I barely use e-mail. For what little I do, I've been using SeaMonkey. I've been fortunate in regards to e-mail. My primary e-mail is ISP supplied. I might see one or two pieces of spam in a month there. The only other account I use is Yahoo web mail. I regard it as disposable. Nothing there is tied to my real identity. It gets its share of spam. It's also been an excellent source of malware for testing over the years. If I had a greater need for e-mail, I'd use a separate client, not sure which one. IMO, most of the security implications can be dealt with by using good firewall rules and by not accepting HTML formatted e-mail. Depending on how much e-mail you get and save, you can configure the client to use an encrypted container for storage, mounting it only when you need it.
When I run XPlite to remove Utopia sound scheme all .wav files still remain that were previouly on the system. Only i386 folder I have is in Driver Cache with 3 .wav files listed.
If you use another Image Viewer and you like to remove the Windows default Image Viewer in XP. Click on Start > Run Then type: regsvr32 /u shimgvw.dll (unregisters the dll) This will stop it from previewing any picture that it supports. To undo it, type: regsvr32 shimgvw.dll ( in Run command to preview the images again) Update: Removing Windows Picture & Fax Viewer. Only way I know is either unregister the dll file or delete the dll file from system32 and dllcache folders. Read that you would lose photo thumbnails in Windows Explorer if you delete the shimgvw.dll file.
In 2011, the Windows Picture and Fax Viewer was being exploited with malicious .wmf files. Because this was part of the operating system (shimgvw.dll is also used by Windows Explorer) it could be used to execute malicious code. While this particular vulnerability has been fixed, the root cause has been ignored, namely an attack surface application being integrated into the OS, just like Internet Explorer. Since XP won't be seeing any more security patches, if when new vulnerabilities are found, they won't be fixed. The long term solution is to eliminate attack surface applications that are integrated with the operating system. 3rd party image viewers such as IrfanView are far superior, plus they can be run with reduced privileges or completely sandboxed.
When you say a separate client, do you mean have 2 programs reside on your computer eg 1/ SeaMonkey, plus 2/ the one you referred to as not sure what you'd choose .... OR is your ISP email account tied to a web based account as well as your computer based email account.? Mine can be accessed via webmail as well but I never use it, and I'm pretty sure I asked them to disable it, but can't remember all the details. but I I have never once had spam in my computer based accounts. It's rare they are used. I thought all ISPs basically supplied an email account as standard practise. Sometime when I get time, I would like to come back and ask you how to do what Ive bolded. I have the last Truecrypt version before things went all crazy with that.
LowWaterMark has given me the ability to edit my first post. My intention is to grab this opportunity and have one place where people can quickly find a list of the main topics discussed in this thread, plus the main locations or reference points to find discussion on them. LWM said I can link to post numbers so I'll be looking to use that. The idea is to not make it too simplistic or too cumbersome either, as in either case it would be useless. It will take me time to do this so it too will be a work in progress. As always, I'm open to suggestions now, or once I get under way if you think something could be done better then say so. There's two ways I can think of in laying this out. I'm going to do the first option, at least to start with. 1/ just list all the topics in alphabetical order (easier) or 2/ make bigger topics the main ones, and any relevant topics as subheadings (much harder because of dovetailing)
I was referring to separate application just for e-mail, like TB or something else. For what little e-mail I do, the e-mail component in SeaMonkey is sufficient. Regarding the encryption, I can't supply instructions for True Crypt. Never used it. I assume that TC can create encrypted containers and that the OS will see them as separate drives when they're mounted. Most e-mail software of any worth will let you specify where the e-mail folders will be located. Assuming that the drive letter of the mounted container file can be specified or remains constant, you'd create, then mount the empty container. Format it if needed. Then point the e-mail client to it. Once a container is created and mounted, it behaves like a normal hard drive. The only encryption software I have for XP is the PGP disk component of the CKT package. With the 98 unit, I could use Scramdisk for the example. As far as the e-mail client is concerned, there'd be no real difference. It won't care what you use. All it will care about is a consistent path.
What is CKT package? Before the other computer died I had encryption installed into TB. I never used it, but just did it to try things out. It's a fairly pointless exercise because correspondents just wouldn't have a clue how to use it. It would be a nightmare to try and get them anywhere near it. Webmail is much more seamless but definitely not without its problems. It's a compromise.
The CKT packages were unofficial versions of PGP. They had features and components that were not available in the official versions, including PGP disk, stronger keys, and XP compatibility. The last version was 6.5.8CKT09. They included source code. There's a long story behind them, including claims of a backdoor in the official versions. There's basically 2 types of encryption software. The CKT packages had components for both. The first is for encrypted storage. The 2nd is for encrypted communication. What I was describing was for encrypted storage of e-mail (and anything else) on your PC. If TC can create containers or encrypted partitions, it should work for what I described.
My preferred encryption software, Scramdisk 3.01R3 doesn't run on XP. The version of PGP disk in the CKT package is limited to encrypted containers. I haven't kept up with TrueCrypt in regards to which versions can be trusted. What was the last known "trustworthy" version? Anyone have the MD5 or SHA-256 of the installer? I haven't experimented much with container/partition encryption software on XP. With Scramdisk on 98, I could put containers and the application itself anywhere, disguised as any type of file I chose. On my previous system, I disguised the containers as DLLs and dropped them into the system folder. Program folders for installed games would make good hiding places. I don't know if XP would let one get away with something like that.
TrueCrypt Final Release Repository https://www.grc.com/misc/truecrypt/truecrypt.htm Scroll down the page and you'll find the link for the hashes for TrueCrypt v7.1a (SHA256, SHA1 and MD5 hashes) Edit: Checked again the version I used (TrueCrypt Setup 7.1a.exe) and SHA256, SHA1 and MD5 hashes all match up.
As KeyPer says, 7.1a, or that seems to be what a number of people think. It's the version I have. I downloaded it before I knew how to check hashes. I wanted to get TC before if became hard to get so I haven't really done anything with it. Well, you sure are an innovative thinker noone. I'm going to try a dummy run of what you describe here. Was your method of disguise just a matter of changing the extension/file type? Also, what would XP be likely to do if it didn't like the idea of putting something in a program folder?
Great reading but only skimmed through. Saw this near the bottom...interesting that Scramdisk and TC are one and the same.
If it is anything like Program Files folder in W7, you are laughing. All I get on W7 is a prompt for Administrator confirmation... that is all! But one has to remember, what can happen in Program Files is restricted. If it is just for the above, storing important files as fake / encrypted files... then s'all good. Even moreso, if they are faked as executables, an additional layer of protection can be added by using anti-exe stuff or default deny via HIPS. Sorry, might be too much for XP. I miss XP. Shutup. LOL.
You better aim better ....Seriously, you guys will turn me into an enthusiast yet . ...which reminds me...noone, in regards to .xls files (excel) that Works suit which has the program simply called "M$ Works Spreadsheet" WILL open xls files. All did was change the extension from xlr to xls. Sometimes Windows complains when you do this, but I've never had much trouble when I do. Of course there's always a catch. In this case it wont open password protected files. I tried and it balked on me.
I picked up a copy a while back too. It's the same version. As far as I remember, I've never used it. Been wanting to test it in a virtual system. Going to be a while before I have the time. Scramdisk allows you to disguise the container as just about any file type you want. I've tried both DLLs and EXEs. Both work fine. If someone takes a close look at the disguised container, it's not hard to determine that it's not what it appears to be. That said, this level of examination requires physical access to the machine. That's one reason that I was thinking of game files. The formats are often unique. The files themselves can be unique if they store your progress in the game. Regarding XP and container locations, my concern would be policy limitations on what can be written where. I haven't explored it but if I understand it correctly, system policy can restrict what can be done in Windows, system32, and Program files directories. First I've heard that. I'm pretty sure that isn't the same Scramdisk. The original Scramdisk is nearly 10 years older. You can find more info on the original Scramdisk here. It's possible that TC evolved from the original Scramdisk. If I recall, Scramdisk evolved into Encryption for the Masses, may have been called E4M or something close to that.
The ultimate oxymoron. Oddly enough, it works fairly well. I'd like to find something else (non-MS) that can handle what it called a database format.
Tested the UninstallString for PCHealth and it removed everything except 2 files in: C:\WINDOWS\pchealth\helpctr\binaries PC Health Help Center Resource Only DLL Microsoft Help Center Service The Windows Help and Support Service was removed. NOTE: Inside the binaries folder is the System Configuration Utility (msconfig.exe) which should be moved before deleting/removing this folder. System Information (msinfo) is also listed and you may not be able to view system info. Wonder though if the PCHealth folder and contents should be left intact? UPDATE: Leaving WFP on and then running the uninstall command for PCHealth does leave System Configuration Utility intact and I was able to open it. (msconfig.exe) During same test though the uninstall command does remove Help and Support service which relies on System Information (msinfo32.exe) which when clicked on showed a Help & Support popup error because of removing Help & Support service. Also as usual WFP will notify to insert your Windows XP CD. Most of the files in binaries will remain. As mentioned before turning off WFP and then running PCHealth uninstall command string will remove everything except for 3 files (not 2) in C:\WINDOWS\pchealth\helpctr\binaries PC Health Help Center Resource Only DLL Microsoft Help Center Service Microsoft PCHealth Service Holder If you use the Run Command - Start > Run > and type in: msconfig you'll receive a message that Windows cannot find msconfig even if you copy the file from the dllcache folder to the default location. Copying it to the System32 folder does seem to work though. NOTE: Tested only so folder and service are still present on the system.
Its on my mums XP HOme computer which is all Ive got right now, and XP HOme is better than anything that comes after unless you can show me conclusively that all ports can be closed. If you can, then tutorials please! You'd also save me the grief of navigating all this stuff about hardware compatibility with XP .
Why is it such an oxymoron noone? Haven't tried all the things in it yet, as I only just saw it sitting there in Programs list. Oh BTW I do have the install disks for it. Just looking now, its called Works Suite 2003. It has Encarta, Picture it, Works, Word and Money. Works looks like it has 6 things in it including a database program which Ive never had, so can't complain. ALso this suite is Key based and has quite a few CDs in it.
Saying one and the same wasn't really correct. When you said, " It's possible that TC evolved from the original Scramdisk" that's what I understood to be the case from the excerpt I put up. In any case, looking at this, they look to be tightly linked.
