Tuesday, April 29, 2008

Can't Log On to Windows XP?

If thats your only problem, then you probably have nothing to worry about. As long as you have your Windows XP CD, you can get back into your system using a simple but effective method made possible by a little known access hole in Windows XP.

This method is easy enough for newbies to follow. It doesnt require using the Recovery Console or any complicated commands. And its free.


Your sole problem is the inability to logon to Windows due to a forgotten password. Heres how to solve this using the Repair function of xp cd with a step-by-step description of the initial Repair process included for newbies.

1. Place your Windows XP CD in your cd-rom and start your computer (its assumed here that your XP CD is bootable  as it should be - and that you have your bios set to boot from CD)

2. Keep your eye on the screen messages for booting to your cd Typically, it will be Press any key to boot from cd

3. Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.

4. When you get to the Welcome to Setup screen, press ENTER to Setup Windows now

5. The Licensing Agreement comes next - Press F8 to accept it.

6. The next screen is the Setup screen which gives you the option to do a Repair.

It should read something like If one of the following Windows XP installations is damaged, Setup can try to repair it

Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.

7. Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.

8. Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically  you will see a progress bar stating Your computer will reboot in 15 seconds

9. During the reboot, do not make the mistake of pressing any key to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will notice Installing Windows is highlighted.

10. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.

11. At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.

12. Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can type control userpasswords2 at the prompt and choose to log on without being asked for password. After youve made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).

13. Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.

I tested the above on Windows XP Pro with and without SP1 and also used this method in a real situation where someone could not remember their password and it worked like a charm to fix the problem. This security hole allows access to more than just user accounts. You can also access the Registry and Policy Editor, for example. And its gui access with mouse control. Of course, a Product Key will be needed to continue with the Repair after making the changes, but for anyone intent on gaining access to your system, this would be no problem.

And in case you are wondering, NO, you cannot cancel install after making the changes and expect to logon with your new password.

Cancelling will just result in Setup resuming at bootup and your changes will be lost.

Ok, now that your logon problem is fixed, you should make a point to prevent it from ever happening again by creating a Password Reset Disk. This is a floppy disk you can use in the event you ever forget your log on password. It allows you to set a new password.

Here's how to create one if your computer is NOT on a domain:


* Go to the Control Panel and open up User Accounts.
* Choose your account (under Pick An Account to Change) and under Related Tasks, click "Prevent a forgotten password".
* This will initiate a wizard.
* Click Next and then insert a blank formatted floppy disk into your A: drive.
* Click Next and enter your logon password in the password box.
* Click Next to begin the creation of your Password disk.
* Once completed, label and save the disk to a safe place

How to Log on to your PC Using Your Password Reset Disk

Start your computer and at the logon screen, click your user name and leave the password box blank or just type in anything. This will bring up a Logon Failure box and you will then see the option to use your Password Reset disk to create a new password. Click it which will initiate the Password Reset wizard. Insert your password reset disk into your floppy drive and follow the wizard which will let you choose a new password to use for your account.

Note: If your computer is part of a domain, the procedure for creating a password disk is different.

Buying a Nokia?? Dont get fooled.

India has the 2nd largest mobile phone subscriber base in the world and we Indians swear by Nokia. A few simple steps to make sure your new phone is indeed new!

You can buy a Nokia cell phone from anywhere, large format retail stores like Croma, your pehchanwala dealer or even the Pan shop! (For the purpose of warranty, any Nokia phone under warranty, if spoilt, has to be taken to a Nokia authorized service center. The shopkeeper will not entertain you)

Coming back to buying, Shopkeepers will not let you open the box, as the seal will have to be removed. That's a good sign. Just keep in mind these things to identify a legitimate phone. All steps pertain to the box as that is all you can see at the time of purchase.

If the box is tampered with, you could end up with one of these circumstances

1. A used phone.

2. Battery or any other accessory replaced or missing. Battery is of utmost significance, as an original battery costs upwards of Rs. 1500. Now, you dont want to end up with a used battery for a new phone.

Please Note: Phones bought in the grey market are also genuine (most of them, if not rip-offs) but are out of warranty i.e. Nokia India will not Honor the 1 year warranty.

1) Just make sure the box is sealed. Nokia has an interesting seal, which when peeled, leaves a chequered impression. The shopkeepers generally put back the sticker/seal, but the chequered impression remains. If you see the chequered impression, it means the seal has been opened.




2) Ask for a Bill (Cash Memo).


3) The official ones (whoz duties have been paid) will have an 'ICA' (Indian Cellular Association) hologram type sticker on the box.




4) And lastly the name of the importer will be mentioned as: Nokia India Pvt Limited at the side of the box.

Saturday, April 26, 2008

Want a Cookie?? Think about it!

.: The Cookie Concept :

The WWW is built on a very simple, but powerful premise. All material on the Web is formatted in a general, uniform format called HTML (Hypertext Markup Language), and all information requests and responses conform to a similarly standard protocol. When someone accesses a server on the Web, such as the Library of Congress, the user's Web browser will send an information request to the Library of Congress' computer. This computer is called a Web server. The Web server will respond to the request by transmitting the desired information to the user's computer. There, the user's browser will display the received information on the user's screen.

Cookies are pieces of information generated by a Web server and stored in the user's computer, ready for future access. Cookies are embedded in the HTML information flowing back and forth between the user's computer and the servers. Cookies were implemented to allow user-side customization of Web information. For example, cookies are used to personalize Web search engines, to allow users to participate in WWW-wide contests (but only once!), and to store shopping lists of items a user has selected while browsing through a virtual shopping mall.

Essentially, cookies make use of user-specific information transmitted by the Web server onto the user's computer so that the information might be available for later access by itself or other servers. In most cases, not only does the storage of personal information into a cookie go unnoticed, so does access to it. Web servers automatically gain access to relevant cookies whenever the user establishes a connection to them, usually in the form of Web requests.

Cookies are based on a two-stage process. First the cookie is stored in the user's computer without their consent or knowledge. For example, with customizable Web search engines like My Yahoo!, a user selects categories of interest from the Web page. The Web server then creates a specific cookie, which is essentially a tagged string of text containing the user's preferences, and it transmits this cookie to the user's computer. The user's Web browser, if cookie-savvy, receives the cookie and stores it in a special file called a cookie list. This happens without any notification or user consent. As a result, personal information (in this case the user's category preferences) is formatted by the Web server, transmitted, and saved by the user's computer.

During the second stage, the cookie is clandestinely and automatically transferred from the user's machine to a Web server. Whenever a user directs her Web browser to display a certain Web page from the server, the browser will, without the user's knowledge, transmit the cookie containing personal information to the Web server.


.: The Dark Side :
Using Find File, look for a file called cookies.txt (or MagicCookie if you have a Mac machine). Using a text editor, open the file and take a look. If you've been doing any browsing, the odds are about 80/20 that you'll find a cookie in there from someone called "doubleclick.net".

If you're like me, you never went to a site called "doubleclick". So how did they give you a cookie? After all, the idea of the cookie, according to the specs published by Netscape, is to make a more efficient connection between the server the delivers the cookie and the client machine which receives it. But we have never connected to "doubleclick".

Close MagicCookie, connect to the Internet, and jump to DoubleClick: Digital Advertising Read all about how they are going to make money giving us cookies we don't know about, collecting data on all World Wide Web users, and delivering targeted REAL TIME marketing based on our cookies and our profiles. Pay special attention to the information at:advertising/howads.htm You'll see that the folks at "doubleclick" make the point that this entire transaction (between their server and your machine) is transparent to the user. In plain English, that means you'll never know what hit you. So what's happening is, subscribers to the doubleclick service put a "cookie request" on their home page for the DoubleClick Cookie.

When you hit such a site, it requests the cookie and take a look to see who you are, and any other information in your cookie file. It then sends a request to "doubleclick" with your ID, requesting all available marketing information about you. (They're very coy about where this information comes from, but it seems clear that at least some of it comes from your record of hitting "doubleclick" enabled sites.) You then receive specially targetted marketing banners from the site. In other words, if Helmut Newton and I log on to the same site at the exact same time, I'll see ads for wetsuits and basketballs, and Helmut will see ads for cameras. If you log in to a "doubleclick" enabled site, and it sends a request for your "doubleclick" cookie, and you don't have one, why each and every one of those sites will hand you a "doubleclick" cookie. Neat, huh? And you can bet they're going to be rolling in the cookie dough.

The main concern is that all this is done without anyone's knowledge. Some people may find the gathering of any information invasive to their privacy, but to the average level headed personal, the use of this information is harmless in itself as long as you know the limitations of these networks, who is collecting what information and for what purpose. On the other hand, what right should anyone have to collect information about me without my knowledge, and why should they break my right to privacy, you have to find the right balance between these views. One of the main issues is awareness.

So much for making the "client-server negotiation more efficient", whatever your view on tracking, the cookie protocol has certainly been manipulated for this use, against its original intent. Note that recent versions of Netscape have an option to show an alert before accepting a cookie and they also allow you to block cookies completely, see the Version 4 update and the Stopping Cookies page for more detailed information.


This is what other surfers did to work around Cookies

A suggested way to handle this was to delete the file and then replace it with a write-protected, zero-length file of the same name. It's not my suggestion (and I don't remember who did suggested it) but I did that on my system and that same zero-length, write protected file is still there. I surf to literally hundreds of WWW pages per month and if any of them handed me a "cookie", it sure didn't take. I can't provide a guarantee that this will prevent someone from handing you a "cookie" but if they do it will be very obvious by the non-zero length file size.


In Internet Explorer

Actually, if you want to keep cookies but want rid of the double-click place and other future invasions in the future, try this: Internet Explorer 3.0 no longer has a single cookies.txt it has a folder in the windows directory with lots of individual txt file inside. Find the double-click one and corrupt it so that double-click recognizes and doesn't replace it but it gives it no information. Then lock the file.


In Netscape

I have found a way to protect myself from the "Cookie Monster". My cookies.txt and netscape.hst files are set to 0 (zero) bytes and are attributed as system, hidden, and read only. This seems to work very well in Netscape Navigator 2.02 (32 bit). You can do the same thing, if you choose. There seems to be a slight problem in some of the sites that will allow you to configure them to your preferences, but I'll trade security for convenience any day. I use an app from Privnet called Internet Fast Forward. It will block out cookies (you can also filter them selectively... let certain cookies for site preferences through, block all others), ad images, images larger than a certain size in KB, images that you select. It's currently in beta, but is a very good app.


.: New Technology or Existing Technology Under Attack
The Cookie Protocol was originally designed for consumer convenience and not to be malicious, the cookie is just another tool on the web, but it is the way in which some sites implement that tool that can cause problems, mainly privacy problems.

But, a coalition of privacy advocates is setting out to change that protocol. A new proposal being put forward to the IETF, as well as the heads of Microsoft and Netscape corporations'. If enforced, it would limit the persistence of cookies and give the user a wider choice of which cookies to allow and from where. If the new specification is implemented as a standard, it will be integrated into all mainstream browsers in time. This would give people wider options in their standard browser, rather than having to purchase additional software.

The IETF (Internet Engineering Task Force) is a non-profit organisation with thousands of members, and currently holds a lot influence on decisions deciding the future of the web, set up October 1996.

Another part of the proposal, would require browsers to at least warn before accepting cookies by default, so that cookies are less transparent to new users, and users currently unaware of cookies. "We want the defaults set in such a way that no one can send you a cookie without you knowing it," said Marc Rotenberg, director of EPIC one of the organisations that supports the new proposal.

Current Organisations backing the new proposal are: Center for Media Education, Computer Professionals for Social Responsibility, the Consumer Project on Technology, the Electronic Frontier Foundation, and the Electronic Privacy Information Center (EPIC).

The most controversial issue of the proposal is the ability to limit or altogether stop cookie requests from third party servers. This is the one feature which additional client software cannot stop. This would throw the future of targeted marketing firms into jeopardy. Many sites now use these companies or use banners from third party servers for their advertising. On a site that obtains its advertisements from a third party server, there would be a request on the page to the other server. Because a cookie can be placed on any object, when the site requests the banner from the other site, it would then read or set a cookie.

The request for the banner then sets a cookie, then returns an advertising image. The cookie with the image request could then record what adverts had been displayed to the user and which banners they had clicked on. If the client went to another site which obtained its adverts from the same server, when that page requested the banner from the third party server it would read the same cookie then it would be able to display adverts which have been customised from the data on the cookie, so they would not see the same adverts again (unless a company paid for it to be displayed again), another variable would be set to the cookie indicating that they have visited that site, all this information gathered can be used to build up a detailed profile of the users likes, dislikes and where they go, so they target advertisement even more accurately at the user. Over a long period of time this would become very accurate. To some people having advertisements that are to their liking are not that bad. Indeed I would rather be downloading a banner that may interest me, rather than an advertisement of no relevance to me at all.

If you think of this information being gathered about you in a central place, it becomes a daunting thought. Even though these targeted marketing companies cannot use a cookie to obtain personal information from your computer like your name or e-mail address, they could however aggregate information you revealed to disparate sites. For instance, if you went to a site with lax privacy standards and decided to submit your name and e-mail address, this information may be passed on and then coupled with a database of your likes, dislikes and advertising statistics. Some contend this does not constitute an invasion of privacy, however the widespread and automated nature of this technology enables the collection of data without people’s knowledge, this certainly takes away the perceived anonymity of the web.

Some people may think this is an invasion of privacy, and others do not, but this proposal will hopefully have the outcome of giving people a choice.

Examples of these so called 'targeted marketing' companies are : Doubleclick, Focalink, Globaltrack, ADSmart, all of these companies use cookies to target advertisements at you, at their enabled sites. If the proposal goes through, and the cookie protocol amended to disallow cookies from third party servers, the future of these targeted marketing companies would be very dark indeed. Currently, the cookies used in targeted marketing are set automatically and can only follow an number of variables, users appear anonymous to these companies unless they voluntarily surrender personal information.

Hopefully the proposal will result in giving you more choice and control over your privacy, because these technologies affect you, people should have the choice of controlling them.

The Persistent Cookie protocol was first developed by Netscape to maintain state in the stateless environment of HTTP. It has turned out to have many uses, good and bad, and many far from its original intent in the first place. The subject of cookies and other invasive technologies has touched on a very controversial issue of privacy, which we have temporally lost on the net. Since they were first introduced a few years ago, the protocol has changed before, in the past any site could view all the cookies in the jar, but this was coupled with more serious and concerning problems in Java. The new proposal will take a lot of time to implement, a lot of hard decisions have to be settled before the resulting standard is set. It has taken until Internet Explorer 6 before Microsoft have taken time to implement P3P. Some of those decisions may effect the futures of a lot of marketing companies, which for now are very secure.

So If cookies are so much of a nuisance why was they developed in the first place?

The first batch of cookies were originally cooked up as simple mechanism to help make it easier for users to access their favorite Web sites without having to go through a lengthy process of identifying themselves every time they visit. For instance, upon your first visit to a given site, you may be asked to reveal your name and perhaps even some personal or financial information required to gain access to that site in the future. The site will then place a cookie containing this information on your system and when you return it will request information based on the cookie to determine who you are and whether you have authorization to access the site.

Unfortunately, the original intent of the cookie has been subverted by some unscrupulous entities who have found a way to use this process to actually track your movements across the Web. They do this by surreptitiously planting their cookies and then retrieving them in such a way that allows them to build detailed profiles of your interests, spending habits, and lifestyle. On the surface, this practice may seem harmless and hardly worth fretting over since the worst thing most imagine is that corporate concerns will use this information to devise annoying, yet relatively innocuous advertising campaigns, targeted towards specific groups or individuals. However, it is rather scary to contemplate how such an intimate knowledge of our personal preferences and private activities might eventually be used to brand each of us as members of a particular group.

But remember a site only knows what information you have entered. Not all cookies are bad, they can also provide useful functions on the web.


(Was jst cleaning up my HDD .. found out this little file which i had compiled from various diff sites.. hope it made an interesting read .. mite be old .. bt this article was missing here...)

Tuesday, April 22, 2008

Shutdown ur PC after a specified time limit

Right click on your desktop and choose "New=>shortcuts".

Step 2:

In the box that says "Type the location of the shortcut",
type in "shutdown -s -t 3600" without the quotation marks and click next.

Note: 3600 are the amount of seconds before your computer shuts down. So , 60secs*60mins=3600secs.

Step 3:

Make up a name for the shortcut and you're done.
You can change the icon by right clicking=>properities=>change icon=>browse.

To abort

To make an abort key to stop the shutdown timer just create another shortcut and make
the "location of the shortcut" to " shutdown -a" without the quotes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~


Here is another trick to shutdown at a specific time, for example you wish to shutdown at 11:35am. Type this in
CODE
start=>Run

Type Code: at 11:35 shutdown -s


to abort

Code:

shutdown -a

all time is in 24hr