I maintain this site for the service and pleasure of my valued clients and the Internet community.
Send me e-mail
How I Handle Email
Persons who live in the Lake Chelan area are invited to ask advice by phone or e-mail free of charge, or to request an inexpensive house-call. Check the local paper for my phone number, in the classifieds section under Services.
On this site:
PCHelp's Nifty TerraServer Image Grabber (Friday, 16 May 2003; last updated 27 May 2003) I created this page because I was unhappy with the busy, slow-loading Microsoft interface and its lack of really simple, direct input of the desired image parameters. You'll still want to use the MS pages if you're trying to find places by name or address. But if you have a GPS, coordinates of a place of interest, and/or a fair grasp of Latitude and Longitude, the Image Grabber is for you! Also new: the Lake Chelan TerraBrowser.
The Lockdown lawsuit is over. I am eternally grateful to the many people who took up my cause. The outcome was costly, but I did indeed win!
My Response to Andy@Evidence-Eliminator.com (Saturday, 2 February 2002) - Andy wrote to me, looking for approval. I gave him none.
Spyware Trojan Exposed (Thursday, 3 January 2002) Around Christmas, users of certain file-sharing applications began finding a hidden server on their computers. It was being downloaded from the Net and executed by yet another surreptitious process which was installed with new versions of the applications. The trojan was hosted on www.2001-007.com (now defunct), a website of obscure ownership and origin, which was hosted on the same network as the "ClickTillUWin" adware that implemented the suspicious programs. I took an interest, and was amazed to discover that a trojan known for over a week -- even to AV vendors -- was still online. When I contacted the network admins where the trojan was hosted, my call was the first they'd heard of it. No one had acted to see the thing taken offline. The admins at Fastnet had the site shut down within a day. I had meanwhile contacted Michelle Delio of Wired, who tirelessly tracked down the facts, some with my help, and wrote this story, which cast considerably more light into the murk than anyone else had yet managed.
Leaky E-Seller Site Spills All (Tuesday, 19 June 2001) The privacy of thousands of people has been seriously compromised for an unknown period of time -- probably many months -- by the online computer sales operation ComputerHQ.com. When I discovered this company's gross mismanagement of its customers' personal data, I gave them every benefit of the doubt as I sought to help them correct it. I never believed I would be assaulted with lies and misinformation, accused of "hacking" and other illegal acts, essentially made a scapegoat by the company's irresponsible principals. Meanwhile, to date they have done nothing whatsoever to inform their customers of the fact that they were serving-up detailed personal information and credit card numbers by way of a ridiculously simple mechanism -- for which ComputerHQ virtually handed out the instructions on every invoice they shipped.
A very capable trace utility for Internet addresses. Getting unwanted email? Want to track down its source? Want to know whose address that is in Netstat? If you have someone's network name or IP address, you're halfway there. This really cool DOS batch utility will do the rest. It tracks down a wealth of information on any address using standard, totally legal network query utilities. Read about it in detail and download your own copy. I created the Tracer for my own use. Now, I give it away for free.
A really big thank you to Bill Machrone of ZDNet for his 8 November '99 article in PC Week Magazine (recently renamed eWEEK) telling folks about the Tracer. It sent a lot of readers this way, and really started the word spreading. As of midyear 2000, more than 30,000 visitors had downloaded the Tracer.
A Note About The AVP/AVX Confusion (Tuesday, 13 February 2001) Viruses are confusing enough without this...
Buy This Great Product. (Updated Monday, 9 April 2001) Zone Labs produces an excellent personal firewall, ZoneAlarm Pro, and a somewhat less versatile but also excellent free version of the product. I have participated in beta testing of the Pro version and put the free one through its paces too. I have followed the development of this innovative approach to PC security almost since its beginnings, and I can tell you it really is a great product, a true security enhancement. However, ZoneAlarm has had, and does still have, some problems -- mostly minor -- which rightly result in users' efforts to communicate. I have been unhappy, as have others, with Zone Labs' responsiveness (or lack thereof) to its users. More recent indications are that ZL is doing a better job of tech support. But I remain interested in your experiences with Zone Labs and its products. Please let me know if you're getting good results and getting answers when you need them.
Tax? What Tax? (Wednesday, 16 August 2000) I ran afoul of some issues that rightly concern many people, and met with surprising success dealing with them.
UCDWEB.COM scams clients with excessive shipping charges. (Friday, 25 August 2000) In an attempt to buy $30 worth of small, lightweight computer components, I found myself quoted an outrageous $20 for UPS Ground shipping for perhaps a little over 1 lb. of products. The rate calculator at the UPS website estimates a shipping charge of $6.28 for a 2-lb package from their location to mine. The company representative who took my call said it was I who had a problem, not they, and refused to adjust the shipping rate. My response: I canceled my order, of course. And I suggest to others that they carefully avoid Universal Computer Distributing, who are apparently trying to increase their profit margin through intentionally excessive shipping charges. They justify this abusive tactic with the false claim that they have no choice but to quote the same shipping rates for all their customers. An examination of their site reveals patently unacceptable shipping rates listed throughout. Caveat emptor. They aren't the only seller who use this trick on unsuspecting clients. (Saturday, 21 October 2000 - I've had lots of emails about this. It's evidently a real problem to a lot of people. Here's one example, published with permission.)
Check out Steve Gibson's excellent site. His grc.com newsgroups have become a center of discussion of cutting-edge security and privacy issues. I encourage you to visit those newsgroups, especially shieldsup and optout.
Scrap Files? Uh-oh! As I predicted in my Scrap Files writeup, there's now (19 June 2000) a nasty worm propagating via email that's using this tricky file type to disguise itself. It's also using the Windows Scripting Host (see more on that here). Lots of business networks have been hit, and it's a sure thing individual users are executing this destructive email attachment too. Read this page so you know what's possible and so you don't get nailed! And while you're at it, remove the Windows Scripting Host. (If you don't know what it is, you don't need it!)
File and Printer Sharing and The Internet Here's lots of info on this Windows function: How it works, and the pitfalls too.
What is a Firewall? I think lots of folks will find this page enlightening. It's pretty technical stuff, but I think I actually made it almost comprehensible.
Have you ever wondered about those weird links you sometimes see in junk emails? Here's how it's done. I tell you How to Obscure Any URL. This page is, as far as I know, unique on the whole of the Net. It was fun to create; and I was rather surprised at the widespread interest it generated. Numerous people knew all about such things, but apparently hardly anyone had ever bothered to create a decent writeup on the subject. Though I later ran across this page which covers the subject briefly and existed all along, my searches had turned up little besides a handful of dry technical references buried in huge documents. The publication of the URLs page resulted in a great deal of interest and feedback; and with the help of many kind persons, I was able to cover the subject more thoroughly. But for its plain-English prose, the page is a reference work on the methods of URL obfuscation.
Some General Security Advice. I'm often asked about this. Mostly, people want to know what software to use. But even the best security software takes a back seat to the real driver -- you.
The floods of email have convinced me I should make a statement about the criminal charges. However, on advice of counsel I can do nothing more than provide this link to the story, which involves one Agent Parsons. (Satire, based on real emails from a er, reader. By the way, an alert friend has sent me this link to Mr. Parsons' website.)
Who is pchelp?
Softseek.com has placed thousands of its users at serious risk of intrusion. For at least a month, Softseek visitors were directed to a copy of the NetBus trojan in the guise of a security application. Softseek's response to a user's complaint was to send his email address to the malefactor, and to leave the link to the bogus application and its deceptive review on their site! In response to my pressure, they eventually removed the offending link from their directory, but Softseek representative Paul Fitzpatrick refuses to answer the important questions raised by the incident. No one has apologized to the user they may have exposed to retribution, and Softseek has not notified its users that they are potential victims of the hostile application. Softseek is a ZDNet company. (Flash 27 Oct: I've now heard from Bill Machrone, a ZDNet columnist and executive, who assures me action is forthcoming once Softseek's two-person staff returns from a brief absence.)(Update 6 Nov: Paul has responded, unsatisfactorily to say the least. There's really no choice but to recommend users against Softseek. While your average FTP site at least does routine virus scans, Softseek can't be depended upon to list safe applications.)
Back Orifice! This "back door" program has proliferated across the Net and allowed intrusions into Windows systems on an unprecedented scale. YOU need to know how to avoid this thing, and how to detect and remove it. (Yes, I know, there's now a new BO version, Back Orifice 2000. I'll be writing that up in the near future.) This page links to lots more related info, on and off this site.
NetBus! Like Back Orifice, this intrusion tool is in broad use. This page describes several NetBus versions in extensive detail.
The PrettyPark Worm/Trojan. I wrote this up when it first appeared. It's still making the rounds. This page describes PrettyPark, and the .REG file I offer here has rescued a number of people from its Registry tampering. Incidentally, that same .REG file can undo the work of SubSeven and possibly of some other trojans which -- as I predicted -- have adopted its clever method of execution.
I've discovered an infectious worm written in
the VBScript language: VBScript
Worm Infects Open Shares
Also: Why I Published The Network Worm
Lockdown2000 This "security" application needed some close scrutiny. I gave it that.
A warning to ICQ users: There's a lurker trying to con you.
On a lighter note...
The Mystery Cam! With MIDI music, no less. For a while, I had my web-cam turned on, updating this page continuously every 10 minutes. Now there's just a picturesque image of the outdoors at my house.
Archived images from the web-cam are fun to browse. I finally realized I was throwing away lots of nice stuff, and began saving them. Now my handy-dandy webcam app died, so it's been a very long while since I added to these.