
(SYSmark, MobileMark) consortium of PC and peripheral manufacturers that create
benchmarks for the Windows platform. Speculation has been running wild as to why Apple
would join this group, but the motive may be to create, at long last, fair performance com-
parisons between the two platforms. Apples to apples, so to speak. ▲ The UpShot
Is Making
Microsoft’s Monaco Bites Back Shutterbugs
It turns out that the Apple and Windows worlds aren’t really living happily ever after despite all
Happier
of this month’s cross-platform friendliness. Microsoft wants to steal one of Apple’s core con- Bellamax says its new UpShot
stituencies, amateur musicians, with a Vista-based app code-named Monaco. The music syn- image editor was designed to
thesizer/editor competes directly with the Mac-based GarageBand app, but some of Microsoft’s satisfy the 75% of digital pho-
development partners say Monaco will show off Vista’s capabilities and may include unique tographers who say they aren’t
search features for finding and integrating music clips. Will aspiring Bon Jovis spurn Apple and completely satisfied with cur-
fly to Monaco? Who would you rather rock with? Steve Jobs or Bill Gates? ▲ rent editors. UpShot promises
Apple’s music synthesizer has Microsoft on its tail. more efficient photo-correction
functions, clearer embedded
tutorials, and a simplified
menu structure. Its FastFix tool
performs color correction, red-
eye removal, brightness adjust-
ment, and segment correction
with one button push. Now, if
it could digitally remove for-
mer boyfriends/girlfriends
from pictures—that would be a
standout selling point. ▲
Don’t Sing It, skull emerged from the machine, well . . . you’ll have to
buy the story rights to hear the rest.
They Bring It by Marty Sems
Boston Dynamics BigDog
It’s as if Dr. Doolittle has been marooned on a technologi-
cal Island of Dr. Moreau. The BigDog prototype from
Boston Dynamics (www.bdi.com) looks like a mash-up of a
pushmi-pullyu and Herbie Hancock’s “Rockit” video. In
the big, 27MB WMV video on the Web site, you’ll see this
quadruped robot negotiate harsh terrain and even recover
from a few kicks and shoves with amazing, computer-
controlled balance. The military and rescue potential here
is huge, although Boston Dynamics, a MIT spin-off,
declined to estimate BigDog’s eventual price, nor when/if it
might canter onto the world stage. If you ignore the racket
of its gas engine, BigDog seems like id Software combined
the lower halves of two distance runners in black tights for
a Doom 3 expansion pack. Bring on the nightmares.
here are few other things in UPSes aren’t just a battery and power frequency variation. All of this must
APC Back-UPS APC Back-UPS Belkin Battery Belkin Battery CyberPower CyberPower
ES 750 RS 900 Backup 1000VA Backup 1100VA 800AVR 1285AVR
Price $99.95 $149.99 $159 $153 $99 $149.99
Backup Outlets 5 4 8 4 4 4
Transformer-Friendly 1 1 0 4 2 1
Surge-Protected Outlets 5 3 0 2 8 8
Transformer-Friendly 1 1 0 2 2 0
output frequency, output wattage, bat- popular with IT department heads. This eight power sockets. Unique among all
tery capacity (again), and remaining may explain the units’ outstanding run- the UPSes here is the 1200 LCD’s
runtime in minutes. It would be cooler time, utilitarian designs, and somewhat onboard Mute switch, although there’s
if the display always remained lit, such clunky, but powerful, software suite. no way to unmute the alarm once its
as Tripp Lite’s LCD, instead of going The AVR 750U follows the classic activated without having to reset the
out after 30 seconds—a configuration big-fat-power-strip model that’s popu- UPS. Runtime was a spectacular 33 min-
setting would be ideal here. Four lar at the low-end. The unit has an eye- utes, and the LCD’s “fuel gauge” was the
backed-up power sockets and four popping 12 power sockets (six backed most accurate of all the UPSes. You can
surge-protected sockets take up the up, six surge protected), along with a use both serial and USB ports for status
unit’s rear, along with serial and USB single USB connector and a set of RJ11 monitoring, and two different computers
ports for connectivity, and filtered coax jacks for filtering phone lines. But that’s can work at the same time with each of
and Ethernet jacks. Unique among the it. The markings engraved on the black the ports. Most UPSes sell fairly close to
units here is the 1285AVR’s internal plastic are a little hard to see and are all MSRP, but this unit’s street price is sub-
cooling fan, although it never spun up but impossible to determine in low stantially lower, so look around.
other than during its power-up test. light, meaning you need to take care Both units come with PowerAlert
The 1285AVR kept my test computer when you want some items on the bat- Console 12.3 software, but 12.4 is avail-
running 29 minutes; 11 more minutes tery but others just protected from able for download. Both versions appear
than the LCD estimated. surges. The AVR 750U identical, but 12.4 lacks a help file, so
Both the UPSes come with kept my test computer install from the CD and then upgrade to
PowerPanel Personal Edition running for 13 minutes. the current version, which adds every-
software. The CD probably had thing. PowerAlert is a combination of a
the current version (I couldn’t small Windows service that actually
find version numbers listed Smart 1200 LCD monitors the UPSes and performs the
anywhere), but you can down- $165 (street) clean shutdowns and the Console, which
load the current version on Tripp Lite is a clunky Java app that changes settings
CyberPower’s site. PowerPanel www.tripplite.com and performs tests. PowerAlert works for
only works with the USB port; ●●●● various Unix and Linux distros, but
the serial port is intended for
built-in OS functionality only
and a serial cable isn’t included. VR 750U
If you supply one yourself, two $89
computers can work off one Tripp Lite
UPS and shut down cleanly. www.tripplite.com
PowerPanel is friendly and ●●●●
easy to use and seems similar to
APC’s PowerChute 1.5 soft-
ware, including using almost there is no mention if it working with
the same icons, menu structure, Mac OS X.
and feature set. This certainly isn’t bad, The Smart 1200 LCD is a tall tower Console has two modes: Home Device
as both software packages are excellent. that’s also suitable for rack mounting, Management Scheme (simpler but lacks
The software shows you the current load but it looks very utilitarian. The included certain commands) and Business Device
and charge status, maximize runtime vs. hardware brackets make adding it to a Management Scheme (has all the com-
battery life, and history logs. The soft- rack easy, but they can also act as a floor mands but can be confusing). Getting a
ware also lets you disable the alarm stand, which is a good thing because as a current status of the UPS requires click-
buzzer depending on the time of day tower, the UPS is tipsy and top-heavy. ing several poorly labeled buttons and
and run self-tests. PowerPanel does lack The 1200 LCD’s bling factor comes in lots of scrolling. Changing settings also
APC’s voltage-sensitivity settings. the form of an onboard LCD, which dis- requires clicking tabs within tabs. Still,
Mac and Linux versions of Power- plays input voltage, current battery level, the software can perform tasks that the
Panel aren’t available, but the OSes do and various other conditions via icons. others here can’t, such as emailing you
support these UPSes directly. You can rotate the LCD to work both in when power is dropped or easily moni-
tower and horizontal orientations, and it toring multiple devices, including those
Tripp Lite Smart 1200 LCD & AVR 750U remains on as long as the UPS is on. All from other vendors with plug-ins. ▲
Tripp Lite has been in the UPS game cabling connects at the rear for a neat
for more than a decade and is very installation, and the battery backs up all by Warren Ernst
DualTV MCE
Nvidia DualTV MCE $169
Nvidia
vidia recently released a new add-in
N card, but unlike the majority of its
products, a GeForce GPU doesn’t pow-
www.nvidia.com
●●●●
An AMD Athlon 64 FX-60 chip overclocked at 2.95GHz drives dual ATI Radeon X1900 XTs.
ack in January (page 26), CPU took warranty. To ice this scrumptious tech-
B a look at Voodoo’s gold-plated
OMEN Elemental, which sports an
nological cake offering, Voodoo in-
stalled a Matrix Orbital MX333 drive
Athlon 64 4800+, Asus A8N32 SLI bay, read-out display, which is pro-
Deluxe nForce 4 SLI x16 motherboard, grammable and provides the user critical
a pair of RAID 0 arrays, and a pair of health-monitoring data and cooling Speaking of which, perhaps one
GeForce 7800 GTXs in SLI. This time pump status alerts. Finally, cold-cathode of the most impressive aspects of
around we’re looking at Voodoo’s AMD lighting and a mirror-paneled interior the Voodoo CrossFire OMEN is its
FX Gaming CrossFire OMEN. With help dress it all up. To say this is a sys- unbelievably well-designed interior.
this ATI CrossFire Xpress 3200-based tem for extreme performance enthusiasts With bright, stainless steal plating on
OMEN, there’s a bit less glitz (literally is an understatement. many of its internal surfaces, along with
sans the gold leaf) and a bit more sub- Along with the CrossFire OMEN’s a system layout and ultra-clean cable
stance under the hood. crazy, high-end configuration and im- management that is to die for, it seems
The CrossFire OMEN I tested was maculate “you could eat off of it” build as if the folks at Voodoo are as fanatical
based on an AMD Athlon 64 FX-60, quality, however, comes a hefty price tag about product quality and design as
Asus A8R32-MVP motherboard, ATI starting at around $5,600. For that rate their customers that step up to these
Radeon X1900 XTX and Radeon you do get a lot of performance in one high-end machines. As long as you can
X1900 XT CrossFire master cards, a killer-looking, cool-running, and relative- handle the initial sticker shock, you will
pair of 400GB 7,200rpm Hitachi drives ly quiet rig. But how quiet is it? The be styling with the new Voodoo Cross-
in RAID 0, and 2GB of Corsair XMS- CrossFire OMEN isn’t as quiet as some Fire Omen. This system really has its
3500LL Pro memory. The CrossFire watercooled setups I’ve tested, but its mojo workin’. ▲
OMEN was also decked out with the acoustical signature is fairly low-key and
same Voodoo OMEN Supercharged more than acceptable considering all of by Dave Altavilla
Intercooler along with Purple Voodoo the horsepower you get in the package.
super coolant that cools all three CPUs There’s no need for fan cooling on the
Benchmark Stats
and dual GPUs combined. The inter- system’s dual Radeon X1900 cards or the
Office XP SP2 520*
cooler also lets the OMEN’s Athlon 64 CPU because they’re watercooled, but WME 9 and Mozilla multitasking 319*
FX-60, which has a stock speed of there are three 300mm fans: two for the 3ds Max 213*
2.6GHz, ship factory overclocked at radiator and one in the back of the chassis Adobe Photoshop 269*
2.95GHz, and it’s still backed by for ventilation. These fans do a good job Ahead Nero Express 6 209*
Voodoo’s one-year Desktop system of keeping thermals in check internally. 3DMark06 Default Test 9484
Splinter Cell CT (1,600 x 1,200 4X AA) 117.10
Specs: AMD Athlon 64 FX-60 dual-core at 2.95GHz; Asus A8R32-MVP; ATI Radeon Far Cry (1,600 x 1,200 4X AA) 125.36
X1900 XTX and X1900 XT CrossFire master; Creative Sound Blaster X-Fi Xtreme Music; Quake 4 (1,600 x 1,200 4X AA) 83.8
2GB Corsair XMS-3500LL Pro (TWINX2048-3500LL); Hitachi HGST 7,200rpm, 400GB, F.E.A.R. (1,600 x 1,200 4X AA) 69
RAID 0 (x 2); Pioneer DVD 110D dual-layer 16XDVD±RW * Time in seconds (lower scores are faster)
Maingear Prelude
lthough Maingear offers some truly Two 80mm intake and one 80mm
A high-end systems and features (includ-
ing paint jobs and overclocking), it also
exhaust fan (along with that side panel fan)
provide quiet airflow. Maingear further
offers a desktop line that strikes a balance reduced noise by placing sound absorption
between performance and price. The Pre- foam on the inside of the panel and ceil-
lude’s $1,024.21 base price tag makes it an ing. The system isn’t silent, but the fan
option for casual players and gamers on a noise is low, and the Prelude doesn’t pro-
budget, and Maingear’s online system con- duce any audible high-pitched sound.
figurator lets users upgrade some or all of This Prelude pushes the limits of the
the system before it’s built. It doesn’t in- budget price range, but it certainly deliv-
clude a monitor or speakers, but you can ered the performance I expected. The rig
add extras (such as the tri-monitor Matrox scored 5720 in PCMark05 and posted a Prelude
TripleHead2Go) to your online order. SYSmark score of 226. It also crunched $2,197.43
A decent (but not fancy) 2GHz AMD our 500MB test folder with WinRAR in a Maingear
Athlon 64 X2 3800+ sets the tone for this respectable 4:24 (minutes:seconds) and (908) 624-9050
rig’s component setup. Maingear beefed encoded our test video in 10:05. That www.maingear.com
up the CPU a little by overclocking it to said, it really shines when you fire up the ●●●●
2.2GHz. The Asus A8N-SLI Premium games and 3D benchmarks.
provides SLI upgradeability, two LAN The 3DMark06 5979 overall score is
ports (one of them Gigabit), and 8-chan- nothing to sneeze at, and neither are its Benchmark Numbers
nel sound. The lone 250GB Western game demo frame rates. The Prelude 3DMark06 5979
Digital Caviar SE 16 WD2500KS shoul- powered through the Far Cry demo and SM2.0 2453
ders responsibility for both the OS and offered a reasonable 66fps in F.E.A.R. HDR/SM3.0 2716
your loads of game files, but the 16MB When I took the games for a spin, I CPU 1681
cache doesn’t hurt. found that it’s not afraid of high set-
PCMark05 5720
These modest components clear enough tings. Not surprisingly, it stuttered some CPU 4488
budget room for a single 512MB XFX in Quake 4’s Ultra mode, but the rig Memory 3799
Nvidia GeForce 7900 GTX. I like this played well in High mode. Graphics 8094
choice: You can handle demanding games, The PC’s default warranty is pretty ba- HDD 6035
and you can explode the Prelude’s graphics sic: one year of toll-free tech support. But
Dr. DivX (minutes:seconds) 10:05
power by adding another 7900 GTX when Maingear stresses that it takes tech support
the card’s price drops down the road. seriously from the moment the order ar- WinRAR (min:sec) 4:24
You can order Maingear’s $299 paint rives. The techs even contact the user via
job, but I’m betting most budget users email. “The email gives the customer some Far Cry
won’t want anything more than the stan- insight as to who the technician is and what 1,280 x 1,024 151.22
1,280 x 1,024 (4XAA, 8XAF) 149.6
dard system’s sleek, silver case. Maingear he does for the company and his gaming
spiced it up a little by adding faux car- likes and dislikes, giving the customer an Quake 4
bon fiber logos to the side panel and idea that his machine is being hand-built 1,280 x 1,024 109.3
front door. The only bling (and it’s just by a real live human being,” says Giovanni 1,280 x 1,024 (4XAA, 8XAF) 109.4
enough) is the 120mm, blue LED fan. Solari, a Maingear technician. “It details the
F.E.A.R.
However, the fan plugs into the mobo. options the customer has such as partition 1,280 x 968 66
You can plug it in easily enough, but I requests for the hard drives, game installa- 1,280 x 968
prefer to touch the motherboard as rarely tions, and overclocking options among (4XAA, 8XAF) 45
as possible, to avoid frying it. Overdrive other things.” That sort of personal touch is
PC solved the side panel fan problem by hard to come by, so I’m glad to see a bou- SYSmark 2004 SE 226
Internet Content Creation 283
building a custom plug into the case. tique builder reach out. ▲ 3D Creation 256
Something similar in the Prelude would 2D Creation 337
make for a really nice touch. by Joshua Gulick Web Publication 262
Office Productivity 180
Specs: AMD Athlon 64 X2 3800+, Asus A8N-SLI Premium, Nvidia nForce4 SLI, 1GB Communication 163
Mushkin DDR400 (512MB x2), 250GB Western Digital Caviar SE 16 WD2500KS Document Creation 204
7,200rpm, 512MB XFX Nvidia GeForce 7900 GTX, Realtek ALC850 Data Analysis 175
Adventures In Overclocking
Above & Beyond With The Pentium D 805
ack in the early days of over- kit (about $150) to keep the core temper- For this we used a wadding cloth metal pol-
When we began this project, the goal was to take Intel’s relatively affordable
Pentium D 805 processor and make it perform like a much more expensive CPU. To
determine if we succeeded, we benchmarked our processor at both its stock and
overclocked speeds and compared the results to those of a Pentium 965 Extreme
Edition, Intel’s current flagship desktop CPU. Our testing setup included the
Pentium 965 EE and Pentium D 805 CPUs, an Asus P5WDG2-WS (975X Express)
motherboard, 1GB (512MB x2) of Corsair DDR2-675 RAM, a GeForce 7800 GTX
video card, and 36GB Western Digital Raptor hard drive.
As you can see, our modded Pentium D 805 had a lot of ground to make up to
catch the Pentium 965 EE, which is based on the newer 65nm Presler core that fea-
tures double the L2 cache as Smithfield (4MB vs. 2MB). The 965XE also features a
faster 1,066MHz bus and is enabled for Hyper-Threading, so an operating system
recognizes the CPU as four virtual processors. These features give the 965XE a
decided advantage in the multithreaded benchmarks. Our modded processor’s
increased core clock speed, however, gave it enough of an edge to beat the 965XE
We made sure that our water block was fully installed in a majority of benchmarks we ran. Not bad for a $130 processor. ▲
and seated properly before overclocking the CPU.
1.4V for normal operation. Because we an increase of 1,390MHz. At more than rated speed—52% higher, in fact. While
planned to push the CPU well beyond 4GHz, our processor ran at about 110 to overclocked to 4.05GHz, our Pentium
its rated speed, however, we cranked the 116 degrees Fahrenheit while idle. Under D 805 offered all the performance of
voltage up to 1.55V. A slightly higher a full load, temperatures hovered between much more expensive counterparts, and
core voltage will typically allow for 138 and 143 F. The Nautilus 500 seem- even when we factor in the additional
higher clocks. ingly had no trouble keeping tempera- cost of the Corsair Nautilus 500 liquid-
Next, we slowly raised the processor’s tures in check. cooling kit, our setup is still roughly
FSB frequency until the system was no 70% cheaper than a Pentium 965
longer running stably. After a few hours Feel The Power Extreme Edition. Our Pentium D 805 is
of experimenting and testing for stability, By choosing the right components fast and relatively cheap—just like the
we settled on a maximum FSB of and tweaking our hardware, we made a venerable Celeron 300A. ▲
202MHz. This resulted in a final core- Pentium D 805 processor run at a much
clock speed of 4.05GHz (20 x 202MHz), higher frequency than at its 2.66GHz by Marco Chiappetta
by Joshua Gulick
Liang covered the DVD drive in dark paper and then built a
spring-loaded door. You can’t reach the drive’s Eject button,
This is the car remote control box. The remote but you won’t need to with the system’s remote control.
lets users power on/off the PC’s lighting and
open the Lite-On SOHW-1693S’ tray.
Have a computer mod that will bring tears to our eyes? Email photos
Give Us and a description to madreadermod@cpumag.com. If we include your
▲
system in our “Mad Reader Mod” section, we’ll send you a $1,500
Your Mod Newegg.com gift certificate and a one-year subscription to CPU.
“
XL PCI Express card. Is using the extended Desktop robbing gaming
performance from my PC? Third, I feel that perhaps my memory could
. . .it’s not just be a bottleneck. I am using two 512 DDR2-533 sticks of Kingston
HyperX on my Asus P5WD2 Premium SB. Will using the max speed
memory the board will take make a big difference?
My system specs:
about the number Intel Extreme Edition 840 processor
Asus P5WD2 Premium motherboard
Kingston HyperX DDR2-533 512 (x2)
Seagate 160GB SATA drives (x3) in RAID 5
ATI Radeon X800 XL PCI-E graphics card
Dual DVD burners
of pixel pipelines Antec Neo Power 480W power supply
Thermaltake Bigwater liquid cooling in Thermaltake Armor Chassis
Dual VGA monitors
and memory “ A: Wow, lots of questions here, eh Matt? And good ones, too,
we might add. It’s safe to say you have a good rig here and a bit
more potential you could wring out of it. With respect to RAID
5 performance, you’re pretty much on track. Our friend Kyle
rambled on about RAID 5 in his column in the February 2006
issue of CPU (page 32), and he was spot on. RAID 5 was initial-
clock speed. ly deployed in server architectures for its excellent redundancy
characteristics with block-level striping and distributed parity. It
has good read performance at the expense of write performance
due to the fact that it takes four disk I/O operations to write to
the array (three reads of the parity bits and one write) along with
a parity calculation. Sounds pretty intense, doesn’t it? It is.
RAID 5 CPU overhead for the software-level RAID controllers
that are out in the desktop market is fairly steep. RAID 5 per-
forms well in multiprocessing environments, which is why Intel,
GX2 boards
SLI connection
SLI connection
loop among the four chips. For example,
during 2006. (NOTE: Some vendors
1GBps
1GBps
PCBs data communications between two of the
hadn’t named their Quad SLI sys-
tems at the time of this writing.) GPUs sometimes must pass through a
third GPU to reach the intended GPU.
Memory Memory
SLI connection
1GBps
GPU PCI Express GPU
switch
ABS
Alienware
Aurora ALX
Biohazard
Armageddon
Cyberpower
Gamer Ultra SLI Quad
Dell
XPS 600 Renegade
Falcon Northwest
Hypersonic
iBuypower
Gamer Titanium
Maingear
Beast
Overdrive PC
Polywell Computers
Velocity Micro
Velocity Raptor
Signature Edition
Vicious PC
Commando Quad SLI
Voodoo PC
Source: Nvidia
Source: Nvidia, Hexus.net
GPU GPU
2 Working alone (AFR). In AFR mode each GPU renders
Memory 1 Memory
one frame on its own, meaning each GPU would render
5
every fourth frame. The driver manages the frame data,
Output Display
ensuring that each GPU has the data it needs to complete
buffer device
Memory Memory its frame. Upon completion, each GPU passes its frame
3 to the output buffer. Then the GPU that’s designated as
the display chip (the primary GPU) manages the data
4
GPU GPU passing from the output buffer to the display device.
Driver
One frame
Working together (SFR). In SFR mode all four GPUs work together
Primary to render a single frame. The driver determines which GPU will per-
GPU GPU form which tasks and passes on the required data. Each GPU also will
Memory Memory receive enough secondary data concerning the other GPUs’ work to let
it properly finish its portion of the frame, so all four portions mesh
Output Display together smoothly. (Each GPU might not receive the same amount of
buffer device
Memory Memory data to process, depending on how the frame will be constructed.) As
in the AFR mode, the primary GPU then manages the passing of the
data from the output buffer to the display device.
GPU GPU
Driver
HDCP
Protecting High-Def Content At A Price
hen shoplifters steal from a to find a way to protect the content. The problem? Most computer moni-
HDCP System
In its basic form, HDCP (High-bandwidth Digital Content directly between the transmitter and receiver to a mix of video
Protection) uses encryption to prevent unauthorized devices repeaters and multiple receivers. An HDCP setup can support
from tapping into the video as it travels from the transmitter to up to seven levels of video repeaters and 128 total devices.
the receiver. HDCP consists of three basic components: An Under some configurations the setup is connected to an
HDCP transmitter, such as a DVD player; a digital interface to Upstream Content Control Function, which helps determine
carry the signal, such as DVI (Digital Visual Interface) or HDMI whether the HDCP setup is authorized to receive content. The
(High-Definition Multimedia Interface); and an HDCP receiver, Upstream Content Control Function isn’t a part of the HDCP
such as a TV or monitor. However, HDCP can handle multiple setup; in a PC setup, for example, the control function can be a
connection configurations, ranging from a simple connection piece of software. ▲
An Introduction To HDCP use HDCP in conjunction with the DVI specification, manufacturers must
Because HD media is digital, hackers and HDMI interfaces, it creates a protected obtain a license for a fee.
can make perfect copies of the content link between the output device and the As part of the licensing process,
using DVI (Digital Visual Interface) or display device. HDCP is considered a form licensees pledge that they will follow the
HDMI (High-Definition Multimedia of DRM. HDCP rules regarding playing of the
Interface) alone. DVI and HDMI provide The first version of the HDCP speci- protected content on non-HDCP de-
high-quality playback for HD video. (See fication appeared in early 2000, well vices, meaning that they must play the
the “DVI, HDMI & UDI” sidebar for before most users gave high-definition content at no better than DVD quality
more information.) content a first glance. The FCC adopted when running it on nonapproved de-
HDCP, however, uses encryption to HDCP as a digital output protection vices. Products that are compliant with
protect digital video content as it’s trans- technology in mid-2004. Intel initial- HDCP will contain an HDCP Ready or
ferred from the player to the receiver. ly developed the HDCP protocol, and an HD Ready logo.
Devices that aren’t equipped with HDCP the Digital Content Protection, LLC
won’t be able to play or display the HDCP- (an Intel spin-off company) now con- Play Content With HDCP
protected video or will only display it at a trols licensing and oversees development If a user has HDCP-certified hard-
lower resolution. When manufacturers of it. To use the proprietary HDCP ware, playing HDCP-protected video
HDCP uses three elements to protect data. value is the same for both devices, the HDCP transmitter
Authentication protocol. The HDCP transmitter communi- authorizes the HDCP receiver to receive the video data.
cates with the HDCP receiver (as shown above) ensuring that it’s Data transmission/Encryption. During the authentication
authorized to receive the protected DVI content. process, the two devices share encryption details, letting the
As part of its manufacturing process, each HDCP authorized transmitter send the DVI content as an encrypted stream that
device receives a 40-bit binary KSV (Key Selection Vector), only the authorized receiver can decode.
which serves as the identifier in the authentication process. Each The transmitting device handles all of the encryption prior to
device also contains 40 private device keys that are 56 bits each. sending the video stream. Every few seconds the transmitter
The HDCP transmitter sends an initiation message to the changes the values the encryption process uses adding protec-
receiver, which contains the transmitter’s KSV and a 64-bit tion against potential hacking.
random value that the HDCP protocol generates. The receiver Locking out hacked devices/Renewability. As part of the
then sends a responding message containing the receiver’s KSV. protocol, the video transmitter can detect whether any devices
If the receiver is a video repeater, it must identify itself at this inside the HDCP setup have been hacked. The transmitter then
point. The transmitter then must ensure that the receiver’s KSV can lock those devices out, preventing them from receiving the
isn’t included on a revoked list. encrypted video.
Each device then calculates a 56-bit shared value making use If the transmitter knows that device keys have been compro-
of its private device keys and the other device’s KSV. This value mised, new HDCP devices can ship with that information as well,
is shared and verified by the HDCP transmitter. If the shared locking out the hacked keys. ▲
content at the maximum resolution HDCP standard could simply lock a user won’t be able to add a chip to his
shouldn’t be a problem. For a user run- Vista out; meaning users would not existing cards to make them HDCP cer-
ning non-HDCP hardware, however, have the ability to play HD video on tified. The manufacturers will have to
problems are almost guaranteed. The Vista computers, even with the correct create entirely new graphics cards with
severity of the problems when attempt- HDCP hardware. the correct components to make them
ing to run HDCP video on a computer Furthermore, users hoping to work HDCP certified.
depend on the piece of hardware or soft- around Vista’s HDCP safeguards by Monitor. Very few monitors being
ware in use and on the rules the content refusing to upgrade from Windows XP sold today are HDCP-certified devices.
provider chooses. will be disappointed; WinXP can’t (However, HDCP-certified TVs
Windows Vista. Because the newest play HDCP-protected video at the high- available for sale today are much more
version of Windows won’t be released est resolution, regardless of the hardware common.) If a user’s output device is
until November 2006 (availability to in use. only compatible with one or more of the
business users) and January 2007 (avail- Graphics cards. Understanding the video interfaces most commonly in use
ability to all users), Vista’s release will HDCP compliancy of graphics cards is a right now (DVI, HDMI, or VGA), he’ll
coincide with the early stages of HDCP little tricky. Most graphics cards sold in almost certainly experience problems
product releases. Microsoft has already the past few years list HDCP compliancy playing HD video, depending on the
announced that Vista will fully support in their specifications. However, this rules a content provider includes with
HDCP, and Vista will not play HD doesn’t mean the graphics cards are the HD video. With DVI, HDMI, or
video at the highest resolution on non- HDCP certified; instead, it means the VGA, the provider could choose to
HDCP devices. cards are ready to become HDCP completely blacken the screen, prevent-
Although Microsoft’s decision to fully certified as soon as the manufacturers ing the user from playing a video at
support HDCP in Vista has received add the proper chips to the cards. any resolution, or the content pro-
criticism from some members of the Unfortunately, the manufacturers vider could choose to play the video at a
media and on some Internet message must add the chips during the manu- lower resolution.
boards and blogs, in reality Micro- facturing process, and very few card To address the concerns of users,
soft had little choice but to follow the manufacturers have chosen to include though, it appears many of the com-
industry rules and directions concerning the added expense of the chips on their panies involved in development of
HD video. If Microsoft chose to not cards yet. Because of the way an HDCP HDCP are expecting to lower the video
support HDCP, the developers of the Ready video card must be manufactured, resolution instead of blackening the
screen when playing HD video on
non-HDCP hardware.
HD vs. Other Formats
Avoid Frustration
The HD video format joins several other video formats currently in use around the
One major question concerning
world. Here are some of the more popular ones. ▲
HDCP is whether it’s immune to hack-
ing. This question is particularly relevant
Video mode* Format Max resolution Max pixels when considering the lack of success of
at 16:9 displayed content protection systems vs. hackers
simultaneously
in the past. Unlike many other content
480p NTSC 720 x 480 346,000
protection systems, HDCP includes an
576i PAL/SECAM 720 x 576 415,000 additional layer of protection through
576p PAL/SECAM 720 x 576 415,000 which the software can revoke a device’s
720i HD 1,280 x 720 922,000 keys if that device is hacked. Or if an
720p HD 1,280 x 720 922,000 HDCP hack hits the market, content
1080i HD 1,920 x 1,080 2,000,000 providers can revoke the keys used in the
1080p HD 1,920 x 1,080 2,000,000 hack, making it useless.
However it’s still doubtful HDCP will
be completely immune to hackers. Several
*With interlaced (i) video each scan pattern refreshes half of the horizontal lines (usually every
other line); the next scan pattern refreshes the other half of the lines. As long as the refresh rate is
years ago researchers at Carnegie Mellon
fast enough, the human eye doesn’t notice this process. If the refresh rate is too slow, though, the University found numerous problems
image appears to flicker. with HDCP that hackers could exploit,
for instance.
With progressive (p) video each pass refreshes all horizontal lines, requiring a more powerful dis- Because HDCP video is only begin-
play. Progressive video doesn’t suffer from flicker. ning to appear, there still seems to be
Source: Wikipedia
time for those in the media and before HDCP video begins appearing high-end hardware that is fully HDCP
technology industries to alleviate some with regularity sometime in 2007, certified if you want to view high-
of the potential problems. Whether remains to be seen. definition video content. ▲
they’re able—or willing—to give users a Otherwise be prepared to break your
break and make some changes to HDCP bank account by buying some new, by Kyle Schurman
UD. Is there a better acronym little common sense, and a line of defense consisting of
to describe the state of PC up-to-date weapons with which to battle the enemy.
security today? Ask 10 differ- Unfortunately for even power users, the crackers and
ent users ranging from new- hackers who are the enemy are also power users who are
bies to enthusiasts just how typically just as smart, just as knowledgeable, and just as
dangerous tooling around the able to draw upon their own computing wisdom. The one
Web is with Internet Explorer overriding characteristic these power users possess that the
or how safe it is to open an majority of power users don’t, however, is a streak of
email attachment from an maliciousness they’re willing to act upon.
unknown sender or how likely To that end, we present a series of articles this month that
it is your system will become bring power users up-to-date about what’s occurring in the
a zombie without a firewall in PC security segment. Our coverage, of course, includes infor-
place, and you’re likely to get mation on viruses, Trojans, spyware, phishing, and other
10 different levels of comput- obvious threats but also a security hardware roundup (page
er knowledge, ranging from 70); a comprehensive look at rootkits, the hacker’s current fla-
incredibly unaware to incredibly educated. vor of the day (page 56); and a look at a theory that some
For many novices there are seemingly more worms, virus- antispyware makers are actually spyware perpetrators looking
es, Trojans, and identity thieves lurking around every PC to turn a profit (page 48). Additionally, we have detailed the
corner than there are stars shining in the sky. Case in point: actual process a malicious user might use to spread a Trojan
Smart Computing magazine, CPU’s older, big brother, offers (page 60), information that is scarily only a Web search away,
a free technical support program to both subscribers and as well as data on hackers’ increased reliance on social engi-
nonsubscribers [www.smartcomputing.com/techsupport; neering techniques in the face of users installing better protec-
(800) 368-8304]. To the credit of Smart Computing’s writ- tion, as Ronald O’Brien, a senior security analyst at Sophos
ers and editors and the job they continually do educating told us: “(Hackers have) had to become quite sophisticated
readers about PC security-related issues, the majority of about how they get into a system . . . because so many people
those who call the tech support lines (most callers not being now have protection at the endpoint, there is a much greater
power users) for assistance express at least a general knowl- dependence on social engineering techniques in order for
edge of the dangers of spyware, viruses, and other nasties. these attacks to be successful.”
Many of those callers indicate they already have protec- No matter where you fall in terms of computing experi-
tion in place in the form of firewalls and antivirus and ence, PC-security threats are something we’ll likely have to
antispyware protection, whether that hardware/software deal with from here out. Several studies would bear this out,
was preinstalled on their systems or they added it them- including a “Corporate Anti-Spyware Market, 2006-2010”
selves. Many also know of and religiously use Ad-Aware, analysis from The Radicati Group, which forecasts that
SpyBot S&D, ZoneAlarm, and other free tools. But there worldwide revenue from gateway- and desktop-level segments
is also a sizeable segment of users who are quick to blame of the antispyware market will grow from $214 million in
any shortcoming their computer is suffering from on spy- 2006 to a whopping $1.4 trillion in 2010. More recently,
ware, malware, Trojans, or more—whether the actual McAfee researchers reported that the use of stealth technology
problem is something as security-unrelated as out-of-date (think rootkits) in malware/adware apps increased 600% in
graphics card drivers or insufficient installed RAM. And the last three years and nearly 700% in Q1 2006 from 2005.
you have to believe those users represent an even larger Perhaps the saddest fact of all is that whether you are a
segment of the overall computing population who are novice, power user, or fall somewhere in between, you
somewhat informed but also uninformed as to what real are part of the PC-security war, whether you want to be
security dangers and symptoms really consist of. or not—that is, if you want to keep your system opera-
That’s where the FUD comes in. tional, your identity your own, and your information
Power users, of course, know that rela- away from prying eyes. ▲
tively safe computing is the result of a
proactive blend of preparation, a by Blaine A. Flamig
Cashing In
Ad banners aren’t the only way spy-
ware applications try to make money.
Other tactics include:
1. Affiliate fraud. If a Web site uses an
affiliate program, such as Amazon
.com’s referral system, some spyware
The free SiteAdvisor plug-in warns you about potentially dangerous programs hijack the referral informa-
content or behaviors on sites you’re visiting or about to visit. tion on the fly and resubmit it so that
the referral goes to the spyware’s
authors, not to the actual referrer.
This isn’t something most end users
notice, and it’s almost invisible to
most affiliates who get their clicks
stolen in this fashion.
2. Identity theft and phishing. Spyware
doesn’t shy away from using some of
the dirtiest tricks of the Internet age.
The infamous CoolWebSearch spyware
family of apps harvested everything
from bank account information to site
passwords; after their malfeasance was
made public, the FBI stepped in.
Ad-Aware, probably the first professionally produced 3. Wire fraud. Modem users get hit with
antispyware program, still does a very good job of scanning
this one a lot: A spyware app silently
your system for problems in its free incarnation.
dials out to a long-distance or overseas
phone number and runs up massive
charges on the victim’s phone bill.
Fortunately, this variety of scam is on
the way out, as fewer people are using
dial-up connections.
unwanted Viagra ads, and it probably created and operate, it’s tempting to the wild to make a name for them-
generates more money, too. lump the two into the same category. selves. Spyware is created primarily to
However, they are as different as they make money, either through gray-
The Virus Connection are similar: area advertising or through illegal
The spyware phenomenon shares so 1. Fortune over fame. Most virus writ- keylogging and information-harvest-
much in common with how viruses are ers create a virus and release it into ing techniques.
Antispyware Roundup
The good news is that you can get excellent protection against Suites & For-Pay Programs
spyware without having to pay a dime. At least three of the best If there are so many good, free spyware programs, why pay
antispyware apps have free versions for personal use and are for one? Because for-pay programs come in suites that pro-
updated religiously. Many people run more than one antispyware vide protection against other threats. We detailed numerous
program to acquire a larger range of coverage. For example, such programs in April’s 2006 CPU (page 72), but here’s a
Ad-Aware catches some things that Spybot doesn’t, and vice quick rundown:
versa. However, keeping more than one antispyware solution on • Aluria Security Center 4.0 ($59.95; www.aluriasoftware
your computer may not be a good idea in the long run as anti- .com). The best thing about Aluria is how it scans for virus-
spyware programs grow more complex and intricate. es and spyware as a single, unified threat. Given how per-
sistent some spyware is, it’s not surprising that Aluria
Free Applications takes this approach, and many vendors are following suit.
Here’s a look at some of the best free apps available: • McAfee Internet Security Suite 2006 ($49.99; www.mcafee
• Ad-Aware (w www.lavasoft.de). Ad-Aware was probably the first .com). Another suite that merges spyware and virus scanning,
antispyware program of note and remains one of the best along with protection against worms, Trojans, and scripts.
thanks to its sophisticated scanning engine. It can scan an McAfee refers to these collectively as PUPs, or potentially
entire system (slow but thorough) or look at crucial system unwanted programs.
locations where most spyware infections would show up • Norton Internet Security 2006 ($69.99; www.symantec.com).
(fast). A commercial version has more features, such as Norton’s AntiSpyware product is, not surprisingly, part of
proactive ad blocking, but the basic version is fully functional. Norton AntiVirus’ general regime of system protection.
Google was fond enough of Ad-Aware that it gave it a place of Symantec also lets you buy and add additional suites (such
honor in its Google Pack suite (pack.google.com). as SystemWorks) that elegantly snap into the product.
• Spybot Search & Destroy (w www.safer-networking.org). SpyBot • Trend Micro PC-Cillin ($49.95; www.trendmicro.com).
is free forever thanks to its author’s diligence, and the app is One of the best antivirus suites around now also sports
updated regularly with new patterns and scanning functions. antispyware and a slew of antifraud browsing-security
SpyBot can proactively and unobtrusively block known bad features (antiphishing, sensitive-data control, etc).
components before they infect your computer. It also provides • ZoneAlarm Internet Security Suite ($49.95; www.zone
skilled users with a plethora of tools for protecting against and labs.com). Of course, ZoneAlarm is of one of the best and
undoing spyware damage. Less technical users can simply most widely used personal firewalls around, but ZoneLabs
push a button and scan. recently added antispyware to the mix, so existing users of
• Microsoft Windows Defender (w www.microsoft.com/athome the ZA freeware can upgrade to the full product and add that
/security/spyware/software/default.mspx). Still in Beta 2 at in seamlessly.
this writing, Defender is remarkably robust and powerful. It
integrates tightly with Windows—for example, Automatic Bonus Tool: CoolWebSearch Shredder (w www.trendmicro.com
Updates deliver the program’s pattern files—and sets up /cwshredder). Bad news: The infamous (and dangerous)
various real-time protections against new infections. CoolWebSearch is like the chest cold of spyware apps, bother-
Defender doesn’t scan for browser cookies, unlike many some, persistent, and next to impossible to get rid of. Good
competitors, because you can manage those manually. news: Trend Micro has a standalone utility that does nothing
Defender concentrates on more stubborn problems. The but root out and destroy all variants of CWS. Best news: It’s
app also reports sanitized data about its findings (for exam- free and small enough to store on a USB flash drive for quick
ple, no personal data is logged) on an opt-in basis. Micro- system repair. Keep it handy if this monster attacks you or
soft provides Defender free to licensed Windows users and someone you know. ▲
will do so after it’s finalized.
2. Spyware authors learn from virus anything to get it, such as steal personal spyware phenomenon, reported that
authors. The technology that viruses data and use it to run up a tab somewhere. Yahoo!’s Overture advertising service
use has grown incrementally more For those reasons spyware is consid- had tenuous links to a spyware-driven
sophisticated in the last few years and ered as grave a threat as viruses by most scam that generated money via ad-click
still relies on exploiting many of the security-conscious users. This goes dou- fraud. Yahoo! was being tricked into
same basic techniques: user gullibili- bly for the newest breeds that use root- charging advertisers click fees for fake
ty, buffer overflow conditions, and kits, another technique the virus/Trojan traffic, no thanks to a spyware program
more. Spyware, however, is using world has adopted freely. Rootkits take that was written to take advantage of
more explicitly virus-like tricks to enormous steps to hide not only from Yahoo!’s ad networks. (You can see
gain an upper hand, including poly- the end user but from the operating sys- Edelman’s full report at www.benedel
morphism (such as disguising a tem, making them virtually impossible man.org/news/040406-1.html.)
program’s code to keep it from being to detect conventionally. Originally, they In a similar case, Google is working
recognized), stealth behaviors (mak- were used to provide a stealth backdoor to settle a class-action lawsuit against it
ing the app hard to detect in the first to a computer without the user’s consent that alleges its ad rates were artificially
place), etc. or knowledge, but the cloaking technol- inflated due to unscreened click fraud.
ogy that rootkits use are now being used The Center for Democracy and Tech-
Many of the same techniques used to in many other places, including spyware. nology has published its own report,
catch viruses, such as signatures and pat- Most antispyware programs can’t yet “Following the Money” (www.cdt.org
tern files, can be used against spyware. detect or block rootkits, either. (See the /privacy/20060320adware.pdf) that
Originally, most spyware scanners next article in this section for more examines how many legitimate compa-
depended explicitly on pattern files, or on rootkits.) nies are inadvertently (and sometimes
looking for specific files or Registry not so inadvertently) fueling the spy-
entries, to confirm the existence of (In)Direct Connections ware problem with their ad dollars. The
pieces of spyware. Now that spyware is One of the dirtier secrets of spyware is biggest problem is the sheer complexity
getting sneakier, spyware scanners must how many legitimate companies have of the network of advertisers, brokers,
use more advanced techniques, such as their products or sites pitched to people and ad-affiliate systems, which obscures
the heuristic technologies that virus through a spyware app’s ads, which, in the real guilty parties.
scanning uses. turn, makes those companies look bad. Although many states are contemplating
It’s hard to say if spyware or viruses are People who book such advertising space or have passed legislation criminalizing spy-
worse. They are both bad, but they pre- usually do so through third-party bro- ware, there are two problems with such
sent two distinctly different kinds of kers, so some aren’t always aware spyware bills/laws. First, some provisions may be
bad. Many viruses destroy data, and if you is advertising their products or services. very difficult to enforce effectively or may
don’t have the data backed up, there’s Sometimes, these connections ensnare be unfairly broad. Second, most laws ignore
no getting it back. People who design people who should know better. Ben or downplay the connections between spy-
spyware, however, are aggressively inter- Edelman, an antispyware activist who ware companies and their funding, possibly
ested in money and who will do almost conducts research and reports into the thanks to influence by lobbyists in the
Lines Of Defense
The best way to clean up from spyware
is to never get infected in the first place.
That means tightening your system’s ZoneAlarm, one of the original personal firewalls for the
defenses against spyware and reducing the PC, now has antispyware protection.
risk of getting exposed to it. The first step
is technical, and many strides have been If you install SiteAdvisor’s free brows-
made in the last year or so to reduce the er plug-in (available for Internet Ex-
total “attack surface” for spyware in
Windows. The second is behavioral, and
plorer and Firefox), it checks any sites
you visit against its database. Sites
Fighting The
therefore harder to change. known to host spyware pop up a warn- Fire, Feeding
Any WinXP user should not be run- ing, and search results from Google or
ning anything less than SP2 with its secu- Yahoo! can optionally have “good site” The Flames?
rity upgrades and changes to IE, which and “bad site” icons automatically ap-
Are antispyware creators actually
makes it that much harder for spyware to pended to them. The IE version is a lit-
responsible for creating and releas-
get a toehold. Much has also been made tle more aggressive with warnings; it
ing spyware just to give their pro-
about switching to another browser, such pops up a pointer balloon over the page
grams something to do? Even people
as Firefox, but there are still many third- to show that the warning is coming
who don’t normally entertain far-out
party programs and system components from the browser and not from a pop-
conspiracy theories seem to be giv-
that render Internet content through the up on the page itself. In keeping with
ing this idea credence. It’s a little like
IE engine. AOL Instant Messenger is one wanting to maintain a good netizen
one of those movies about a drug
such application. Changing the browser image, no personally identifiable infor-
company releasing a disease so it
you use won’t necessarily change the mation is ever transmitted. If you want
can sell the cure.
browser those programs use, so make sure to comment on a site, you can submit
But is there any truth to it? To get
you toughen up IE, as well. information to SiteAdvisor. If you run
a straight answer, we turned to Mark
Antispyware programs also have their into a site listed in its database, you can
Russinovich of Sysinternals.com, a
own lines of protection. Spybot Search comment on it, as well.
respected and knowledgeable Win-
and Destroy, for example, has an Im- The idea is solid, and the plug-in
dows maven who understands the
munize function for IE that proactively doesn’t seem to create more problems
guts of Windows. Russinovich is the
blocks known bad products against being than it solves; it is stable and relatively
man who broke the word about Sony
loaded or executed by using a technique unobtrusive. Whether users actually
surreptitiously placing DRM-enforc-
native to IE. This is done mostly by pre- widely adopt it is another story: It’s a lot
ing rootkits on audio CDs, and he
venting IE from running any known bad harder to change users’ browsing habits
helped force Sony to take the discs
objects in a class of ActiveX BHOs. than it is to get them to install a service
off the market.
Aside from the BHO analyzer that’s in pack. If the description intrigues you,
In an article titled “The Antispy-
Spybot, a couple good third-party apps give it a try. If it works for you, recom-
ware Conspiracy” (www.sysinternals
were written specifically with BHOs in mend it to others. A little pressure can
.com/blog/2006/01/antispyware-
mind. NirSoft’s ActiveXHelper (www. change a lot.
conspiracy.html), Russinovich
nirsoft.net/utils/axhelper.html) can help
The End Of The Road? researched the subject in detail,
quickly decipher which BHOs are legit
coming to two conclusions: No,
and which aren’t. To get an overview of Spyware started in part because of
major antispyware makers aren’t
all the shell extensions (including BHOs) easily exploited deficiencies in the way
responsible for releasing spyware,
installed in Windows (including any that Web browsing and software programs
but numerous smaller, dodgier pub-
might be malware), check out NirSoft’s work. Changes in IE and Windows are
lishers are. Russinovich identified
ShellExView (www.nirsoft.net/utils/shex in progress to help fill those holes. With
three antispyware applications—
view.html). The program can debug some better OS and application security, it’s
Spyware Cleaner, SpywareStormer,
IE crashes caused by malware. possible to see a future where spyware as
and SpySheriff—as being suspect.
we know it simply won’t work anymore.
Break Bad Habits All were sold through pop-up ads,
That doesn’t mean, however, that
and in each case it was very difficult
If the biggest vector for spyware is bad computer crime or exploits will stop. It
to tell who actually wrote the app.
Web sites, part of the solution to the spy- also doesn’t mean that unsavory connec-
They all also operated selectively,
ware problem is giving people a sense as tions between shady online ad firms and
deliberately ignoring spyware that
to how unsafe a given Web site may be their clients will vanish overnight. But it
the same people providing the
before you go there. SiteAdvisor.com, a could mean the end of drive-by infec-
cleanup applications wrote.
site-research community, has been using tions where you’re punished with a spy-
Your best defense against such
automatic Web crawling and controlled ware infection for merely visiting a Web
nonsense is a top-shelf antispyware
user browsing and feedback to build a site or installing an application. That’s
program and good browsing and
massive database of known good sites that well worth looking forward to. ▲
PC-security habits. ▲
don’t host spyware or other problems,
such as phishing scams. by Serdar Yegulalp
adds code that prevents the kernel common system functions that might Virtually Undetectable?
from finding out about it. One of the reveal their presence. Application rootkits Like virus technology, rootkit technol-
most common ways it does this is by swap out whole programs with versions ogy is constantly moving forward, and
attaching to the part of the kernel that that have been specially compromised, those who investigate how rootkits work
handles file I/O; if the rootkit can screen often as a way to deliver the rootkit into are trying to stay one step ahead of the
all file operations going on in the system, the system to begin with. If you run a competition. One example of a rootkit
it can ensure that the rootkit’s own com- program that seems like the real thing but concept that hasn’t yet come to light, but
ponents never show up. This is a bit like is in fact a rootkit-compromised phony, which has been implemented at least pro-
a gang of thieves running a tollbooth: If you’ve just infected your system with no visionally in the lab, is what’s been called
they see a fellow gang member driving way of knowing it. a VMBR (virtual machine-based rootkit).
up, they let him through without paying, Because rootkits take so many steps Virtual computing, of course, involves
but everyone else still has to pony up. to hide their tracks, just knowing you running a PC inside a PC, with its own
Thieves can pass through the gate unde- have one at all is half the struggle of OS and virtualized hardware. Programs
tected because they’re secretly running dealing with it. If you are technically such as VMware and Microsoft Virtual
the whole show. inclined, a good book on how Windows PC use this technology. Experts love
Library rootkits work a little higher up rootkits work is Greg Hoglund and using virtual machines as test-beds and to
in the OS but use something of the same James Butler’s “Rootkits: Subverting the run software in controlled environments.
methodology. They intercept calls to Windows Kernel.” The PC within the PC is referred to as
the guest system; the PC running the vir- But where had the components come from the rooted-OS list were probably
tual machine is the host. from? When Russinovich inserted a Sony suspicious, and you could analyze them.
A VMBR would use this technology BMG CD marked with the “Content Doing this manually is a ghastly chore,
in an incredibly sneaky way. When /Copy Protected” logo into the PC, it start- though. Thus, numerous folks have pro-
installed it would take control of the ed a standalone music player that played duced their own tools to automate the
boot sequence in the PC and force the copy-protected versions of the music on the process and look for other things in a sim-
VMBR to boot first. Then the VMBR disc. (Another Japanese entertainment ilar fashion. The most widely known is
would run as a host and load your regu- giant, Avex, tried a similar copy-protection RootkitRevealer (www.sysinternals.com
lar OS as a guest, inside it. This way the mechanism on a number of its CDs but /utilities/rootkitrevealer.html), authored
VMBR could completely control every eventually abandoned the idea.) by Russinovich and Bryce Cogswell, both
aspect of how the OS runs from the out- However, Russinovich’s protected disc who have much expertise with how
side. A malicious user could then capture also silently installed the XCP system to Windows works from the inside out. RKR
and report every piece of information on the computer without telling the user. works by scanning the disk twice, once
that machine, from keystrokes to net- This prevented the CD in question from through the file system and a second time
work data, without the user ever know- being ripped or copied, but it also con- by accessing the disk data natively. The
ing a thing is wrong. The system could tributed to system instability and created a results are then compared, and if a file is
also be easily tricked into never seeing whole host of other problems. Things got trying to hide, it’ll show as a discrepancy
the presence of the VMBR itself. worse: Not only was Sony BMG surrepti- between the two file lists. RKR also scans
Thankfully, VMBRs don’t exist out- tiously loading software (potentially unsta- the Registry for similar discrepancies.
side of proof-of-concept designs, but if ble software) into people’s computers, it Microsoft’s growing concerns about
you’re curious, a detailed paper by several came with no way to remove it. None of product security led it to develop a very
University of Michigan and Microsoft these inconvenient facts were disclosed in powerful rootkit tool of its own, Strider
Research engineers on the mechanics of the product’s licensing agreement, either. GhostBuster (research.microsoft.com
a VMBR (www.eecs.umich.edu/virtual Russinovich’s article touched off a /rootkit). GhostBuster works in roughly
/papers/king06.pdf) is interesting reading. firestorm of controversy that ended with the same way as RKR, but one of the ways
Other researchers, however, such as Sony BMG eventually abandoning the use it differs is that it compares an “in-the-box”
Hoglund, are skeptical as to how practical of XCP and setting up a settlement for scan of the file system with a scan a sepa-
this is in the real world, as it does require those who it had aggrieved (cp.sonybmg rately booted CD with its own miniature
a lot of work to implement. .com/xcp). One of the ironies of the copy of Windows derives. This is a much
rootkit is that despite it being difficult to more powerful way to scan for rootkits,
Sony’s Sedition trace and remove, it was extremely easy to although much slower because it requires a
Amazingly, neither a lone-wolf hacker prevent from being loaded in the first reboot. However, as of this writing,
nor the criminal underworld was respon- place. Holding down the SHIFT key GhostBuster isn’t available for public use.
sible for distributing the single most infa- while inserting the CD prevented Autorun One good thing about the rootkit phe-
mous rootkit infestation to date. Instead, from triggering on a CD and thus stopped nomenon is that many processes and proce-
it was entertainment conglomerate Sony the rootkit from installing. dures that rootkit authors use are fairly
BMG that was responsible for distribut- This is far from the only way a rootkit widely documented. Rootkit.com has many
ing a rootkit as part of its purported war can sneak into a computer, but it’s one of examples and links to further documenta-
against music piracy. the most widely documented. tion and also includes an occasional pithy
Mark Russinovich, author of the discussion of why rootkit strategies aren’t
RootkitRevealer tool (more on this app Weapons For The War always a bad thing. For example, allowing
later), initially unmasked the whole mess The good news is that rootkits aren’t an antivirus product to conceal itself from
while testing the tool on one of his own entirely undetectable. To paraphrase Sun direct attacks by viruses (provided the user
systems. In a report that he wrote about Tzu, the very thing that makes them knows what’s going on) is one example.
the incident (www.sysinternals.com/blog strong also makes them weak. The fact It’s not uncommon for legitimate prod-
/2005/10/sony-rootkits-and-digital- that rootkits hide files from the OS can ucts to use rootkit-style concealment
rights.html), Russinovich found many be used against them. strategies, but the strategy shouldn’t create
things that were cloaking themselves One of the first methods for rooting more problems than it solves. Not long
from the OS and didn’t seem part of any out rootkits was booting to a clean OS ago, Symantec faced criticism for using
known software product. After some from a CD, getting a directory listing of rootkit-style concealment for its Norton
more digging, he found several hidden all the files on the system, and then com- Protected Recycle Bin, mainly because the
components digitally signed by a compa- paring it with a similar list generated from way it was implemented could have
ny called First4Internet, makers of a inside the rooted operating system. If the allowed a system-sanctioned hiding place
copy-protection system known as XCP. two lists were different, the files missing for malware. This has since been fixed.
According to Rootkit.com, Hacker Defender is “more of a ‘blackhat tool’ than a training example.” Rootkit.com also
says it is the most popular and widespread rootkit today. According to a passage at Hxdef.org, the online home of the
Hacker Defender project, the continuing development of Hacker Defender should be seen as a positive.
Beyond Windows:
AV Software
For Linux
Because of its popularity and many vul-
nerabilities, Windows has become the
biggest target for hackers intent on
causing harm or stealing data. But it
isn’t the only target. Cyber criminals
occasionally turn their attention to
Malware often installs itself into the HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\
other operating systems, including
WINDOWS\CURRENTVERSION\RUN and HKEY_CURRENT_USER\SOFTWARE\
Linux. That’s why it’s crucial for all
MICROSOFT\WINDOWS\CURRENTVERSION\RUN keys in the Registry. Why? Because
computer users, even those who don’t
programs referenced by these keys are loaded automatically each time Windows boots up.
do Windows, to invest in reputable
antivirus software. Several non-
Windows AV utilities are available,
Open from the pop-up menu, select box, set Startup Type to Automatic and
including those listed below.
Notepad in the resulting Open With dia- click the Start button under the Service
avast! Linux Home Edition. ALWIL
log box, and click OK. The contents of Status heading. Click OK when it’s clear
Software developed the Linux edition
the Hosts file will appear on-screen. the firewall has restarted.
of avast! around the same ICSA-certi-
Review the contents of the Hosts file and To reactive the Windows Firewall in
fied kernel it employs in its various
delete any line that references any of the WinXP SP2, access the Control Panel,
Windows AV programs. As a result,
following Web sites: Amazon, AVP, CA, open the Security Center, and click the
users get advanced features, such as
Etrust, eBay, F-Secure, Grisoft, Kasper- Windows Firewall icon. When the
quarantining and automatic updates,
sky, McAfee, Microsoft, Moneybookers, Windows Firewall window appears on-
that Windows users take for granted.
NAI, Network Associates, Panda Soft- screen, turn the firewall on and click
The utility also boasts a user-friendly
ware, PayPal, Sophos, Symantec, Trend OK to activate it.
interface to complement its command
Micro, Viruslist, and VirusTotal. Save Finally, Internet Explorer’s Web set-
line console, online and email tech
the changes and repeat the process for tings must be reset. From within the
support, and a price that can’t be beat:
each Hosts file on the computer. Security Center, click Internet Options.
free (for personal use).
After editing the Hosts file(s), reboot to Click the Programs tab in the Internet
F-Prot Antivirus For Linux
Safe Mode and scan the system for mal- Properties window, select the Reset Web
Workstations. The latest edition of F-
ware. Delete all contaminated files and Settings option, and click OK. Enable
Prot Antivirus For Linux Workstations
reboot into Normal Mode. Next, open the System Restore when you’re done.
can detect and destroy all malware
Registry Editor and locate the HKEY_ Threat Name: Sober-Z. Also known as
threats, not only those targeting Linux.
LOCAL_MACHINE\SOFTWARE\ CME-681, Sober@mm!M681, Sober.AA,
It offers a command line interface, sup-
MICROSOFT\WINDOWS\CUR- Sober.AG, Sober.W, Sober.X, Sober
ports an option for scheduled scan-
RENTVERSION\RUN and HKEY_ .X@mm, Sober.Y, and Sober.Z@mm.
ning, and can identify boot sector
LOCAL_MACHINE\SOFTWARE\ How It Spreads: Sober-Z travels as a
viruses and macro viruses. Like avast!
MICROSOFT\WINDOWS\CUR- .ZIP email attachment. The worm scours
Linux Home Edition, F-Prot Antivirus is
RENTVERSION\RUNSERVICES keys. the hard drive of an infected PC, pulling
free for personal use only. Frisk
Delete all corresponding values that refer to email addresses from files with specific
Software also offers comparable AV
Pic System or Picx.exe. extensions, including .BAK, .CFG, .CGI,
utilities for users of BSD and DOS, too.
Next, WinXP users need to reactivate .DOC, .EML, .INI, .LOG, .MSG, .PPT,
Panda Antivirus For Linux. Panda
the Windows Firewall. To do so, open the .PST, .RTF, .TXT, .VBS, .WAM, .XLS,
Antivirus For Linux is a no-nonsense,
Start menu, select Run, type services.msc and .XML. It then sends itself to most of
command line AV utility that costs
in the Open field, and click OK. The the email addresses it finds.
nothing and runs on servers and work-
Services window will appear on-screen. What It Does: When Sober-Z first
stations alike. How-to instructions are
Locate and double-click the Internet struck in December 2005, it reportedly
minimal, and support is nonexistent.
Connection Firewall (ICF)/Internet accounted for one out of every 13 email
For these reasons we recommend it to
Connection Sharing (ICS) entry in the list messages in circulation and represented
existing Panda AV customers only. ▲
of local services. In the resulting dialog one of the biggest outbreaks on record.
splashes in the security community— “the purpose of a botnet isn’t just to pro- system. “We’re seeing them being used
along with big headlines in the end-user vide the ability to amplify how much you for distributing spyware and adware in
community—and are therefore detected can send,” says Sunner. “Its primary pur- particular because they can generate rev-
and cleaned up relatively quickly. This is pose is to obfuscate where it’s coming enue by installing these sorts of applica-
bad news for the scammers, who lose from. Stealth is probably one of the pri- tions,” says Paul Wood, a senior analyst
control over an enormous number of mary innovations going on at the mo- at MessageLabs.
machines without having a lot of time to ment.” These smaller botnets and the
exploit them, so they’ve now shifted gears need to stay under the radar make it dif- Seeing Isn’t Believing
and are purposely limiting the effective- ficult to send large volumes of standard Now that they have a stealthier deliv-
ness of viruses so a much smaller group phishing email, so to get a more efficient ery method in place, the next step for
of computers is infected. Now instead of return out fewer emails scammers have scammers is creating emails that are con-
controlling one enormous botnet that turned to spearphishing. vincing enough to make people click an
contains 100,000 computers, scammers Worse still, the viruses used to create embedded link. Company Web sites
can control five smaller botnets that each botnets give scammers complete con- usually give scammers all the informa-
contain 20,000 computers, providing a trol over a computer, letting them in- tion they need to impersonate someone
lot more flexibility. Unlike in the past, stall whatever they like on the infected from the IT department or some other
Source: MessageLabs
authority figure. They then can craft an that “Bob” corresponds to Bob’s real an organization but actually originates
email that looks like it’s coming from email address. from an outside IP address; however, any-
within the network, but actually comes Ullrich also recommends being ex- thing beyond that involves special soft-
from a botnet. Scammers forge the tremely consistent in the way you write ware or services from companies such as
sender’s address and use programming your emails so that imposter emails MessageLabs. Although the latest spear-
tricks to make the embedded link look will stand out. Using a standard greeting phishing techniques “are quite brilliant
like it goes to a legitimate Web site. and signature can go a long way toward from a social engineering standpoint, they
Once the victim clicks the link, the Web personalizing your emails, as does stick- stick out like a big red flag from a scan-
page that appears looks just as he would ing with one email account for all of ning perspective if you’re actually looking
expect, thanks to more tricks such as your correspondence (or at least never at the scripts and the mechanisms behind
using browser overlays to cover up the emailing a particular person from multi- them,” says Sunner.
actual domain name with a picture con- ple accounts).
taining the domain name the user Digitally signed email is another good Sharpen The Spear
expects to see. The scammers can also option, but Ullrich says very few organi- Spearphishing is poised to become
cover up other graphics; for example, zations implement it because everyone much more effective in the future
they can make the security padlock icon must use it constantly for it to be effec- thanks to a recent attack vector called
appear to be closed when it is really tive. “If I only sign important email, targeted Trojans. Standard Trojan virus-
open. The end result is visually identical then the problem is if I receive an es are self-replicating and designed
to that of the original Web site. unsigned email, I just think that you to spread to as many computers as possi-
didn’t consider it important enough to ble, regardless of where those comput-
Put Up Your Shield sign it,” he says. “So you have to sign all ers are located. Targeted Trojans are
Although spearphishing emails are your email in order for it to work, and much more selective, focusing in on a
very difficult to detect just by looking at people have to become familiar with it so single organization or even an individual
them, there are still a few things end they actually look for it.” user, and they are much better at re-
users can do to starve off these types of maining undetected.
attacks. “The biggest mistake is always Fight Back With Filters “They’ve added rootkit functionality
to trust the ‘from’ line in an email ad- Because the social engineering behind a so that they can better hide the software
dress,” says Johannes Ullrich, chief re- spearphishing attack has become so on the end computer,” says David
search officer for the SANS Institute. advanced that the latest attacks can even Mackey, IBM’s Global Security In-
Whenever possible check the header to fool expert computer users, all of the telligence Lead. Rootkits are the source
make sure what you’re seeing in your experts we interviewed recommended of much controversy in the PC gaming
email reader matches up with what’s aggressive email and network traffic filter- and entertainment software realms,
really there. If the address is some sort ing as the best preventatives. Most com- where they’re used as copy-protection
of proxy such as “Bob,” hover the mouse panies can configure email servers to filter schemes that lurk in places Windows,
over it or check the header to make sure email that appears to come from within antivirus, and antispyware applications
New zombies
y
IRC used to control botnet Criminal enterprise efficac
and command attacks/spam.
botnet
Botnet B Botnet C Botnet D
efficacy Botnet A
Source: MessageLabs
can’t see, and the technology is a perfect creation tools on the Internet and a very “There needs to be more emphasis at the
match for a virus that wants to stay on a active virus creation community. Only cloud level to stop this stuff,” says
system as long as possible. (See the instead of doing it for bragging rights like Sunner. “The further you get away from
“Rootkit Madness” article on page 56 scammers did in the past, now most of the source of the problem the harder and
in this issue of CPU for more informa- them are doing it for money. the more expensive it becomes to deal
tion on rootkits.) Ultimately it will take a joint effort with it.” Until then, the price of Internet
Beyond that, launching a targeted from the ISPs and the security communi- freedom is eternal vigilance. ▲
Trojan attack requires almost no technical ty to really put the squeeze on scammers
expertise thanks to readily available virus who use social engineering attacks. by Tracy Baker
product such as A-Data’s My Flash data on the fly in real time, it can’t read
Fingerprint Disk FP1 can store up to previously stored data.
2GB of encrypted data, yet it’s small For the most part, the PHR-250CE
enough to fit on a key chain. functions just like any other external hard
The first time the FP1 connects to a drive enclosure, but you can’t access any
Windows-based PC, a simple application of the data on the drive without first plug-
launches to run the user through the ging in one of the two included secure
process of registering his fingerprint(s). keys the device uses for authentication and
Configuration takes a few minutes and access control. The secure keys look much
entails nothing more than slowly drag- like a thumb drive, but they store the
ging a finger across the sweep-type sensor unique information the unit needs to en-
embedded into the FP1’s surface. No crypt/decrypt the data stored on its hard
additional software installation is neces- drive. In fact, without the secure keys
sary on Windows XP, although A-Data installed, an operating system won’t even
includes a disk with drivers for older ver- My Flash Fingerprint recognize the PHR-250CE when it’s
sions of Windows. Once the user has Disk FP1 2GB plugged into a suitable USB or FireWire
configured FP1, he can’t access the data $65 port. The secure keys also close the circuit
on the drive without the correct finger- A-Data necessary for the drive to function.
print; other users can’t use the disk, www.adata.com.tw The Macally PHR-250CE supports
●●●
either, unless they’ve registered their fin- both Macintosh OS- and Windows-based
gerprints or know the backup password. systems (no software installation neces-
In addition, My Flash encrypts stored sary), and you can use it with standard
data on the fly. 2.5-inch IDE hard drives (up to 9.5mm
A-Data’s My Flash Fingerprint Disk height). The unit is compact for easy
FP1 is available in capacities ranging portability, and similar to most external
from 256MB all the way up to 2GB, and enclosures, it’s hot-swappable, as well. It
it features USB 2.0 high-speed data includes two secure keys and features an
transmission. The bundled software is active LED to indicate power and data
preinstalled on the disk and includes access. The enclosure itself is made from a
data encryption/decryption capabilities, stiff metal alloy that doubles as a heatsink
Web auto login, Web favorites, file man- to keep the drive inside running coolly.
agement, and a flash-based mail client. In an attempt to access the data we
An LED on the drive flashes to show stored on the drive after configuring the
activity and the FP1 is completely hot PHR-250CE, we pulled the hard drive out
swappable. We did find that the sweep- and tried to connect it directly to one of
type sensor was somewhat finicky, but our systems. We are pleased to report that
these types of sensors are inherently PHR-250CE our system didn’t even recognize the parti-
more secure than touch sensors. $79 tion on the drive. This was a rudimentary
Macally attempt to “defeat” the PHR-250CE, but
Macally PHR-250CE rest assured that even if the device is stolen
www.macally.com
Portable flash-based drives such as the ●●●● with all of your data on the drive, without
A-Data’s My Flash Fingerprint Disk FP1 the secure keys, the average thief isn’t
are handy for securing and storing rela- going to be able to access your files.
tively small amounts of data. For users DES 40-bit encryption engine. The There are a number of other devices
who need larger capacities, though, a device automatically encrypts data on the available for encrypting and/or securing
product similar to Macally’s PHR-250CE hard drive, bit by bit, including the boot data on a PC, such as PCI-based hard
may fill the bill. The PHR-250CE is part sector. Note that the enclosure doesn’t drive controllers that encrypt data on the
of an entire family of products that can come with a drive, however, so you will fly and hardware login keys. For most
accommodate a host of drive types and have to purchase that separately. Should users though, a combination of strong
usage scenarios. The PHR-250CE is basi- you already own a suitable 2.5-inch for passwords, encrypted data, and common
cally an external 2.5-inch IEEE1394a use with the PCE-250CE, you’ll also need sense are all that are necessary to keep mis-
FireWire/USB 2.0 enclosure that features to be aware that you’ll need to repartition sion-critical or sensitive data secure. ▲
real-time, hardware-based encryption, and format it once you install the device.
powered by a NIST- and CSE-certified Because the enclosure encrypts the drive’s by Marco Chiappetta
The Bleeding
Edge Of Software
Inside The World Of Betas
SQLyog 5.01 Beta 4
f you run a Web site using a content man- SQLyog almost makes working with a data-
I agement system, you’ve likely run into
MySQL for databases and its de facto
base as fast as using a spreadsheet, which
encourages browsing in a way phpMy-
graphical management tool, phpMyAdmin. Admin never could. SQLyog is also a stand-
There’s nothing wrong with phpMyAdmin, alone app, so you won’t lose work if you
but there are times when an alternative, accidentally close your browser window.
Official product name: SQLyog such as SQLyog, may be a better choice. SQLyog does everything phpMyAdmin
Version # previewed: 5.01 Beta 4 SQLyog is a Windows-based MySQL does and more. Importing/exporting data is
Publisher: Webyog Softworks GUI that works seamlessly if you’re running easy, and wizards and a great Help file fill in
Developer and URL: Webyog Softworks; it and MySQL’s Windows version on the the gaps. The Enterprise version ($47) gives
www.webyog.com/sqlyog/index same rig. Almost as good is running SQLyog you access to timed backups and automatic
_sqlyogfree.php on the same LAN so you only need to open transfers/synchronizations between two or
ETA: Q2 2006 a (somewhat-insecure) remote MySQL port more MySQL databases (even over the
Why you should care: Perhaps the fastest to local IP addresses. You can also install a Internet). The Pro ($9) and Free versions
Windows GUI for managing PHP stub file on your Web server and use are identical, except the Free version has
MySQL databases. SQLyog remotely without network risks. pop-ups ads for the Enterprise version.
The main benefit of running SQLyog The beta was extremely solid and reflect-
locally is speed. Running SQL commands ed a mature product going through regular
has never been faster, as the running History development. If you run databases locally,
pane proves—we’re talking milliseconds. check SQLyog out. ▲
Driver Bay
Creative Sound Blaster Audigy 2 ZS
Video Editor 1.00.0050
This update of the installation disc
drivers repairs DVD-Audio playback on
AMD 64-bit dual-core systems and audio
disturbances on all dual-core systems.
Most updates this month are iterative rather than substantial, but Get it at: www.creative.com
Firefoxers finally get their new Google Toolbar. On the driver side, the
DirectX 9.0 Update
cool LCD on the Logitech G15 game keyboard learns new tricks, and
DirectX claims improvements in graphics,
GeForce 6/7 owners get better hi-def decoding.
performance, and security with this update.
Get it at: www.microsoft.com
Upgrades locating and logons and resolved issues
with some third-party apps, including Logitech G15 Gaming Keyboard 1.02.218
AOL AIM Triton 1.2.37.2 Beta World of Warcraft. New drivers for the keyboard with its
The enhanced, tab-driven IM client now Get it at: www.apple.com own LCD let you modify the LCD, move
has drag-and-drop photo sharing, alerts across applets faster, and more.
when a Buddy updates her profile, and Opera for Mac OS X\Linux\FreeBSD 9.0 Beta Get it at: www.logitech.com
one-click access to her profile from within This preview for Opera’s next-gen brows-
the IM interface. er gets similar changes across three non- Netgear WPN824v2 Firmware 1.0.19
Get it at: www.aim.com Windows platforms, including fixes for This upgrade turns on DoS protection,
memory leaks, widget problems, Gmail provides CHAP support for PPTP, fixes a
Avant Browser 10.2 Build 39 attachments, and the content blocker. DDNS issue, and lets Unicast and multi-
This build of the customized version of The Mac OS X update is Build 3312; the cast traffic work more efficiently together.
IE, which features tabbed browsing and Linux\FreeBSD versions are Build 206. Get it at: www.netgear.com
good privacy features, includes improved Get it at: www.opera.com
tab navigation and pop-up blocking, mul- Nvidia ForceWare 84.21
timonitor support, and improved speed Portable Firefox These WHQL drivers add support for
and page scrolling. This Firefox version, which updates the recent Nvidia cards and Nvidia SLI support
Get it at: www.avantbrowser.com browser to the 1.5.01 build, is optimized for mixed vendors. PureVideo gets support
for portable devices or a CD, so you can for H.254 decompression on GeForce 6/7
Google Firefox Toolbar Version 2.0 launch your personalized browser with cards, HD MPEG-2 inverse telecine, and
The Firefox version of Google’s Toolbar bookmarks and extensions from any PC. spatial temporal deinterlacing.
gets some of the same additions that Get it at: www.portableapps.com Get it at: www.nvidia.com
Google recently added for IE users,
including an enhanced search box, The Bat! Professional 3.72.08 Beta Realtek AC’97 ALC650 A3.85
antiphishing routines, and the ability to Recent updates for the alternative email This update for mobos with onboard
subscribe to RSS feeds from the toolbar. client include fixes for problems with Realtek audio updates the Realtek 3D
Get it at: www.google.com scheduled actions and Watch And Send engine and some customized settings, plus
commands. Attachment sizes are also now fixes a Fujitsu power-management issue.
iTunes 6.0.4 exact rather than estimated. Get it at: www.realtek.com.tw
iTunes gets stability and performance Get it at: www.ritlabs.com
tweaks in this incremental refresh. Saitek Game Peripherals
Get it at: www.apple.com WinRAR 3.60 Beta 1 Saitek game controller models for stan-
WinRAR gets significant improvements, dard Windows and 64-bit WinXP systems
Mac OS X 10.4.6 including enhanced performance for dual- get driver updates. Cyborg devices, the
Versions of this update are available for core processors and HyperThreading Pro Gamer Command Unit, gamepads,
PowerPCs and newer Intel-based Macs. CPUs, more flexibility for the tree naviga- X45/52 flight controllers, and the gaming
Included is support for a broader range tion interface, the ability to now rename keyboard get respective driver updates.
of devices for iSync 2.2 for synchroniz- Zip files, and more extraction options for Get it at: www.saitekusa.com
ing PDAs and cell phones to the OS. faster post-decompression clean-up.
There’s also improved wireless network Get it at: www.rarlab.com by Steve Smith
iTunes 6
Free
Apple
www.apple.com/itunes
●●●●●
music manager might be tempted to reach Microsoft is all about DRM, so WMP
for Windows Media Player 10. After all, it’s is wrapped up in layers of DRM that fre-
free and familiar; you already have an older quently get in the way. The default for-
version preinstalled with WinXP. mat for ripping CDs is Windows Media
The features are certainly here. You can Audio, and the only alternative is MP3,
listen to music in most file formats, rip songs and you get the feeling Microsoft pro-
from CD, and burn songs to CD. You can vides that only grudgingly. MP3 is listed
browse your music library by genre, year, in the Rip Settings menu in lowercase
artist, and rating and enjoy various visualiza- below three flavors of WMA, and there’s
tions while you listen. You can even watch no ability to encode MP3s at 160Kbps.
music videos and tune into Internet radio Encoding for Ogg Vorbis and other file
stations. WMP10 can synch your music formats are conspicuously missing from
with about 70 models of portable music the ripping options, but you can acquire
players, smartphones, and Windows-based some with plug-ins.
PDAs, but it doesn’t support the iPod. If you don’t have a towering stack of
WMP10 does it all, but it isn’t particu- CDs to rip, WMP10 offers many choices Windows Media Player 10
larly satisfying to use. The interface is overly to keep you entertained. There’s a built-in Free
cluttered with layers of tabs and several music store where you can buy single Microsoft
browsing environments. Advertisements, tracks, usually for 99 cents each, or entire www.microsoft.com/windows
upsell attempts, and pop-up warnings about albums for about $9 and up. You can also /windowsmedia/mp10
digital rights management often interject choose the Radio Plus service, which ●●●
themselves. Additionally, the UI is overdone offers unlimited ad-free music for $30 a
with several Web-like browsing environ- year. You’re not even limited to those two
ments. There’s one under the Guide tab, a options. WMP can play a bevy of differ- With the click of a button, you can
music shopping site under the Music tab, ent protected file formats, including from easily convert audio files between MP3,
and another for music videos under Napster, MusicMatch, and others (pro- WMA, Ogg Vorbis, and WAV formats.
the Video tab. The clutter is vided you have the proper licenses, of You can convert DVD audio to any of
confusing and unnecessary, course). The program also provides access those formats, as well as rip CDs. You can
with offers to buy stuff to free streaming radio stations and a use the DVD sound ripping to extract a
seemingly everywhere. selection of music videos. My enjoyment favorite song or audio track from a movie
of both was often preceded by annoying disc, although the process happens in real
video advertisements, however. time, so it can take a while. The program
WMP10 continually treats you like a also does video conversion between AVI,
consumer (and not a particularly trust- MPEG, and MPEG formats. With batch
worthy one, at that), making it difficult to processing, you can do multiple conver-
just sit back and enjoy the music. sions in one fell swoop.
Blaze also includes a waveform audio
Mystik Media Blaze Media Pro 6.1 editor, which is handy for removing a
Blaze Media Pro tackles a different
angle than the other programs here. It
doesn’t do as much in terms of managing
your music collection, but what it brings
to the party are plenty of tools for con-
verting, editing, and playing audio/video
files. The program is $50 after a free
two-week trial.
Blaze plays a multitude of A/V formats.
Audio coverage includes any format you’d
care to use, and the video formats include
AVI, several MPEG flavors, and WMV. Blaze Media Pro 6.1
As a media player, Blaze does a great job $50
with its sleek interface and intuitive con- Mystik Media
trols. Blaze’s real power, however, is in its www.blazemp.com
format-conversion and editing features. ●●●●
by Warren Ernst
CyberLink PowerDirector 5
etting a right mix of power, and nearly instantaneous. Video captures from a
G ease, speed, and price in a
video-authoring app can be tough, but
DV camera seemed to go directly to MPEGs
without a second transcoding pass. Editing
PowerDirector 5 manages well. The videos, adding special effects and filters, and
app quickly captures video from ana- recording a voice-over in real time was lag-free.
log and digital sources, converts video Even DVD burning seemed to occur without
and audio files for nearly all formats, extra transcoding passes.
makes editing and applying filters The app’s GUI and speed encourages you to
quick, and exports DVDs or video experiment. For example, I tested an anti-jitter
files with full menus with amazing filter on a scene with considerable motion and a
speed. With a speedy rig, PD5 almost wind-noise eliminator on a scene of a couple’s
PowerDirector 5 makes working on a video project a pleasure. wedding vows spoken on a wind-swept beach.
$89.95 PD5 can perform all the tasks needed to create This worked in seconds, and the results were
CyberLink a polished video or DVD from various sources. A usually spectacular. PD5’s various Magic tools
www.cyberlink.com slick GUI makes each step fairly intuitive, as the add perfectly timed background music, clean up
tools and buttons are laid out in such a way that red-eye, cut long clips to short ones, and more.
●●●●●
you’re guided to click each in the proper order. This version adds Magic Style, which adds one of
Perhaps PD5’s only flaw is that some buttons 12 preset styles to a project, and Magic Fix,
aren’t visible when the app isn’t maximized. which automatically touches up videos/photos.
PD5 seemed well-optimized and blazingly fast If you’re used to video projects taking forever
on a 3GHz P4 rig with lots of memory and drive and not being fun, you owe it to yourself and
space. Applying effects was drag-and-drop easy your videos to give PowerDirector 5 a try. ▲
Techsmith SnagIt 8
ver wonder why you see In addition to standard Full Screen and Active
E so many reviews of screen-
capturing software? It’s because
Window captures, SnagIt has some unusual and
unique capture routines. The program can auto-
such software is a standard tool in matically scroll a window and capture all the
a software reviewer’s arsenal, and it window’s content in one long file—no cutting
gets used almost every day. For and pasting required. SnagIt can also save screen
more typical users, spending signif- shots of Web pages while maintaining the page’s
icant money on a tool you use only hypertext links (provided you save the capture as
occasionally to take a screen shot a PDF, Flash/SWF, or MHTML file; SnagIt lets
may not make much sense. But you save captures in as many as 29 file formats).
then there’s SnagIt 8, which makes SnagIt can also capture screen shots of printouts
getting jaw-dropping screen cap- via a customized printer driver, capture all graph-
SnagIt 8 tures so easy, including captures of animated ics from a Web page, and capture editable text
$39.95 movies or captures with active hypertext links. from virtually any screen.
Techsmith After using SnagIt you’ll likely never look at Once the program captures content, there’s a
www.techsmith.com screen-capturing software the same way. wealth of editing and markup tools available,
SnagIt 8 features a totally revamped graphi- including arrows, callouts, watermarks, perspec-
●●●●●
cal interface, which should make the app more tive shifts, standard cropping, and color manip-
accessible to casual users. The program’s various ulation. All edits are nondestructive, so you can
types of captures are now listed as icons in the reuse screens to point out different items.
main program window, with various cartoon SnagIt is as close to perfect as screen-capture
speech bubbles appearing over the buttons, software can be, and its unique feature set may
icons, and windows when you click to complete generate new users who otherwise may have
a task; it’s tough to get lost with SnagIt 8. thought such software a luxury. ▲
by Wallace Wang
HumanConcepts OrgPlus 6
rgPlus 6 is sure to intrigue OrgPlus lets you apply various colors and
O any company head looking
to visually display the employee
designs to charts, plus there’s a search function
(with included data mining abilities) and
hierarchy of her corporation. Sure Freeform tool and the ability to combine charts
you can create such charts using from different departments into one master
pencil and paper or any drawing chart. You can also create legends and Hotspots
app, but OrgPlus makes creating, within boxes to dynamically display employee
editing, and working with such profiles (including displaying photos) when a
charts much faster and simpler. mouse cursor passes over the Hotspot. You can
OrgPlus’ charts start with a sin- also rearrange chart items, so if you can move
gle box in which you type a name a box to a different location, OrgPlus can
and job title. You can then add automatically move all subordinate boxes in the
OrgPlus 6 boxes for more jobs, which will appear as being chart with it. This lets you see how a company’s
$189.95 (Standard); $295 (Pro) linked from the top, bottom, or sides to existing balance of power might shift if the vice president
HumanConcepts boxes. Creating boxes and typing names/titles of marketing is promoted or demoted. Addi-
www.orgplus.com multiple times gets tedious for even small charts, tionally, you can share charts by printing them
though. To that end, you can enter names and as Word, PDF, or PowerPoint files, and a free
●●●●
titles in a text or Excel file, identifying each browser plug-in will let others view charts via a
person with a number and the number of people Web browser.
he reports to. OrgPlus can then automatically OrgPlus 6 makes creating and updating even
create an organizational chart. For example, John fairly complex organizational charts easy and
Smith will appear at top with Joe Smith shown actually fun. With such a specialized focus and
reporting to him, followed by Jim Smith report- hefty price tag, however, the app is definitely
ing to Joe Smith and John Smith, and so on. geared more to corporations. ▲
Googlefasting
C ould you live without Google for an
hour? Could you make it a day? Could
being more emotional than empirical with my
reporting. It didn’t take but a day for people
you survive a week? I did. In fact, I pulled to ask for more complete thoughts, detailed
myself through two weeks without using the explanations as to my methodology (not nec-
search juggernaut just to prove I could. Some essarily my madness).
called me insane; some called me Maurice; but I immediately fell back to Yahoo!, as it was
I did it like the Space Cowboy I am. I braved the closest thing to Google I could find. After
the challenge for the sake of delivering you the a few days, I realized I was treating Yahoo! like
cold, hard facts. Plus, it made for some hellish a Google surrogate—like comparing a new
blog entries. girlfriend to an ex (a mistake you should only
Quitting Google was almost as bad as quit- make once in your life). I found Yahoo! quite
ting coffee. Google seems to release a new comfortable, but I couldn’t help but feel like I
service or piece of software every couple of was cheating on Google. It was time to pull
weeks. It owns nearly half the search engine away from the Google mindset entirely, to
market, and it’s well on its way to owning your push myself into using “other” search engines. Chris Pirillo has his own
Desktop, too. Don’t believe me? The Google Yes, other search engines besides Google do metasearch service, which is fully
faithful use Google Talk alongside Google still exist! accessible from Web browsers on
Desktop while browsing with the Google Repeatedly, I would get frustrated with not the Desktop or your favorite
Toolbar in IE or Firefox. They send messages being able to find what I was searching for. I mobile device. Gada.be is where
via Gmail while watching their Google Page- attributed this to being in tune to how Google you can start. And if you want to
Rank grow and shrink, check their Google indexes content and how I had learned to opti- find Chris on the Web, you don’t
AdSense stats every other minute while blog- mize my searching strategies for how Google have to look very far, just enter
ging on Blogger.com, upload Web sites on works. Most annoying was when I was seeking “Chris” into a Google search box
Google Pages while testing the latest beta of for Web pages I knew were at the top of and press the I’m Feeling Lucky
Google Web Accelerator, and load their Google Google’s results but were no where to be found button. Chris doesn’t believe in
Analytics charts while using Picasa to organize in the top 50 of other search engines. Bah! polygamy, which makes sense
photos in the background. Not to mention I regularly flipped between Yahoo!, when you understand that his
searching on Google.com every other minute! Gada.be, Technorati, Feedster, Ask, MSN, impending faux marriage
What happens if (and when) Google and IceRocket. None filled the void Google proposal to Google would be
gets bigger? left. Still, as the first week wore on, I realized I trumped by his existing plans to
I dared myself to go “googlefasting.” I was could live without Google. I upped my per- marry his soul mate, Latthanapon
not trying to make a political statement or sonal challenge to another week, and it really Indharasophang. They met
force Google’s stock price to plummet. When wasn’t that difficult to do. I think it was online, but not through Google.
I started, “googlefasting” didn’t show up in around day 10 that I made the mental switch:
any search engine, Google included. When I Living without Google is quite possible.
reached the end of the first seven days, Google I have an emotional attachment to Google,
reportedly had more than 50,000 references of but it’s no longer blind faith (like yours, most
“googlefasting.” In fact, if you want to experi- likely). There’s a reason Google is on top; it I dared myself to go
ence my whole experiment from top to bot- works and works quite well. Google didn’t pay
tom, search for it yourself. By now, most me to do this, nor did the other search engines. “googlefasting.” I
search engines should have the entire chroni- I don’t recommend you try this at home—or
cle well indexed. at work, for that matter. If you’re someone wasn’t trying to
Since I don’t use Google’s software (largely who searches with Google constantly, I bet you
because it’s designed quite poorly), I decided couldn’t last a single day without it. make a political
to focus my fast on what most people use After sending two dozen roses and a box
Google for: searching. The first few hours of chocolates to its offices, Google and I are statement or force
were truly the toughest. I was biting my teeth once again dating. It’s too early to talk about
and ruing the moment I believed I could do it, wedding bells yet; let’s just say I’ll know Google’s stock
and for no good reason other than to prove I where and how to find a ring online when
could. I lashed out at everything around me, the time comes. ▲ price to plummet.
You can dialogue with Chris at chris@cpumag.com.
Web 2.0
What’s Behind It, Anyway?
on-demand content. Just as Google Maps Flock promises to weave into a single
lets users lay their own data onto the map- browser interface some of the
ping interface to create wholly new con- hallmarks of Web 2.0 developments:
tent, sources such as The New York Times content sharing and remixing,
will offer APIs into its archives, so users and blogging, and integrating other Web
developers can pull any slice of data they services such as Flickr directly
like into their own new applications (an into another application.
encyclopedia, real estate listings for your
own neighborhood, etc.).
At O’Reilly’s tech publishing company, user declares how and where infor-
O’Reilly Media, thousands of textbooks mation is important to him and
are fully digitized, so users actually sub- takes it on demand. In Web 2.0-
scribe to the entire library and can piece speak, “users add value,” says O’Reilly. one another’s flow of material and tag the
together chapters and even paragraphs of entries with terms that are important to
books into their own texts. In a deal with The Web Of Us them. Often called “folksonomy,” this col-
Microsoft, help systems in some of its In fact, a central difference among the laborative tagging doesn’t restrict an image
software development kits link directly earlier concepts of the Internet as linked or any piece of content to a particular use
into O’Reilly’s text libraries to pull down content and Web 2.0 revolves around the that’s defined by some professional editor
advice and even programming examples as increased role of the user, not publishers, somewhere. Folksonomy surrounds the
needed. In traditional media, and even determining what is valuable online. At many pieces of content with countless
most Web 1.0 sites, the publisher defined destinations such as the photo-sharing site overlapping tags so that users can find it in
the look and feel of content and how and Flickr, for instance, users not only create many more ways. In yet another buzzword
where it could be used. In Web 2.0 the the repository of images but also tap into of the new Web economy, parsing content
CPU: What does Web 2.0 mean to you and the Flock project?
Arone: We actually have a tip jar in front of the office and penalize you a dol-
lar for using the term. We’re trying to break away from using any buzz mar-
keting words. We try to talk about specifics of what we are trying to achieve
for users. To me and to most at Flock it means the new ways that people par-
ticipate online, the technologies that cater to certain types of participation.
CPU: How does Flock layer onto the Firefox engine these participatory
functions?
Arone: We looked at the ways that people are interacting online. Firefox rein-
vigorated the browser space, but browsing is the same. It doesn’t address the
Q&A greater participation by folks in easier publishing, sharing content, social net-
works, all of these higher amorphous concepts. We are looking into what
Flock’s Geoffrey Arone: product can make interacting through a browser better. We looked at exam-
ples of blog editors and photo browsing and uploading. What makes us special
Don’t Say Web 2.0 Around Here is the interplay of the different features. If I read an article at NYTimes.com
The bleeding-edge digerati and much of on the running of the bulls, I can Star it to my favorites or just highlight text
Silicon Valley have eyes on the upcoming and keep it in a Shelf. I can blog the photo and then drag text from my Shelf,
“social browser” Flock because in many ways then open Flickr in the Topbar and search for my friend’s photos of his expe-
it embodies so much Web 2.0 spirit. By mak- rience with the bulls. It involves several things and the end-to-end user experi-
ing the browser into a multifunction applica- ence is different.
tion, Flock promises to integrate browsing with
publishing, blogging, photo sharing, and public CPU: When will we see usable versions of Flock?
bookmarking, among many other very Web
2.0 functions. But as co-founder Geoffrey Arone: Today it’s pretty stable. Expect to see something that’s a significant
Arone tells us, saying “Web 2.0” around the improvement in mid-May. The second public beta will come two months later
Mountain View, Calif., office will cost you. and then if all goes well, a 1.0 two months after that. ▲
laboration, then the trend’s perfect ex- and syndication, and all along the way gain coffee we’re spilling into
pression may be the highly anticipated user comments and tags that refine and our keyboards.
Flock browser. Based on the Mozilla redefine it. “Content becomes more like a
Firefox engine but founded on Web 2.0 wave. It’s a momentum,” says O’Reilly.
principles, Flock is being designed to let Wave? From the popularity of next-gen
people interact with the Web and each flagships such as Google, Yahoo!, and
other within the browser paradigm. now MySpace and Flickr, Web 2.0 is
Flock sports a Topbar that links directly looking more like a tsunami.
into Flickr and eventually will be able to
pull in other content sharing communities. by Steve Smith
tvfuture.txt
T hey say it is all about the content. But
“they” say a lot of things. Today down-
Comedy Central is trying it with “The Daily
Show,” and ABC has been trying it with
loadable content is just starting to wage war “Lost” and “Desperate Housewives.”
against the broadcast media that has dominat- The problem is simple economics: Broad-
ed distribution for decades. The problem is cast is inexpensive to the audience because
that the pricing models are all wrong. Dis- commercials fund it. DVD has no commer-
tributors are pricing their downloads like cials, so the industry passes along the entire
DVDs and not like broadcasts. And strange costs. And because downloads don’t have
DRM systems inconvenience their users, often commercials, the industry is trying to charge
driving them to piracy. the consumer DVD prices.
Once upon a time, “getting” content meant This is a serious problem toward adoption of
sitting in front of your TV at a specified time, downloadable content. My TiVo has around 40
tuning in to a channel, and watching the show season passes. It records dozens of shows every
for the allotted amount of time. VCRs and week. Were I to pay $2 for each episode, my
TiVos have incrementally added control, let- fixed monthly satellite bill would easily triple. Rob "CmdrTaco" Malda is the
ting the user time-shift his programming. The distinction here is that the masses con- creator and director of the pop-
In addition to time shifting, we have what sume broadcasts, but, really, the fans only pur- ular News for Nerds Web site
I will call “location shifting.” This is for chase DVDs. A serious fan willing to foot a Slashdot.org. He spends his
offline media: DVDs, CDs, and so forth. By higher bill will repeatedly watch a DVD. The time fiddling with electronic
merely taking a physical object from place to broadcast is ethereal—watched, enjoyed, and gizmos, wandering the ’Net,
place, you can partake in your glorious then deleted to make way for something new. watching anime, and trying to
media in any (compatible) location. You The industry is pricing think of clever lies to put in his
pay extra for this, and typically as part of these downloadable bio so that he seems cooler than
it, the manufacturer removes commer- programs as if they are he actually is.
cials from the product. DVDs, and when I think
What downloadable content the inevitable future is that
does is conveniently blend the these downloadable programs
concept of time shifting and will replace broadcast media, I
location shifting into one glo- think the industry should price
rious file playable on your them accordingly. As long as
computer, your iPod, and The industry needs to take a step
your TV. back and understand that download- complicated
Now we are used to not able content gives users an element of
paying directly for broad-
casts. Sure, we pay for
time shifting and location shifting. It is
something old and something new. And as
DRM systems
cable or satellite, but we don’t directly pay to long as complicated DRM systems and ill-
watch “The Daily Show.” So, conceptually, conceived pricing structures stand in the way,
and ill-con-
we think of the functionality the TiVo gives the audience will route around them, turning
us as “free.” instead to piracy, or better yet, a new genera- ceived pricing
On the other end, we’re used to paying tion of independently created content.
for our DVDs. A crazy market has arisen for We have seen some of this independently structures
buying old TV shows. You end up paying created content in the film industry already as
a couple bucks per episode and there they independent films crept up on the major stu- stand in the
are for you: uncut, commercial free, and dios. But now a few thousand bucks worth of
digitally perfect. digital camcorders and a beefy Mac can let way, audiences
The problem is that currently all attempts individuals create and distribute their own
to market downloadable content have charged
the prices associated with location shifting: a
productions online. If the industry doesn’t
hurry up and start being reasonable with its
will route
buck a song, a couple bucks for an episode of own content, the rest of the world is going to
a TV show, and far more for a movie. start creating its own. ▲
around them.
Speak loudly into the megaphone of foo@baz.com; I’m slightly deaf in that ear.
by Jen Edwards
Leisure
Audio Video Corner
The entertainment world, at least where it pertains to technology, morphs,
twists, turns, and fires so fast it’s hard to keep up. But that’s exactly why we
love it. For the lowdown on the latest and most interesting releases in PC
entertainment, consoles, DVDs, CDs, and just leisure and lifestyle stuff we (for
most part) love and recommend, read on.
pop up in one of many game genres the U.S. release includes the original
depending on the situation and add 2002 Space Rangers that wasn’t
an element to the gameplay that released stateside. Space Rangers 2
scripted events just can’t re-create. took us off guard but will be a
Considering how rich and varied mainstay on our hard drive for
the gameplay is, it’s surprising just many months to come. ▲
Don’t Let It Fly Under Your Radar -by Dr. Maleprop how elegant the control and inter-
face feels without being simplistic.
system’s controller design and button lay- that puts you in charge of steering an MLB
out, and regardless of what system you franchise via the draft, trades, minor
play on, you’ll find them easy to pick up. league operations, and in-game strategy,
Pitching and hitting controls are especial- too. As with most sports games, the com-
ly effective, although if you’re used to old- mentary from the booth can get a little stale
Welcome To The Bigs school games where you mash a button to at times, and we’re still not quite where we
-by Chris Trumble swing the bat, the Swing Stick will take a need to be in making real-world players
few innings to get used to. Each swing is look convincingly human, these are minor,
he boys of summer are back on your made up of two motions of the right analog common gripes, and they don’t warrant
T favorite game console. We took a few
versions of 2K Sports’ Major League
stick; you pull it back to initiate your batter’s
backswing and step into the pitch, and
passing on MLB 2K6. ▲
Baseball 2K6 for a spin and found the you push it forward to take your cut.
game to be deep, pretty, and fun to play. It Throwing to pick off a runner when
won’t surprise anyone that the Xbox 360 you’re in the field is pretty easy, too; just
version is the most elaborate graphically, press the button that corresponds to the
but that aside the various flavors of 2K6 base you want to throw to, and hold the
are largely identical. The controls you’ll use button longer for a harder throw.
on both sides of each inning vary only If you’re looking for more than a quick
inasmuch as necessary according to each game, MLB 2K6 has a GM Career mode
ntil very recently, Eidos’ Tomb Raider fran- Eidos took the drastic action of taking
U chise was a sort of cautionary tale demon-
strating the danger that lies in churning out too
Tomb Raider away from Core, the devel-
opment company that created Lara Croft
many tepid sequels to cash in on a hot proper- in the first place, and giving it to Crystal
ty. When it hit the scene in 1996, the first Dynamics, a developer that had huge
installment for the PlayStation was a huge suc- success with another popular third-person
cess, capitalizing on the popularity of the then- action franchise, The Legacy Of Kain.
nascent 3D action genre and a hip, sexy lead Looks like it was the right call. Tomb
character that soon became a gaming icon. Raider: Legend has pretty much everything
The first sequel or two did pretty well, too, that made the first TR game fun, but adds
because let’s face it: As much as we complain to that a few new moves, controls that are
about sequels, we seem to love buying ‘em, tighter and more responsive than they’ve
and Eidos was all too happy to keep them ever been, and—of course—cutting-edge
coming. It wasn’t long, however, before TR’s graphics. We reviewed the Xbox 360
luster began to fade. By the time TR: The version, and it’s a thing of beauty in
Angel Of Darkness showed up for PS2 and high-def, with characters and environ-
PC in 2003, many who’d enjoyed the first two ments that are equally sharp. We would
or three games had lost interest, and worse have liked it to last a bit longer, but oth-
yet quite a few of those who paid the price of erwise we recommend this game
admission for Angel were sorely disappointed. wholeheartedly. ▲
Character Smorgasbord
-by Chris Trumble
D atel seems to be making quite a
name for itself in the realm of
console storage growth. The latest
expansion project is the Xbox 360. We
$39.99 (PS2) don’t know about you, but having a
ESRB: (T)een • Konami paltry 12-ish gigabytes of useable stor-
www.konami.com age is more than just embarrassing—it
leaves us wanting more.
The XSATA is a plug-and-play device
that’s molded to fit neatly in between
the 20GB Xbox 360 external hard drive
and the top of the console. The device
Ideazon MERC
Another Specialized Gaming Keyboard $39.99 (PC) • ESRB: N/A • Electronic Arts • www.zboard.com
and application prefetching, which acceler- AlwaysUnloadDLL. Double-click the included (and not needed).
ates both operations noticeably. Default value in the right-hand pane
and set the Value Data to 1. Reboot for
Disable Indexing this to take effect.
Unless you do a lot of file searching, this
background task adds unnecessary memory Snag That Lag
use and disk thrashing when you access a It’s a new Windows installation, but
file. To turn it off, double-click Add Or why are Start submenus popping up so
Remove Programs in the Control Panel, sluggishly? Because you need to put in
file manager for the KDE desktop environ- you can perform actions on
ment. For this article we used Konqueror the file (for example, opening
version 3.5.2, which we took from a a text file with a text editor
Kubuntu LiveCD distro. If you’re already installed on your system), a
using KDE, check the Konqueror version list of possible actions will dis-
you have by opening Konqueror and select- play in the left pane.
ing About Konqueror from the Help menu. Network—an interface that
provides easy access to major
Find Your Way Around KDE FTP and Web resources.
When you open Konqueror initially, it Root Folder—displays the
may greet you with a relatively bare-bones directory tree for your entire
version. If so, you can click Settings, file system in the left pane.
Toolbars, and Main Toolbar to display This is the view many users Not only is Konqueror a file manager for the KDE
the Show Navigation Panel button. You unfamiliar with Linux expect desktop environment, it’s also a Web browser.
can use this button to display a side pane. to find in a file manager.
If you’d rather not have this additional Services—a catch-all interface for vari- Image View—a three-paned approach
toolbar shown, just close it from the ous programs and configuration options. that displays a file-system tree in a far-left
menu. With the side pane open, however, System—a file-system browser orga- pane, thumbnails of images contained in a
you’ll notice a series of tabs along the left nized by drives, devices, and network selected folder in a middle pane, and con-
that includes the options: shares rather than a directory tree. tents of a selected image in a far-right pane.
Amarok—if you have the Amarok File Size View—a two-paned view in
music utility installed, an icon of a howl- Control Folder Content Views which the left pane displays a file-system
ing wolf is the first tab shown. Clicking it Konqueror also offers an interesting tree and the right pane displays a graphical
loads Amarok in the left pane to let you selection of options for viewing the con- representation of the selected file’s size.
navigate the music-building program to tents of a folder. You can select one of the
your music collection. various options by clicking View and then Konqueror As A File Manager
Bookmarks—loads your Konqueror View Mode or use one of two view buttons If you’re using Konqueror for file-man-
bookmarks in the left pane. available in the window. The view buttons, agement purposes, chances are good you
History—loads your Web surfing his- along with a collection of other icons, only have the side pane enabled and the Root
tory in the left pane. appear when there are files displayed in the Folder or Home tabs displayed. In either
www.informationweek.com/news/showArticle.jhtml?articleID=183702747
ing it as the root user, creating a data CD About Kubuntu dialog box. pet owner’s contact information. The
using the K3b app, and transferring the There’s also a search option in Starting MicroID Collar also lets pet owners store
file via Bluetooth. Points that acts as a GUI to the OS’ locate detailed facts about their pets, including
Compress—options for creating various command, which helps you search for files. medical information, related treatments,
archive types from the file/folder or adding and any other useful information. Any-
the file/folder to an existing archive. Konquer Your Desktop one who finds a lost pooch or kitty can
Properties—provides a preview of the You can use Konqueror as a file man- then access that data by inserting the
file’s contents and opens a Properties ager, Web browser, and a viewer to see card into a computer. Jonathan Warren
dialog box for the file with options for your documents, but it’s also a one-stop of West Palm Beach, Fla., invented the
viewing and altering file permissions. interface for many KDE settings and MicroID Collar, which recently won the
PetSafe Idea Fetch pet invention contest
The Start Points Screen over 5,000 other entries. The device will
When you launch Konqueror, you be available at PETCO stores this fall.
should see a Starting Points screen that
Power Management:
From The Edge Of Mobility To The Center Of The Enterprise
Technically
Speaking
An Interview With Katherine
Albrecht, Author & RFID Watchdog
atherine Albrecht has been called the Erin Brockovich of
K RFID. She defines a consumer privacy expert, however, as
“someone who pays attention to the risks that consumers run
when they go about their regular business.” Albrecht’s actions
would seem to back up her words. She’s the founder and direc-
tor of CASPIAN (Consumers Against Supermarket Privacy
Invasion and Numbering), a consumer watchdog group that
has more than 12,000 subscribers to its Web site (www
.nocards.org) and representatives in all 50 states and 30 coun-
tries. Albrecht, who’s finishing up a doctorate degree in con-
sumer education at Harvard University, is also the co-author of
“Spychips: How Major Corporations And Government Plan
To Track Your Every Move With RFID.”
by Barry Brenesal
CPU: What is your main concern about whereby when a consumer made a pur- recommend it both for identifying and
RFID technology? chase, the consumer’s identity would be tracking people as they move around in
linked with the unique number on the public locations and quasi-public locations,
Albrecht: It’s an incredibly powerful RFID tag at the point of sale. It’s stored in such as retail stores. They also recommend
technology that easily lends itself to abuse. the database. Right now, there are compa- using it for marketing purposes. One exam-
RFID readers can be placed invisibly in the nies that specialize in consolidating that ple they gave is looking in a woman’s bag
environment. RFID tags can be placed on point-of-sale information from various because the radio waves from RFID travel
clothes and in people’s belongings. And retailers. In fact, one company, IRI (Infor- directly through what we usually rely on to
maybe the most worrisome part is that the mation Resources, Inc.), states that they protect our privacy, like backpacks, bags,
companies that are aiming to put the read- consolidate information from over 30,000 and purses. If she’s carrying a baby bottle,
ers in the environment and the tags into different retail locations into centralized then they recommend interactive electronic
people’s belongings have spelled out some databases. The concern is that this informa- advertising to spam her with environmental
pretty frightening plans for how they hope tion would be linked, so that instead of ads of other baby products.
to abuse the technology—literally to use it knowing that I wear size 7 Nike running
to spy on people. shoes, they would know I wear size 7 Nike CPU: Any mention of looking inside
running shoes with a unique ID number. someone’s bag is going to raise the hackles
CPU: What could RFID tagging track? And as IBM goes on to explain it, now that of a lot of people, but realistically how far
you have this link between the individual away can a company track RFID tags?
Albrecht: Probably the best example is a and the item, when those people walk
patent from IBM called “Identification and around, you capture the unique RFID Albrecht: It depends on what kind of
tracking of persons using RFID-tagged numbers from their belongings by hiding tag you have, what the frequency is, and
items.” They filed it a few years back. IBM reader devices in the environment. Then the strength of the reader. For the
has been in on the RFID/EPC (Electronic you can cross-reference them in your data- 13.56MHz tags that they’re talking about
Product Code) formal plan for many years. base and have a pretty good sense of who doing item-level tagging and barcode
Essentially, what they describe is a system just walked by [the hidden reader]. They replacement, you’d probably get about 3
to 5 feet of read range. And obviously, from a satellite, as in finding a hiker lost in dollars of investment. It’s a sleeping giant
with 3 feet of read range, you could read the woods. You’re not going to be able to because the industry has kept its growth
tags on somebody going through such a read their implant from a satellite. You’re and advancements out of the public eye.
doorway. We also found that Philips Elec- not even going to be able to read it from You’ve got corporations and governments
tronics has developed an RFID antenna across the road. pouring huge sums of money into develop-
that can be invisibly woven into a shoe. It ing the superstructure, and you’ve got the
can be read from reader devices in the CPU: So the main problem isn’t the dis- average citizen having no input into that
floor—and try getting more than an inch tance a RFID tag can be read but rather the decision-making process because they’re
away from the floor. You don’t need a lot quantity and quality of information that’s not even aware that this is going on.
of read range to read somebody who’s lit- shared through the use of the technology?
erally standing on top of your reader. CPU: Can effective legislative controls
Not only does IBM want to use this to Albrecht: The developers of that tech- be put on RFID tagging and reading?
identify and track people for marketing pur- nology are the people who actually envi-
poses, they recommend putting this tech- sion a network of readers that would be Albrecht: I really don’t believe that the
nology into the hands of law enforcement. everywhere. If and when that does occur, answer to solving our privacy problems is
They give their list of locations where they when every doorway is rigged with an going to the legislatures with our hats in
think it would be appropriate to place these RFID reader, when every doormat has our hands and asking for help. The one
[tag readers] that—the hair stands up on the one in it, when these are in shelving and role I think is appropriate for legislation is
back of most people’s necks—museums, ceiling tiles, it becomes an issue of distrib- to make sure people know where the
libraries, shopping malls, sports arenas, the- ution and instant computer analysis. RFID tags are. Some consumers will
aters. They even talk about putting RFID choose to embrace them and seek out
readers in public restrooms. The concern is CPU: On the Web site 463: Inside Tech products using RFID. I say more power
that as you walk around, you could be iden- Policy, it states, ‘. . . beyond electronic to them. Other people will choose to
tified with a form of ‘virtual frisk’ based on payments, RFID technology is still a far avoid products containing RFID. But let
all your possessions. That’s why I think ways away from moving from the pallet consumers make that decision. Let the
RFID is particularly insidious—because you to the product level.’ Would you object to marketplace decide.
can do it invisibly, silently, and secretly. No
Under Development
A Peek At What's Brewing In The Laboratory
R
obert and Richard Garriott We’re only now just
have been making video
games together for more
Ri getting out our
online games. Ultima
than 25 years. Richard pub- Online, EverQuest, and
lished his first game, Akala- World Of Warcraft are first-
beth, for the Apple II computer in 1977. generation games, meaning
Robert was an “overeducated” older the teams that made them
brother collecting degrees until he started did not do much before that.
collecting money from Richard’s early They are medieval fantasies where
publishers. Together the Garriott brothers you’re grinding through levels. The
co-founded Origin Systems in 1983. At pace is plodding. You constantly re-
Origin, Richard focused on creating games spawn your avatar. Now with Guild
such as the Ultima fantasy role-playing Wars and City Of Heroes, with
game series; Robert worked on the busi- Auto Assault and Tabula Rasa, these
ness side. In 1992 Electronic Arts bought are more fast-paced games. They’re
the company, but Richard stayed on to action-oriented. The play is more
create Ultima Online. The Garriotts dynamic. The entire stage of the
joined NCSoft in 2001. The Academy of play environment changes over time. but the real number you need to make
Interactive Arts & Sciences and the Game You get story lines. your development costs back is higher.
Developers Choice Awards recently hon-
ored Richard with a lifetime achievement Is there a limited number of people What are some of the opportunities
award. He’s also working on his next
online game, Tabula Rasa (as of this writ-
Q interested in these games? Q for NCSoft in the U.S. market?
ing). Robert is the president and CEO the World Of Warcraft has passed 6 If you look at the fantasy role-
North American subsidiary of NCSoft in
Austin, Texas.
Ro million subscribers, and people
say that it’s the limit. It’s hitting new lim-
Ro playing online game, it’s about
80% of the online games market now.
its every day. In South Korea we did well But as a genre, it’s a very small part of
After 25 years, what are some of with Lineage, another medieval role-play- the overall games market. That’s an
Q the things you’re still learning
about games and who plays them?
ing game. The original game had a great
number of subscribers. Now there are still
anomaly. NCSoft is still the top compa-
ny in the medieval/fantasy role-playing
a lot of concurrent users. When World market. We love it, but there is more we
We get new surprises every year. Of Warcraft came out, people said that can do. There are all these other genres
Ri When we launched Ultima Online
in 1997, we built a virtual landscape. We
Lineage would go away, but both games
still have big numbers.
that no one is doing.
get a million people to move in. But only What’s in the future for online
10 to 20 are in the city. Things go horribly
wrong. And you, as the designer, didn’t Q City Of Heroes has been a suc-
cess for NCSoft even with a
Q gaming?
have any way to communicate to players smaller number of subscribers. How Online invisibility. You used to
what went wrong. We observed emergent
behaviors. We spent a lot of time building
many subscribers do you really need to
make money?
Ro be able to tell who was a com-
puter-controlled, non-player character
things. We built a virtual economy. The and who was a real person. Over time it’s
herbivores would multiply in one area. The About 100,000 subscribers. The harder to tell the difference. You will go
predators would come in and eat the vil-
lagers. Players came out in force and killed
Ro problem is that product develop-
ment costs are skyrocketing. In 2001, it
into the game, and you won’t know who
is real. You can be online, and it’s going
off all of the predators. Then the herbivores cost about $5 million to make a quality to be invisible to the other player, where
would multiply. game. Now it’s $15 million to $25 mil- he can’t tell the difference. ▲
lion. The return on investment has not
What are you trying to do to make gone up three to four times. You still need
Q your games popular? the 100,000 subscribers to make a profit,
Subscribers can go to www.cpumag.com
/cpujun06/garriott for bonus content.