Tag Archives: Proprietary software

Directory of Distraction-free Writing Tools

(2009 June: added two no delete editors)

Editors

A working list of tools to reduce writers’ distraction. I’ve been using some of them for a while; I was inspired by Cory Doctorow’s latest post on the matter to collect what I could together. All are free unless otherwise stated. 

No backspace/delete editors

Typewriter “All you can do is type in one direction. You can’t delete, you can’t copy, you can’t paste. You can save and print. And you can switch between black text on white and green on black; full screen and window.” Freeware, all OS.

Momentum Writer Same idea, really. “Momentum Writer is the ultimate tool for distraction-free writing. Like a mechanical typewriter, users are prevented from editing previously written text. There are no specific formatting options, no scrolling, deleting, or revisions. Momentum Writer doesn’t even allow you to use the backspace key. Momentum Writer forces you to write, to move forward, to add new words. It halts the temptation to linger, revise, and correct. Momentum Writer is a typewriter for your PC.” Freeware, for Windows.

Multiplatform

JDarkroom (works on Windows, Macs and Linux, thanks. Tris): “simple full-screen text file editor with none of the usual bells and whistles that might distract you from the job in hand.”

Windows

TextEdit (there seems to be a Mac product of the same name. The Windows website is under reconstruction so I can’t grab a description, but downloads are available.)

NotePad ++ “a generic source code editor (it tries to be anyway) and Notepad replacement written in c++ with win32 API. The aim of Notepad++ is to offer a slim and efficient binary with a totally customizable GUI.”

EditPad “a general-purpose text editor, designed to be small and compact, yet offer all the functionality you expect from a basic text editor. EditPad Lite works with Windows NT4, 98, 2000, ME, XP and Vista.” Lite is free; Pro is $50

PSPad code editor

And some so-called ‘dark room apps’ which blank out the outside world:

WestEdit “a full screen, old-school text editor and typewriter. No fuss, no distractions – just you and your text.”

Dark Room: “full screen, distraction free, writing environment. Unlike standard word processors that focus on features, Dark Room is just about you and your text.”

Q10: “a simple but powerful text editor designed and built with writers in mind.”

Mac

TextMate: “TextMate brings Apple’s approach to operating systems into the world of text editors. By bridging UNIX underpinnings and GUI, TextMate cherry-picks the best of both worlds to the benefit of expert scripters and novice users alike.” ($54)

The Mac dark room is WriteRoom “a full-screen writing environment. Unlike the cluttered word processors you’re used to, WriteRoom is just about you and your text.” ($25)

GNOME etc

image

gedit

Distraction reducers

Write or Die: “web application that encourages writing by punishing the tendency to avoid writing. Start typing in the box. As long as you keep typing, you’re fine, but once you stop typing, you have a grace period of a certain number of seconds and then there are consequences.”

KL’s Airport Gets Infected

image

If there’s one place you hope you won’t get infected by a computer virus, it’s an airport.

It’s not just that the virus may fiddle with your departure times; it’s the wider possibility that the virus may have infected more sensitive parts of the airport: ticketing, say, or—heaven forbid—flight control.

Kuala Lumpur International Airport—Malaysia’s main international airport—was on Friday infected by the W32.Downadup worm, which exploits a vulnerability in Windows Microsoft patched back in October. The worm, according to Symantec, does a number of things, creating an http server on the compromised computer, deletes restore points, downloads other file and then starts spreading itself to other computers.

image

Enlargement of the photo above. The notification says Symantec Antivirus has found the worm, but has not been able to clean or quarantine the file.

KL airport clearly isn’t keeping a tight rein on its security. The virus alert pictured above is at least 12 hours old and the vulnerability it exploits had been patched up a month before. Says Graham Cluley of UK-based security software company Sophos: “What’s disturbing to me is that over a month later, the airport hasn’t applied what was declared to be an extremely critical patch, and one which is being exploited by malware in the wild.”

What’s more worrying is that this isn’t the first time. It’s the first time I’ve noticed an infection on their departures/arrivals board, but one traveller spotted something similar a year and a half ago, with a Symantec Antivirus message popping up on one of the monitors. I saw a Symantec Antivirus message on one monitor that said it had “encountered a problem and needs to close”, suggesting that the worm had succeeded in disabling the airport’s own antivirus defences:

image

So how serious is all this? Cluely says: “Well, it’s obviously a nuisance to many people, and maybe could cause some disruption.. but I think this is just the most “visible” sign of what may be a more widespread infection inside the airport.  I would be more concerned if ticketing and other computer systems were affected by the same attack.”

He points to computer viruses affecting other airports in recent years: In 2003, Continental Airlines checkin desks were knocked out by the Slammer worm. A year later, Sasser was blamed for leaving 300,000 Australian commuters stranded, and BA flights were also delayed.

For me, the bottom line about airports and air travel is confidence. As a traveler I need to feel confident that the people deciding which planes I fly and when are on top of basic security issues. And that doesn’t mean just frisking me at the gate. It also means keeping the computer systems that run the airport safe. This is probably just sloppy computer habits but what if it wasn’t? What if it was a worm preparing for a much more targeted threat, aimed specifically at air traffic?

(I’ve asked KL International Airport and Symantec for comment.)

A Patch in Time?

Further to my earlier post about what I felt was Symantec’s somewhat tardy and insubstantial public response to the discovery of a serious vulnerability in its own Antivirus software, I don’t feel much more at ease after an email exchange with their PR folk. First off, Symantec has, by midday in the Asian day, come up with a fix which can be downloaded here.  “Symantec product and security teams,” the media statement says, “have worked around the clock since being notified of this issue to ensure its customers have the best protection available.”

That’s good. And quick. But not, I fear, good enough in PR terms. Why has Symantec worked around the clock to find a solution but not made the same effort to let interested people know of the problem in the first place? There’s been no press release on the web site, for example, only a media statement emailed to those journalists who enquire. When I asked Symantec’s PR about this. and requesting a comment to my original post, all I got was a copy of the media statement and a link to the original security advisory. So I where I could find the “media statement” online, where customers, readers, users and the media could find it? Their response: “Symantec posts security advisories [here]. Please contact Symantec Public Relations for any information you need.”

Sorry, but I don’t think this is sufficient. Security advisories are for specialists. This is not a specialist problem. It’s a vulnerability that affects everyone who uses the software, and people need to know about it. (A Google search throws up more than 130 stories on the topic.) Symantec, I feel, needs to be upfront about the problem and blanket everyone with information, not bury it. Symantec occupies a hallowed position in the Internet world, since journalists, users and others turn to it for supposedly objective views on the state of Internet security. Symantec makes the most of this position, straddling telling us about the problem and selling us the solution for it.

Perhaps I’m overstating things here, but I feel Symantec has let us down. I need to know that if I’m entrusting Symantec with defending my valuable data and office network, it’s going to tell me if there’s a problem with that defence. It’s no good hiding, as Symantec PR does in its response to my email that “There are no exploits of this vulnerability. Symantec strongly recommends customers to follow best practices and apply the patches as soon as they become available from Symantec.” First off, there are no known exploits. I don’t see how Symantec can be 100% sure of this. One has to assume that if there’s a hole in your defensive wall, someone is going to see it. Especially if it’s been publicised. Now the world has known there is a problem with Symantec’s software since Thursday. It’s now Monday. I’m assuming the bad guys too read these websites and news agencies.

So while the argument that you should throw all your effort into plugging the hole and then telling your customers you’ve built a plug might work if the vulnerability wasn’t publicised, this wasn’t the case. It was splashed all over the shop. Symantec’s position on this process is “that we are responsible for disclosing product vulnerabilities to our customers, but in general, no vulnerability should be announced until we have developed and thoroughly tested a patch and made it available to licensed customers.” (For a list of all Symantec product vulnerabilities, look here.) This clearly wasn’t going to happen here, because the vulnerability was already made public, for better or worse. And the process of “disclosing product vulnerabilities to our customers” seems to be somewhat weak here; if the vulnerability is an obscure one, perhaps an advisory might work. But more people than just a sysadmin needed to know what was happening and yet no one, unless they really looked on Symantec’s site, was any the wiser. Still aren’t, actually, since no press release is available.

Some lessons in here. Sometimes just keeping readers, journalists, bloggers, customers in the loop helps, even when it’s bad news.

Symantec’s Hole

I am starting to be a bit concerned about the future of blogs, but there’s no question a blog is the best way to get information out to people quickly, especially if it’s about the Internet, technology or tech-related stuff. It needn’t be a blog, but it needs to share the blog’s most powerful features – speed, easy to use and easy to find, and deliverable by the best mechanism we’ve come across so far: RSS.

Case in point: Symantec, one of the world’s biggest makers of antivirus software, are red-faced after EEye Digital Security revealed on Thursday that it had found a software vulnerability inside Symantec’s Anti-Virus Corporate Edition 10.0. As darkreading says, the vulnerability  requires no user intervention and could be used to create a worm. This is an important event, and Symantec need to let their customers, and people in general, know about this as soon as possible. So why is the company’s website making no reference to the exploit, except for a “Symantec Client Security and Symantec AntiVirus Elevation of Privilege”, which cannot mean anything to anybody except the smallest circles (an Elevation of Privilege, is, according to Microsoft, “the process by which a user obtains a higher level of privilege than that for which he has been authorized. A malicious user may use elevation of privilege as a means to compromise or destroy a system, or to access unauthorized information.”)

No mention in the heading of a vulnerability, or a problem with the very software that is used by a lot of people. Unless you really know what you’re looking for, the advisory doesn’t really shed much light on the issue. Nor does Symantec’s main website: While the main page includes a link to the advisory under its Recent News tab on the left of the page, with the less than informative “AntiVirus Notice: Norton Customers Not Affected; Advisory for Corporate Customers”, I could find no press release two days after the vulnerability had been found and been acknowledged by Symantec. The latest Symantec news release is from Wednesday, the day before the vulnerability was found, and there’s nothing there I can find that relates in any way to the issue at hand. This despite there definitely being a statement out there, because eWeek quote a statement from a Symantec spokesman sent to the magazine.

I’m requesting a comment from Symantec to see what they say about this. Apologies if I’ve missed something here, but my feeling is that Symantec need to be very upfront about this kind of thing — a vulnerability in a piece of software its customers rely on to keep out the bad stuff — and to inform readers, journalists, users and investors in a faster, more open and more informative way than they did so far. A blog would be the perfect place to start.

Is Antivirus Software Still Up To The Job?

How often do antivirus manufacturers admit that their products are not really up to the challenge anymore?

The only folks I know who do this are those from Trend Micro. I interviewed Steve Chang, its founder, a couple of years back, and he made it clear that antivirus software can’t keep everything out. But it doesn’t always come across quite as frankly as it should. This BusinessWorld piece today makes clear, in an interview with Ah Sin Ang, Trend Micro Incorporated’s regional marketing manager for South Asia, asks the important question, (is there) yet no antivirus software than can protect us from phishing?

Ang’s reply could be more thorough, but it’s probably more honest than some of Trend Micros’ competitors: If you are aware that banks don’t send you these types of emails, you’ll be protected. That’s why Trend Micro emphasizes public education.

He also makes the valid point that ‘antivirus’ is not a particularly useful term anymore: Although anti-virus is a general term for Internet security, we like an antivirus software to clarify what that software means – does it include protection against Trojans, spyware, adware and hackers? Does it block unhealthy sites? Once you get infected, there may be a lot of pop-ups featuring pornographic and gambling sites. A good integrated software must also allow filtering. When you filter, it must also be able to filter spam and phishing.

I think the bottom line is that antivirus software is not doing what its customers think it’s doing. Most of us can’t tell the difference between a worm and a Trojan, and tend to assume that antivirus software will also protect us if we click on something in an email that takes us to an infected site. This is no longer true, if it ever was. Instead, the software gives us a false sense of security. Would we better off not having it, and instead educating ourselves about threats?

More On MyDoom, And Why

It’s not my intention for loosewire to become a realtime virus news service, but this is a special case, so here’s more on MyDoom/Novarg, the worm that I’ve reported on before.

Doom, it seems, is being prepared for the SCO Group, a company that sells Unix software and has been the focus of several Internet attacks, apparently in response to its legal claims that Linux contains software that violates its intellectual property.

Symantec have just upgraded the W32.Novarg.A@mm (also know as W32.Mydoom@mm) from a Level 3 to a Level 4 threat (5 is the highest) based on how fast the threat is spreading, the potential damage and the threat distribution. Like MX Logic it is comparing the worm to Sobig.F@mm — discovered on August 13, 2003 — in terms of the number of folk submitting it: more than 960 in 9 hours.

Here’s some more information on what it may do to you if you’re infected:

  • the worm copies itself to the system folder as taskmon.exe and listens to all TCP ports in the range 3127 to 3198, allowing hackers to potentially send additional files to be executed by your computer;
  • it propagates by sending itself to addresses found in files with the extensions: .htm, .sht., .php, .asp, .dbx, .tbb, .adb., .pl, .wab, and .txt.
  • (and here’s the sting) it will also attempt to perform a denial-of-service attack between Feb. 1 and Feb. 12, 2004 against www.sco.com. The worm creates 64 threads that send HTTP “GET” requests to the SCO site. 

One aspect to this that worries me: I’ve noticed it’s not possible (unless I’m missing something) to increase the frequency of automatic virus library updates with Norton Antivirus. It my view updates should be done everyday: For example, anyone not updating their software in the last few hours will be vulnerable. Yet how many people do that? I’ve noticed my automatic update seems to do so once a week, if I’m lucky. There must be a better way of doing this simple task: How about using Norton’s own Level alert ladder, which could be routinely checked remotely by users’ computers? If there’s a dangerous virus in the wild, the software updates; if not, it sticks to its normal schedule. How about it?

News: More Hacking Woes

 These days the Internet reads like a bad movie script. Reuters reports that security holes in Microsoft’s Internet Explorer browser have been exploited by hackers to hijack AOL instant messaging accounts and force unsuspecting Web surfers to run up massive phone bills. Some Internet Explorer users are also finding that malicious Web sites are secretly slipping trojan programs onto their computers, according to eEye Digital Security, which discovered the original security vulnerability. Such stealth programs can include keystroke loggers that record everything a person types or software to erase the hard drive, among other things.
 
The attacks are accomplished by leading Internet Explorer users to a malicious Web site, either by sending an e-mail with a link to the Web page or distributing a link through instant messaging. When the Web site appears, it downloads code that can execute commands on its own onto the unsuspecting computer user’s machine, according to Copley. An attacker has written a program that uses a security hole in Internet Explorer to hijack an already running AOL Instant Messenger account, changes the password and send a message to the buddies list with a link to the malicious Web page, according to postings on the Bugtraq security e-mail list.

News: Beware Of Patches That Don’t Patch

 From the This Doesn’t Inspire Confidence Dept comes news that a patch recently released by Microsoft to fix a critical security vulnerability in its Internet Explorer browser does not work, according to security experts. CNET says that the vulnerability was discovered by eEye Digital Security around four months ago. The vulnerability in question can be exploited by crafting a malicious HTML file that, when viewed by an Internet Explorer browser, extracts and executes malicious code.
 
Two patches have since been released, but, according to eEye, neither fixes the vulnerability it is supposed to. If you’re worried, disable active scripting in your browser until Microsoft updates the patch. (Go to Tools/Options/Security/Custom Level, and then scroll down until you get to Active Scripting.)

Update: Microsoft Goes Soft in Thailand

 It’d be too much to suggest that Bill Gates reads my column, but Microsoft seem to be buying my idea (well not mine, really) that prices of their software should be geared to what local people can afford. IDG News Service’s Taipei Bureau reports that the US software company has cut the price of its Windows operating system and Office application suite in Thailand. Quoting a report released by market analyst Gartner Inc (it’s an Acrobat PDF file) Microsoft has reduced the cost of an Office and Windows package there for $40 and may do the same thing in China.
 
The move seems to be in the face of a government program which ended up selecting Red Hat Inc.’s Linux operating system and Sun Microsystems Inc.’s StarOffice productivity suite when Microsoft did not at first participate. Windows XP in the U.S. sells for between $85 and $130, IDG says, while Office XP Professional sells for about $250.
 
All this can only be good news, and bad news — eventually — for pirates.
 
 

Update: Beware Worms Carrying Gifts

 You’re probably heard of the computer worm that is seemingly benign: W32.Welchia.Worm targets customers infected with the W32.Blaster.Worm, deletes it, attempts to download the patch from Microsoft’s Windows Update Web site to correct the hole that allowed the worm in the first place, installs the patch, and then reboots the computer. All very nice, on the surface. But then the worm checks for active machines to infect by sending an ICMP echo, or PING, which generates a lot of traffic. That’s where the problem starts.
 
Symantec says it’s been receiving reports of severe disruptions on the internal networks of large enterprises caused by ICMP flooding related to the propagation of the W32.Welchia.worm. (Read: large amounts of unnecessary traffic that slows networks to a crawl.) In some cases enterprise users have been unable to access critical network resources. ”Despite its original intent, the W32.Welchia.Worm is an insidious worm that is preventing IT administrators from cleaning up after the W32.Blaster.Worm,” said Vincent Weafer, senior director, Symantec Security Response. 
 
In large corporations it will take weeks, maybe months to install the original patch. With all this traffic on their networks, Symantec says, those patches can’t be installed. What to do if you’re infected with the W32.Welchia.Worm?  Symantec has posted a removal tool. Use it. There’s no such thing as a nice worm.