Windows XP Hacks, 2nd Edition by Preston Gralla

Internet Explorer has both a static and an animated logo. The static logo displays when the browser is inactive, and the animated logo displays when the browser is locating a site, connecting, and actively downloading pages or images from the Web. Because you have the choice of displaying large or small icons on the Internet Explorer toolbar (to switch back and forth between the two, choose View → Toolbars → Customize → Icon Options → Large/Small icons), there are two sizes of both the static and animated logos.

Before you begin, you’ll need to create new logos to replace the existing ones. You’ll have to create two sets of icons in .bmp format: one set for the smaller logo and another set for the larger logo. Each set will have a static logo and an animated logo. The static logos should be 22 22 pixels for the smaller size and 38 38 pixels for the larger size. The animated logos have to be animated bitmaps, each of which should have a total of 10 frames. So, the smaller animated bitmap should be 22 pixels wide by 220 pixels high, and the larger animated bitmap should be 38 pixels wide by 380 pixels high.

Create the static bitmaps with any graphics program, including the version of Paint that comes with XP. You can also use special icon-creation programs to create your icons, such as Microangelo (http://www.microangelo.us/). See [Hack #19] for more details. (Make sure when using Microangelo to choose Tools → New Image format, which will let you create the icons with the proper pixel dimensions, as explained in the previous paragraph.)

To create the animated bitmaps, you’ll need special tools. Microangelo does a great job of creating them, and that’s your best bet. If you prefer, though, you can create the 10 separate frames for the animated bitmaps in a graphics program such as Paint and then stitch the 10 separate frames together using the Animated Bitmap Creator (http://jsanjuan.tripod.com/download.html), a free command-line program.

To change Internet Explorer’s static logos to your new ones, run the Registry Editor [Hack #83] and go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main

Create two string values named SmallBitmap and BigBitmap and give them each the value of their filename and location, including the full path—for example, C:\Windows\IEbiglogo.bmp and C:\Windows\IEsmalllogo.bmp. As you might guess, the SmallBitmap value points to the smaller logo, and the BigBitmap value points to the larger logo.

To use your new animated logos, go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar

Create two string values named SmBrandBitmap and BrandBitmap and give them each the value of their filename and location—for example, C:\Windows\IEbiganimatelogo.bmp and C:\Windows\IEsmallanimatelogo.bmp. Once again, as you might guess, SmBrandBitmap is for the smaller animated logo and BrandBitmap is for the larger logo.

Exit the Registry and close Internet Explorer. When you next start up Internet Explorer, it should display your new logos. To revert to the default logos, simply delete the values you’ve created.

The Internet Explorer toolbar that sits at the top of Internet Explorer is about as dull as it gets—a plain, solid background, like the rest of Internet Explorer. But it doesn’t have to be that way. You can add any background you want.

First, create the background or use an existing one. The background should be in .bmp format. Create it using a graphics program such as Paint Shop Pro (available from http://www.jasc.com) or Microangelo. See [Hack #19] for more details.

You’ll also find a variety of .bmp files in the C:\Windows folder, so check them out to see if you like any. You might try FeatherTexture.bmp, which you can see in use as an Internet Explorer toolbar background in Figure 4-1. Whatever you choose, though, make sure it’s light enough to show black text and it’s not so busy that you can’t read the menu text that will be on top of it. If you create or use a file that’s too small, Internet Explorer will tile it for you. However, don’t use a bitmap smaller than 10 10 pixels, because all the work Internet Explorer has to do to tile images that small will slow down your web browsing.

Figure 4-1. Internet Explorer with FeatherTexture.bmp as its toolbar background

Once you have a bitmap, run the Registry Editor and go to:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar

Create a new string value named BackBitmapIE5 and give it the value of the filename and location of the background you’re going to use, such as C:\Windows\FeatherTexture.bmp. Exit the Registry and close Internet Explorer. When you next start up Internet Explorer, it will display the background on the toolbar. To take away the background, simply delete the BackBitmapIE5 key.

Internet Explorer’s titlebar displays the text “Microsoft Internet Explorer,” along with the title of the page you’re currently visiting. However, you can change the “Microsoft Internet Explorer” text to any text you want. Run the Registry Editor and go to:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Add a new string value named Window Title and give it a value of whatever text you want displayed in the titlebar. Exit the Registry and close Internet Explorer if it’s open. The next time you open Internet Explorer, the titlebar will have your new text.

If you want your titlebar to have no text in it, aside from the title of the page you’re currently visiting, create the Window Title string value but leave the Value field empty.

If you haven’t upgraded to Windows XP Service Pack 2 (SP2), there’s at least one good reason why you should: Internet Explorer’s built-in pop-up blocker. It does an exceptional job of blocking pop ups, and it lets you allow pop ups from some sites while banning them from all others.

By default, the pop-up blocker is turned on. Visit a site with a pop up, and you’ll see a screen like the one shown in Figure 4-2.

Figure 4-2. Internet Explorer’s notification of a blocked pop up

There are two things of note here. First, at the top of the screen, you’ll see what’s called the Information Bar, which tells you a pop up was blocked. Then, right in the middle of the screen, you’ll see a screen telling you to look at the Information Bar. Clearly, that notification is unnecessary, so select “Do not show this message again” and click OK.

Normally, you don’t want to see a pop up, so you wouldn’t need to do anything else at this point, beyond breathing a sigh of relief that a pop up was blocked. But in some instances, you want to let a pop up through. On occasion, a site will use pop ups for some good purpose—for example, to deliver more information in a small window.

If you want to allow pop ups through from the site, click the Information Bar, and you’ll see the screen shown in Figure 4-3. Choose Temporarily Allow Pop-ups to allow pop ups from the site on just this visit, and choose Always Allow Pop-ups from This Site if you want to always let pop ups from the site through. Whichever you choose, the pop up will be let through immediately.

Figure 4-3. Allowing pop ups just for this visit

If you want to turn off the pop-up blocker altogether, choose Settings → Turn Off Pop-up Blocker. And if you’d like to turn off the Information Bar so that it doesn’t appear when a pop up is blocked, choose Settings and select Show Information Bar for Pop-ups to remove the check next to it.

But what happens if you’ve chosen to permanently allow pop ups from a site and later decide you no longer want to let them through? It’s easy to tell the pop-up blocker to no longer let those pop ups through.

Choose Tools → Pop-up Blocker → Pop-up Blocker Settings. The Pop-up Blocker Settings dialog appears, as shown in Figure 4-4.

Figure 4-4. Customizing your pop-up settings

All the sites you’ve decided to allow pop ups from are in the “Allowed sites” box. To no longer allow pop ups from any of those sites, highlight the sites and click Remove. If you want to allow more sites than those shown here, type each site into the “Address of Web site to allow” box and click Add.

You can also tell Internet Explorer how aggressively to block pop ups, by choosing a different filter level from the Filter Level drop-down box. There are three levels you can choose:

Finally, the screen lets you choose to play a sound when a pop up is blocked. It also gives you the option of having the Information Bar be displayed when a pop up is blocked.

If you don’t have SP2, you’ll still want to block pop ups, of course. There are many for-pay pop-up killers, but if you don’t want to spend the cash, you can get an excellent one for free: EMS Free Surfer mk II, shown in Figure 4-5. It lets you set several levels of pop-up protection—you can block all pop ups or only those that appear to be unwanted—and you can turn it on and off with a click.

Figure 4-5. EMS Free Surfer mk II

It has other helpful tools as well, such as letting you shut every open instance of Internet Explorer with a single click, and it includes an add-in that will clean out your system cache and list of recently visited sites. Get it at http://www.kolumbus.fi/eero.muhonen/FS/fs.htm. (Don’t confuse it with a related product, EMS Free Surfer Companion, which offers more features than the free version and costs $20.) Another good pop-up blocker is Pop-Up No-No!, available from http://www.popupnono.com. It blocks Flash animation ads, as well as pop ups. (For more details, see [Hack #42] .)

Here’s one way to get rid of pop-up annoyances: skip Internet Explorer altogether! Opera, Mozilla, and Firefox all include built-in pop-up killers as a menu option.

A year or more ago, the most obnoxious pop ups of all started to appear on computer users’ screens: pop ups that aren’t connected to a browser, that appear even when you’re not surfing the Web, and that show up in a text-message window for no apparent reason. You’ve taken no conceivable action that could have caused them to appear, such as visiting a web site. And yet there they are.

These text pop ups use XP’s Messenger service, which was designed for sending notifications over internal local area networks—for example, when a network administrator wants to notify network users that a server is about to go down, or when you’re notified that a printer has completed a job of yours.

But spammers took hold of the technology and now blast out text pop ups to IP addresses across the Internet. How ubiquitous are these pop ups becoming? When I bought a new laptop, within 10 minutes of turning it on for the first time I had received my first Messenger service pop up.

To kill these pop ups, disable the Messenger service. Run the Services Microsoft Management Console by typing services.msc at a command prompt or the Run box and pressing Enter. Double-click the entry for Messenger, choose Disabled as the Startup type from the screen that appears, and click OK. Pop ups will no longer get through. Unfortunately, neither will any network messages from administrators if you’re on a LAN.

If you’re running a router at home that allows you to block ports, you can kill these messages by disabling port 135. How you do this varies according to your router. To do it on some models of Linksys routers, go to the router administrator screen and choose Advanced → Filters. In Filtered Private Port Range, choose Both, and for the range, type 135 twice. Click Apply. The pop ups should now be disabled.

By the way, another good reason to download and install SP2 is that it automatically turns off Messenger Service pop ups.

Web bugs are one of the more pernicious ways your online activities can be tracked, no matter which browser you’re using. Sometimes, the web site the bugs send information to isn’t the one that contains the web bug; for example, a web bug might send information back to an online advertising network.

Web bugs are surprisingly common. The Cyveillance technology and analysis company found that their use grew nearly 500% between 1998 and 2001. Web bugs can send the following information back to a server:

A free piece of software called Bugnosis (http://www.bugnosis.org) will alert you whenever it comes across web bugs on pages you visit. It reports on the URL the bug reports to, and, for some bugs, it will let you click a link it creates so that you can send an email of complaint to the web site that runs the bug. It runs inside Internet Explorer as a toolbar, and doesn’t work with any other browsers.

The software can’t actually protect you against web bugs, but it can alert you when you visit pages that use them, so you’ll know if you want to stay away from them in the future. When you visit a site, the Bugnosis toolbar reports on the number of suspicious items that might be web bugs. To see detailed information about each suspicious item and web bug, click the down arrow next to the Bugnosis logo and choose Bugs Found in This Session. You’ll see a list of every suspicious web bug, as you can see in Figure 4-6. Click the item, and you’ll see a more detailed description, and an analysis on whether the item is truly a web bug, or only suspicious.

Figure 4-6. Bugnosis in action

Bugnosis can’t actually block web bugs; it can only alert you to their presence. If you want your privacy protected when you surf the Web, your best bet is to surf anonymously [Hack #36] .

Spyware is becoming ubiquitous and nastier as well. But you don’t have to be a victim; there’s a good deal you can do to protect yourself:

One of the best and most popular free ones is Ad-Aware, available from http://www.lavasoft.de. It checks your system for spyware, finding not only program files, but also Registry entries and cookies, as shown in Figure 4-7. After it does a check, you can choose which spyware problems you want the program to fix, and it’ll go about its work, deleting files, folders, and cookies, and fixing Registry entries. Because no one spyware-killer is perfect, I suggest getting another free one, Spybot Search & Destroy, from http://www.safer-networking.org/en/index.html. Use both of them regularly to keep your system clean.

Figure 4-7. Finding and deleting spyware on your system with Ad-Aware

Ad-Aware and Spybot Search & Destroy do good jobs of finding and killing spyware after it’s already infected your system. But better still is to get software that will stop the infection altogether. An excellent one is Webroot Spy Sweeper, available from Webroot Software at http://www.webroot.com. You can download it and try it for free; if you continue to use it, you have to pay $19.95 per year. It does an excellent job of warning you when spyware tries to infect your system, and then stops it. It will also warn you when any program tries to start up automatically when XP starts, and when any program tries to change your home page. And like Ad-Aware and Spybot Search & Destroy, it will scan your system for spyware and then eradicate it as well. Figure 4-8 shows the program’s configuration screen.

Figure 4-8. The Spy Sweeper configuration screen

Ad-supported programs can include spyware, though not all do. Check out the Index of Known Spyware page run by Gibson Research at http://grc.com/oo/spyware.htm for a list of spyware programs.

A personal firewall will let you block any program on your system from contacting the Internet without your approval, so you can use it to block spyware. XP’s Windows Firewall doesn’t have this capability, so you can’t use it to block spyware.

Pop-up ads are a common way of delivering spyware. Click a pop up, and you might get infected with spyware. So, kill pop ups. For details, see [Hack #33] .

A web site might attempt to download software to your PC without your knowledge, and it might carry a spyware payload. Install SP2; it includes a download blocker. Additionally, the Firefox browser [Hack #43] includes a download blocker as well.

Antivirus software protects you against some spyware, so make sure you run antivirus software and keep it updated.

You’re not locked into IE’s preset levels of cookie-handling. If you like, you can customize how it handles cookies so that you can, for example, accept or reject cookies from individual sites, or accept or reject all first-party and third-party cookies.

To accept or reject all cookies from a specific site, choose Tools → Internet Options → Privacy → Sites. You’ll see the Per Site Privacy Actions dialog box, as shown in Figure 4-10. Type in the name of the site you want to accept or block cookies from, and click either Block or Allow.

Figure 4-10. The Per Site Privacy Actions dialog box

To customize how you handle first-party and third-party cookies, choose Tools → Internet Options → Privacy → Advanced. Check the “Override automatic cookie handling” box, as shown in Figure 4-11. You can accept or reject all first-party or third-party cookies, or be prompted whether to accept them. You can also decide to always allow session cookies , cookies that last only as long as you’re on a specific web site and are deleted once you leave the site.

Figure 4-11. The Advanced Privacy Settings dialog box

Although some cookies can be intrusive, some can be helpful. They can log you into web sites automatically and customize the way you use and view the site. So, when you buy a new PC, you might want to export cookies from an older computer to it. If you have more than one PC, you might want all of them to have the same cookies. And you might want to back up your cookies for safe-keeping in case you accidentally delete the wrong ones.

To export or back up cookies from IE, choose File → Import and Export. The Import/Export Wizard will launch. Choose Export Cookies and follow the directions. A single text file containing all your cookies will be created in My Documents, though you can choose a different location for them. To import cookies, launch the Import/Export Wizard, choose Import Cookies, and browse to the location where the cookie file has been stored.

You can’t examine and delete your cookies from within Internet Explorer. However, because XP stores each IE cookie as an individual text file, you can read them and delete them just as you would any other text file. Go to C:\Documents and Settings\<Your Name>\Cookies in Windows Explorer, and you’ll see a list of individual cookies in a format like this:

               your name@abcnews.com[1].txt

As a general rule, the name of the web site or ad network will be after the @, but not always—sometimes it will merely be a number. Open the file as you would any other text file (in Notepad, WordPad, or another text editor). Usually, there will be a list of numbers and letters inside, though you might find other useful information in there—for example, your username and password for the web site. If you don’t want the cookie on your hard disk, simply delete it as you would any other text file.

Netscape Navigator and Mozilla handle cookies differently than Internet Explorer. They store all cookies in a single file, cookies.txt, typically found in C:\Documents and Settings\<Your Name>\Application Data\Mozilla\Profiles\default\********.slt, where ******** is a random collection of numbers and letters. So, the directory might be C:\Documents and Settings\Name\Mozilla\Profiles\default\46yhu2ir.slt. If you’ve set up different Netscape/Mozilla profiles (Tools → Switch Profile → Manage Profiles → Create Profile), cookies.txt won’t be in the default subfolder, but under each profile’s name. You can open the file and see each individual cookie. You can’t however, delete individual entries from the file by editing this file. Instead, use Netscape’s built-in Cookie Manager (at Tools → Cookie Manager → Manage Stored Cookies) to read and delete cookies.

In Firefox, you’ll find the cookies.txt file in C:\Documents and Settings\<Your Name>\Application Data\Mozilla\Firefox\Profiles\default.xxx, where xxx is a random collection of three letters. Use Firefox’s built-in Cookie Manager (Tools → Options → Privacy) to read and delete cookies.

The tools built into XP for managing cookies are reasonable, but for the most flexibility in handling cookies you should get a third-party cookie manager. My favorite (and my editor’s favorite) is Cookie Pal, available at http://www.kburra.com. It lets you easily customize which sites you’ll allow to put cookies on your PC, and it includes a cookie manager that lets you read and delete cookies. It also lets you accept or reject cookies on a case-by-case basis as you browse the Web. If you use browsers other than IE, you might be out of luck, though. As of this writing, Cookie Pal works only with Versions 3 and 4 of Netscape Navigator and Versions 4, 5, and 6 of Opera. (Mozilla and later Netscape versions have similarly good managers built in, as mentioned earlier.)

Online ad networks have the potential to create in-depth, privacy-invading profiles of your web travels and personal interests because they can place a single cookie on your hard disk that will track you across multiple sites. Normally, sites can’t share cookie information with each other, but ad networks have found a way around this, so they can aggregate your behavior from many web sites.

You can fight back by opting out of some of the biggest online ad networks. You’ll have them place an opt-out cookie on your hard disk that will tell the various sites not to track what you’re doing; this will go a long way toward protecting your privacy.

To opt out of the DoubleClick online advertising network, go to http://www.doubleclick.com/us/corporate/privacy/privacy/ad-cookie/ and click the Ad Cookie Opt-Out button at the bottom of the page.

To see whether the opt-out worked, if you’re an Internet Explorer user, go to your cookies folder, which is typically C:\Documents and Settings\<Your Name>\Cookies. Look for a cookie named your name@doubleclick[1].txt—for example, preston gralla@doubleclick[1].txt. The contents of the cookie should look something like this:

id OPT_OUT doubleclick.net/ 1024 468938752 31583413 3447013104 29418226 *

In Netscape Navigator, your cookies.txt file is typically found in C:\Documents and Settings\<Your Name>\Application Data\Mozilla\Profiles\default\********.slt, where ******** is a random collection of numbers and letters. So, the directory might be C:\Documents and Settings\Name\Mozilla\Profiles\default\46yhu2ir.slt. Look in the file for an entry that looks like this:

.doubleclick.net    TRUE   /    FALSE  1920499138      id       OPT_OUT

You can instead use Netscape’s built-in Cookie Manager to examine the cookie, by choosing Tools → Cookie Manager → Manage Stored Cookies.

Some other advertising networks let you opt out as well. For details, go to http://www.networkadvertising.org/optout_nonppii.asp and follow the instructions for opting out. To verify that you’ve successfully opted out of the other ad networks, click the Verify Cookies menu item on the left part of the page.

If you don’t want to go to the hassle of installing a client—and if you don’t want to pay for software—to surf anonymously, go to Anonymizer.com (http://www.anonymizer.com). In the box near the top of the page, type the name of the site to which you want to surf, and you’ll head there anonymously. The proxy server will grab the page for you, and you’ll get the page from the proxy server. You can also download a free version that runs as a toolbar in Internet Explorer. Surf as you would normally, and you’ll visit those web sites directly. When you want to visit a site anonymously, click a button and the anonymous proxy server will do the work for you.

A fuller version of the program is available on a subscription basis for $29.95 per year or $9.95 for three months. It blocks banner ads, stops pop ups, encrypts the URLs you type so that they can’t be read by your ISP or network administrator, and adds a few other features as well. I don’t find the extra features worth the money, but if these kinds of things are important to you, go ahead and spend the money. (To learn how to block pop ups, turn to [Hack #33] .)

If you want to surf anonymously, you don’t have to pay a service. With a bit of hackery, you can use Internet Explorer, or any other browser. To do it, you use an anonymous proxy server to sit between you and the web sites you visit.

To use an anonymous proxy server in concert with your browser, first find an anonymous proxy server. Hundreds of free, public proxy servers are available, but many frequently go offline or are very slow. To find the best one, go to http://www.atomintersoft.com/products/alive-proxy/proxy-list. The web site lists information about each server, including its uptime percentage and the last time the server was checked to see if it was online.

Find the server with the highest percentage of uptime. Write down the server’s IP address and the port it uses. For example, in the listing 24.236.148.15:80, the IP address is 24.236.148.15, and the port number is 80.

In Internet Explorer, select Tools → Internet Options, click the Connections tab, and click the LAN Settings button. Check the “Use a proxy server for your LAN” box. In the Address field, type in the IP address of the proxy server. In the Port field, type in its port number. Check the “Bypass proxy server for local addresses” box, as shown in Figure 4-13; you don’t need to remain anonymous on your local network.

Figure 4-13. Setting up Internet Explorer to surf the Web anonymously

Click OK and then OK again to close the dialog boxes. Now when you surf the Web, the proxy server will protect your privacy. Keep in mind that proxy servers can make surfing the Web much slower.

If you prefer to install software, get Steganos Internet Anonym 5 (http://www.steganos.com/en/sia). In addition to anonymous proxy serving, it kills pop ups and manages cookies. You can try it for free, but if you want to keep it you’ll have to pay $29.95.

Phishing attacks are scary stuff, but you don’t have to be victimized. In fact, there are several things you can do to make sure you never get reeled in.

First, you can use a simple bit of JavaScipt code to find out the real URL of the site you’re visiting. Type the following JavaScript into your browser, and press Enter:

javascript:alert("Actual URL address: " + location.protocol + "//" + 
location.hostname + "/");

A small window will pop up in the middle of your browser, telling you the actual web site you’re visiting, as shown in Figure 4-16. Examine the URL, and you’ll see whether you’re really visiting the site you think you’re visiting. If the address in the window doesn’t match what you see in your browser, get thee somewhere else because it’s a phishing attack.

Figure 4-16. JavaScript proof of a fraudulent site

You can also use this JavaScript code, which will do the same thing as the previous code, but adds a little bit of extra information:

javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + 
location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\n
If the server names do not match, this may be a spoof.");

As shown in Figure 4-17, this pop-up window includes the real URL of the site you’re visiting, as well as the URL displayed in the address bar.

Figure 4-17. More information from more JavaScript

Of course, it’s unlikely that you’re going to memorize either piece of code and have it on hand every time you visit a web site you worry might be a spoof. So, there’s a simpler solution. You can get a nifty, free add-in that will report to you on the real URL of the site you’re visiting.

SpoofStick (http://www.corestreet.com/spoofstick) is a free add-in to both Internet Explorer and Firefox that detects phishing attacks. It installs as a toolbar in either browser, so you can turn it on and off when you want. When you’re on a site and you’re not sure whether the site is a spoof, turn on the SpoofStick toolbar by choosing View → Toolbars → SpoofStick in either browser. The SpoofStick toolbar will appear, as shown in Figure 4-18, displaying the site’s real URL. If the site is a spoof, leave it as quickly as you can; you’re about to be victimized by a phishing scam.

Figure 4-18. SpoofStick’s evidence of a phishing scam

You can customize the size and color of the “You’re On” message by clicking the Options button, choosing Configure SpoofStick, choosing the size (small, medium, or large) and color of the message, and clicking OK.

To turn off the toolbar, choose View → Toolbars → SpoofStick.

EarthLink, a popular Internet Service Provider (ISP), also offers a free antiphishing toolbar, though it works only with Internet Explorer, not Firefox. Head to http://www.earthlink.net/home/tools and download and install the EarthLink Toolbar. Whenever you visit a site that might be fraudulent, you’ll be redirected away from the phishing site and instead sent to the web page shown in Figure 4-19.

Figure 4-19. EarthLink Toolbar’s ScamBlocker

If you want to live dangerously by visiting the site even after receiving this warning, click the button at the bottom of the page that reads “Continue to this potentially dangerous or fraudulent site.” Even if you click, you won’t be sent there unless you also turn off the toolbar’s ScamBlocker feature (click the ScamBlocker button so that it turns red).

Which toolbar should you use? I prefer SpoofStick. EarthLink’s toolbar works by checking to see whether the site you’re visiting is on a list it has of potential spoof sites. And if you’re one of the first potential victims and the site hasn’t yet been added to the list, you’ll be allowed through, but you’ll think you’re safe.

Of course, the paranoid among us might prefer to use both.

The tools in this hack will go a long way toward making sure you’re never the victim of a phishing scam. But you should also take these precautions as well:

To help protect others and set the law enforcement dogs on the phishers, forward the email to the Anti-Phishing Working Group at reportphishing@antiphishing.com, send a copy to the Federal Trade Commission at spam@uce.gov, and file a complaint with the FBI’s Internet Fraud Complaint Center at http://www.ifccfbi.gov.

To save your current web page to your hard disk so that you can read it again in Internet Explorer when you’re not connected to the Internet, choose File → Save As. You’ll be given several options for how to save it. If you’re not planning to edit the HTML of the file, your best bet is to save it as a “Web Archive, single file” (.mht). That way, you don’t clutter up your hard disk with extra folders and files stored in different locations; everything is saved to a single file. Saving it as a “Web Page, complete” stores the HTML file as well as associated graphics, in a folder structure. Saving it as a “Web Page, HTML only” saves just the HTML file itself, with no associated graphics and no folder structure. You can also save it as a text file, but if you do, expect to spend time cleaning it up because it saves all the text on the page, often in an unstructured way. To read the page after you’ve saved it to your disk, choose File → Open, browse to the directory where you’ve saved the page, and open it.

There are times when you want to save not just the page you’re on, but also the pages linked off it. To do that, you’ll have to save your pages another way. First, save the page to your Favorites list by pressing Ctrl-D or choosing Favorites → Add to Favorites. Then, right-click the page where it’s listed in Favorites and choose Make Available Offline. A wizard will appear. Follow its instructions, and when you get to the screen shown in Figure 4-20, tell it how many links deep you want pages saved. Be very careful when doing this, because even choosing to keep one link level can take up a substantial amount of hard-disk space.

Figure 4-20. Saving web pages offline several links deep using the Offline Favorite Wizard

When you finish the wizard, you’re asked how you want to synchronize the page or pages you’ve chosen to save to disk. When you synchronize a web page, IE grabs the latest version of the page or pages and overwrites your existing page or pages. If you want to keep a permanent copy of the page or pages, and you don’t want them updated, choose “Only when I choose Synchronize from the Tools menu.” Then, simply don’t synchronize the page. If you do want to synchronize the page so that a more current version is available on your hard disk, choose “I would like to create a new schedule,” and follow the instructions for creating a schedule.

If you need to save many web pages and want to be able to search through them by full-text or keyword searches, you’ll have to use a third-party program. A very good one is SurfSaver, available from http://www.surfsaver.com (see Figure 4-21). It integrates directly into Internet Explorer and lets you save pages in separate folders within the program. You can add keywords and notes to each page, and then search by keyword or full text, or browse by folder.

Figure 4-21. Saving web pages in a database with SurfSaver

When you visit a web page you want to save locally, right-click the page, choose SurfSaver Save, and choose which SurfSaver folder you want to save it in. You can save the page with or without graphics. When you want to search, right-click the page, choose SurfSaver Search, and then search by keyword, through notes, or through the full text on the page to easily find the page and information you want. SurfSaver also integrates directly with the freeform askSam database. It’s shareware; you can try it out for free, but if you continue to use it, it costs $19.95.

My current favorite of these programs is Onfolio, shown in Figure 4-22. Like SurfSaver, it integrates with Internet Explorer, although it also integrates with Firefox, and it can work independently of a browser as well. It’s more visually pleasing than SurfSaver, makes it easier to organize your pages in folders and subfolders, and it includes excellent search tools. When you want to save a web page locally, press F9, or drag the address bar to Onfolio.

Figure 4-22. Onfolio, which makes it easy to browse to pages you’ve saved offline

Onfolio is shareware, and is free to try, but it costs $49.95 if you decide to keep it. Get it from http://www.onfolio.com.

As the name implies, this section lets you customize Internet Explorer’s interface. This section, as a whole, lets you create your own customized version of Internet Explorer. For example, you can create a version of IE specifically for one of your children—take a digital photo of her and use it as the background for the toolbar, crop a headshot photo of her and use it as the animated custom logo, and change the browser title to put her name on it. You can make three types of tweaks in this section:

This section lets you customize Internet Explorer’s connection settings, which you would otherwise have to go to several places to set:

This section is mainly for administrators, so if you don’t need administrative tools you can pretty much forgo it. If you are an administrator, it will let you specify IE settings for multiple machines, such as setting a home page for all, specifying a URL they will go to when Help is chosen, and populating their Favorites with those of your choice. If you run a small business, you can use these settings to build a business-specific browser for all your employees. For example, set the home page to be your company’s home page or populate Favorites with intranet pages or other pages your employees need to access regularly, such as benefits information:

Here’s where to set Internet Explorer security settings. You can change these settings from directly within Internet Explorer just as easily as changing them here—unless you need to change the settings for several accounts, in which case this is the place to go.

Once again, this section is mainly for administrators. It lets you change default programs for multiple machines. So, for users who require only a simple email program, you can set the default to be Outlook Express. For other users, you can set it as Outlook or a third-party email program.

By default, IIS uses the C:\Inetpub\wwwroot directory for your web site. However, you’ll most likely want to change that directory to one that better matches your own PC setup. To change it, launch the MMC snap-in as detailed earlier in this hack, then right-click Default Web Site and choose the Home Directory tab, shown in Figure 4-25. In the Local Path box, type in or browse to the directory you want to use.

Figure 4-25. The Default Web Site Home Directory tab

If you want to use a directory on another computer located on the network, select “A share located on another computer.” The Local Path box changes to Network Directory, and the Browse button changes to a Connect As button. Type in the directory information from the other computer, then click Connect As to use your logon credentials to use the network share.

This tab also lets you do a redirect of your web site so that when people visit your web site they’ll be redirected to another site. That site doesn’t have to be on your network; it can be any location on the Internet. This option is most useful when you move your web site to another URL but want those who use the old URL to be able to access it. To do a redirect, select “A redirection to a URL.” The screen will change to the screen shown in Figure 4-26.

Figure 4-26. Redirecting to a URL

You have three options for your redirect:

They’re the bugaboo of every web site administrator—people who mistype URLs and get the dreaded “404 The page cannot be found” error. For example, if a person wanted to visit http://www.gralla.com/mybio.htm, but instead typed http://www.gralla.com/myboi.htm into his browser, he’d get an error message. And I’d lose a visitor.

Solve the problem with URLSpellCheck for IIS (http://www.port80software.com/products/urlspellcheck/). It redirects misspelled URLs to the right page so that your visitors don’t get error messages. It fixes instances in which an extra character is put into the URL, characters are transposed, a character is missing, or the wrong character is typed. It will also fix instances when the incorrect extension is typed.

The program runs as a snap-in to the MMC. Highlight your web site in the MMC, right-click the Properties button, and click the URLSpellCheck tab. From there, you’ll be able to enable or disable the program.

URLSpellCheck is shareware and free to try, but if you use it for more than 30 days you’re expected to pay $49.95.

When you run a web site, three issues top your list of concerns: how to preserve bandwidth, how to reduce the performance load on your PC, and how to make the site load faster for visitors.

Here’s a three-for-one solution: use caching properly. When visitors come to your site, have them use cached images such as logos, navigation bars, and similar content from their own PC, instead of hitting your server every time. When you do this, after they retrieve the image for the first time, each subsequent time they need to get the image it’s retrieved from their own PC, rather than your server. Their pages load faster, your PC doesn’t have to serve up as much content, and you don’t use as much bandwidth.

To make sure your site uses caching, try CacheRight (http://www.port80software.com/products/cacheright/). Like URLSpellCheck, it runs as a snap-in to MMC. To use it, highlight your web site in MMC, right-click the Properties button, and click the CacheRight tab. From there, you’ll be able to enable or disable the program, as well as set options for how the cache should be used. The main option you’ll set is expiration policies for the cache—in other words, at what point the visiting browser should check your web site to see whether the content the browser has cached is old and needs to be updated. You set the amount of time, such as a week, and set when that time should start, either the last time the browser visited your site or the last time you modified the cached content. I prefer to use the start time as the last time I modified the cached content; that way, browsers won’t unnecessarily try to get content from my site.

CacheRight is shareware and free to try, but if you use it for more than 30 days you’re expected to pay $149.95.

If you’re looking for a free way to kill ads, using a HOSTS file is a great solution. This technique takes advantage of the fact that few web sites host their own ads. Instead, they generally use ad servers that deliver the ads. There aren’t very many of these ad servers, so if you block those servers from delivering content to your PC, you’ll block most of the ads on the Internet.

First, some background about HOSTS files. When you type in a URL such as http://www.oreilly.com, your PC needs to translate those letters into a numeric IP address that it can understand, such as 208.201.239.37. Doing this is called name resolution. DNS servers on the Internet provide name resolution automatically and behind the scenes as you surf the Web.

When you type in a URL, before your PC contacts a DNS server it looks at a HOSTS file on your PC. If it finds the domain name and IP address there, it uses the IP address it finds. If it doesn’t find the domain name and IP address, it goes out to a DNS server. Because your PC first looks to the HOSTS file for name resolution, you can use that file to block ads.

The HOSTS file is a plain-text file you can create or edit with a text editor like Notepad. The file has no extension; it is named only HOSTS. You’ll find an existing HOSTS file in C:\Windows\System32\Drivers\Etc\HOSTS. (In Windows XP Professional, it is located in C:\Winnt\System32\Drivers\Etc\HOSTS).

Each line in the file consists of an IP address and a domain name, like this:

208.201.239.37       oreilly.com 
216.92131.107        simtel.net

When you type in an address such as http://www.oreilly.com, your PC looks in the file, sees that its IP address is 208.201.239.37, and then sends you there.

Every HOSTS file also has one default entry:

127.0.0.1      localhost

127.0.0.1 is a special IP address called a loopback because it refers back to your local computer, not to the Internet or a network. It’s used by developers to test network software without having to be being physically connected to a network. But you can also use the loopback address to prevent web ads from displaying.

To use the HOSTS file to block ads, you edit the file by adding individual entries for each ad server, and then associating those entries with the loopback address—your own computer. So, when you visit a site with ads, your PC looks at the HOSTS file, finds the entry for the ad server, but never visits the ad server because it’s instead redirected to the loopback address. So, the ads are never displayed, and your travels aren’t tracked.

For each ad server you find, create a line in your HOSTS file, like this:

127.0.0.1      ads.doubleclick.net

Double-click is one of the largest ad servers on the Internet, so this entry will block a significant number of ads.

How to find ad servers? In your browser, right-click an ad and select Copy Shortcut. That’ll put the ad’s URL into the Windows Clipboard. Then you can paste it into your HOSTS file. Make sure to include only the domain name portion. So, for example, when you right-click an ad and copy its location, you might get a very long entry, like this:

http://ar.atwola.com/link/93182535/html?badsc=B0Q0AoVXYvX-nBcuskw4IZTGAt
-b7n1Q2V6vctHpvtzTK5RxgZIq9FU6ESe4QfJ7ELVJ3ENBHgvUkPknRBjhXGQIU32DP3fv_uj-LT3lA5W
-A3k5mRc7pQl6QXJ6G9mgrNblbJDXkPLBNqQXvIwmZby-bDLeZvaX9kP33Xk0XAO5jQ
-u5hUSd4k7tpzXK8soyJBOZQ3lNAt5qcj8tMoKpLG_tKza0JSChRrO8af31JSM5
-UX69B1BFEpSfUmp4ZfT5XLEI35bYTQoHS6tbTvZRcK7C8YjgqxdH

In your HOSTS file, though, use only the domain name. So, this would be your entry in the HOSTS file:

127.0.0.1      ar.atwola.com

It can be almost impossible to compile a list of most of the ad servers on the Internet like this. And because the servers change constantly, you’d have to constantly try to keep it up-to-date. So, instead of trying to do it yourself, you can go to a web site that has a HOSTS file with hundreds of entries Go to http://everythingisnt.com/hosts, and you’ll see a page filled with HOSTS entries for ad servers. Copy and paste it into your own HOSTS file. (For more information about HOSTS files and ad blocking, see http://www.everythingisnt.com/hosts.html.)

How well does it work? Take a look at before-and-after screenshots. Figure 4-27 shows a CNN page with no ad blocked; Figure 4-28 shows the same page with the banner ad blocked by a HOSTS file. Also note that the browser’s built-in pop-up blocker blocked a pop up.

Figure 4-27. A normal CNN page, with no ad blocking

Figure 4-28. A CNN page with ads blocked by the HOSTS file

The HOSTS file does a good job of blocking ads, but it’s far from perfect. If, for example, ads are being delivered from the same domain as the web page you’re visiting, ads won’t be blocked. Also, if the ad server is not on your HOSTS list, you won’t be able to block it. Furthermore, the technique might not block some of the more obnoxious ads on the Internet, such as Flash-based animations.

You can buy ad-blocking software for more effective ad blocking, or download free ad-blocking software. But you might not need to buy or download extra software because your software might already include it. For example, if you use the for-pay version of the ZoneAlarm firewall [Hack #78] , ad blocking is built in. To block ads, run ZoneAlarm, and click Privacy on the lefthand side of the screen. On the page that appears, in the Ad Blocking section, choose High to block all ads. Choose Medium to block most ads, but to allow banner and skyscraper ads (ads that take up the vertical column on the right side of a web page). You can also customize the types of ads to let through by clicking Custom and choosing which ads to block, and which to let through.

If you don’t have ZoneAlarm, the following free and for-pay programs block ads to varying degrees:

The worst ads of all might well be the ones you don’t even realize are ads, but rather, are sponsored results in search engines that look much like regular results. But there is a way to filter out even these types of ads; you can use the Search Sanity feature in AdSubtract Pro.

When you use AdSubtract, Search Sanity isn’t turned on by default. But it’s easy to turn it on. Double-click the AdSubtract icon in the Windows system tray, choose Search Sanity, and check the boxes next to the search engines whose results you want to filter. Click OK, and sponsored results and ads will be banished. Figure 4-29 shows the normal Google search results; Figure 4-30 shows the Google page with the sponsored search results filtered out by AdSubtract.

Figure 4-29. Normal Google search results

Figure 4-30. Sponsored search results filtered out by AdSubtract

Perhaps the most remarkable feature of Firefox is its ability to use extensions. Extensions are free add-ins that give the browser all kinds of new features. Because Firefox is open source, anyone can write an extension, and developers all over the Internet have put their creativity to use. There are hundreds of them, and new ones are added every day (by the time you read this, more than 1,000 extensions could be available). They add a mind-boggling array of capabilities, such as telling you the real URL of a site you’re visiting so that you can’t be the victim of a phishing exploit; letting you navigate the Web using mouse gestures so that you can browse by moving your mouse rather than by clicking; blocking ads; and much more.

How to find extensions? In Firefox, choose Tools → Extensions → Get More Extensions. You’ll be sent to a web page that lists extensions by category, and also lists the most popular and most recent one. This is the official Firefox extensions site, but it’s not the only place you can find extensions. You can find them on other places on the Web as well, notably at http://texturizer.net/firefox/extensions and http://extensionroom.mozdev.org.

Browse to the extension you want to install and click Install. If you want more information about the extension before you install it, click the title of the extension, and you’ll be sent to a page with more information about it; from there, you can also download the extension (see Figure 4-32).

Figure 4-32. Finding the Adblock extension

After you click Install, the screen shown in Figure 4-33 appears.

Figure 4-33. Starting to install the extension

Click Install Now, and after several moments, the extension will be installed and will appear in your Extensions window, as shown in Figure 4-34. The extension won’t work yet; first you have to close Firefox and restart it.

Figure 4-34. The installed extension

When you restart Firefox, the extension will start working. Many extensions allow you to customize their options. So, immediately after installing an extension, you should do that. To customize the options for an extension, choose Tools → Extensions, select the extension you want to customize, and choose Options. If you want to uninstall an extension, select it, click Uninstall, and then click OK. You’ll have to close Firefox and restart for the extension to uninstall.

Hundreds of extensions are available, and everyone has their favorites. Here are a few of mine:

Figure 4-35. Bandwidth Tester in action

It’s easy to apply themes to Firefox, which give it different colors and graphics. To apply a theme, choose Tools → Themes → Get More Themes, and you’ll be sent to a web site with many different themes. When you find a theme you want, click Install. For more information about a theme, click the title, and you’ll be sent to a page with more information, which sometimes includes a preview. You can install the theme from that page as well.

After you click Install, the theme will be available to use. Click Tools → Themes, choose the theme you want to use, as shown in Figure 4-36, and then choose Use Theme. You’ll have to restart Firefox for the new theme to take effect. If you want to uninstall a theme so that it’s no longer available, select Uninstall from the screen shown in Figure 4-36.

Figure 4-36. Choosing a new theme in Firefox

But Firefox lets you do more than just change the theme. You can also hack the interface. Firefox’s interface can be controlled by a cascading style sheet (CSS), a file that contains instructions on how Firefox should display. By editing that file, you can change Firefox’s appearance.

The file is named userChrome.css, and for it to work, it needs to be located in the folder C:\Documents and Settings\<Your Name>\Application Data\Mozilla\Firefox\Profiles\default.xxx\chrome, where <Your Name> is your XP account name, and the .xxx will be three random characters.

When you install Firefox, there is no userChrome.css file in that folder. Instead, you can find it in C:\Documents and Settings\<Your Name>\Application Data\Mozilla\Profiles\Default\xxxxxxxx.slt\chrome, where xxxxxxxx is a random collection of characters. Copy the file to C:\Documents and Settings\<Your Name>\Application Data\Mozilla\Firefox\Profiles\default.xxx\chrome. Once it’s there, you can edit it to change Firefox’s interface. It’s a plain-text file, so you can edit it with Notepad. Following are some of the hacks you can make by editing the file. If you don’t already have a userChrome.css, you can start off with a blank text file, and name it userChrome.css.

Note that it’s a good idea, when putting in this code, to put in a reminder for yourself so that later on you remember what it does. You have to tell userChrome.css to ignore your reminder so that it doesn’t try to interpret it as code. So, surround your comments with /* to begin and */ to end, like this:

/* This is a comment */

/* Change the toolbar graphic */
menubar, toolbox, toolbar, .tabbrowser-tabs {
   background-image: url("background.gif") !important;
   background-color: none !important;
   }

/* Change color of active tab */
tab{
   -moz-appearance: none !important;
}
tab[selected="true"] {
   background-color: rgb(222,218,210) !important;
   color: black !important;
}
   
/* Change color of normal tabs */
tab:not([selected="true"]) {
   background-color: rgb(200,196,188) !important;
   color: gray !important;
}

/* Make the Search bar wider
   (in this case 400 pixels wide) */
 #search-container, #searchbar {
   -moz-box-flex: 400 !important;
}

Move the sidebar to the right

Firefox lets you use a sidebar when you want to view your history or your bookmarks. The sidebar displays on the left side when you choose View → Sidebar. If you prefer, you can have the sidebar appear on the right, by typing this code into the userChrome.css file:

/* Place the sidebar on the right edge of the window  */
window > hbox {
   direction:rtl;
}
window > hbox > * {
   direction:ltr;
}

Naturally, you wouldn’t necessarily use all these hacks in concert with one another. But you could, of course. Figure 4-37 shows what Firefox looks like after we’ve added the hacks to the userChrome.css file.

Figure 4-37. Firefox, after the userChrome.css file has been edited

You can hack Firefox using the userChrome.css file in several additional ways. For more, go to http://www.mozilla.org/support/firefox/tips and http://www.mozilla.org/unix/customizing.html.

When you right-click the down arrow on the Search Bar, you’ll see that many plug-ins have a small icon next to them. Yours doesn’t, however. That’s because you haven’t created an icon for it. Create a 16 16 pixel icon, give it the same name as your plug-in, and save it as either a .jpg or .png graphics file. Then, put it in the C:\Program Files\Microsoft Firefox\searchplugins folder. So, in our instance, we create one called White House.jpg.

For information about how to create icons, see [Hack #19] . You can also find ready-made icons in the right size, although not the right format, right on the Web. When you visit many web sites, you’ll see in your web browser a small icon to the left of the http://; that same icon might show up next to the http:// on your Favorites list because the sites use something called a favicon which the browser displays.

You can find the favicon for the site, save it to your PC, convert it to .jpg or .png format, and use it for your search engine plug-in. To find the favicon for a site, go to http://www.website .com/favicon.ico, where website is the Favorite you want an icon for. For example, go to http://www.oreilly.com/favicon.ico for the O’Reilly icon. Keep in mind, though, that not all web sites have favicons, so you won’t be able to do this for every site.

If you’re using Firefox to get the icon, a dialog box will open, asking what to do with the file. Save it to your hard disk. If you’re using Internet Explorer, you’ll open the icon itself in your browser. Right-click it, choose Save Picture As..., and save it on your hard disk.

It’ll be in .ico format, so you need to convert it to .jpg or .png. An excellent program for doing this is IrfanView, available from http://www.irfanview.com. For details about how to do the conversion, see [Hack #99] . When you store the file, make sure it’s in C:\Program Files\Microsoft Firefox\searchplugins.

The Google Desktop is a Windows-only application, requiring Windows XP or Windows 2000 SP3 or later. The application itself is tiny, but it’ll consume about 500MB of room on your hard drive and works best with 400MHz of computing horsepower and 128MB of memory.

Point your browser at http://desktop.google.com, download, and run the Google Desktop installer. It’ll install the application, embed a little swirly icon in your taskbar, and drop a shortcut onto your desktop. When it’s finished installing and setting itself up, your default browser pops open and you’re asked to set a few preferences, as shown in Figure 4-40.

Figure 4-40. Setting Google Desktop search preferences

Click the Set Preferences and Continue button and you’ll be notified that the Google Desktop is starting its initial indexing sweep. Click the Start Searching button to get to the Google Desktop home page (Figure 4-39).

From here on out, any time you’re looking for something on your computer, rather than invoking Windows search and waiting impatiently while it grinds away (and you grind your teeth) and returns with nothing, double-click the swirly Google Desktop taskbar icon and Google for it. Don’t bother combing through an endless array of Inboxes, Outboxes, Sent Mail, and folders, or wishing you could remember whether your AIM buddy suggested starving or feeding your cold. Click the swirl.

Figure 4-41 shows the results of a Google Desktop search for hacks. Notice that it found 16 email messages, 2 files, 1 chat, and 1 item in my IE browsing history matching my hacks query. As you can probably guess from the icons to the left of each result, the first three are an AIM chat, an HTML file (most likely from my browser’s cache), and an email message. These are sorted by date, but you can easily make a switch to relevance by clicking the “Sort by relevance” link at the top right of the results list.

Figure 4-41. Google Desktop search results

Figures Figure 4-42 Figure 4-43, and Figure 4-44 show each individual search result as I clicked through them. Note that each is displayed in a manner appropriate to the content.

Click the “Chat with...” link shown in Figure 4-42 to launch an AIM conversation with the person at hand.

Figure 4-42. An AIM instant message

Cached pages are presented, as shown in Figure 4-43, in much the same manner as they are in the Google cache.

Figure 4-43. A cached web page

The various Reply, Reply to All, Forward, etc., links associated with an individual message result (Figure 4-44) work; click them and the appropriate action will be taken by Outlook or Outlook Express.

Figure 4-44. An email message

It just wouldn’t be a Google search interface if there weren’t special search syntax to go along with it.

The Boolean OR works as expected (e.g., hacks OR snacks), as does negation (e.g., hacks -evil).

A filetype: operator restricts searches to only a particular type of file: filetype:powerpoint or filetype:ppt (.ppt being the PowerPoint file extension) find only Microsoft PowerPoint files, while filetype:word or filetype:doc (.doc being the Word file extension) restrict results to Microsoft Word documents.

Now you’d think I’d hardly need to cover Googling—and you’d be right. But there’s a little more to Googling via the Google Desktop than you might expect. Take a close look at the results of a Google search for hacks shown in Figure 4-45.

Figure 4-45. Google Desktop web search results

Come on back when you’re through with that double take.

If you missed it, notice the new quick links “27 results stored on your computer.”

Yes, those are the same results (and then some, given my indexer was hard at work) returned in my earlier Google Desktop search of my local machine. As an added reminder, they’re called out by that Google Desktop swirl. Click a local result and you’ll end up in the same place as before: all 27 results, an HTML page, or Microsoft Word document. Click any other quick link or search result and it’ll act in the manner you’d expect from any Google search results.

Now, before you start worrying about the results of a local search—or indeed your local files—being sent off to Google, read on. What’s actually going on is that the local Google Desktop server is intercepting any Google web searches, passing them on to the Google web server in your stead, and running the same search against your computer’s local index. Then it’s intercepting the web search results as they come back from Google, pasting in local finds, and presenting them to you in your browser as a cohesive whole.

All work involving your local data is done on your computer. Neither your filenames nor your files themselves are ever sent on to the Google web server.

For more on Google Desktop and privacy, right-click the Google Desktop taskbar swirl, select About, and click the Privacy link.

There are various knobs to twiddle and preferences to set through the Google Desktop browser-based interface and taskbar swirl.

Set various preferences in the Google Desktop Preferences page. Click the Desktop Preferences link on the Google Desktop home page or any results page to bring up the settings shown in Figure 4-46.

Figure 4-46. The Google Desktop Preferences page

Hide your local results from sight when sharing Google web search results with a friend or colleague by clicking the Hide link next to any visible Google Desktop quick links. You can also turn Desktop quick-link results on and off from the Google Desktop Preferences page.

Click the “Remove results” link next to the Search Desktop button on the top right of any results page and you’ll be able to go through and remove particular items from the Google Desktop index, as shown in Figure 4-47. Do note that if you open or view any of these items again, they’ll once again be indexed and start showing up in search results.

Figure 4-47. Removing items from your Google Desktop index

Search, set preferences, check the status of your index, pause or resume indexing, quit Google Desktop, or browse the “About” docs by right-clicking the Google Desktop taskbar swirl and choosing an item from the menu, as shown in Figure 4-48.

Figure 4-48. The Google Desktop taskbar menu, which gives you the knobs to twiddle and preferences to set

When evaluating the Google Desktop as an interface to finding needles in my personal haystack, one thing sticks in my mind: I stumbled across an old email message I was sure I’d lost.

—Rael Dornfest

MSN Desktop Search is a free download that runs on Windows XP only. Installation is straightforward. Download it (see the note at the beginning of this hack) and run the installer. It will install itself in several places, including as a small input box on the taskbar and as a toolbar in Outlook.

When it’s on the taskbar, it appears as an input box with a butterfly to the left, as shown in Figure 4-50. In addition to that, in the Notification area (the far-right portion of the taskbar) you’ll see a small magnifying glass with a butterfly on it. That’s the indexer portion of the utility.

Figure 4-50. The MSN Desktop Search input box on the Windows taskbar

If it doesn’t pop open and ask you to set your preferences, set your preferences right away. The most important one concerns what it should index. For some odd reason, by default, it indexes your email and your My Documents folder only. That means it won’t be able to find anything on the rest of your hard disk, so rectify that oversight right away. On the taskbar, click the down arrow next to the small butterfly symbol, choose Options → Deskbar Options, and from the screen that appears click Desktop Search to bring up the screen shown in Figure 4-51. Select “Email and all hard disks” and check the box next to “Index email attachments” so that it indexes all the attachments in your email. Then click OK.

Figure 4-51. Telling MSN Desktop Search to index your entire hard disk, not just your email and My Documents folder

Now, click the magnifying glass with the butterfly on it in the Notification area, and choose Index Now. It will start indexing. It could take from an hour to the better part of a day to complete its index, depending on how many files you have and how fast your processor is.

When you want to search through your PC, click inside the search box shown in Figure 4-52 and type in your search term. (To instantly put your cursor in the search box, press Ctrl-Alt-M.) MSN Desktop Search literally starts searching with each keystroke and can display results as you type. As you type, the results pop up in a box, as shown in Figure 4-52.

Figure 4-52. Results as you type, neatly sorted by category

This instant searching and sorting is great, but even more useful is what you can do once you find results. Right-click any result and you’ll get a menu that lets you take action on the file or message, depending on the file type or whether it’s an email. For example, as shown in Figure 4-53, if you right-click an email, you can open the message in Outlook, print it, reply to it, forward it, copy it, delete it, or move it to a different folder—the same options you have from inside Outlook. And Outlook doesn’t have to be running for you to do it; for example, if you want to read the message, Outlook will launch automatically.

Figure 4-53. Right-clicking a file or email message to get a context-relevant menu of choices for what you can do with the file or message

Similarly, if you right-click a Word document, you get a much wider choice of options, as shown in Figure 4-54—in essence, the same set of options you’d get if you right-clicked the file in Windows Explorer.

Figure 4-54. Right-clicking a Word document to get a list of options

This is the quick way to use the MSN Search Bar. If you want to get the full power of the tool, after you type in your search term, press Enter, or click the arrow to the right of the input box, and you’ll come to the screen shown in Figure 4-55.

Figure 4-55. The more complete results shown in the MSN Desktop Search program

Right-click any file and you get the same menu of options you get when the results pop up.

But this screen gives you far more options than that. Sort the results in different ways by clicking Title, Author, Date, Size, or Type, and sort them in ascending or descending order. Better yet, you can see your search broken down by category. Click Email, for example, and you’ll see all email-related results; click Music, and you’ll see any results in music files; click Documents, and you’ll see results in Microsoft Office documents; and so on.

The true power of the program comes not in its basic searches—although those, as you can see, are quite powerful—but in the search syntax you can use. The syntax has been explicitly created to help you search through documents on your PC. So, unlike with the Google Desktop, you’ll be able to search inside specific folders. And you can also search by the author of a document, by the sender and recipient of email, and so on. And, of course, it can handle Boolean searches, so you can use OR, AND, wildcards, and so on.

Let’s say you want to find all email that was sent to you from Joe Metz, that had attachments, and that contained the word budget. You’d issue this search:

kind:email from:Joe Metz has:attachment budget

If you want to find every PowerPoint presentation in the Money folder with the word ROI in it, issue this search:

kind:presentation folder:Money ROI

Table 4-2 provides a more complete list of search syntax.

Has:attachment

Before:

After:

Author:

From:

To:

Kind:Contacts

Kind:email

Kind:meetings

Kind:Tasks

Kind:Notes

Kind:text documents

Kind:email

Kind:spreadsheet

Kind:music

Kind:pictures

Kind:videos

Kind:favorites

Store:Outlook

Store:oe

Folder:

This is just a small sample of the syntax. For a more complete listing, click the arrow next to the butterfly icon on MSN Desktop Search, choose Help → Desktop Search Help, go to the Tips and Tricks section of Help, and click Advanced Query Reference.

There’s one thing Google Desktop has that MSN Desktop Search doesn’t, and that’s real-time indexing. In Google Desktop, after the initial indexing, your files and email are instantly indexed in real time as you create them or receive them. That’s not the case with MSN Desktop Search. After its initial indexing, it indexes only when your computer is idle. That means that when you do a search, it won’t include information added since the last indexing.

You can manually tell it to index while you’re working, however. Right-click the magnifying glass with a butterfly on it in the Notification area and choose Index Now. You’ll see the magnifying glass slowly flashing as it indexes, and it will continue to index as you work.

If you’re not sure whether your index is up-to-date, click the magnifying glass with a butterfly on it and choose Indexing Status. The screen shown in Figure 4-56 appears. You’ll see the total number of items that have already been indexed, and how many items are waiting to be indexed. To start indexing, click Index Now.

Figure 4-56. Checking the status of your indexing

This screen also lets you tell MSN for how long it should wait while your PC is idle before it starts indexing your PC. From the drop-down box next to Snooze, choose the amount of time you want it to wait before indexing. Your choices are from 15 seconds to one day.

When MSN Desktop Search sits on the Taskbar, there’s one niggling annoyance that won’t go away. The butterfly image (which Microsoft insiders call a jellybean because it’s shaped like one) takes up precious Taskbar space, as does the small arrow to the right of it, as shown previously in Figure 4-50. They become a problem when you run a lot of programs at the same time. With the jellybean there, because there’s less space on the Taskbar, you won’t be able to see the tiles of all the programs that are currently running.

There’s a simple Registry hack that will kill the jellybean and arrow, but still gives you the features of search. First, run the Registry Editor [Hack #83] and go to HKEY_CURRENT_USER\Software\Microsoft\MSN Apps\DB. Create a new DWORD value called Buttons and give it a value of 1. Exit the Registry.

Now, take MSN Desktop Search away from the Taskbar by right-clicking the Taskbar, choosing Properties, and removing the checkmark from MSN Deskbar. Then, right-click the Taskbar again, choose Properties, and put a checkmark next to MSN Deskbar. MSN Desktop Search will appear again on the Taskbar, this time without the jellybean, as shown in Figure 4-57.

Figure 4-57. No jellybean in the Taskbar

The best way to empower Internet searches is by installing special toolbars from two popular search engines, Google and Ask Jeeves. The Google Toolbar is the better of the two, and not just because it’s a better search engine. It also has several extra features.

The great thing about the Google Toolbar is, well, that it’s Google. It gives you all of Google’s functionality without even having to visit the site. To get the Google Toolbar for IE, go to http://toolbar.google.com and follow the installation instructions. It works only with Internet Explorer. Once you install it, you’ll be able to search Google without having to visit the search site; just type your search term in the toolbar. In fact, you even get an extra on the toolbar that you don’t get on Google itself—the PageRank feature that tells you how popular the current site you’re visiting is.

The best of the Google Toolbar’s features is that it lets you do a Google search through the site you’re currently on, a particularly useful tool if the site doesn’t have a search box, or if the search on the site is a poor one. In fact, I rarely use sites’ search boxes and prefer to use the Google Toolbar instead. Among other features, the Google Toolbar also lets you find sites related to the one you’re currently visiting, and it will translate foreign-language sites into English. The Google Toolbar will also highlight your search terms on the page results if you tell it to.

Using the Google Toolbar is simplicity itself: type a search term into it and press Enter. If you want to search the current site instead of the entire Web, click a small button on the toolbar that pictures two pairs of googly eyes on a magnifying glass.

If you’re concerned about your privacy, you should disable the PageRank option. When you enable this option, the Google Toolbar tracks the page you’re on. If the option is disabled, the Google Toolbar doesn’t track the page.

If you decide to forgo the Google and Ask Jeeves search toolbars, you still can do things to power up Internet Explorer’s Search Companion, which you get to by pressing Ctrl-E or clicking the Search button. Of course, first you’ll want to get rid of the cloyingly cute animated dog that normally appears, by choosing Change Preferences when the Search Companion appears and then choosing “Without an animated screen character.”

But the Search Companion has bigger problems than stray dogs. It forces you through a step-by-step search, and, worse still, it clutters up the search area with “sponsored links” from advertisers. Type in the name Preston, for example, and you’ll get sponsored links such as “Hotels near Preston,” “Buy Fine Wines and Beer at Libation.com,” and “Preston, Idaho Travel Information.” No, thank you. I prefer my search results straight up.

A better bet is to use what Microsoft calls the Classic Internet Search Companion, which previous versions of Internet Explorer used. From the Search Companion choose Change Preferences → Change Internet Search Behavior → With Classic Internet Search. You’ll have to close Internet Explorer and restart it for the changes to take effect. As you can see in Figure 4-58, it’s simpler and allows you to perform more focused searches, specifically for web pages, addresses, business names, and maps, as well as perform a previous search. Click the More button to search for pictures and definitions of words.

Figure 4-58. The Classic Internet Search Companion

By default, Internet Explorer uses MSN as its search engine, but after you perform a search, if you don’t find what you want you can send the same query to other search engines by clicking “Send search to more search engines” and then picking the engine you want to use. You can also change the default search engine by opening the Search Companion, choosing Change Internet Search Behavior, scrolling down the page that appears, and choosing a new default search engine from the list of 13.

To run Java applets, you need a Java Virtual Machine (JVM) installed on your system. Microsoft and Sun have, in the past, had competing JVMs. Applets written for one JVM might or might not work with the other JVM.

To make things more confusing, Microsoft and Sun have been locked in a bitter legal battle about Java, which rivals the Jarndyce and Jarndyce court case at the center of Dickens’ novel Bleak House. Fully explaining the Microsoft/Sun fight would take about as many pages as Dickens’ 1,000-plus-page novel did. The upshot is this, however: because of a court ruling, Microsoft stopped distributing and supporting its JVM (which it calls Microsoft VM) in January 2004. And the Microsoft VM might or might not be enabled in your version of XP.

So, if you’re having problems with Java, the first thing to do is to see whether you have a JVM installed and whether you’re using the Sun version, the Microsoft version, or both versions. To see whether Microsoft VM is enabled, from Internet Explorer choose Tools → Internet Options → Security. Highlight the Internet Zone, choose Custom Level, and then scroll down until you come to the Microsoft VM section, shown in Figure 4-59.

Figure 4-59. Checking to see whether you’re using the Microsoft VM

If the Disable Java button is chosen, it means the Microsoft VM is disabled on your system.

To check whether you have the Sun JVM and whether it’s enabled, from Internet Explorer choose Tools → Internet Options → Advanced and scroll down. If you see a Java (Sun) entry with a checkbox next to it, as pictured in Figure 4-60, the Sun JVM is installed.

Figure 4-60. Checking to see whether the Sun JVM is installed

If you don’t have the Microsoft VM or the Sun JVM installed, the solution is simple: install and enable one of them. Because Microsoft stopped supporting its VM after January 2004, your best bet is to install the Sun JVM from http://www.java.com/en/download/windows_automatic.jsp.

If the Microsoft VM or the Sun JVM shows up (as in Figure 4-59 or Figure 4-60, respectively), but it’s not enabled, you’ll need to enable it. To enable the Microsoft VM, in the screen pictured in Figure 4-59 choose High Safety. That will enable the VM but will take security precautions against rogue Java applets. To enable the Sun JVM, select the checkbox under Java (Sun), as shown in Figure 4-60.

Your problem might be that you have an older JVM or Microsoft VM installed, and you need to update it. Go to http://java.sun.com and check the version number against the version number displayed in Figure 4-60. If your version number is older, you should install a newer JVM. Additionally, if you’re using the Microsoft VM, you might instead want to install the Sun JVM in its place, since Microsoft discontinued support for its VM.

People have reported problems when installing a newer JVM over an older one, so I suggest first uninstalling the old JVM or Microsoft VM and then installing the new one from http://www.java.com/en/download/windows_automatic.jsp. Unfortunately, uninstalling the Sun JVM or Microsoft VM is not a simple process and requires Registry editing as well as manually deleting files. Here’s how to do each.

Java applets won’t run unless you have a minimum color setting of 256 colors. If you don’t use that minimum setting, you’ll crash when you visit a web page with a Java applet. To change your display settings, right-click the desktop, choose Properties → Settings, and in the Color Quality drop-down box choose a display setting of at least 256 colors.

If you use at least 256 colors and you still experience problems, the cause might be a buggy video driver. To help find out if this is the cause of the problem, change your current display settings to a lower resolution and color depth than you’re currently using—for example, bring it from 1,024 768 to 800 600, and the colors from Highest (32bit) to 256 colors. If that doesn’t solve the problem, you might have a display driver with bugs in it. Go to the manufacturer’s web site and download a new driver.