www.pcmag.com
Products & Technologies That Change The Way You Work And Play
15 TOP POWERPOINT TIPS LATEST The 3-D DIGITAL Notebook: VIDEO You Have CAMERAS To See This! BEST BLOGS & WILD WIKIS FIRST LOOKS: MICROSOFT’S SMARTPHONE THE INDEPENDENT GUIDE TO TECHNOLOGY
DECEMBER 30, 2003
Our 20th Annual Awards: Personal Computers Mobile Devices Cameras Printers Storage Collaboration Communications System Software Components Protocols Development Tools The Person of the Year Lifetime Achievement
MICHAEL J. MILLER
Forward Thinking SEARCHING FOR TECHNICAL EXCELLENCE FOR EACH OF the past 20 years
at around this time, we recognize the year’s breakthrough technologies with our Awards for Technical Excellence. The nominees aren’t always our Editors’ Choice picks nor our favorite products of the year. (You’ll find those in our next issue.) Instead, our editors identify those products and technologies that have the potential to change how we use computers. A few products we’ve honored over the years stand out: the 386 processor, Windows 95, and the early notebook computers. But every year, we award
this honor to a number of products that aren’t yet household names. You’ll find this year’s nominees and winners starting on page 83. Every year we also honor the people who have made an impact on the industry with our Person of the Year and Lifetime Achievement awards. For a complete list of the winners and an interview with Intuit founder Scott Cook, our Lifetime Achievement award recipient, visit www.pcmag.com/techex. We’re already seeing products that missed our deadlines for the 2003 awards but that we will consider for 2004. Some cool contenders include the amazing Sharp 3-D display (see First Looks, page 40) and the more theoretical “thin-air” display (discussed in Pipeline, November 25, page 26).
H OW S PA M S O LU T I O N S L E A D TO M O R E P R O B L E M S EV E RYO N E I S TA L K I N G about spam, and some folks are even doing something about it. But despite all sorts of legislation and technical progress, the problem is getting worse. Recently, I’ve talked with several companies that have different answers to the spam onslaught. All have advantages and disadvantages. The whitelist/challenge-and-response systems do the best job of keeping out unwanted e-mail. With such systems, you get e-mail only from people you authorize or those who respond to a challenge, such as counting elements in a picture or deciphering garbled text. The technique these systems use is known as CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). On the downside, with such systems you may not get all the e-mail you do want. Recently, I tried to respond to an e-mail from a reader but received a challenge. The system never accepted my answer, so the reader never got my response. Most businesses wouldn’t subject their customers to such a system, because they don’t want to risk losing an order. But other problems exist that aren’t immediately obvious. For example, the World Wide Web Consortium (W3C) recently issued a draft report pointing
out the big problems such systems pose for the visually impaired. While developers claim to offer some kind of workaround, that doesn’t work well in practice. The W3C draft mentions some solutions, but most of them aren’t ready yet. Another solution is filtering, in which the software or service tries to identify real mail and junk mail intelligently. Most antispam developers use rules to help identify spam, but the problem is that the filter lists need to be updated very frequently. Applying all the updates imposes a very real cost on businesses. One antispam developer, Cloudmark, says it has a way around this by turning such filters into rules that identify spammer techniques. Whether this approach is good at blocking unwanted e-mail without generating false positives is an open question. Each antispam vendor seems to have its own unique approach to combating spam. For instance, InBoxer uses techniques borrowed from voice recognition software to identify spam. And MailFrontier has a new system that’s tuned to identify fraudulent e-mail. In the meantime, legislation to stop spam is here,
In the long run, the only real solution to spam may be to rearchitect the way the Internet handles e-mail.
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
7
Forward Thinking MICHAEL J. MILLER
but the rules I’ve seen are hardly practical. California has a tough antispam law that lets people sue when they receive e-mail they didn’t specifically ask for. In other words, it requires businesses to offer opt-in mailing lists. Spammers can get hit with penalties of $1,000 per message if they don’t comply. This may sound great, but in practice it’s likely that companies sending legitimate e-mail rather than the big spammers will be swamped with lawsuits. Most spammers aren’t in California anyway. Then we’ve got federal legislation called CAN SPAM, which the Senate recently passed. It would supersede the California rules and require only an opt-out provision. Antispam advocates prefer an opt-in approach, but that’s difficult to enforce. Opting out may be the only practical
solution. The good news is that we’d have a uniform national law instead of lots of state laws. And it would force people sending e-mail to identify themselves accurately (something legitimate companies don’t mind doing). The bad news is that it includes a national “do not mail” registry, which sounds good in theory but in practice creates a great mailing list for off-shore spammers. We can’t just sit back and do nothing as the spam problem spirals out of control. But I worry that nearly all the solutions the industry and our legislators are coming up with are creating new problems. In the long run, the only real solution may be to rearchitect the way the Internet handles e-mail. And that approach has its own problems. One thing’s for sure: There are no silver bullets here.
I N S TA N T V I D E O P R E S E N TAT I O N S IF YOU USE PowerPoint and a
Web camera, you’ll want to try out one of the neatest applications I’ve seen recently—Anystream’s Apreso, formerly called Agility Presenter. This $149 utility makes turning your PowerPoint presentation into a video easy. You just set up Apreso and a Web camera and run PowerPoint. Then you press the Capture button on the new menu that the software installs on the menu bar and go through your presentation as you normally would. You
just have to make sure to set up the camera so it captures you, and you get an instant presentation. When you’re done, Apreso creates a video file. You can then hit a single button to burn the presentation to a CD, or you can host it on a Web server—including the Apreso Web site, which offers free hosting until March. The video quality is surprisingly good, and the results look very professional. We are so impressed with Apreso that it’s a finalist for our Technical Excellence Awards.
GADGETS OF THE MONTH
LOGITECH QUICKCAM ORBIT
8
2003 M AY W E L L be recalled as the year when desktop video went mainstream. Here are a couple of recent products that are worth your attention. My favorite gadget of late is the Logitech QuickCam Orbit, which works particularly well with video instant messaging. I’ve seen plenty of nice little Webcams, including the excellent Logitech QuickCam series. I’ve also been happy with the Creative WebCam Notebook ($49.95 list), which is small enough to keep in my luggage when I travel. But the Orbit is something else. It’s a desktop Web camera with the advantage of a mechanical pan-and-tilt feature, which keeps the camera focused on you even if you move around during a video conversation. The neat-looking camera sits in a globe atop a stand that also contains a microphone. It’s not the first camera with such features, but at a list price of $129.95 it’s a bargain. Web cameras are getting more useful every month, with new applications emerging that take better advantage of them. In our previous issue, we wrote about a number of new videoconferencing solutions that offer free or
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
inexpensive video solutions for individuals and small businesses. It’s really easy to send and receive video with most instantmessaging clients. I found Yahoo! Messenger and MSN Messenger surprisingly good. (I’m waiting for AOL Instant Messenger to add a video feature.) CREATIVE WEBCAM If you want more advanced NOTEBOOK capabilities, check out SightSpeed Video Messenger, which offers 100 minutes a month with a 10-minute-per-day limit free of charge, or unlimited usage for $29.95 a month. (If you need even higher-quality video, consider one of the more expensive, full-featured business videoconferencing systems, which often come with high-end cameras.) Now that prices of services and cameras have dropped dramatically, they’re great deals. MORE ON THE WEB: Join us online and make your voice heard. Talk back to Michael J. Miller in our opinions section, www.pcmag.com/miller.
䊛
Contents.1
DECEMBER 30, 2003 VOL. 22 NO. 23 www.pcmag.com
Our Technical Excellence winner in design ten years ago was the “path-breaking” Apple Newton Message Pad. 32
First Looks 32 Canon Optura Xi
C OV E R STO RY
83
32 JVC GR-DX300 33 Panasonic PV-DV953 34 Samsung SC-D5000 34 Sony DCR-PC330 36 HP Photosmart 945 38 Fujifilm FinePix S7000 K 38 Sigma SD-10 40 Sharp Actius RD3D 43 Motorola MPx200 with Windows Mobile Software M 43 Samsung SCH-i600 46 LANDesk Management Suite 8 46 PositivePRO 48 Dell W1700 LCD TV 50 Gateway 17-inch LCD TV 50 Samsung 172MP 52 Sharp LL-M17W1 53 ViewSonic N1700w
OUR ANNUAL LOOK AT THE MOST innovative products and technologies spotlights dazzling PC design, sleek and fast mobile devices, robust processing power, breakthrough protocols, and leading-edge software. We also honor two individuals: one whose lifetime efforts raised the standards of software, another whose leadership and vision have driven an industry giant through massive change and growth. 84 N Personal Computers
Collaboration Software N 92
85 N Mobile Devices
Communication Software N 94
86 N Components
Development Tools N 95
87 N Storage Devices
Protocols N 95
88 N Digital Input Devices
Person of the Year N 96
89 N Digital Output Devices
Lifetime Achievement N 97
92 N System Software
COVER ILLUSTRATION BY JEAN-FRANCOIS PODEVIN
ON THE COVER
15 Top PowerPoint Tips page 70 Latest DV Cameras page 32 The 3-D Notebook page 40
ALSO IN THIS ISSUE 57 Feedback 150 Backspace
Breakthroughs: Our 20th Annual Awards page 83
Best Blogs & Wild Wikis page 101 First Looks: Microsoft’s Smartphone page 43 www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
15
Contents.2
DECEMBER 30, 2003
25 Pipeline A renaissance for machine translation.
25
Hotmail’s interface overhaul.
25
TV and Web users are doing double duty.
26
The disruption following October’s solar flares.
26
Amazon.com’s fully searchable books.
26
Reinventing micropayments.
28
COMING ATTRACTIONS: Compaq X09, Tapwave Zodiac PDA, PLUS V3-111 slimline projector, Kyocera Finecam SL300R, and more.
NETWORK SECURITY
101 Take Back The Net
122 Know Your Weaknesses
The Internet was supposed to be the ultimate grassroots tool, but it seems increasingly controlled by businesses and the technoscenti. We look at a group of tools like blogs, wikis, and even Voice over IP phones, which can help put the power of the Web back in the hands of the average user.
You may not know it, but your network could be in serious jeopardy. Vulnerabilities such as bugs, viruses, and improper application configurations are likely lurking among your hosts. Our roundup of security scanners will help you identify and in some cases fix these potential problems.
15 Top PowerPoint Tips: Work smarter and faster while adding zip to your presentations with these ideas.
72
Internet: E-mail and IM messages are full of indecipherable shorthand. We help you translate the slang.
73
Security Watch: Spammers can bombard your IM sessions, so follow our suggestions to keep the annoying intrusions away.
74
Enterprise: Crime fighters are turning to blogging to keep a closer eye on illegal activity.
76
Internet Professional: Here’s how to keep bots and automated programs from filling out forms on your site.
79
User to User: Our experts show you how to recover the beloved Office fonts that disappeared with your Windows XP upgrade, and more. 16
StartUpCop Update: The newest rev of this popular premium utility lets you take control of the programs that launch during Windows start-up. (www.pcmag.com/downloads)
FIRST LOOKS
C O M M U N I C AT I O N S
70
www.pcmag.com UTILITY DOWNLOAD
25
70 Solutions
Online
New reviews every week! Coming soon: • Epson Stylus Photo R800 • Logitech QuickCam Orbit K • Mirra Personal Server (www.pcmag.com/firstlooks)
N E W S A N D A N A LY S I S The latest technology trends: • Chip Roadmap for 2004 • Spotlight on natural-language software • Who will win in the pay-for-music war? (www.pcmag.com/news)
ONLINE EXTRAS • Discussions: Log on and participate! (http://discuss.pcmag.com/pcmag) • Downloads: Check out our indexed list of utilities from A to Z. (www.pcmag.com/utilities)
Opinions 7 61 63 65 67
Michael J. Miller: Forward Thinking Bill Machrone: ExtremeTech John C. Dvorak John C. Dvorak’s Inside Track Bill Howard: On Technology
Personal Technology 146 After Hours The Comfort Zone: There are many new approaches to comfortable and safe computing. We survey a variety of devices and peripherals that can help prevent aches and pains.
148 Gear & Games The Nokia N-Gage; Ingineo Eyetop video goggles; Star Wars Jedi Knight: Jedi Academy; online tournaments for gamers.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
EXCLUSIVE COLUMNS DVORAK ONLINE K Each Monday, John C.
Dvorak gives you his take on what’s happening in high tech today. Visit www.pcmag.com/dvorak. ULANOFF ONLINE K And each Wednesday, Lance Ulanoff puts his own unique spin on technology. Visit www.pcmag.com/ulanoff.
Coming up: • Athlon 64 motherboard roundup • Geek gift guide • High-end laptop shootout (www.extremetech.com)
w w w. p c m a g . c o m /p i p e l i n e
T E C H N O L O G Y T R E N D S & N E W S A N A LY S I S WAR CHIP
Hotmail Unspammed MICROSOFT HAS SERVED UP
Mining for Meaning A renaissance for machine translation. he days of translation and natural-language software insisting on spewing amusingly idiotic interpretations may be headed for the history books. Until recently, language-processing software relied on rule-based algorithms that were typically insensitive to context. More powerful new approaches, however, use statistical analyses to decipher context and meaning. Language Weaver is one of the companies spearheading the approach (Meaningful Machines is another, focusing on interpreting English). Language Weaver offers machine translation software that focuses on statistics rather than grammatical rules to translate text from one language to another. Pattern recognition technology mines a database of millions of sentences, examining all possible correlations among words, to determine context by probability. As the database grows, the software learns and improves. Because Language Weaver’s software can simultaneously investigate many more word groupings than any human translator could conceive, experts say the software trans-
T
lates more efficiently than rule-based systems. Statistical analyses are also deemed to be better for distinguishing idioms such as, say, “Don’t have a cow” from statements like “We don’t have a cow.” In October, Language Weaver announced a strategic investment from In-Q-Tel, a venture capital firm that funds tech companies working on applications of interest to the CIA. Those involved are guarded on possible specific applications, but Language Weaver CEO Bryce Benjamin says government applications are being developed for screening massive volumes of text—often in obscure languages—while automatically translating it into English. Language Weaver’s newest software focuses on Arabic-to-English translation (see the photo). Benjamin foresees applications for large-scale, automated translation. Within three to five years, he expects that users will be able to type queries in a search engine in their native languages and receive translations of all information available worldwide. —Alexandra Robbins
a substantial overhaul to its popular MSN Hotmail Web mail service. While company officials aren’t saying that many of the new features are geared toward fighting spam annoyances, that looks to be the case. Hotmail’s large audience of over 130 million active users has made it a favorite target of hackers and spammers. “A big focus for us is to give people e-mail from known senders,” says Larry Grothaus, lead product manager of MSN. A Today page is now the default page and includes e-mails only
Israeli startup Lenslet is demonstrating an optical processor called EnLight, which the company claims can perform a supercomputerlevel 8 trillion operations per second. The processor is headed for military applications involving sensor networks and high-speed communications. “It will revolutionize the nature of warfare, with an effect similar to those of the tank or the airplane,” says Isaac BenIsrael, a retired major general and former head of the R & D Directorate of the Israeli Ministry of Defense. PRINTED TRANSISTORS
Xerox’s Palo Alto Research Center (PARC) has developed a plastic semiconductor transistor array made entirely using jet printing. The process involves spraying plastic or organic integrated circuits on a surface using an ink jet–like device. The company claims the technology will lower the cost of activematrix displays by replacing photolithography. A PRICE ON YOUR HEAD
from known senders (see the photo). Clicking on the Mail tab gives you your complete in-box. For subscribers, as opposed to users of the free version of Hotmail, the Today page includes an appointment list. Users of the free service get updates to the Today page and new contacttracking features but not calendar and appointment features. —Sebastian Rupley
Marking a new bounty-hunting approach to computer security, Microsoft has offered a $500,000 reward for information leading to the arrest of the authors of the recent Blaster and Sobig viruses. “These are real crimes that hurt a lot of people,” says Microsoft general counsel Brad Smith in a recent announcement.
Doing Double Duty Among home Internet users in the U.S., nearly half have a TV and a PC with Web access in the same room, say researchers. Among that 48 percent, almost half say they go online frequently while watching TV. How often U.S. computer users go online while watching TV Frequently Occasionally Rarely Never
47% 29% 5% 18%
Based on a surveyed subset of the 1.5 million Internet users comScore tracks. The percentages do not add up to 100 because of rounding. Source: comScore Media Metrix, September 2003.
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
25
PIPELINE
Taking Wi-Fi To New Heights FOR MOBILE WORKERS CHECKING
Interrupted by The Sun he technology infrastructure is always subject to surprises from Mother Nature. Set in motion by an eruption of gas on the sun, an enormous space storm—known as a coronal mass ejection (CME)—hurtled toward earth at the end of October. The storm was expected to cause problems with satellites, cell phones, pagers, and other electronic equipment. As it turned out, the storm interfered primarily with high-frequency airline communications and power grids. Forecasters at the National Oceanic and Atmospheric Administration (NOAA) Space Environment Center in Boulder, Colorado, were the first to notice two enormous sunspots, including one that became extremely big. “There was a dynamic sunspot region that you could put ten earths inside,” says Larry Combs, a forecaster for the Space Environment Center. Combs adds that “The power grids were definitely seeing effects. Planes operating up in the atmosphere experienced radio blackouts, especially at high altitudes.” Representatives at AT&T Wireless and Verizon Wireless say they didn’t see any degradation of cellular service, because cell-phone towers are located on the ground. But there were reports of disruption of satellite orbits as a result of the sunspots. According to NOAA, sunspots are not uncommon, but the ones we experienced in October were unusually large.—Cade Metz
ILLUSTRATION BY MILAN TRENC
T
26
e-mail on the run, Wi-Fi is a nice convenience. But for some Himalayan villagers in Nepal, a long-range wireless network is the only connection to the rest of the world. Since late summer, an 802.11b wireless network has enabled a group of rural villages to send and receive e-mail and use a Webcam to teach highschool classes over the villages’ intranet. No roads span the distances among the villages, but now farmers who want to discuss trades can hold meetings on the Web rather than spending two days hiking across mountain terrain. The originator of this project is Mahabir Pun, a native Nepali with an American college education. When his village got electricity in 1998, he used donated computer parts to build a highschool computer lab. But with no phone lines, the villages had to rely on Wi-Fi for Internet access.
Where Did I Read That?
“One of the goals we have for the network is to help the villages generate more income,” says Robin Shields, one of the four volunteers who helped build the network. Shields plans to teach a C++ course via e-mail so villagers can eventually outsource their skills. The network consists of 12 smartBridges airPoint-PRO Outdoor access points—five of which run on solar panels and wind Highgenerators— powered which connect antennas to a dial-up ISP connect 22 miles away villagers in Pokhara, as in Nepal to well as highthe Net. powered Pacific Wireless PMANT24 24-dBi-gain directional antennas (see the photo). All the equipment was hauled up 1 vertical mile to the villages. A troublesome 11,000-foot peak required the team to use three relay stations to redirect the signals. So the next time you curse a thick wall in your house for blocking your Wi-Fi signal, be thankful it’s not a mountain. —Jennifer Harsany
mazon.com has some new tricks up its sleeve for book browsers. The site has added a feature called Search Inside the Book, which allows full-text searching and viewing of every page in 120,000 books. The new offering, a result of content deals struck with nearly 200 publishers, is based on proprietary search technology. “The Search Inside the Book features followed our Look Inside the Book work, where tables of contents and other select parts of books were available,” says Udi Manber, an Amazon.com VP. He says the database, with over 33 million book pages, is several terabytes in size. Some visitors to PC Magazine’s Web discussion forums say they get too many false positives when searching—receiving content that had nothing to do with the sought-after topics. “This is just the beginning, though,” says Jani Baker, an Amazon spokesperson. The company is refining its search technology, and Baker adds that “The number of titles we have at launch is more than most book stores carry, and there are many more to come.”—SR
A
Can You Spare Some Change? Back in the Web-wild 1990s, micropayments—in which customers pay a few cents or even a fraction of a cent to view or purchase articles, music, and programs online—were touted as a way to generate revenue. The idea never took off, mainly because people were used to getting material online for free and because the transaction costs were high. But micropayments may be poised for a comeback. What’s different now? First, the Apple iTunes Music Store, the 99-cent-per-song download site, has struck a chord with consumers. Now others are extending the model. The trouble is that transaction costs can account for over 25 percent of any price tag. A company called Peppercoin thinks it has a workaround.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
According to Rob Carney, a Peppercoin cofounder, the company can lower transaction costs to around 7 cents on the dollar—versus the 30 cents or more charged by credit card firms. Customers download Peppercoin’s software and provide their credit card numbers. Peppercoin then does its own verifications for online stores and collects multiple small transactions into a few large transactions. “It’s a hyperefficient way of processing payments,” says Carney. Peppercoin believes that music, games, ring tones, and printed content are all ripe for micropayments. Some 30 million Americans are somewhat likely to purchase content for less than $2 in the next year, according to a survey conducted by research firm Ipsos-Insight. That could amount to some not-so-micro-payments.—John R. Quain
PIPELINE
Compaq’s Gaming Play Compaq is testing the waters on a new PC family, the X series, aimed at gaming enthusiasts who might otherwise shop for Alienware, Falcon Northwest, or VoodooPC machines. The Compaq X09 (available exclusively at CompUSA) will be powered by a 3.2-GHz Pentium 4 and 1GB of RAM, with an nVidia GeForce FX 5950 graphics card, DVD burner, and other high-end goodies. —Jamie M. Bsales
A PDA for Game Lovers If you need a better reason to carry a PDA than just convenient access to your contacts, calendar, and to-do list, the Tapwave Zodiac family might be for you. Sure, the Zodiac is a personal organizer with all the typical Palm OS utilities, but it’s also a 6.3-ounce portable game system with a 3.8-inch screen powered by the ATI Imageon 2-D graphics accelerator and Fathammer X-Forge 3-D graphics engine. If that’s not enough for you, it can also play MP3s.—JMB
$3,000 street. Hewlett-Packard Co., www.compaq.com.
$299 direct and up. Tapwave, www .tapwave.com.
Thin Kyocera Camera Slimline Projector Portable projectors keep getting smaller. The new Vision V3 models from PLUS are just 1.4 inches high when closed, and each slips easily in your computer bag along with your laptop. The PLUS V3-111 is an SVGA unit rated at 800 ANSI lumens, and the PLUS V3-131 delivers 1,000 lumens and XGA resolution. Each model has a full complement of I/O ports and weighs just over 2 pounds.—JMB V3-111, $1,500 street; V3-131, $2,000. PLUS Vision Corp. of America, www.plus-america.com.
When it debuts, the Kyocera Finecam SL300R promises to be the world’s thinnest digital camera with 3X optical zoom. Less than 3/4-inch thick, the SL300R will include a swivel lens for obtaining images from virtually any vantage point. The 3.2megapixel SL300R will also have Kyocera’s proprietary Rapid Tuning Technology (RTUNE), which increases image fidelity and lets you shoot continuously for the entire capacity of your memory card instead of being limited to a few consecutive shots.—JMB $400 street. Kyocera Optics Inc., www.kyocera.com.
Talk to Your PDA The new Microsoft Voice Command software for Pocket PC PDAs and PDA/phone combo devices lets you find contact info, check calendar appointments, launch applications, make phone calls, and even select and play music simply by talking to the device on which it is installed.—Bruce Brown
28
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
DVD Burners Double in Speed
$40 direct. Microsoft Corp., www.microsoft.com.
HP, Plextor, Sony, TDK, and others are releasing recordable DVD drives that will burn at a rated 8X speed, which is double the rate of the current crop of drives.—JMB
$399 and up. Various manufacturers.
HANDS-ON TESTING OF NEW PRODUCTS 36 HP Photosmart 945 38 Fujifilm FinePix S7000 38 Sigma SD-10 40 Sharp Actius RD3D
43 Motorola MPx200 with Windows Mobile Software 43 Samsung SCH-i600 46 LANDesk Management Suite 8
DV Cameras Get Better with Stills BY JAN OZER
The holiday season and camcorders go together like turkey and stuffing, especially when we’re talking about DV camcorders. And like any high-end toy, they’re as exciting to buy as they are to use for recording your favorite holiday memories. • Looking back, we’ll remember 2003 as the year camcorder vendors got serious about still-image quality. The Holy Grail for memory mongers would be a single device that can serve to take digital pictures as well as videos. The models we tested for this story are among the first 3- and 4-megapixel camcorders on the market. • This year also brought us THE MAGAZINE WORLD’S LARGEST COMPUTER-TESTING FACILITY
32
Canon Optura Xi With good video quality and many advanced features, the Canon Optura Xi is ideal for consumers or professionals seeking a small, relatively inexpensive DV camcorder ($1,699 list). But with only 2-megapixel
images and an anemic flash, the Optura shouldn’t be your first choice for double-duty video and still-image use. The Optura is a long and lean unit with an 11X optical zoom lens and a bright, 3.5-inch LCD. You can access most functions with buttons and dials conve-
The Canon Optura X1 delivers high-end features in a well-rounded package.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
PHOTOGRAPHY BY THOM O’CONNOR
the first affordable units with prosumer features such as manual audio gain (the ability to monitor and control volume of incoming audio) and zebra striping (where potentially overexposed areas of a scene are highlighted with stripes on the viewfinder, so that the shooter can take corrective action). This roundup also includes the first three-ccd video camera priced under $1,500. Specs and features aside, however, quality is always a top priority for a camcorder, so we’ve applied a rigorous blend of labsbased and informal testing, with juries ranking the five entries on video image quality. The reviews below report and explain these findings, as well as the results of our hands-on testing. And while we found several laudable camcorders in this group, none supplants the Canon Optura 20 (see “Hot Shots, Cool Cuts,” October 1) as our Editors’ Choice among prosumer models. The Optura 20 delivers very good image quality and a host of features (including a 16X optical zoom lens) for just $999 list.
niently positioned on the camera body, rather than the more cumbersome menu-based controls most other cameras offer. For instance, you can easily switch between shooting modes such as night, sand and snow, and spotlight by using a dial. Like the Panasonic PV-DV953 (also reviewed here), the Optura offers prosumer features such as zebra striping, optical image stabilization, and manual audio gain controls with a handy meter that gauges incoming volume. A manual focus ring around the lens is also noteworthy, as are the smooth and quiet zoom controls. The only drawback for serious use is the bottom-loading tape mechanism, which prevents you from changing tapes while the
w w w. p c m a g . c o m /f i r s t l o o k s 46 PositivePRO 48 Dell W1700 LCD TV 50 Gateway 17-inch LCD TV
WHAT THE RATINGS MEAN
50 Samsung 172MP 52 Sharp LL-M17W1 53 ViewSonic N1700w
lllll EXCELLENT llllm VERY GOOD lllmm GOOD llmmm FAIR lmmmm POOR
camera is on a tripod. Though the Optura has only one CCD, Canon uses an RGB Primary Color Filter to simulate the color accuracy produced by three-CCD systems. This proved very effective on our tests, where the Optura produced very good color and fine detail, with minimal noise. Facial contrast was very good, with accurate skin tones, and video had a warm, enticing feel. Most impressive was the lack of bleed in the color charts, where results were superior to the Panasonic unit with three CCDs. Audio was slightly muted but clear, with much less background noise on our tests than the Sony model. The camera’s 1.75-inch CCD delivers 2MP still images, aided by a small flash above the lens. The still-image features were strong, including selectablefocus points and automatic exposure bracketing, which shoots multiple images simultaneously at different exposure settings. But overall, the still-image results were disappointing. Specifically, shots were slightly blurry, and ad hoc testing revealed that the flash was less robust than that on either the Sony or Samsung units, resulting in slightly darker images with more noise than other cameras. The included 8MB SD memory card also seemed chintzy in a camera with a fourfigure price tag. Still, if video is your top priority, the Optura Xi puts some high-end features within reach. Canon Optura Xi List price: $1,699. Canon U.S.A. Inc., 800-652-2666, www.canondv.com. OVERALL RATING: llllm
JVC GR-DX300 It may be the smallest and most affordable camera in this roundup, but the JVC GR-DX300 ($999.95 list) produced the lowest-resolution still images and below-average video quality. This makes it suitable only for users who value price and convenience over top image quality. The GR-DX300 is an upright unit like the Sony but lighter and less bulky. Although its LCD viewfinder is slightly larger than
clicking through the controls. Video performance was lackluster. The talking-head video in our test suite exhibited a slight yellowish tint with generally muted and washed-out colors that lacked the visual appeal of those produced by the category leaders. But detail was sharp, and the GR-DX300 took decent shots in low light without the noise exhibited by several other cameras. Audio quality was good for a camera this small. In still-image shooting, colors
The JVC GR-DX300 is compact and affordable, but video quality is not first-rate.
the Sony’s, it has fewer pixels, and the low resolution caused slight flickering along hard edges in the scene. Using the camera is generally straightforward, though the dial zoom control on the back panel takes some getting used to. JVC also needs to rethink the awkward menu system: The GRDX300 is the only camera here that you can’t configure without
again were muted, and the GRDX300’s 1.33MP CCD couldn’t match the fine detail produced by the other cameras in this roundup. For better still-image usability, JVC needs to make features like flash control available on the camera body rather than in the menu system. Though it performed well for a camera of its size and price, the GR-DX300 lacks the sophisticat-
ed electronics and image quality of the more expensive cameras in this roundup. JVC GR-DX300 List price: $999.95. JVC Company of America, 800-252-5722, www.jvc.com. llmmm
Panasonic PV-DV953 The only three-CCD camcorder in the roundup, the Panasonic PV-DV953 ($1,499 direct) offers a strong range of features and is ideal for tripod use. It produced very good video and still-image quality under optimal lighting conditions, but quality suffered in dim light. This makes the PVDV953 an affordable option for experienced videographers with a knowledge of lighting techniques and exposure adjustments but a poor choice for point-and-shoot beginners. The camera is similar in size, weight, and shape to the Canon Optura Xi, with a 3.5-inch LCD panel on the left and a manual focus ring around the lens. A second record button perched slightly behind the lens gives you a range of shooting positions. Like the Optura Xi, the PVDV953 offers a laundry list of prosumer features, including optical image stabilization, zebra striping, and manual audio gain control with an audio meter. (Alas, Panasonic buries access to the meter in the menu system; we prefer Canon’s approach, which uses a button on the camera body.) The PV-DV953 ’s shutter, iris, and white-balance controls are easily accessible, more so than the Canon’s. The unit’s tapeloading mechanism is on top, so you can change tapes while it is on a tripod. The unit’s wireless remote—
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
33
FIRST LOOKS
with zoom, record, and snapshot controls—is also a handy feature. The PV-DV953 ’s viewfinder is more adjustable than the Canon’s, but the accessory shoe isn’t powered, so add-ons such as microphones and video lights need external power. Panasonic built the PV-DV953 around three 1/6-inch CCDs. The camera produced sharp, clear images and good color contrast under studio lighting, though saturated colors were muted compared with those produced by the Canon and Sony units. Images under low-light conditions became slightly grainy and indistinct. But audio was clear, with minimal background noise. In still-image trials, the PVDV953 produced sharp images under studio lighting, which matched those produced by the Sony entry and trailed only the 4MP Samsung unit in clarity and color. In low light, however, the images became darker, and graininess and occasional compression artifacts appeared.
lens and controls. This isn’t immediately obvious, but with a little practice it soon becomes second nature. The LCD panel on the back attaches at the top of the unit and swings only 180 degrees upwards, so it’s difficult to see when shooting below eye level.
You can swivel the camera module downward to get the shot, but it’s awkward. Otherwise, shooting controls for both functions are logically placed and accessible. Still-image performance was phenomenal for a camcorder. Aided by a powerful flash, the
The Samsung SC-D5000 has a split personality: Half is a killer 4.1MP still camera, the other a mediocre DV camera.
Samsung SC-D5000 List price: $1,199.99. Samsung Electronics Co. Ltd., 800-726-7864, www.samsungusa.com. llmmm
Sony DCR-PC330
Panasonic PV-DV953 Direct price: $1,499. Panasonic, 800-272-7033, www.panasonic.com. lllmm
Samsung SC-D5000 In an effort to create a camcorder that excelled at both stillimage and video functions, Samsung combined a separate lens and CCD for each into one hybrid camera, the SC-D5000 ($1,199.99 list). Samsung got it half right, as the 4.1MP still images are the best we’ve seen from a camcorder. Unfortunately, video quality—what you buy a camcorder for, after all—does not measure up, with indoor shots exhibiting a consistent blue tint and unacceptable noise under low-light conditions. The SC-D5000 is a two-part camera: The right side contains the video tape and Memory Stick; the back holds the viewfinder and LCD screen. The left module houses the separate still and video mechanisms and rotates lengthwise. You switch between modes by rotating the module to expose the desired 34
SC-D5000 produced 2,272-by1,704 images with fine detail and highly accurate color; these pictures were easily the best in this roundup. Video results were the polar opposite. All indoor shots taken in fully automatic mode exhibited a blue tint so severe that we requested another camera to ensure that the unit wasn’t defective. Our results with the second unit were identical. We tried using the indoor white-balance preset, which exacerbated the problem. Outdoor shots in automatic mode were quite good, but unless you plan to use this camera exclusively outdoors, it’s not the best option.
The Panasonic PV-DC953 is better for video hobbyists who have mastered lighting techniques.
VIDEO QUALITY TESTS Talking head
Action
Low light
OVERALL RATING
Canon Optura Xi
llll
lll
ll
llll
JVC GR-DX300
lll
l
ll
ll
Panasonic PV-DV953 Samsung SC-D5000 Sony DCR-PC330
llll
ll
ll
lll
ll
l
ll
ll
llll
ll
ll
lll
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
The Sony DCR-PC330 ($1,700 direct) offers a unique blend of compact size with good stilland video-image quality, making it a natural for anybody seeking one camera to take anywhere. But those looking for an inexpensive prosumer camera should check carefully, since the DCR-PC330 lacks some critical features offered by the Canon Optura Xi and the Panasonic PV-DV953. The DCR-PC330 incorporates a huge, 1/3-inch 3.3MP CCD. You hold the camera upright and look through the top-mounted viewfinder or 2.5-inch LCD panel, which proved legible even in direct sunlight. Also nice was the manual focus ring on the lens, which zooms to 2X magnification during adjustment, simplifying focusing. Most users will find the new, customizable, touch screen– driven 3-D menus very intuitive, with innovative features like the ability to focus the camera or set the exposure by touching the target area on the screen. But beyond this, the DCR-PC330 lacks prosumer features such as zebra striping and manual audio gain control. And the zoom controls were small and twitchy.
FIRST LOOKS
Like the Optura Xi, the DCRPC330 uses a primary color filter to simulate a three-CCD system. Indeed, the results rivaled the three-CCD Panasonic unit and trailed the Optura Xi only slightly. The DCR - PC 330 produced crisp colors with minimal bleed in talking-head trials, with strong reproduction of black, grays, and even highly saturated colors like maroons and reds. Facial contrast was good, though slightly overexposed, and detail was well preserved. Quality dropped in highermotion sequences, where the Canon model’s results were clearly sharper. But the DCRPC330 produced a brighter image than either the Panasonic or Canon on low-light tests. Speech pickup was very good, though the camera also picked
The Sony DCR-PC330 offers a good combination of still- and videoimage quality.
up significant ambient noise. Still-image quality was on a par with or better than that of the Panasonic’s on most tests. In addition to a more powerful
flash (which produced brighter pictures in low-light conditions than that of any camera except the Samsung), the DCR-PC330 also offers NightFraming. This
HP’s 5MP Beauty Hits—and Misses BY SALLY WIENER GROTTA AND DANIEL GROTTA hink of the 5-megapixel HP Photosmart 945 as a “prosumer lite” digital camera. Like the Minolta DiMage DH1 and the Nikon CoolPix 5700, the 945 is a full-sized model with through-the-lens viewing and very good to excellent image quality. It also has an innovative digital flash feature that can brighten darkened subjects without firing the strobe. But many functions that photo hobbyists demand are missing, and viewing and focusing with the unit are less than ideal. Weighing in at just under 1 pound, the all-black 945 has the look and feel of a quality 35-mm film camera. Its chunky highimpact plastic body is easy to hold and shoot, even with one hand. HP has given the 945 an 8X optical zoom lens—impressive for a camera in this price range—and a 6-mode pop-up flash.
T
36
There are other things to like, too. Most notable is the camera’s digital flash feature. It acts like an electronic fill flash, automatically adjusting the exposure of backlit subjects so you don’t wind up with underexposed silhouettes. The 945 is also one of only a handful of digital cameras that incorporate built-in help wizards, and its pan and zoom capability is the best we’ve seen, able to continuously magnify an image to the pixel level. The 945 is quick and easy to use. Bootup takes 3.9 seconds,
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
and recycling time between shots is a fast 1.3 seconds (with flash and LCD viewfinder enabled). The camera’s burst mode lets you fire off five shots in less than 4 seconds, even with flash enabled (although writing those five images to memory takes over 30 seconds). Like other Photosmart digital cameras, the 945 facilitates easy, effortless image file transfer, direct output with certain HP printers, and extensive picturesharing capability. The 945 delivered image quality that ranged from very good to excellent in our testing. The flash test shot was sharp, with excellent color and dynamic range. Our simulated daylight test shot was correctly exposed but not as crisp as we’ve seen from other 5MP cameras, and it exhibited limited depth of field. The HP Photosmart 945 looks like a prosumer camera, but without the complexity.
feature uses the camera’s onboard infrared capabilities to frame a shot in total darkness, then switches off the infrared and triggers the flash to produce a picture with natural colors. The only drawback we observed was a side-mounted still-photo button that tended to jerk the camera when pressed too firmly; we used the timed-record function for most of our tests. The DCR-PC330 is an admirable attempt to blend a still camera and video camcorder into a compact package. It will appeal to users who value small size; just know that the Canon Optura Xi delivers better video quality and more features at about the same price. Sony DCR-PC330 Direct price:$1,700. Sony Electronics Inc., 800-222-7669, www.sonystyle.com. lllmm
Other features are lacking as well. Unlike in the Nikon CoolPix 5700 and the Olympus E20n, the 945’s 2-inch LCD viewfinder is fixed rather than articulated. It also has an electronic (not optical) eye-level viewfinder that automatically toggles on when you look through the eyepiece. But both viewfinders are jerky and grainy, and focus is annoyingly slow and difficult to judge. The camera features aperture and shutter priority, plus the ability to adjust color saturation, sharpness, and contrast exposure. But it’s missing most higher-end functions, such as histogram, bracketing, external flash synchronization, and antishake lens technology. The HP Photosmart 945 will appeal to point-and-shoot users who want a relatively inexpensive digital camera with heft and substance, minus the complexity associated with most prosumer models. But more serious shutterbugs will feel hampered by its limitations. HP Photosmart 945 Street price: $550. Hewlett-Packard Co., 888-999-4747, www.hp.com. lllmm
FIRST LOOKS
Fuji Delivers Double The Pixels BY LES FREED he Fujifilm FinePix S602 was a sleeper hit last holiday season, selling out its entire production run in just a few months. This year’s Fujifilm FinePix S7000 improves on the S602 in nearly every way—starting with twice as many pixels (6.3 megapixels) and a lower price ($700 street). The S7000 looks and feels like a slightly miniaturized 35-mm SLR camera, though it’s not a true SLR. In place of an optical viewfinder, the S7000 has a 235,000-pixel electronic viewfinder (EFV), one of the best we’ve seen. Another winning feature of the S7000 is its excellent 6X zoom lens, with a 35- to 210-mm effective focal length.
of the credit goes to the 6.3MP sensor itself, not the interpolation. With the feature enabled, the extra pixels delivered marginally better image detail—but at the expense of greatly increased file sizes. We found the S7000 easy to use. Advanced photographers will find
T
The Fujifilm FinePix S7000 features a 6.3MP sensor, with the ability to interpolate to 12.6MP.
The S7000 is the first camera to use the new Fujifilm Super CCD HR image sensor chip, which packs twice as many pixels into the same space as the previous-generation Super CCD sensor. The S7000 uses an incamera interpolation algorithm to take 6.3MP images and produce files with effectively twice the number of pixels. Indeed, our test pictures were very sharp and clear, with little noise and vivid colors. But most
all the controls they expect, including a full range of exposure modes; a spot meter; a dedicated exposure compensation button; a manual focusing ring; and an on-screen, real-time exposure histogram. If you’d rather not mess with the controls, you can simply put the camera’s mode dial on Auto and let the camera do the rest. The S7000 has one of the best built-in flash units we’ve seen. The pop-up bulb emits a short
preflash before the exposure in order to judge the reflectance and distance of the subject. While the preflash adds a tiny delay to the picture-taking process, it delivers perfect exposures nearly every time. The company did cut a few corners in the S7000’s bundle, however. Power comes from four double-A batteries or a rechargeable nickel hydride battery pack add-on ($40 street), rather than a costlier (and longer-lasting) lithium ion battery pack. And though the S7000 accepts CompactFlash and xD-Picture Card media, Fujifilm provides only a 16MB xD-Picture Card in the box. Still, we think the S7000 is one of the best values in the prosumer class. The Nikon Coolpix 5700 has an 8X lens but only 5MP for the same price. If the S7000 sounds appealing, our advice is to grab one before they sell out, too. Fujifilm FinePix S7000 Street price: $700. Fuji Photo Film USA, 800-755-3854, www.fujifilm.com. llllm
Better CMOS Camera BY LES FREED he Sigma SD10 digital SLR ($2,000 street) is the second camera to use the innovative Foveon X3 CMOS image sensor (the first was the Sigma SD9). The SD10 employs a second-generation sensor that offers improved lowlight sensitivity and lower image noise than the previous model. On the outside, the SD10 is virtually identical to the SD9. But thanks to the new sensor, the SD10 operates at ISO speeds up to 1,600 (compared with 400 for the SD9). Also, you can now adjust exposure in increments of 1/3 stop (instead of 1/2 stop on the SD9). And the SD10 extends the maximum shutter speed to 30 seconds, a must-have feature for low-light photography. The new X3 Pro 10M chip uses microlenses: tiny light-gathering glass lenses that are bonded to the surface of the image sensor,
T
38
improving the sensor’s sensitivity. The tradeoff is that while microlenses improve light sensitivity, they also have a tendency to reduce sharpness and detail slightly—but fortunately not to the naked eye. We found the images from our test camera to be very sharp, with plenty of detail. Unlike most digital SLR cameras, the SD 10 saves images only in a RAW data format that must be post-processed on a PC. The SD10 comes with a new version of Sigma’s PhotoPro post-processing software that includes several significant improvements and some interesting new features. Most notable among them is a fill-in flash that greatly improves shadow and highlight detail in highcontrast shooting situations.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Instead of a CCD sensor, the Sigma SD10 uses a CMOS sensor to capture images.
Other enhancements include faster file conversion, better JPEG image rendering, and the addition of a noise-reduction algorithm. Sigma also announced a new wireless flash system and several new lenses for the SD10, including an ultrawide 12- to 24mm, a compact 18- to 50-mm, and a 55- to 200-mm lens. The new flash and lens options fill in some key missing pieces in Sigma’s product line. Such improvements mean Sigma now has a real contender
for serious photo hobbyists and studio pro photographers. Of course, Sigma faces fierce competition from Canon, Nikon, Olympus, and Pentax, all of which offer more complete product lines for their digital SLRs than does Sigma. The Canon Digital Rebel ($999), which we previously reviewed in First Looks (October 28) is the product to beat in this space, and the SD10’s lack of in-camera JPEG support is a major drawback for hobbyists looking for instant gratification. For those users, the Canon offering is the better choice. Sigma SD10 Street price: $2,000. Sigma Corp. of America, 631-585-1144, www .sigma-photo.com. llllm
FIRST LOOKS
Sharp Notebook Debuts 3-D Screen BY BILL HOWARD t’s not every day—or every year, for that matter—that a new screen technology appears. So the debut of the Sharp Actius RD3D notebook ($3,299 direct) is news. It’s the first U.S. product to use the company’s proprietary 3-D LCD technology, which displays realistic-looking three-dimensional images without the need for special glasses. Best of all, the technology has no effect on the quality of 2-D text and graphic images. To render 3-D images, the system uses two 15-inch LCD panels that sandwich a parallax barrier (parallax refers to the difference between what your left and right eyes see, which the brain interprets as 3-D). The front panel is a standard Sharp 15-inch XGA (1,024-by-768) color display. In 2-D mode, only this panel is active. The rear panel is a monochrome-only unit that provides 3-D information. One image is created from pixels 1, 3, 5, 7 and so forth up to pixel 1,023 for the left eye, while the right eye sees pixels 2, 4, 6, and so on, through 1,024. The two panels, the parallax barrier, and the light path through them are aligned to work best when a viewer is about 21 inches back from the
I
display and perfectly centered. Some applications go into 3-D mode automatically; for others, you push the big “3-D” button on the keyboard. Sharp says that uses might include medical imaging, CAD, architectural mock-ups, life sciences, possibly online shopping, and of course gaming and digital imaging. Sharp bundles a program that lets you create a 3-D image from a standard photo; you outline the areas you want to be foreground, then designate the background areas. For people-plus-mountain snapshots, it’s quite effective. Also bundled are Dynamic Digital Depth’s TriDef movie player for playing 3-D videos, and Personal CAChe, a chemical molecular modeling program. Our experience viewing still images was outstanding. You do notice an apparent loss of resolution going into 3-D mode (each eye sees 512-by-768 worth of pixels), but the foreground-to-background separation is outstanding. It was even better playing a Spiderman demo movie. However, three 3-D–enabled Electronic Arts games bundled with our test unit were problematic. On Need for Speed Hot Pursuit 2, we observed vertical bands and ghosting (secondary images); on James Bond 007:
The Sharp Actius RD3D features the industry’s first 3-D laptop display.
Nightfire, the ghosting was severe, and each eye saw not one but two aiming circles, making it hard to rack up a decent kill rate. Also, because you’re looking at the screen’s flat 2-D surface, there’s an acclimatization period while your brain figures out how to process the image. Indeed, some of our viewers complained of eyestrain. Adaptation can be instantaneous in teenagers, Sharp says, while older users (60 and up) could take a couple hours to be comfortable. And as with any new technology, Sharp faces a chicken-andegg challenge: Selling enough units to make it worthwhile for software makers to 3-D–enable their apps, and having enough compatible apps to make the 3-D machine worth buying. (Sharp says there are hundreds of titles that are 3-D enabled.) As for the notebook itself, the RD3D is a desktop replacement notebook based on Sharp’s RD
A 3-D Screen—Without Goggles The LCD screen on the Sharp Actius RD3D can display images that look three-dimensional by exploiting the parallax effect—the slight difference each eye sees, which the brain then converts to 3-D. 3-D Display Mode
2-D Display Mode
With 3-D enabled, a parallax barrier behind the traditional LCD TFT screen reveals one set of pixels to the viewer’s right eye and a slightly different set to the left eye. This creates the perception of depth in the brain.
When working in normal 2-D mode, the switching crystal that controls the parallax barrier allows the same set of pixels to be seen by both eyes, resulting in a traditional two-dimensional screen image.
Parallax barrier
Switching crystal
LCD panels
Parallax barrier
Switching crystal
LCD panels
series, which have three drive bays (hard drive, optical, floppy disk drive) and a 15-inch display. Our test unit checked in at 10.2 pounds, or 11.8 pounds travel weight with the bulky transformer. Luckily, it’s also heavy on features, with a 2.8-GHz Pentium 4, 512MB of RAM, a 60GB hard drive, and a Matsushita DVD-RAM burner. The RD3D was a good performer, with Business Winstone 2004 and Content Creation Winstone 2004 scores (17.3 and 21.0, respectively) that fell at the upper end of the spectrum among notebooks we’ve tested. Our tests indicate battery life to be only about 2 hours; but then, this system is unlikely to be used for long periods away from a wall plug. Without a doubt, this is incredibly advanced display technology. We were disappointed with our 3-D game experience, but the still-image and videoclip demos show that the technology has promise. Currently the 3-D feature adds “in the low hundreds of dollars” to the price. That’s low enough to make early adopters want to take a look, knowing they’re getting a powerful, full-featured 2-D notebook to boot. Sharp Actius RD3D
L
R
L L
R
L
R
R
L
R
L
R
With 2.8-GHz P4, 512MB DDR SDRAM, 60GB hard drive, DVD-RAM drive, nVidia GeForce 4 440 Go graphics, 15-inch 3-D XGA display, Microsoft Windows XP Pro, $3,299 direct. Sharp Systems of America, 800-237-4277, www.sharpsystems.com. OVERALL llllm M llllm P llllm V llllm G llmmm
40
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
FIRST LOOKS
Microsoft’s Smartphone Exceeds Expectations BY BRUCE BROWN ur early peeks at Microsoft’s Smartphone platform—the phone-centric operating system that’s part of the company’s Windows Mobile family—didn’t push our buttons. But now that we’ve had a chance to test the new Motorola MPx200 and the Samsung SCH-i600, we’re ready to admit that our first impressions were wrong. Don’t confuse Smartphonebased devices with PDA/phone combos (such as the Treo 600), which are based on either the Palm or Microsoft Pocket PC operating systems. Smartphones are not PDAs but rather very smart phones that happen to play multimedia files, work beautifully with Outlook (retrieving e-mail wirelessly), and more. The official line on Microsoft Windows Mobile 2003 Software for Smartphones (Smartphone for short) is that it’s a platform designed for one-handed operation targeted at people who want to use Outlook data on a mobile phone for calling, messaging, and e-mail. Key applications in the OS include Pocket Outlook, Pocket Internet Explorer (with both WAP and HTML support), and Windows Media Player 8 (for playing music, image, and video files). You can also play games on the phone; a version of Solitaire is included, and more games are coming from thirdparty developers each week. If your company uses Exchange 2000 Server with Mobile Information Server and Exchange 2003, you can synchronize your Outlook Contacts, Calendar, and Inbox wirelessly. But even small-business users
O
without enterprise server products can configure the phone’s Inbox application to access POP3 and IMAP4 e-mail for automatic updates. The Smartphone OS has a raft of features that improve digital phone operation, including several ways to find and dial numbers, a speakerphone, and tight integration with Outlook. (For example, you can have your phone switch automatically to silent mode during the times you have meetings scheduled in your Outlook Calendar.) When you connect to a host PC with a Smartphone, the phone uses ActiveSync 7.1 to synchronize Outlook’s Contacts, Calendar, and Tasks areas. We were able to have the phones check our POP3 Yahoo! e-mail account wirelessly every 15 minutes (you can choose longer intervals or set it to manual mode). Within a couple of days, we stopped carrying a PDA and carried one of the Smartphones instead, plugging it into the USB cable attached to our desktop P C w h e n e v e r we came back to the office to synchronize the PIM apps and charge the phone’s battery. The SCH-i600 is larger than Motorola’s entry, but the CDMA coverage is a draw.
In short, if you want a large display on a PDA for working with Word or Excel documents while you travel, a Pocket PC Phone Edition device would be a better choice. But if you use a PDA mostly for contacts, appointments, tasks, entertainment, and reading and managing e-mail, a Smartphone may be a better solution.
MOTOROLA MPX200 The MPx200 has the potential to be as influential to the industry as was Motorola’s StarTAC. Small at 3.4 by 1.8 by 1.0 inches (HWD) and lightweight (4.2 ounces), the clamshell-style MPx200 has two LCD screens: a color display on the flip-up panel and a monochrome on the case top to show the time, date, signal strength, battery power, and caller ID . An SD / IO slot supports up to 1GB SD cards, and the phone itself has 32MB of ROM and 32MB of RAM (10MB of RAM is available for user data). There’s a jog dial on the left side of the phone, and the bundle includes an earpiece (for phone use) and a stereo headset (for listening to music). The MPx200 beats other conventional phones hands down in using Outlook contact data, because you aren’t limited to just a few hundred contacts. Compared with PDA/phone combinations such as the admirable Treo 600, the MPx200 is more phone-centric and doesn’t have the huge installed base of Palm OS applications. But the integration with Outlook is far superior, and the e-mail client is simple to set up and use. SAMSUNG SCH-I600 The Samsung SCH-i600 is a dual-band phone with support for 800- MH z and 1,900- MH z CDMA . It’s a bit larger and heavier (5 ounces) than the Motorola MPx200, but if you need CDMA’s superior coverage, you won’t mind carrying the extra bulk. The Samsung entry has slightly larger keys and buttons than the Motorola model, but the displays are the same (2.2 inches, 176-by-220 resolution). The phone’s keys are flat and
Sleek and powerful, the MPx200 puts Motorola back on top in phones.
responsive—an aspect we appreciated playing the Smartphone version of Solitaire during our morning train commute. Like the Motorola, the SCHi600 has an SD/IO slot. The phone’s bundle includes both a standard battery (rated at 2.5 hours talk time and 4 days in standby mode) and an extended battery, (4.7 hours talk time, 7 days standby). There’s also a docking cradle and AC adapter, but no earset for listening to music or for hands-free calling. The SCH-i600’s Smartphone functions add the convenience of PIM and e-mail–oriented PDA features. Although we prefer the smaller dimensions of the Motorola model, the Samsung SCH-i600 is a fine device. And perhaps its greatest initial appeal is that it adds a CDMA carrier to the U.S. Smartphone presence. Motorola MPx200 with Windows Mobile Software Street price: $300, plus monthly service fees. Requires: Host PC running Microsoft Windows 98, Me, NT, 2000, or XP. AT&T Wireless, 866-7322468, www.attws.com. lllll
Samsung SCH-i600 List price: $499, plus monthly service charges; rebates available with service contracts. Verizon Wireless, 800256-4646, www.verizonwireless.com. llllm
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
43
FIRST LOOKS
Central Control for Your Network BY ROBERT P. LIPSCHUTZ AND BRIAN KENNY ith LANDesk Management Suite 8, IT managers can control the computers on their networks and implement software and security policies efficiently. LANDesk 8 has impressive depth. It includes asset management, device discovery, software license management, PC remote control, software distribution, and operating system recovery and migration. This default functionality can also be extended by other LANDesk add-ons, such as System Manager ($9 per node) for real-time problem resolution and Server Manager ($499 per server) for monitoring servers. Macintosh support has also been improved in this version. LANDesk 8 does a good job of packing all these features into a comprehensible interface. Although the management console seems a bit overwhelming
W
at first, IT managers will not have a hard time understanding and appreciating it. In our testing, we were most impressed by the policy-based software distribution feature. LANDesk 8 lets you distribute any software app to any group within a company. It supports multiple-file MSI packages and handles distribution efficiently.
To combat any network degradation and to increase performance to remote computers, LANDesk 8 provides bandwidth throttling, multicast distribution, and checkpoint restarts. For example, to distribute a security update to all Microsoft Office users or a new virus definition to all your users, you can simply specify the maximum
LANDesk Management Suite 8 The Management Console’s interface provides easy access to LANDesk 8’s wealth of features.
B
46
List price: $89 per node (minimum, 10 nodes). LANDesk Software Inc., 800-982-2130, www.landesk.com. llllm
Can You Outsource Remote Access? BY ROBERT P. LIPSCHUTZ usy network administrators will appreciate getting something for nothing. The something is secure remote access to your company network; the nothing is the equipment and software you’ll need to set up at the office. Unlike most other companies in this category, Positive Networks offers a managed service— called PositivePRO—that gives your employees secure remote access to files, applications, e-mail, and desktops. All you need is a router that supports the IPsec protocol. You can be up and running in a few hours. The start-up fee covers the cost of having a Positive Networks rep work with your network administrator to create an IPsec tunnel between its data center and your network. Working together, they can use a
bandwidth and eliminate congestion issues. Using its peer download technology, LANDesk 8 will serve the appropriate packages to a select number of users across your network’s various subnets, and those machines will in turn serve them to their peers. In the event that a machine shuts down halfway through a transfer, the byte-level checkpoint restart feature will ensure that the update gets efficiently completed upon restart. LANDesk 8 presents a lot of management capabilities in one package, as do competitors such as Microsoft SMS and Novell ZenWorks. While the initial experience can be a little daunting, the performance enhancements that LAND esk 8 delivers (namely the multicast and incremental file-transfer capabilities) are worth the initial start-up pains.
Web-based Policy Manager to create a suitable configuration for your company, including user names, file shares, applications, and e-mail servers. End users can access your network in one of three ways. First, they can enter through their own
WebTop, a customized remoteaccess portal with favorites, mapped drives, and application and e-mail links all shown on one screen. Second, users can access desktops directly from the WebTop, as long as the desktop has remote-control software installed. Finally, users can install a piece of client software, which contains some typical VPN functions wrapped in helpful little extras, from the WebTop. The applet will connect to your network, change your Windows wallpaper (to indicate that you are connected), and prepare your PC for work. This includes displaying network shares PositivePRO’s WebTop interface gives your users access to files, to servers at the office, applications, and e-mail. adding shortcuts on the Desktop and favorites to
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Internet Explorer, and even changing your Outlook e-mail to point to your office e-mail. To protect your network, the client starts a firewall with settings configured by the administrator and checks for a running antivirus scanner. When you log off, all of these changes are reversed. During our testing, we found a few small annoyances. Windows XP users cannot browse for network resources; they must use premapped drives or know how to use UNC names. Also, application distribution was useful but required sending image CDs to Positive Networks. But these are small nits to pick. If your business is looking to implement remote access but you don’t want to commit to the hardware and IT maintenance, this service is worth a test drive. PositivePRO Direct price: Start-up charge, $900 and up; $20 per user per month. Positive Networks Inc., 913-469-0005, www.positivenetworks.com. llllm
FIRST LOOKS
TV/Monitor Hybrids: Prime Time Meets the Daily Grind BY ALFRED POOR re you a news hound who can’t get through the day without a frequent dose of CNN? Got a craving for ticker crawls while you’re crunching numbers? Well, have we got the monitors for you! These sleek and stylish LCD units feature built-in TV tuners. They’ve also got support for component video signals and HDTV, in case you want a cinematic experience. Priced at about $700, they cost about twice as much as a standard 17-inch LCD
A
though only four have widescreen 16:9 aspect ratios. The wide-screen models are only as tall as a standard 15-inch LCD monitor, and they have Wide-XGA resolution (1,280 by 768 pixels). The Samsung panel has a 4:3 aspect ratio and SXGA resolution (1,280-by-1,024), so it’s taller but not as wide. Note that it also has one-third more pixels, so you can display more information when using it as a PC monitor. As hybrid TV/monitors, all of the displays share some com-
range and volume; with the addition of a subwoofer, they’d sound pretty impressive. Most (except for the Gateway) have component video connections for high-quality images. On the computer side, all have analog VGA connectors. All these displays are bright and sharp enough to work well as both monitors and televisions. All specify a pixel response time of 25 ms. We observed less smearing of moving images than with inexpensive LCD monitors but more than is
Excellent image quality and a full complement of cables make the Dell W1700 LCD TV a great value.
monitor, but you get a lot more. According to Jon Peddie Research, about 21 million PCs are already equipped to show TV images on their monitors, and Microsoft’s push for Windows XP Media Center Edition is certain to expand that use. Peddie expects that more than 8 million PC TV add-in boards will ship in 2003 alone, and monitor makers are responding to this demand by putting television functions into the monitors themselves. We gathered five of the latest models for comparison: the Dell W 1700, the Gateway 17inch LCD TV , the Samsung 172 MP , the Sharp LL - M 17 W 1, and the ViewSonic N1700w. All have 17-inch-diagonal panels, 48
mon features. On the television side, each has a coaxial input for an antenna or cable connection. All offer a Picture-in-Picture (PIP) feature that lets you put a television or other source image in a window on your computer screen, but none let you put a television image on another television image (because they each have only a single tuner). Each monitor comes with a remote control that lets you change channels, control the volume, and adjust the image settings. All have built-in speakers, which incidentally are a whole lot better than the tinny units you usually get in a computer monitor. For the most part, the speakers have good tonal
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
seen on a CRT television. All are also too small for most livingroom applications; they are best suited to solo viewing at a desktop or in space-restricted installations such as a kitchen counter. They are ideal for workers who need or want to monitor television information during the workday and for college students who need to get multiple use out of their work and entertainment hardware. We put the five monitors through their paces, using both the DisplayMate utility (www .displaymate.com) to generate test images under Windows and a progressive-scan DVD player with component and composite video output. We tested the
video-processing capability of monitors that accept an interlaced component video signal using clips from MadOnion. And we used a coaxial antenna connection to test over-the-air broadcast signals; Serendipitously, our test locale was in a fringe reception area, so the tuner differences stood out. In the end, we found some significant differences among these displays. But although none are perfect, some are truly ready for a starring role on a desktop near you.
DELL W1700 LCD TV Dell has embraced the consumer electronics market with the release of several new products recently, including the W1700. Although its price ($699 direct) is in line with that of units in this group, Dell did not cut any corners. For example, the bundle includes both a D-sub analog VGA port and a digital DVI-D port for computer signals. It was the only model in the group with a stand that offered tilt, swivel, and height adjustments. And there was no skimping on the cables: The W1700 was the most complete set of all the units, and the only one to include the DVI-D cable. Add $10 or $20 for each cable you have to buy for some of the other displays in this group and the Dell starts to look like a real bargain. The W1700 is easy to set up, even though the panel comes detached from its base. The cable cover over the video connections is easy to negotiate, though the cable connections for the computer and power are as bit cramped at the bottom of the panel. The front has chrome control buttons with embossed legends that are a little difficult to see in the silver bezel. One pair of buttons gives you direct control of the speaker volume, which is a plus. The full-size remote control is well-
FIRST LOOKS
designed and easy to use. Computer images were very good, with excellent image quality even at extreme viewing angles. The panel was weak on dark gray shades and had some faint banding in color ramps but was excellent otherwise. Color tracking was good, and autosync eliminated all pixel jitter. The display’s controller includes Faroudja’s DCDI technology, which made for excellent video processing, including edge detection and deinterlacing. The broadcast television reception was very good, and automatic channel identification did a good job of finding available stations without including those signals that were too weak to view. In sum, price, performance, and features all add up to make the Dell a very good choice for a desktop display for both work and entertainment. Dell W1700 LCD TV Direct price: $699. Dell Inc., 800-9993355, www.dell4me.com/delltvs. llllm
GATEWAY 17-INCH LCD TV Gateway led the vanguard as computer companies moved toward consumer electronics, posting some impressive hits and forgettable misses along the way. The new 17-inch LCD TV is named for what it is: The display makes a reasonable television but falls short of the mark as a monitor. The printed documentation that comes with the display is clearly TV-centric. The attractive black-and-silver case tilts and swivels, and the LCD panel is covered with a protective hard-plastic layer that also enhances contrast. A handy headphone jack is located on the front of the panel. The display has a D-sub VGA connector for analog computer signals and a DVI-D connector for digital signals; but remarkably, no cables for either are included. You’ll find cables for composite video and stereo sound, plus both a coax connector and dipole antenna wire 50
The Gateway entry works well as a TV, but its monitor features fall short when compared with the other units here.
with a coax adapter for video, but notably missing are component video connectors. For a display of this cost and quality, this is a surprising shortcoming. Also missing is any setup CD. Windows will identify the unit as a Plug and Play monitor, but it does not recognize its native WXGA resolution. As a result, you have to run it in XGA mode, wasting 20 percent of the display space. The on-screen menu has a translucent background, and the remote control is easy to use. You can adjust the size, position, and source of the PIP image. The front-panel buttons include volume and mute. The lack of an auto-sync button means you have to dig down through the menus, but the fea-
ture worked flawlessly. Image quality was excellent, with smooth color ramps, good uniformity, and relatively little effect from large viewing angles. The only drawback on the television side was that the tuner was not as good at pulling in weak stations as the others. If you want to run your display off a video cable connection and only occasionally use it as a computer display, then you may be satisfied with the Gateway offering. It falls short of the competition at the same price, however, and needs to provide better support for the computer side of the equation. Gateway 17-inch LCD TV Direct price: $699.99. Gateway Inc., 800-221-9616, www.gateway.com. llmmm
SAMSUNG 172MP Samsung has been active in the combination monitor/TV market as long as any company, and its latest offering is a stylish, large display: the only 4:3 aspect ratio panel of the group. It is a competent performer, though it falls short of the Dell and ViewSonic entries on features. The 172MP takes a little more assembly than the other displays we tested. The RF adapter comes as a separate module that must be installed in the back of the panel’s case. And the unit ships without a DVI-D connector for digital signals; it comes with just an analog VGA and a stereo audio cable. On the other hand, the buttons on the front panel have easy-to-read legends. Most of the connectors also are clearly labeled. The stand only tilts, but it does fold up so that the base can be used as a handle for carrying the display. Image quality was very good, though a little weak in dark gray areas, and the viewing angle affects the black level noticeably. Color tracking was excellent; no pixel defects were apparent; auto-sync created rock-steady images; and brightness uniformity was good. The tuner was excellent at pulling in weak stations, though we found it difficult to delete channels that had been automatically selected. The speakers were fair: They were capable of very loud volume, but distortion was noticeable even at moderate levels. One big plus is that Samsung provides a three-year parts-and-labor warranty that also covers the display’s backlight. Without the wide format, the 172MP is not as well suited for DVD and HDTV use, as are the others here. But if your need is primarily for a large computer monitor that can also put up a television image in a PIP window, this is a good choice. Samsung 172MP
The Samsung 172MP performs competently, but it lacks a widescreen aspect ratio, and its speakers can create distortion.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Street price: $700. Samsung Electronics Co. Ltd., 800-726-7864, www .samsungusa.com/monitor. lllmm
FIRST LOOKS SHARP LL-M17W1 In a world of charcoal-and-silver displays, the Sharp LL-M17W1 is a refreshing alternative in its white case with silver trim. The monitor has a number of attractive features that are offset by some weaknesses. The attractive case includes a handy handle at the top back for carrying the unit from room to room. The front panel is nearly empty, with only a power indicator, an IR receiver, and a headphone jack. The control buttons are located along the right edge of the case, which might be awkward for a left-handed user; the remote control is an easier way to make configuration changes. A hard plastic cover over the LCD panel protects it from damage, but it appears to have less antiglare treatment than most of the other displays we tested. Sharp is not overly generous with the bundled cables: You get
An attractive white-and-silver case makes the Sharp LL-M17W1 stand out on your desktop. It’s a decent performer, too.
just an analog VGA cable, a mini stereo cable, and a length of coax for antenna or cable signals. Documentation is above average, with a 64-page printed manual. There’s no auto-sync button
(you have to dig through the menus to activate it), but the feature created a jitter-free image with the computer signal. Note that there is only an analog connector and no digital DVI-D con-
nector for the computer. On the television side, the monitor supports the V-Chip for parental control of programming. Image quality was generally good, with excellent gray-scale response at both ends of the spectrum, smooth color ramps, and great color tracking. But extreme viewing angles do have a large impact on black levels, and noticeable shadows can be seen along the bottom of a full-white screen. The speakers are very good, but the tuner was not as effective on weak signals as some of the others. Sharp backs the display with a three-year warranty that includes the backlight. Overall, the LL-M17W1 is a respectable entry, though in the end, the Dell and ViewSonic models offer even better value. Sharp LL-M17W1 Direct price: $719. Sharp Systems of America, 800-237-4277, www .sharpsystems.com. lllmm
FIRST LOOKS VIEWSONIC N1700W ViewSonic’s entry into the LCD monitor/LCD arena, the N1700w, is a very good product for the price. Given its outstanding picture quality and attractive video features, you can easily forgive its few flaws. The N1700w was the only unit with a separate junction box for video connections, but this makes hooking up video devices much easier, especially on an ad hoc basis. It also means one more box on your desktop or counter, and on our evaluation unit, the box’s high-density cable did not latch securely to its connector on the panel. The cable covers on the back of the panel also did not fit well, making reassembly after connecting cables a bit of a chore. ViewSonic could also be more generous when bundling cables: You get only an analog VGA cable and a mini stereo cable.
The ViewSonic N1700w packs a host of extra features, including picture-on-picture channel surfing and V-Chip support.
The slimline remote control makes configuration easier than using the front-panel buttons. And once set up, the display performed beautifully. Gray-scale response was good at both ends of the spectrum; color tracking was good; and there were only faint
bands on the color ramps. No pixel defects were apparent, though extreme viewing angles did have a visible impact on black levels. Video processing was excellent, especially on deinterlacing and edge detection. Some other extra features
stand out. The N1700w has PIP, plus a Picture-on-Picture feature that shows a three-by-three matrix of television stations. Eight of these are still images; the ninth shows a live image of the currently active station. You then simply scroll around to select the channel you want to monitor. This makes channel surfing with the single tuner much more effective. The speakers produce good sound quality, and a surroundsound option expands their performance. There’s even V-Chip support for parental control. All told, The N1700w is a compelling choice with good image quality and excellent video features. The Dell model’s extra cables are a draw, but if you prefer to see before you buy, you may want to shop for this ViewSonic. ViewSonic N1700w Street price: $700. ViewSonic Corp., 800-888-8583, www.viewsonic.com. llllm
“Most companies view instant messaging as the digital equivalent of making personal calls all day long while trying to look busy by pounding away on the keyboard.”
B AC KU P B A N N E D IN YOUR ANTIVIRUS SOFTWARE review “Under At-
tack” (November 25, page 122), you recommend Symantec’s Norton AntiVirus 2004 and its components. But you fail to mention that it is impossible to perform a proper backup while any of the current Norton 2004 products are installed. Symantec’s technical support suggested uninstalling its products before each backup and reinstalling them after the backup is completed. The inability to perform backups is a side effect of Norton’s antipiracy features. Symantec really should come up with a solution to this problem soon. DAVID SACHS
I M A T I M E-WA ST E R IM EVERYWHERE? How about IM nowhere? Do you really think instant messaging can be an effective business tool (November 11, page 128)? Most companies I work with view IMing as the digital equivalent of making personal calls all day long while trying to look busy by pounding away on the keyboard. Not to mention the unwanted portals these services offer into an otherwise secure enterprise. How about an exhaustive article on how businesses can effectively block instant-messaging and file-sharing services? The programmers of such services seem to delight in devising new methods of tunneling through firewalls. In small and midsize businesses, this is a real problem, and it should get some attention from the leading experts in the small-systems field. BOB THOMPSON G AG G I N G G O O G L E I ENJOYED YOUR GOOGLE TIPS story (October 28, page 68), but I re-
cently encountered a problem with the search engine. I was searching on the term Kazaa Lite, and the results page informed me that several hits had been removed in response to a complaint received under the Digital Millennium Copyright Act. Not that it is too hard to find Kazaa Lite using Google, or any other search engine for that matter, but this shows that we can no longer trust our search services to give us comprehensive and objective hit results. Is this censorship? Or is Google just trying to protect its revenues? SIGURD KALLHOVDE
How to Contact Us We welcome your comments and suggestions. When sending e-mail to Letters, please state in the subject line of your message which article or column prompted your response. E-MAIL
[email protected] MAIL Letters, PC Magazine, 28 East 28th Street, New York, NY 10016-7940. All letters become the property of PC Magazine and are subject to editing. We regret that we cannot answer letters individually. w w w. p c m a g . c o m /fe e d b a c k
B R I N G B AC K T H E S I N G L E IN RESPONSE TO MICHAEL J. MILLER’s comments on digital music piracy (November 11, page 7), I think the reason peer-to-peer (P2P) services are so popular is simple: Record companies and music stores abandoned the singles market. People are not logging on to Kazaa to download entire albums; they are looking for one or two singles they really like. Most CDs have only three good songs anyway, with the rest being subpar at best. The recording industry needs to wake up and realize this. Apple iTunes Music Store and other for-pay download services will succeed if they consistently carry the top 100 songs in their catalogs. AARON STRONG L I C E N S E TO C O M P U T E THE LACK OF FREE AND COMPETENT software support is a long-
standing gripe. My 70-year-old father lives in another state, and I have tried everything to help him with his computer and programs. I write out explicit instructions, create batch programs, and even use remote access. But nothing is foolproof. I can see why software companies gave up trying to deal with nontechnical users over the phone or e-mail. Providing software support is reasonable, but having to teach simple computer concepts is too great a burden. I propose a two-tier system for support: To receive free and competent support, you must pass a test of basic computer skills and be registered in a central database (we’ll leave the details to Microsoft). The test questions—like “Can you find a file in a directory tree?”— would be trivial to most PC Magazine readers but challenging to the computer-illiterate. If you pass the test, you qualify for free support; if not, you must pay. This incentive should have everyone running to the library, community center, or Internet to learn basic computer skills. RICHARD DASHEIFF
Corrections and Amplifications n In our cover story of November 25 (“The Coolest Home PCs”), we printed an error in the High-End Consumer Desktops table on page 92. The settings for Anti-aliasing/ Anisotropic filtering under the column head 3DMark03: 1,600 x 1,200 read “4X/4X.” They should have read “4X/8X.” n In the same roundup, on page 118, the Toshiba Satellite P25-S607 was listed as having a DVD(RW drive. In fact, it has a DVD Multi Drive (DVD-RW, DVD-RAM). n In the Desktop Operating Systems table of our feature “If You Don’t Do Windows” (November 25, page 141), the entry for Journaling file system under Microsoft Windows XP Professional should be “NTFS,” not “None.” n In “IM Everywhere” (November 11, page 128), we stated that Bantu IM & Presence Platform uses proprietary encryption technology. In fact, it uses standard SSL technology. n In our First Looks review of the Niveus ONEbox Media Center (October 28, page 50), we mentioned that the system comes with an X10 universal remote. Although our test system came with that device, Niveus Media normally supplies ONEbox Media Center Universal/Learning Remote controllers with its Media Center PCs.
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
57
w w w. ex t re m e te c h . c o m •
BILL MACHRONE
ExtremeTech Every Photo Tells a Story lease fasten your safety belt. This column is a paean of praise to an almost unheardof product—Microsoft Plus! Photo Story. It’s one of eight applications in the Microsoft Plus! Digital Media Edition pack ($19.95), and it’s worth the entire price of admission—and then some. In a nutshell, Photo Story turns digital photographs into professional-looking slide shows. Unlike every other slide show maker I’ve seen, however, Photo Story pans across photos and zooms in or out, much like the effects you’d see in a Ken Burns documentary. Your static photos suddenly come to life and are imbued with new meaning as you pan across a bunch of smiling faces to the one glowing in the light of the candles on the birthday cake, or pull back to reveal scenic grandeur. Transitions are limited to a simple dissolve, which works well with the panand-zoom presentation and maintains a certain level of tasteful dignity. Photo Story allows slide-by-slide narration or an audio soundtrack. Microsoft’s developers worked hard on this product to make it foolproof for the most amateur digital photographer. The default pans and zooms can bring any collection of pictures to life, but the advanced settings let you control the start and end points and duration of each animation. With these features, you can decide whether to focus in on a person or object progressively or to pull back and reveal a larger context. Or you can just cruise across an image—right to left, left to right, up, down, or diagonally. After you’re satisfied, Photo Story burns your show to a VCD or creates a compressed WMV file you can play on any machine with Windows Media Player 9 Series. Our church recently celebrated Children’s Sabbath, a nondenominational observation of children’s rights and needs, organized by the Children’s Defense Fund. My friend Barbara, who designed our service, asked me to put together a slide show presentation. She suggested the John Denver song “I Want to Live,” with its stirring chorus “I want to live, I want to grow, / I want to see, I want to know” as a musical accompaniment. I’d been looking for an opportunity to try Photo Story, so I quickly agreed. She collected and scanned photos of kids from the congregation, I took some
P
shots with my digital camera, and other members e-mailed their pictures to me. I added half a dozen images from Web sites to round out the presentation and wound up with 50 or so to span the song’s 3 minutes 41 seconds playing time. I imported the images into Photo Story and created a couple of blank, black JPEGs for the beginning and end. I found that the default 5 seconds per image worked well with the music, which I had converted to MP3 and loaded into Photo Story. In the song’s bridge, the phrases became shorter, and I reduced the time between images to match. I moved pictures around to tie in with the lyrics of the song, so kids frolicking in front of a whale mural were on-screen during the lyrics “Have you gazed out on the ocean, / Seen the breaching of a whale?” And an image of children tending seedlings dovetailed with “No more hunger....” The melding of words and music in this way was very effective, even moving. At the plaintive “For the maker and the user, / For the mother and her son,” the image dissolved from some industrious kids to a young mom in the congregation with her infant boy, and the congregation responded with a spontaneous “Awww!” Photo Story bests professional tools, because it hides all of the complexity involved in image animation, resizing, resolution, compression, and output. If Photo Story had a timeline, the application would be just about perfect. I had to print out a copy of the lyrics, jot down the timings where significant phrases occurred, and then count frames to see roughly where my pictures would fall. This task wasn’t difficult, but the process could have been easier. Microsoft suggests editing Photo Story’s output in Windows Movie Maker, but Movie Maker doesn’t pick up every image transition as a scene change, so its utility is limited. If you try Photo Story, you’ll want to experiment with different resolutions and sizes of the same picture. Whether you accept its defaults or push its limits, Photo Story will help you make presentations that will have ’em cheering for more.
Photo Story pans across photos and zooms in or out, much like the effects you’d see in a Ken Burns documentary.
Bill Machrone is VP of editorial development for Ziff Davis Media. Visit his digs at www.extremetech.com. You can also reach him at
[email protected]. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
61
John C. Dvorak Torment and Coding he sadomasochistic nature of programming, in my opinion, means that opensource software will always be better than commercial software. This is a whopper of a concept, but something has to account for the excellent code coming from the open-source movement. It may seem like an exaggeration, but hear me out on this one. Recently I started to experiment with the mail client that comes with the latest version of Mozilla, an open-source Internet suite. I’m looking for an alternative to Outlook Express for those of us concerned about the viruses that invariably propagate through the security flaws in that program. My main e-mail client has been Eudora, but lately the spam mess with Eudora has become dreadful. My rules-based filtering mechanism, Spamnix, does not stop enough of it. To make matters worse, the spam comes in with bogus dates, so residual spam is scattered throughout my in-box. I decided to try the Mozilla client, which has a built-in hybrid Bayesian-analysis mechanism that is phenomenal— but hardly perfect. So far, every 100 e-mail messages I get include 10 real messages and 90 spams—fairly typical. Mozilla catches 80 of the 90 spams. I end up with 20 messages, half of which are spam. Going through 20 e-mails, 10 of which are spam, is a lot faster than plowing through 100 e-mails with 90 of them being spam. Theoretically, the Mozilla mail client will slowly move closer to eliminating spam from users’ in-boxes. I should note that I have not looked at every spam elimination system, and there are plenty. But the best ones are expensive server-side solutions that simply don’t interest me. While expressing my concerns about various aspects of the Mozilla e-mail client to its coders, I noticed how different the exchange was from a discussion I had recently with a commercial software vendor. My Mozilla contact felt that my suggestions would help the product and that no matter how critical I was, the end result would be money in his pocket. How does an open-source developer reach that kind of thinking and not just mumble, “Why is this guy dogging me? Can’t he just shut up and use the product already?” Or, worse, he could just come out and say, “What do you want for free?”
T
Unless open-source developers receive grants, they do their work for the love of it. I’m sure they relish praise for their good work, but how much criticism can they handle? At least, how much can they handle before they walk off the project and tell users to get stuffed? You have to wonder. That said, critics like myself are also horned by this dilemma: Can I really lambaste them for something dumb? No way. These guys have to be encouraged, not discouraged. But am I supposed to be disingenuously nice? Moi? I’m sure I’m not the only person concerned about this. Underlying such concerns is exploitation. Do the open-source folks ever think they are being exploited? When open-source coders say that it is not about the money, I believe them. Money is one thing, raw exploitation is another. Is that ever a consideration? No offense, but I’ve always sensed that programmers are masochists by nature. The better the coder the more masochistic. Think about it: Writing good code is a tormenting, thankless chore. Many CEOs know how to berate coders to get them to work harder. Somehow the best coders come under some delusion that they are in control and free-spirited because they can work whatever hours they want. And this looks true when seen from afar. In fact, most smart organizations quickly learn that the “freedom” usually means programmers working 12 to 16 hours a day, sleeping under their desks, and staying alert with caffeinelaced soft drinks and starches. I’m starting to think, therefore, that open-source has to be the ultimate freedom trip for these folks— voluntary servitude. If programmers by nature are psychologically into the scene, then the thankless badge of honor—the open-source creations—must be the ultimate thrill for them. Masochism and sadism are two sides of the same coin, and programmers can be downright scary when the coin is flipped. It turns out that open-source coders have some of the meanest critics and bosses imaginable: each other.
Unless opensource developers receive grants, they do their work for the love of it.
MORE ON THE WEB: Read John C. Dvorak’s column every Monday at www.pcmag.com/dvorak. You can reach him directly at
[email protected]. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
63
Inside
Track
JOHN C. DVORAK he Beginning of the End Dept.: I’m not sure what this means, but Microsoft is dumping Intel and switching processors in its next-generation Xbox. The company is going with an IBM design along the lines of the PowerPC or G5 chip. IBM has been supplying Nintendo and Sony and is working on a superchip with Sony. Apparently, Microsoft wanted to get in on the action, although most think the company is simply picking the PowerPC platform. This means the end of people turning hacked Xboxes into cheap Linux computers—something Microsoft detests. Now we can turn them into cheap Macs, I guess! Personally, I don’t get this late change in the game plan at all. More Microsoft Meanderings Dept.: Sometime in early 2004, Google is expected to roll out an IPO of its stock, and everyone is clamoring for some. In the background there are loose rumors about Microsoft attempting to buy Google while at the same time trying to create a Googlelike service on MSN. Evidently when Microsoft sees anyone else beginning to make some money, it has to rush into the same business. With rare exceptions, such as Expedia, Microsoft has shown no consistent ability to succeed in such endeavors. WebTV is a perfect example of the company buying or perhaps making something into a dead end. This all boils down to core competencies. Microsoft chairman Bill Gates used to give a rather nice speech years ago about what the company did to make money: “We sell code.” The mission was that simple. And to this day the company makes most of its money selling code— or licensing it. Instead of staying with this strategy, the company has moved into all sorts of things from keyboards to major publishing houses to plush talking animals to Web magazines. Its Web efforts—including a series of Web magazines that all failed—have been the most dismal. Then there was Microsoft Side-
T
walk, a product the company could not sustain even when Sidewalk was forecast to be a success. One of Microsoft’s problems is that it has no clue about how to run these businesses and meddles with people who do know how to run them. It has a terrible track record with anything involving advertising. So now it wants to buy Google. Apparently, the U.S. government has to step in if this deal is even proposed. No offense to Microsoft, but the public has become so reliant on Google that a disaster would result if Microsoft owned it and began to fiddle with it. We’d have nothing to use when the smoke cleared. Microsoft tends to muck up products it buys or else sit on them and use them as cash cows until they deteriorate. FrontPage is an example of the first instance, and PowerPoint exemplifies the second. The giveaway regarding Microsoft’s desire to muck things up is the company’s orientation with search. It is poised to spend what I’m told is billions of dollars to develop a “natural-language” search engine (in other words, Ask Jeeves II). This is a typical pie-in-the-sky idea that sounds good on paper but can never be made to work. The roundabout proof of this is found on Google itself under the title Translate this page. You see the title crop up when you hit a foreign Web site. It’s apparent when you get the comical translation that such systems cannot understand the input in the first place. Even worse, the problem with naturallanguage searches is that the Web pages become secondary to the queries. Microsoft doesn’t understand this concept very well, and it was the bane of Ask Jeeves. People began to use the engine to get mundane questions answered, not to find Web sites. “How far is it from Paris to Denver?” “How many acres in a hectare?” “What causes botulism?” The Jeeves folks actually developed a database of commonly asked questions and threw answers back at
Evidently when Microsoft sees anyone else beginning to make some money, it has to rush into the same business.
users. What does this have to do with searching the Web for relevant Web sites or doing research? Nothing. Genuinely Interesting Hardware Dept.: I haven’t seriously raved about a laptop for more than a few years and can completely recommend the new 2.4-pound Toshiba Portégé R100 as the most spectacular ultralight machine ever built. With the elegance of the most executive of machines, this lightweight notebook includes a full-size keyboard, and if you add a battery extender you get 5 to 7 hours of battery life, maybe more. Before this machine came along, I was enamored with the amazing 2.1-pound Sharp Actius MM10, which also has a slick design and includes built-in wireless networking. The kicker is the fact that the R100 has a real VGA port and doesn’t need an add-on dongle, as the MM10 does. I’ve already lost my add-on for the MM10, and now I can’t use the notebook for PowerPoint presentations on the road. Once Sharp adds a VGA port to the MM10, it should be more competitive, since it’s a lot cheaper than the R100—a steal at less than $1,500. You’d have to pay closer to $2,300 for the R100. But if someone asks me to recommend a computer, I say the R100—if you can afford it. It’s the most glamorous machine available right now and a serious conversation starter. Get one and show off. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
65
B I L L H OWA R D
On Technology Archiving for the Ages ondering what to do with all the photos, 8-mm movies, and financial records you’ve got scattered about your house or office? How do you back them up? How do you convert analog images to digital to stop the aging process? Can you trust digital backups? Here are a few approaches. For the near term, you don’t have to worry about file formats changing or CDs becoming obsolete, so just back up everything that’s already digital to CDs or DVDs. Store one copy off-site, say at your office or in a safe-deposit box. Also, put the most important data on a home PC, so you have an easy recovery method. The biggest immediate dangers to data are user error and viruses. For the long term—meaning 5 to 50 years—you must choose your media and formats carefully. Microsoft Office formats will still be around, or readily translatable, as will JPEG and TIFF for photos and PDF for documents. Video formats are in greater flux, but for now you’ll be fine with MPEG-2 or the emerging and superior MPEG-4. Now’s the time to switch to recordable DVD from CD for backups. Buy a multiformat drive that supports “plus” and “dash” DVD media, and use only branded media; the same advice holds true for CDs. Cheap media can be troublesome. High-quality media will last a lifetime. That said, a cautious person would copy onto a new format every ten years; this means your early-1990s CD-Rs are about due for replacement. For miscellaneous paper documents, the best way to archive is with a sheet-feeder scanner. Unless you’re a real type A, start with the most important documents, meaning your year-end brokerage statements, your tax records, and a couple examples of your kids’ drawings and homework from each year. Scan at 300 dpi and use PDF as the output format. Why scan when you can get some bills online? Electronic bill presentment is still a joke, unfortunately. You really want your statements e-mailed automatically in PDF format, but what you get now is just a monthly reminder to go online, log on, view them, and manually download the statements. You can help future generations by culling your digital photos now. If you can’t cut this year’s 2,500 digital images to 500, then create a 2003 Favorites
W
folder and copy over your favorite 100 photos. A CD with those 100 photos makes a nice holiday gift for the in-laws. Make sure to annotate each picture, either in the filename or in the JPEG file information field: year, place, and people in the picture. Before culling, it’s probably best to make one full backup, in case you mess up and delete the photos you meant to save. Have I ever messed up like that? No comment. If you have traditional film photos, scan your favorites and have a photo service scan the negatives of your very favorites. I get asked this question a lot: “Isn’t there someplace cheap I can get all my negatives scanned?” Nope. In massive quantities, you’d be lucky to get down to a buck a frame for high-quality scans. If you really must digitize all your prints, buy or borrow one of HP’s flatbed scanners with a 4-by6 print feeder, or a Visioneer auto-feeding scanner such as the Visioneer Strobe XP 450 PDF, and set aside a weekend. Or invest $1,000 in a film scanner (not an attachment to a flatbed scanner) that has automatic dust and scratch removal. What’s the purpose of digitizing 500 rolls of prints unless you ID each picture? A better way is to pick the best half-dozen from each roll. (Tip for your next vacation: Think about capturing the one perfect picture as the memento you’ll treasure ten years from now, which means getting yourself in the photo.) The same goes for videos: There is no cheap commercial video-transfer service for archiving Dad’s 8-mm movies. For videos, copy your analog (VHS, 8-mm, Hi8) footage to DVD in MPEG2 or maybe MPEG4 format. Don’t bother editing the footage at the same time or you’ll never finish. If you want the highest quality, also dupe your analog tapes to new DV tapes. DV currently offers the best quality and is easier to edit. For PC capture, you’ll need a video capture card to import analog video. Some DV camcorders have analog capture: You can dupe analog tapes directly or use your DV camcorder as a pass-through (via its FireWire cable) to your PC. Also consider direct-to-DVD recorders such as the HP DVD Movie Writer dc3000.
Now’s the time to switch to recordable DVD from CD for backups.
MORE ON THE WEB: You can contact Bill Howard directly at
[email protected]. For more On Technology columns, go to www.pcmag.com/howard. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
67
w w w. p c m a g . c o m /s o l u t i o n s
15 TopPowerPointTips Work faster and take your presentations to the next level with these 15 nifty techniques. BY LINDA BIRD By now, you’ve been working with Microsoft PowerPoint long enough to create presentations, organize them effectively, and even help others who aren’t as savvy. But you may not know that PowerPoint has features—many of which aren’t well documented—that can help you work faster and make cooler presentations. Here are 15 insider tips that can help you use PowerPoint like a pro. 6 HANDY KEYBOARD SHORTCUTS Sure, you can click the View buttons on the bottom left of each screen to switch quickly among Normal, Slide Sorter, and Slide Show views. But did you know that you can also pair the View buttons with keystrokes to get a totally different effect? For example, press Shift while clicking on the Normal View button to switch to Slide Master view; click on the Normal View button (without Shift) to switch back. Press Shift while clicking on the Slide Sorter View button to display the Handout Master. You can also see a mini slide show in the upper-left-hand corner of the PowerPoint screen, so you can edit the presentation and preview the results simultaneously. To do this, display the presentation in Normal view and select the first slide you want to see in a slide show. Press Ctrl while clicking on the Slide Show button. Click on the miniature slide show to advance through it, just as you would if you were viewing the presentation full-screen. For more options, try pressing Ctrl-Shift and then clicking on the various View buttons: Ctrl–Shift–Normal View closes the tabbed area and the notes pane, expanding the Slide pane to fill the available space. Ctrl–Shift–Slide Sorter View changes the presentation to an outline; Ctrl–Shift–Slide Show opens the Set Up Show dialog box.
GET ANIMATED Add pizzazz to your presentation, control the flow of information, and emphasize the most critical data by animating slide objects. Animation involves displaying objects in a particular sequence or using the appearance of motion. You can animate whole slides, shows, or virtually any slide object, including placeholders (text
To animate a slide object, select it and choose Slide Show | Custom Animation. In the Custom Animation task pane, click on the Add Effect button, then point to Entrance to display a submenu of effects. For more choices, click on More Effects in the submenu, which opens the Add Entrance Effect dialog box. Check the Preview Effect box and then click on various effects to see how they behave. When you find one you want, click on OK to close the dialog. Repeat these steps until all the slide objects you want are animated. As you do, you’ll notice that numbered tags appear next to the objects, indicating the animation order. In addition, the objects appear on an animation list in the Custom Animation task pane. You can change the animation order by selecting an animation and then clicking on the Re-Order arrows; you can delete an animation by selecting it on the list and clicking on Remove. Check out “Bring Your Charts to Life” (www.pcmag.com/article2/0,4149,562438, 00.asp) to learn how to animate Excel charts in PowerPoint.
CHART A PATH PowerPoint includes a snazzy animation feature that lets you specify a route on a slide for an object to travel, called a motion path. Using a motion path can add an interesting element to a presentation. For example, you can specify a motion path to make an object bounce across the slide or lead readers’ eyes to critical ideas. FIGURE 1: You can view your To get you started, PowerPoint presentation as a miniature slide includes a number of configured show while editing in Normal view. motion paths. To specify a motion path, select the object and then choose Slide Show | Custom Animaboxes), charts, clip art, and drawings. tion. In the Custom Animation task pane, Keep in mind, however, that animations click on the Add Effect button. Point to are best used subtlely; too much flash and Motion Paths on the list, and then choose motion can distract and annoy viewers. a preset motion path, such as Diagonal To animate a slide or slides, click on Down Right or Up. If you don’t like the six Slide Show | Animation Schemes. You can motion paths listed on the submenu, see the way each animation will act on choose More Motions Paths to open the your slide by checking the AutoPreview Add Motion Path dialog box. Make sure box and then watching the preview as the Preview Effect box is checked, and you click on each effect. then click on various effects to preview
SOLUTIONS Alaska
California
Hawaii
Oregon Washington
uarters Secure criminalintelligence database
TeamPage
72 Internet: Making sense of IM shorthand msgs.
73 Security Watch: Avoid instant-message spam.
Law enforcement agencies
The Internet
74 Enterprise: Crimefighting blogs.
Read-only
76 Internet Professional: Protect online forms.
79 User to User: Tips and tricks.
M A K I N G T E C H N O L O G Y W O R K F O R YO U them on your slide. When you find one you like, select it and click on OK. PowerPoint also lets you design motion paths yourself. To do this, select an object and then choose an option (such as Scribble) from the Add Effect | Motion Paths | Draw Custom Path submenu. Drag to draw the exact path on the slide. After you add a motion path, a num-
slides from a previous presentation into your current one. First, display the presentation into which you want to insert the slides in Slide Sorter view. Click to set the insertion point where you want the slides to appear. Choose Insert | Slides from Files to open the Slide Finder dialog (Figure 3). On the Find Presentation page, type the filename (or browse to it) and then press Enter. Click on the slides you want, then click on the Insert button. You can also click on Insert All to place all the slides into the recipient presentation at once. Shuffle your templates. The days when presentations were limited to one design template FIGURE 2: Use the Custom are long gone; you Animation pane to add emphacan apply as many sis and action to your slides. templates to a prebered tag appears next to the sentation as you like. object to show its animation order on the You may want to apply a second template slide (Figure 2). A motion-path arrow in- to introduce a new topic or to grab the dicates the starting and ending points (in audience’s attention. To do this, display green and red, respectively). You can fur- the presentation in Normal view, with the ther modify the effect by selecting the ob- tabbed area visible. On the Slides tab, click ject on the animation list and choosing op- on the icon of the slide or slides on tions on the Start, Path, or Speed submenu which you want to apply the tem(in the Custom Animation task pane). plate. Choose Format | Slide Design (or click on the Design button) to ASSORTED TIPS display the Slide Design task pane. Add more undos. Every Office user knows Click on a template icon’s dropthat the Edit | Undo command (Ctrl-Z) re- down list arrow and then choose verses the last action. In addition, clicking Apply to Selected Slides. on the down arrow next to the Undo icon Import documents. If the text often enables you to reverse several you want to use for a presentation actions and go back to an earlier point in already exists in Word, don’t reyour work. PowerPoint lets you undo up to type it. Instead, simply open the 20 actions by default, but you can increase Word document within Powerthe number of reversible actions all the Point. You may have to tweak the way up to 150. Choose Tools | Options, and formatting of the imported document, then click on the Edit tab. In the Undo but this beats starting from scratch. One field, type in or click up to the number of caveat: This method works best if the actions (from 3 to 150) that you want original Word document uses outline PowerPoint to track, then click on OK. headings. Note that increasing the number of actions Begin by choosing File | Open in to track may also increase the amount of PowerPoint. In the Open dialog box, click PC memory the program uses. on the Files of type drop-down arrow, and Recycle your best work. Don’t create then choose All Files on the list. Doubleslides from scratch if the ones you need click on the Word document to open it (or ones that are very similar) are already within PowerPoint. It will open as a new in another presentation. Instead, insert presentation.
Use the AutoFit button. If too much text appears on one slide, you can use the AutoFit feature to split it between two slides. Click within the placeholder to display the AutoFit Options button (its symbol is two horizontal lines with arrows above and below), then click on the button and choose Split Text Between Two Slides from the submenu. Export data to Word. You may want to distribute a text-only copy of your presentation to coworkers or develop audience handouts that include slide miniatures. Sending a presentation to Word is the best way to do this. In PowerPoint, choose File | Send To | Microsoft Word. In the Send To Microsoft Word dialog box, choose the Word document layout you want to use. For example, you can choose Outline only to create a text-only document; selecting the Blank lines next to slides option creates a series of slide miniatures with lines for notes. After you select the layout, click on OK to send the presentation to Word. Take a few minutes to practice these
FIGURE 3: Save some time by inserting slides from previously created presentations into a new presentation.
tips and you can make PowerPoint perform more powerfully than ever. Linda Bird has authored 20 technology books about Microsoft Windows, Microsoft Office, and the Internet. Visit her Web site at www.lindabird.com.
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
71
SOLUTIONS | INTERNET
EZ Interaction
laughing guts out and having a heart attack) to poking fun at acronyms themselves as in TLA (three-letter acronym), If UR [you are] SITD [still in the dark] about the odd words SFLA (stupid four-letter acronym), or YAA (yet another acronym). Since the computand character combinations in today’s electronic communier industry is rife with crazy acronyms, most of the lists cross over to the related cations, you need to GWTP [get with the program]. HTH technospeak of computer sales and mar[hope this helps]. By Jay Munro keting people. Emoticons (emotional icons), those o say computers have accelerated acronyms have crossed over to verbal little smiley faces made from punctuamany aspects of human existence speech, like LMAO (pronounced “la tion, are equally widespread. The origin is an understatement, but few mayo”), though for most of the IM crowd of the smiley has been credited to Scott E. areas are as remarkable as the written that practice is not considered cool. Fahlman, a research professor in computAcronyms make it easy to inject your er science at Carnegie Mellon University word. A trend that started with bulletin board systems (BBSs) and e-mail has personal views into a discussion with (www-2.cs.cmu.edu/~sef/sefSmiley.htm). snowballed with the advent of instant prefaces such as PMFJI (pardon me for On September 19, 1982, Fahlman and his messaging (IM) and chat rooms—ways to jumping in), IMHO (in my humble opin- colleagues were discussing how to differget your point across in writing quickly, ion), or FWIW (for what it’s worth). And entiate joke posts from serious ones on succinctly, and with a modicum of cool. the university BBS, when he suggestThe wordy, handwritten, sometimes ed the use of the simCURRENTLY ALL IM clients offer emotielegant “Dear so and so” letters of our ple :-) as a solution. con menus, such as this one on MSN. ancestors have morphed to Yo, wassup!, With that, the smiley and LOL in an IM window. face was born, and the Mixing slang and acronyms, with some rest is history. Though Fahlman didtext graphics (called emoticons) thrown in n’t save the message, a digital archaefor good measure, a new kind of commuological expedition in 2002 retrieved nication is now used by everyone from the exact quote and date from the kids to grandmas. This IMspeak is a real original VAX backup tape (http:// time-saver for slow, hunt-and-peck typists, research.microsoft.com/~mbj/smiley/ and it promotes the spontaneity of face-tosmiley.html). face speech. Perhaps most important, IMFrom that simple smiley face, an speak can stand in for the visual and tonal you can quickly comment on someone almost infinite variety of emoticons have emotional cues that humans have devel- else’s thoughts using LCW (loud, confi- sprung. You can now find a smiley to suit oped over thousands of years of verbal dent, and wrong), AYPI? (and your point any mood, from happy :-) to sad :-( to communication. Since instant messaging is?), and GOWI (get on with it). You can laughing :-D. You can find a huge list at is just bare text that’s open to ambiguity also convey your disdain while avoiding www.cknow.com/ckinfo/emoticons.htm, as and interpretation, adding a simple LOL expletives with TS (tough “stuff”) or BFD well as the sites mentioned above. (laughing out loud) or :-) to a comment (big “furry” deal). Recognizing the popularity of emotican mean the difference between a cheerGreetings and farewells tend to mix cons, AOL, MSN, and Yahoo! offer graphiful jibe and fighting words. slang with acronyms. Yo is very popular cal icons that replace the text versions. Early BBS and CompuServe Forum with the younger crowd or oldsters trying The old yellow “Have a Nice Day” smiley users punctuated their messages with a to be hip, but according to several sources, face from the 1970s got a makeover with simple shorthand to convey how they felt: it can be traced back to around 1420, the dozens of icons to choose from—even ani (grin), (smiling), or (yawning). date of the first usage example in the mated ones—especially on MSN. And you These simple emotional cues expanded to Oxford English Dictionary. Farewells can don’t even have to remember arcane key slightly more verbose verbiage such as be a simple Later or the international combinations any more, as all IM clients (big grin), and (rolling on Ciao, though TTYL (talk to you later), now offer pop-up smiley menus (though the floor laughing). With instant messag- CUL8R (see you later), and BFN (bye for Yahoo! includes tantalizing “secret” ing and chat rooms, the brackets were now) are equally common. unlisted icons available only through key dropped for more immediacy. SingleThough most people use only a few combinations, such as a cow 3:-o, pumpkin character shortcuts, such as Y (why?), U acronyms at a time, there are hundreds (~~), or waving U.S. flag **==). (you), ? (huh?), or C (see, or cool!), speed documented on various Web sites. Online Whether you type slowly or want to and simplify communications, and dictionaries such as www.gaarde.org/ make sure you don’t get punched in the alphanumeric combinations like GR8 acronyms, www.muller-godschalk.com/ face the next time you see your best friend, (great), GD&R (grinning, ducking, and emoticon.html, and www.pb.org/emoticon a little IMspeak is a gr8 way 2 expand UR running), ?4U (question for you) add to the .html take you from AAMOF (as a matter vocabulary. ;-) possibilities. Variations like LMAO (laugh- of fact) to ZA (zero administration). ing my ass off) continue to evolve, as do Entries range from complex emotions like Jay Munro is a freelance writer and combinations such as ROTFLMAO. Some COTFLGOHAHA (crawling on the floor consultant.
T
72
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
w w w. p c m a g . c o m /s e c u r i ty wa tc h
SOLUTIONS T H E LO O KO U T
MICROSOFT ISSUES UPDATES
IM Spam, Spam I Am You don’t have to put up with spam coming at you when you’re IMing. Here’s what you need to know By Brett Glass
H
easy for spammers to create new accounts, and the services have to verify abuse to avoid terminating the account of a legitimate user, so it’s a game of whack-a-mole. As soon as one spam account is terminated, a spammer pops up elsewhere. How do you avoid IM spam? Fortunately, all of the popular IM systems provide some safeguards. AIM lets you reject all instant messages from anyone who’s not on your Buddy List or from anyone who’s sending the message from the Internet client instead of AIM. (To activate the safeguards, click on the Setup button at the bottom of your Buddy List, then click on Set Preferences, then select the tab marked Privacy.) Perhaps the simplest way to keep spammers at bay, however, is to prevent them from discovering your handle. A cardinal rule, as our experiment illustrates, is to stay out of chat rooms or to visit them using a separate identity that refuses all instant messages. (This may also help you to avoid e-mail spam.) And of course, never accept files sent via an IM system, as they may contain worms or viruses. You should also set restrictive secuIN AIM, you can choose which rity settings on incoming messages to reject. your Internet browser and install all of the latest security patches for it. Not long ago, How do IM spammers do it? They a worm was created that used a flaw in begin with screen scrapers—programs that Microsoft Internet Explorer to take conextract text from computer displays—to trol of AOL users’ machines, turning them capture the names of users on IM systems. into unwitting IM spammers. The worm The spammers then use special software caused infected machines to contact that typically can inject keystrokes and everyone on the users’ Buddy Lists, telling mouse clicks into the client software to each “buddy” to visit a booby-trapped send unsolicited messages to the harvest- Web page (which, in turn, caused their ed names. machines to be infected). Most services, especially AOL’s and Third-party IM security products, such Yahoo!’s, terminate IM spammer accounts as Zone Labs’ IMsecure (which comes in quickly after receiving complaints. But it’s free and paid versions), can also block IM ottiEKelly248 [10:25 PM]: HeY is that you ImARealSweetheart? rEmember me? I’m kelly, we talked a few nights ago and I just wanted to get to know you more. Just last night we created a brand-new AOL screen name, popped into an AOL chat room, and boldly sent a single message: Hi. That’s all it took. Within 30 seconds, we received the instant message quoted above. In a few minutes, several more arrived. And in less than half an hour, the account was receiving a steady flow of IM spam. Though we performed our experiment on AOL, AIM is by no means the only system where spam occurs. Any instantmessaging system that has a display listing active users or is part of a service in which spammers can learn your “handle” via a chat room or directory is susceptible.
Microsoft issued its first scheduled monthly security update in midOctober (www.microsoft.com/technet/ treeview/default.asp?url=/technet/ security/bulletin/winoct03.asp) as part of its new patch management strategy. The release contains patches for newly discovered vulnerabilities in Windows; four are classified as critical. • A vulnerability in Authenticode verification could allow remote code execution. • A buffer overflow in the Windows Troubleshooter ActiveX control could allow code execution. • A buffer overrun in the Windows Messenger Service could allow code execution. • A buffer overrun in the Windows Help and Support Center could lead to a compromised system. One vulnerability is deemed to be important, not critical: A buffer overrun in the ListBox and ComboBox controls could allow code execution. The company is touting the monthly updates as a way to give enterprises more time to test and install the patches. —Dennis Fisher
spam. Companies that want to run spamfree internal IM systems use products such as Jabber Messenger or IBM Lotus Instant Messaging. AOL and Microsoft have also jumped into the fray with Enterprise AIM Services and MSN Messenger Connect for Enterprises. Some Windows users who have never used IM systems are encountering another scourge of the Internet known as Windows Messenger spam or pop-up spam. Although the name Windows Messenger in the title bar suggests that these unwelcome pop-ups might originate from the Windows Messenger system in Win XP, they don’t. The pop-ups are created via a LAN messaging function that’s built into every copy of Windows. Unfortunately, Microsoft didn’t secure this feature against abuse. So to avoid annoying popup messages, use a personal firewall or have your network administrator block UDP packets bound for ports 135 and 1026. Brett Glass is a freelance consultant, author, and programmer. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
73
SOLUTIONS
CASE STUDY
Western States Information Network
Blogging for Business Crime fighters are turning to Web logs to keep a closer eye on illegal activity—from narcotics to national security. By Alan Cohen
N
ot long ago, blogging (from Web log) was about as much a corporate tool as Temptation Island. Indeed, most uses of blogging software revolved around ramblings about Temptation Island or where to get the best martini in Manhattan. Increasingly, however, blogging is finding its way into enterprises. (See “Take Back the Net” in this issue for reviews of blogging tools.) Telecom companies, public relations firms, and financial institutions are embracing blogs. But one of the most novel— and important—blog users is the Western States Information Network (WSIN), a federally funded agency that collects, analyzes, and shares crime information. Based in Sacramento, California, WSIN was founded in 1981 as one of six regional centers that provide a knowledge-sharing link between the federal government and local law enforcement agencies. WSIN serves approximately 1,100 law enforcement organizations in Alaska, California, Hawaii, Oregon, and Washington, ensuring that local crime-fighters have easy access to current data and analysis WSIN maintains a criminal-intelligence database and has a pool of analysts who collect and make sense of incoming information. Much of its work relates to narcotics crime, but it also tracks organized crime and national security matters. Just a year ago, communications within WSIN and between it and member agencies was conducted via e-mail. Information was also shared over a secure intranet. Both methods had disadvantages. “People would receive duplicate e-mail messages,” says Karen Aumond, assistant director of WSIN. “You’d have to remember to save them or they’d be purged. And it was not accessible on the road.” The system also used resources inefficiently, with some messages stored on seven different systems. Posting directly to WSIN’s intranet was, in theory, a better
74
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
way to share knowledge, but anything posted online had to go through a Webmaster first, which took time. In December 2002, Aumond attended a homeland security conference, where she discovered Traction Software’s TeamPage Enterprise Weblog software. Immediately, she saw how blogging technology could help WSIN in its mission. Within a few months, the system was installed and proving its value. “Instead of e-mailing separate individuals,” says Aumond, “we simply publish the information, whether it’s drug arrest news or new Drug Enforcement Administration bulletins, in a single, searchable location.” Traction’s solution was also easy to secure. Since the data is project based, WSIN can specify that only certain people can read or write to any project area. The software also sends managers executive summaries of the information that is added to Traction’s Web-based repository, allowing them to keep a close eye on updates and any potentially important data coming online.
The blogging software doesn’t require an extensive infrastructure. WSIN already had a Compaq server in place, and the software was set up in one day. Traction’s system consists of a standalone Java Web server. A secure database back end is linked to Traction’s Instant Publisher application, which lets users collect and post content from e-mail, the Web (including text, links, and photos), and Microsoft Office documents. “Anyone on staff can just see something on the Net, pull it off, and post it immediately, so content is much more current than it was before,” Aumond says. WSIN’s 40-person staff can also comment on postings on a project-by-project basis, depending on each staff member’s security clearance. They can add analysis to the published information, the relevance of a news item, or an investigation update, as well as link related documents. Representatives from the 1,100 local law enforcement agencies have read-only rights. “It’s proving to be a great, timely way to distribute information,” Aumond says. So much so that five sister agencies are now trying out the technology. Although WSIN is still in an exploration stage with blogging, it is already looking at future uses, including a searchable repository for the agency’s written reports. Down the road, it may expand the system to PDAs. For agents in the field, mobile blogs won’t just save time and effort—they may save lives.
Anticrime Ring Blogs maintained by analysts at the Western States Information Network (WSIN) give local law enforcement organizations easy access to the most current data and analysis on narcotics, organized crime, and national-security matters. Rather than sending separate e-mails to individuals, analysts publish the information on a blog. Alaska
California
Hawaii
Oregon Washington
WSIN Headquarters Traction Instant Publisher
Secure criminalintelligence database
Law enforcement agencies
TeamPage Enterprise Weblog
40-person staff
The Internet
Photos, DEA bulletins, arrest news, and more
Read-only access
SOLUTIONS
end up looking like this:
Protect Your Online Forms
You can thwart automated filling-in of forms on your site. Here’s
how. By John Clyman
M
ass e-mailer Alan Ralsky made the mistake in November 2002 of trumpeting his tales of spamming success to a reporter for the Detroit Free Press. Internet users struck back, flooding Mr. Ralsky’s postal mailbox with catalogs and other physical junk mail—no doubt chuckling when the target of their snail-mail attack carped about the resulting nuisance. This episode offers a chilling lesson for Web developers: Your Web forms are vulnerable to abuse. If you have an online catalog-request form, just imagine how a script that submits thousands of bogus requests could ratchet up your printing and mailing costs. Or if you require registration, consider that a malicious user could create a bevy of sham accounts for nefarious purposes. So what can you do to keep hackers from counterfeiting requests? You need to look only as far as the registration forms on sites like eBay or Hotmail to see one countermeasure, a technique that’s known as a reverse Turing test or a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). A reverse Turing test gates registration upon a task that’s relatively easy for people but daunting for automated systems; often that task is to read and input a series of letters that have been deformed or obscured in ways that challenge OCR (optical character recognition) systems but remain intelligible to most human users. (See “CAPTCHA-ing the Spammer,” www.pcmag.com/article2/ 0,4149,1321986,00.asp.) Here’s how you can implement a simple CAPTCHA system of your own. You’ll need to write a routine as the centerpiece of your system, one that accepts a CGI or session parameter (the key) that’s unique to each visitor, uses a key to seed a random-number generator, and then picks a random “target” word for each user to guess. Then you’ll need two more things:
76
What word is hidden in this image?
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
a program to turn the target text into an image and obscure it somehow and a simple Web form and response script, which will ask for and then verify a user’s interpretation of the image. For creating and manipulating the image at your site, we recommend ImageMagick (www.imagemagick.com), a highly flexible set of open-source libraries that provides APIs for C, Perl, Java, PHP, Visual Basic, and a variety of other languages. Using your favorite language, write a
(where 12345 is the randomly generated key). The tag loads the dynamically generated CAPTCHA image for the specific key, and the hidden input field sends the key back to the server so it can determine which CAPTCHA image was included when the page was displayed. Alternatively, if you’re using a sessionmanagement system, you could store the key as part of each user’s session information rather than embedding it in the form. Finally, modify your form validation logic to determine the target text for the submitted key and compare it against the RECOGNIZING THE WORDS in this image is beyond the capabilities of most text that each user automated systems. program that enters. If the two don’t • accepts the key match, reject the subvia a CGI or session parameter; mission and prompt the user to try again. • generates the corresponding target This basic CAPTCHA implementation suffers from a serious flaw: An attacker text; • calls ImageMagick to create an image could simply solve a single CAPTCHA, containing the target text and any obfus- create a knockoff of your form using the same key and known target text, and subcation you desire; mit that form repeatedly. To avoid this, • returns the resulting image. Publish this script on your Web server modify your random key selection so that so you can run it directly from a URL. For the same key is never used twice and so example, point your browser to two URLs that used keys are recorded and subselike these: www.mysite.com/make_image? quent attempts to register with the same 12345 and www.mysite.com/make_image? key are rejected. 12346 and load two different CAPTCHA Keep in mind that even the best images into your browser window. reverse Turing test is unlikely to be a Then you’ll need to modify your order panacea. Still, it’s comforting to know or registration page to generate it that you can sometimes apply technoldynamically, including a randomly ogy to combat the technology that might selected key. This key serves to request be maliciously applied to consume your a specific CAPTCHA image and to let the business resources. form-response logic compare the submitted response with the expected John Clyman is a technology consultant and response. Your form HTML will likely PC Magazine contributing editor.
SOLUTIONS
w w w. p c m a g . c o m /u s e r to u s e r
PC MAGAZINE’S COMMUNITY OF EXPERTS AND READERS Windows Explorer Displays System32 Folder at Start-Up I recently installed a Webcam and Yahoo! Messenger on my Windows XP laptop. I don’t know whether my problem is related to the new additions, but when I start up now, the C:\WINNT\System32 folder opens automatically. How do I fix this behavior? BILL DORION
The Ultimate Sum Formula in Excel
It takes a cell or range reference expressed as text and converts that reference into an actual reference that can be used by another function. Finally, the SUM function sums the reference returned by INDIRECT. We suggested a somewhat different function, using INDIRECT but not ADDRESS:
Many times in Excel, I want to sum all the cells above a certain point. For example, in cells A1 to A3 I have three numbers, so I click on cell A4 and type Alt-=, which automatically inserts =SUM(A1:A3). The prob=SUM(INDIRECT("R1C"&COLUMN()&":R"& lem occurs when I want to add a new row. If (ROW()-1)&"C"&COLUMN(),FALSE)). This I insert a row before row 4, the formula does not change to include the new function builds a reference in the R1C1 style row until I enter a number in that cell. (for example, R1C3:R9C3) and passes it to As a workaround, I sometimes leave INDIRECT. The FALSE argument tells INDIa blank row above the row containing RECT that the reference is not in A1 style but the SUM formula and include that in R1C1 style. The reader pointed out that this blank row in the formula. For examsolution is language-specific. It did not work ple, I will leave row 4 blank and type in his Dutch version of Excel, because there CHECK THE =SUM(A1:A4) in row 5. Now when I the reference is of the form R1K1. The soluREGISTRY for missinsert a new row above the blank tion using ADDRESS is language-independent. ing or corrupted row, the formula immediately We should note that Excel 2003 has a new start-up data. changes to include it. Lists feature that is designed specifically to What I really want is a formula to address the above problem. To use it, put the sum all values above the cell concursor anywhere in your list, even the Totals taining the formula. After many attempts, row, and press Ctrl-L (or go to Data | Lists | This problem is fairly common in Windows I came up with this: Create List). The feature gives you an extra NT 4.0, 2000, and XP. It’s caused by an row to add more values to the list, updates erroneous entry in one of the Registry keys =SUM(INDIRECT(ADDRESS(1,COLUMN(),4) the SUM formula dynamically, and removes that control programs launched at start-up. & ":" & ADDRESS(ROW()1,COLUMN(),4))). No matter where this formula is placed, The two keys in question are HKEY_ the extra row when you click outside it always calculates the sum of all cells CURRENT_USER\Software\Microsoft\ the list.—NJR Windows\CurrentVersion\Run and above it. There is only one small disadvantage: If you edit a cell containing a simple HKEY_LOCAL_MACHINE\Software\Microsoft Right-Justify Part of a Line formula like =SUM(A1:A3), Excel will high\Windows\CurrentVersion\Run. How do I right-justify part of a line in light the range being summed. With this Microsoft Word? In a certain section of a Each named value within these two keys more complex formula, Excel can’t do that. document, I want to list items at the left represents a program launched at start-up; JOHAN PARLEVLIET margin and issue dates on the same line at each value’s data holds the command to be the right margin. In WordPerfect, there is a executed. If the command is blank or confunction that automatically sets the cursor tains just a character in double quotation You can do an awful lot of spreadsheet to stay at the right margin, thus assuring marks, this missing data can cause Windows design without running into the INDIRECT Explorer to display the System32 folder at and ADDRESS functions. ADDRESS takes a row start-up. number and column number and returns the To fix the problem launch REGEDIT from corresponding cell reference as text. Its third the Start menu’s Run dialog and navigate to argument determines whether the row and one of the keys mentioned above. Select column references are absolute or relative. In Export from the Registry menu and export the formula above, the value of 4 for the the key to a REG file, so you can undo any third argument selects relative deletions if necessary. Look carefully at each references for both rows and BY PLACING value in the right-hand pane. If the value’s columns. ADDRESS(1,COLUMN(),4) a right-aligned tab data is blank, contains only single quotation in column 1 returns A1. at the right margin, marks, or otherwise appears to be corrupted, ADDRESS(ROW()-1,COLUMN(),4) you can rightdelete the value. Repeat the process for the returns a text string representing justify any text other key, then restart your system to verify the cell immediately above the cell after the first tab that the problem Explorer window does not containing the formula. The INDIcharacter. appear at start-up.—Neil J. Rubenking RECT formula goes the other way:
You can do a lot of spreadsheet design without running into the INDIRECT and ADDRESS functions. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
79
SOLUTIONS
A Google search shows that older, beloved fonts are available (but not necessarily for free) at various sites. that the text was aligned at the right margin. Is there an equivalent option in Word? CAT MARA If the ruler isn’t visible at the top of the typing area, select Ruler from the View menu. Create a tab stop by clicking on Format | Tabs. In the Tab stop position field, enter the inch number on the ruler (6, for example) where the right margin begins. Check the Alignment option titled Right, select a Leader character if you wish, and click on OK. This will result in the effect you want. On each line, type the item name, press the Tab key, then type the issue date. All the dates will line up at the right margin. If you’re applying this formatting to text that’s already typed, select all the text before you set the tab.—NJR
Finding the First Thursday
week for that date. Knowing the day of the week for the first of the month, you can calculate the date of the first Thursday. The day-number for Thursday is 5, but you can’t just subtract the day-number for the first of the month from 5. (That would yield a negative number if the first fell on a Friday or Saturday). Instead, subtract from Thurs-
On that system, launch Windows Explorer and navigate to the Fonts folder (usually C:\Windows\Fonts). Nearly all the files in this folder will have the .ttf (TrueType Font) extension, but the filenames don’t necessarily reflect the font name. You can double-click on a TTF file to see its full font name and some sample text or use Explorer’s Find feature to search for files containing the font name. In many cases, a font is stored in multiple TTF files. For example, Times New Roman is represented by Times.ttf, Timesbd.ttf, Timesbi.ttf, and Timesi.ttf. These files contain the basic font plus the bold, italic, and bold-italic variations. Once you’ve identified the files that hold the desired fonts, copy them to a floppy disk or use some other means to transfer them to your Windows XP system. Leave the font files on the floppy disk or copy them to a temporary location on the Windows XP machine’s hard drive. Launch Fonts from the Control Panel of the Windows XP machine. Select Install New Font from the File menu. Select the floppy disk or folder containing your font files, make sure the Copy fonts to Fonts folder box is checked, and click on OK. This should restore your favorite fonts on the new machine. If you can’t find a Windows 98 system, a Google search shows that these fonts are available (but not necessarily for free) from sites such as www.fonts.com and www.
Is it possible, knowing the months and years, to determine the dates of THE FORMULA above lets you figure out the certain Thursdays using Excel? date of the first Thursday of any month. Specifically, I’d like to know the first or third Thursdays, based on other day plus a week (12) and pass the result to cells. JARHTMD (PCMAG.COM FORUM MEMBER) the MOD function. The MOD function returns the remainder resulting from dividing its We’ll concentrate on finding the date of the first argument by its second, so the result first Thursday; you can add 7, 14, or 21 to the will always be from 0 to 6. Adding this results to get the second, third, or fourth number of days to the first day of the Thursday. Let’s suppose the month (a nummonth yields the date for the ber from 1 to 12) is stored in cell A2 and the first Thursday. Of course, you can year is in B2. This formula will yield the date easily modify this function to find of the first Thursday: =DATE(B2,A2,1)+MOD the first Monday or another day (12-WEEKDAY(DATE(B2,A2,1)),7). We’ll of the week.—NJR break it down to show why it works. The formula DATE(B2,A2,1), which Recover Favorite Fonts appears twice in the formula above, returns I recently upgraded to Microsoft the date of the first day of the specified Office XP. I see that some of my month. Passing that result to the WEEKDAY favorite fonts that I had in Winfunction returns a number from 1 (Sunday) dows 98 have been eliminated, to 7 (Saturday) representing the day of the including Edwardian Script, Old English Text, and Kunstler Script. Is there any way to get HOW TO CONTACT US these fonts back? E-MAIL K
[email protected] STAN WALLET FAX K 212-503-5799 USE THE FONTS APPLET in the Control Panel to MAIL K User to User, PC Magazine, 28 East install new fonts on your Windows XP machine. Start by locating a system that 28th St., New York, NY 10016-7940 has the desired fonts. (The page If we print your tip, you’ll receive a PC fonts-free.com. Download the files and at www.microsoft.com/typography Magazine T-shirt. We regret that we install them following the instructions /fonts/default.asp may help you figure out cannot answer letters individually. above.—NJR which systems have the fonts you want.)
80
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
COVER STORY
After 20 years, we are still amazed by the sheer number of remarkable, innovative products that reach us. I N T H I S STO RY
System Software N 92 Collaboration Software N 92
84 N Personal Computers 85 N Mobile Devices
Communication Software N 94
86 N Components
Development Tools N 95
87 N Storage Devices
Protocols N 95
88 N Digital Input Devices
Person of the Year N 96
89 N Digital Output Devices
Lifetime Achievement N 97
The 20th Annual Awards for Technical Excellence FROM THE EDITORS OF PC MAGAZINE
TWO DECADES HAVE ELAPSED SINCE PC MAGAZINE FIRST presented its Awards for Technical Excellence. Then as now, we recognized the products and technologies that moved the state of the art forward, those that broke new ground. • Progress has continued unabated over the intervening years, and if anything, the rate of innovation is actually increasing. 2003 has been a year of steady recovery, regained confidence, and renewed optimism, and nowhere is this better reflected than in our finalists and winners. These are the products and technologies that will earn their way into the hearts of consumers and corporations—the ones that harness the freshest ideas, the boldest designs, and the newest innovations. • To be eligible for the awards, the products had to ship or be generally available during the period from September 2002 to September 2003. Our labs staff and editors nominated the products, protocols, and people they thought had the most impact on the industry, after which we deliberated, winnowed, and voted. When the smoke cleared, we had 36 products in 11 categories, plus awards for lifetime achievement and for our Person of the Year. • As we move into our third decade of Technical Excellence, we can hardly wait to see what’s in store. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
83
WINNER M
Apple Power Mac G5 Graphic artists and content creators are rejoicing over the Apple Power Mac G5. In a dazzling display of disruptive technology and processor independence, Apple’s top-of-the line G5 is the first dual–64-bit computer and the first desktop application of the IBM PowerPC 970 CPU. The vast majority of Macintosh apps run flawlessly on this brand-new platform. The three PCI-X slots ensure fast I/O; the AGP 8X Pro graphics bus, FireWire 800 bus, and USB 2.0 bus are equally state of the art. Apple has also done a superb job of heat management, having divided the case into four thermal zones, each with low-speed fans appropriate to the load. The result is a commendably quiet machine. The G5 performed significantly better than any previous Mac—and equaled or bettered the performance of Intel-platform machines—on our all-important graphics and content creation tests. As a 64-bit operating system and applications emerge, users will enjoy the dual 1-GHz front-side buses and rapid access to up to 8 gigabytes of RAM. The G5 is an important step forward in desktop computer technology and a vital cornerstone of Apple’s future. (Apple Computer Inc., www.apple.com.)
Personal Computers Finalist N Toshiba Portégé 3500
84
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Finalist N Hy-Tek Tek Panel 300 Imagine a 30-inch flat-panel monitor that contains a hot Pentium 4 computer, a Bose multimedia sound system, and highperformance ATI graphics. That’s the short list of the Hy-Tek Tek Panel 300’s attributes. This innovative system packs in the convergence features, which make it equally at home in offices and family rooms. As resolution continues to increase and panel costs come down, we predict that the Tek Panel 300 will have many imitators in the not-too-distant future. (Hy-Tek Manufacturing Co. Inc., www.tekpanel.com.)
PHOTOGRAPHY BY THOM O’CONNOR
When you’re judging tablet devices, convenience is everything. Of the many tablets we’ve evaluated, none has proved more adaptable than the Toshiba Portégé 3500. It’s not the lightest tablet, but it’s the one we’re most likely to reach for. It’s equally adaptable as a laptop or tablet, and lefties and righties are equally comfortable with it. The built-in SD slot, Wi-Fi, and Bluetooth complement the usual laptop I/O ports, and the 3500 combines speedy performance with very good battery life. Toshiba also got the display size target right with its 12-inch– diagonal screen. We’re especially impressed with aspects of the mechanical design. The screen hinge alone is technically excellent, providing superb rigidity and complete flexibility without extra locking or support mechanisms. Toshiba has maintained excellent keyboard feel and other ergonomics while maintaining a low system profile and light weight. (Toshiba America Inc., www.toshiba.com.)
T EC H N I CA L E XC E L L E N C E AWA R DS
Finalist N Nokia 6800 If you text/SMS, this is your phone. Nokia’s way-cool, flip-open design is the perfect melding of form and function. Closed, it’s a normal phone. Open, it’s a QWERTY keyboard on both sides of a horizontal screen, just waiting for your thumbs to start blasting out messages. And of course, the screen reorients itself automatically from vertical to horizontal operation. (Nokia, www.nokia.com.)
Finalist N
Sony Ericsson P800 Consumer electronics and communications giants Sony and Ericsson formed a partnership to play to their strengths. One of the first fruits of this union is the Sony Ericsson P800, which starts life as a tri-mode phone, then goes for the cool factor with a built-in PDA and a VGA-resolution camera. The geek factor is satisfied with its Symbian OS and Opera browser. (Sony Ericsson Mobile Communications AB, www.sonyericsson.com.)
Finalist N Samsung SPH-i500 Samsung’s latest CDMA, tri-mode, do-it-all device hinges on—the hinge. Above, you have a generous, bright, colorful screen; below, the keypad and Palm OS input area, both backlit. Splitting the screen from the entry functions buys more real estate—and ease of use—for both. This striking phone is a listener as well as a looker, thanks to its voice recorder. Samsung is also watching out for your data: A backup battery preserves the Palm content. (Samsung Electronics Corp., www.samsung.com.)
Mobile Devices WINNER M
Handspring Treo 600 “Faster, smaller, lighter”: It’s practically a mantra for technical excellence, and Handspring makes another trip to the winners’ circle with the latest Treo. Not only is the Handspring Treo 600 sleeker than its predecessors, its QWERTY keyboard, SD slot, no-flip design, Palm OS, and speakerphone strike the right balance between familiarity and cutting-edge features. The built-in VGA camera is the latest gotta-have-it feature in the Treo 600, and the little stunner is available on both GSM/GPRS and CDMA networks. This model is a tour de force. (Handspring, www.handspring.com.)
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
85
M
AMD Opteron and Athlon 64 We tested the first 64-bit AMD Opteron processor in April 2003, and were we impressed!
It screamed on our server application performance tests. Six months later, the Athlon 64 arrived, and again we were amazed by the processor’s stellar performance in off-the-shelf 32-bit gaming, content creation, and business applications. AMD, recognizing that 32-bit applications will be with us for many years to come, has optimized its 64-bit chips to run them fast. Server and workstation applications benefit from the large memory address space that 64-bit processors provide, besides the ability to calculate or move data around in 64-bit chunks. Future gaming, content creation, speech recognition, and other
processor-intensive desktop applications will benefit from 64bit processing. AMD64 CPUs let developers easily port applications to 64 bits, and users can run both 64-bit and 32-bit applications natively on the same systems—a big win. The Opteron and Athlon 64 chips share similar architectural underpinnings, differentiated by the number and type of HyperTransport links, the clock speeds, the memory speeds and channels, and the chip pinouts. Both types are based on a 0.13-micron silicon-on-insulator (SOI) manufacturing process, and both include on-board memory controllers to reduce memory access latency. AMD is making widespread 64-bit x86 computing available ahead of the competition. (Advanced Micro Devices Inc., www.amd.com.)
WINNER
Components Finalist N Broadcom AirForce OneChip BCM4317
Finalist N IBM PowerPC 970
No, this is not a stealth military wireless device but the first sortie into single-chip 802.11b solutions. The AirForce OneChip lets cell phones, PDAs, digital cameras, MP3 players, and other portable electronic devices include WLAN features at a modest increase in size and cost while reducing power consumption. Measuring only 14.8 by 26.5 mm—about the size of a postage stamp— this all-CMOS, single-chip wireless LAN transceiver eliminates more than 100 discrete components; thus it can be up to 87 percent smaller than a mini-PCI Wi-Fi solution. The AirForce OneChip integrates a radio, an 802.11b baseband processor, a media-access controller, transmit/receive and diversity switches, a power amplifier, and other components. With a highly efficient standby mode, it scores a 70 to 97 percent reduction in power consumption compared with competing Wi-Fi solutions. With the AirForce OneChip, pervasive wireless connectivity moves closer to reality. (Broadcom Corp., www.broadcom.com.)
This advanced single-core 64-bit processor is derived from the dualcore IBM Power4 chip. The 58million–transistor, five-way superscalar and superpipelined chip has eight levels of copper interconnect; it runs at up to 2 GHz, and its front-side bus has a 1-GHz data rate. It can dispatch up to 5 in-order instructions and 10 out-of-order instructions per cycle, support up to 215 in-flight instructions, and retire up to 5 instructions per cycle. Cache coherency logic is built-in for dual-processor systems. Advanced branch prediction logic and dual load/store, floatingpoint, and fixed-point units, plus an optimized 128-bit AltiVec Velocity Engine, 64-bit data paths and registers, 42-bit physical addressing, and 64-bit virtual addressing, provide enormous power. Apple was impressed enough to switch from the stalled Motorola PowerPC line to the PowerPC 970, which it dubbed G5. Overall, the PowerPC 970 is a knockout, a significant player in the 64-bit future. (IBM Corp., www.ibm.com.)
Finalist N Intel Pentium M The Intel Centrino mobile-platform architecture is powered by the Intel Pentium M processor. Compared with other mobile CPUs, the chip lowers power consumption while improving performance at a given clock speed. The result is longer battery life (often more than 5 hours) or smaller, lighter notebooks. The Pentium M clocks in at up to 1.7 GHz, is built with 0.13-micron technology, uses copper interconnects, and includes a 32K L1 instruction cache, a 32K 86
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
L1 write-back data cache, a 1MB L2 cache, and a 400-MHz system bus. Combining a modified Pentium III core and a Pentium 4 system bus, the Pentium M has fast I/O and decreased branch misprediction delay. Power management features include deepsleep modes, enhanced SpeedStep technology, a low-power system bus, and fine-grain clock gating to turn off inactive portions of the chip. With all of its enhancements, the Pentium M is a significant advance in mobile-processor technology. (Intel Corp., www.intel.com.)
T EC H N I CA L E XC E L L E N C E AWA R DS
Finalist N IBM Active Protection System drives A drive using the IBM Active Protection System houses a motion sensor that continuously monitors your laptop for thumps and bumps that could damage the hard drive. A jolt temporarily stops the drive, parking the heads and preventing catastrophic or cumulative damage. The system is smart enough to recognize repetitive motion, as in a car or train, and adjusts its sensitivity to keep your drive running. The Active Protection System is user-configurable, too, so you can tune your system for maximum safety or maximum throughput. (IBM Corp., www.ibm.com.)
Storage Devices Finalist N Sony DRU-500A Dual Format DVD Recorder Instead of waiting for a negotiated peace, the Sony DRU-500A drive extends the olive branch to all popular formats, most notably DVD+R and DVD-R, in addition to DVD+RW and DVD-RW; it also handles CD-R and CD-RW. We were pleased to see Sony—normally one of the most iconoclastic companies—create a drive that sidesteps the partisan standards war that has hurt the acceptance of recordable DVDs. Not only does the Sony drive write to all the popular formats, it does so quickly and at a reasonable cost for the added complexity. (Sony Electronics Inc., www.storagebysony.com.)
MORE ON THE WEB:
For more on this year’s winners of our Awards for Technical Excellence, visit us online at www.pcmag.com.
PHOTOGRAPH (TOP RIGHT) BY THOM O’CONNOR
WINNER M
Cornice Storage Element Everything needs more storage: music players, digital cameras, and even PDAs. Micro hard drives are not uncommon, but they’re pointless if they cost as much as a player or camera—or more. The Cornice Storage Element is a 1-inch drive that holds 1.5GB and fits in a CompactFlash slot or inside a small music player the size of a sports watch. The technical innovation here is the relentless paring of both electronic and mechanical parts, which gets the price down to $50 or less, a quarter of the cost of a competing drive. The Cornice Storage Element will create new kinds of products in new price categories. (Cornice Inc., www.corniceco.com.) www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
87
WINNER
M
Foveon X3 5M CMOS Direct Image Sensor When you’re seeking technology innovations, it never hurts to look to nature for a little inspiration. Foveon’s groundbreaking sensor for digital cameras does just that, operating much like the colorsensing cells in our eyes, in which every cone cell senses every color. The X3 Image Sensor does just the same thing, using a multilayer CMOS chip that responds to the wavelength as well as the intensity of light. The result is a threefold increase in apparent resolution, with more accurate definition of color boundaries, since every pixel helps define the edges of every color instead of interpolating, as with conventional CMOS and CCD devices. Although the X3 Image Sensor is targeted at professional photographers, we expect its effects to be felt in many areas of color image sensing. (Foveon Inc., www.foveon.com.)
Digital Input Devices Finalist N Fujifilm fourthgeneration 6-megapixel CCD This innovative design uses a larger primary element and a smaller secondary element at each pixel position to increase highlight detail. The large and small elements have different effective speeds, or light sensitivity, and are read on separate clock signals. The difference in saturation between the large and small cells helps the camera discern subtleties in areas of extreme darkness or brightness. The improvement in contrast and brightness range is readily apparent. (Fuji Photo Film U.S.A. Inc., www.fujifilm.com.)
Finalist N Sony four-color CCD All conventional image sensors use red, blue, and green cells to discern a full-color image, and there are twice as many green sensors as red or blue, because the human eye is most sensitive to green; this design yields the best resolution of edges. In the new Sony four-color CCD, RGB becomes RGBE, and the E is for emerald, or light green, where the eye is even more sensitive. By repurposing half of the green pixels to a different part of the spectrum, Sony gains better resolution and higher color fidelity. (Sony Electronics Inc., www.sony.com.)
This 14-megapixel single-lens reflex digital camera has the highest resolution of any professional camera, and its CMOS sensor covers the same area as 35-mm film. That feature is vital for pros, who want their lenses to work the same way for digital or conventional images. The Kodak DCS Pro 14n also has variable resolution, and upgradable firmware, and it works with standard F-mount lenses. The camera’s large memory holds up to 20 full-resolution photos in the field and communicates via FireWire in the studio. (Eastman Kodak Co., www.kodak.com.)
88
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
PHOTOGRAPHY (BOTTOM) BY LES FREED
Finalist N Kodak DCS Pro 14n
T EC H N I CA L E XC E L L E N C E AWA R DS
Finalist N Universal VersaLaser It looks like an oversize printer, but inside the Universal VersaLaser lurks a 25-watt CO2 laser, which can cut, engrave, etch, or score wood, plastic, paper, rubber, cardboard, and more. Lasers driven by computers are nothing new, but Universal Laser Systems has forged ahead, breaking new ground in both low cost and ease of use. The VersaLaser and its accessories appear to your system as USB devices, which makes setup a snap. The driver software is inspired; it uses the output from ordinary vector-drawing programs and translates colors into instructions that tell the beam how deep to cut. The driver also has a library of standard materials: Pick a material, tell the driver how thick, and it does the rest. You can also create your own entries for custom materials. (Universal Laser Systems Inc., www.versalaser.com.)
Finalist N EIZO Nanao ColorEdge CG21 Conventional wisdom holds that LCD monitors are unsuitable for high-end graphics and color-matching applications. The new EIZO Nanao ColorEdge CG21 upends convention with a knockout 21.3-inch display that has features previously available only on CRTs. Each CG21 is individually color-calibrated at the factory and can be recalibrated in the field. It has a 400:1 contrast ratio; digital and analog inputs; adjustable, calibrated color temperature; and six fine-contrast modes to maximize apparent resolution. The screen has a 170-degree viewing angle to boot. Despite the sophistication and adjustability, the included software is compatible with existing color management systems. Images nearly leap off the screen with detail, rich color, and contrast. (EIZO Nanao Technologies Inc., www.eizo.com.)
Digital Output Devices
PHOTOGRAPHY (TOP RIGHT AND TOP RIGHT) BY THOM O’CONNOR
WINNER M
Epson Stylus Pro 4000 One of the most feature-rich professional/graphics printers we’ve ever seen, the Epson Stylus Pro 4000 produces eye-popping archival prints on paper up to 17 inches wide. This workhorse sports eight ink cartridges, adding matte black to gloss black so you don’t have to switch cartridges for top-notch photos and text. Some experts had opined that Epson Micro Piezo technology was maxed out, saying the droplets couldn’t get any smaller. Epson responded with an all-new design that has higher resolution and smaller droplets than the competition. With USB, FireWire, and optional network connectivity, the Stylus Pro 4000 fits into any work environment. (Epson America Inc., www.epson.com.) DECEMBER 30, 2003 P C M A G A Z I N E
89
T EC H N I CA L E XC E L L E N C E AWA R DS
WINNER
M
VMware ESX Server 2 and Virtual SMP What VMware Workstation does for the desktop, VMware ESX Server 2 does for the server—and then some. By virtualizing the server, VMware enables it to host multiple operating systems and multiple instances of each OS, with up to eight virtual servers per physical CPU. ESX Server 2 dynamically allocates CPU, disk, memory, and network I/O resources, so you can get more work done with fewer physical servers. VMware Virtual SMP, an add-on to ESX Server 2, goes even farther, allowing a single virtual machine to span multiple processors, which can share the load of resource-intensive applications. Applications and virtual machines become portable and can even be moved among physical machines to guarantee service levels and ease maintenance tasks. These two enterprise tools give mainframe-class power to an ordinary server rack. (VMware Inc., www.vmware.com.)
System Software Finalist N Microsoft DirectX 9 Microsoft DirectX 9 has made big improvements in the audio and video codecs, heavily revised the code for faster 3-D performance, added larger pixel depth representations, and made extensive enhancements to the SDK. The rendering engine alone has more than a dozen new features, and HLSL, or HighLevel Shader Language, is the most important. Now with extensive programmable 3-D pipeline support, it’s a robust environment in which to create lifelike animations and the dramatic effects we have come to expect from our PCs. In concert with the latest graphics and audio hardware, DirectX 9 is the connective tissue that makes our PCs such capable multimedia devices. (Microsoft Corp., www.microsoft.com.)
Finalist N FSLogic Protect Users and service providers of public-access PCs and kiosks need assurance that the previous customer hasn’t left behind a Trojan horse, a virus, or other nastiness. FSLogic Protect resets a PC to its original state when each user’s session ends, without requiring a reboot. While using it, you can change system settings and preferences; you can even install software. When you log off, all of this goes away—but when you log on again, Protect can restore your session exactly the way you left it. Protect’s configuration files remain hidden, of course, from client users. FSLogic’s robust adaptation to public use is noteworthy. (FSLogic Inc., www.fslogic.com.) 92
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Collaboration Software Finalist N Kubi Collaborative Email Client Kubi Software’s Collaborative Email Client performs a very neat trick: It creates a shared workspace that uses nothing more than e-mail addresses. With hooks into both Outlook and Notes, Kubi Client harnesses SMTP to replicate the workspace on all machines in the workgroup automatically. It creates a discussion board and allows shared documents, contacts, tasks, and project events. It uses the familiar Outlook or Notes interface, so there’s nothing new to learn, yet it keeps workspaces separate from regular mail. Since Kubi’s replication and updating take place as encrypted e-mail messages, there are no concerns about security, server access, or firewalls. (Kubi Software, www.kubisoftware.com.)
Finalist N SightSpeed Video Messenger SightSpeed Video Messenger looks like a simple IM window, but it’s really a video collaboration environment. The buddy list/directory is managed by a central server, but it steps aside so corporate conversations stay inside the firewall. This is our favorite video collaboration tool we’ve tested recently. It sets up easily and works flawlessly, and the video quality is impressive, with smooth, high-frame-rate images. The high quality and low latency of SightSpeed’s video are truly exceptional—no different from talking on the phone— and represent a significant advance in the state of the art. (SightSpeed Inc., www.sightspeed.com.)
WINNER M
Colligo Workgroup Edition Anywhere you and your coworkers go with your computers, there’s a secure, private wireless network. That’s the premise of Colligo, and the Workgroup Edition allows ad hoc networking—no server, no hub, no access point—with a definable group of Windows-based wireless devices. You can network one on one or with all machines in radio range. And if one of the machines has an Internet connection or a printer, all can share it. Security is covered by 128bit SSL encryption, and the Workgroup Edition boasts a shared whiteboard, chat, and other collaboration tools. In the conference room or out in the field, Colligo is a terrific aid to productivity. (Colligo Networks Inc., www.colligo.com.)
Finalist N Apreso (Agility Presenter) You’d like nothing better than to explain your PowerPoint presentation in person, but you can’t be in two places at once. Wouldn’t it be great if you could send that presentation with your smiling face and a voiceover, so you can emphasize all the right points and add that personal touch? With Agility Presenter, recently renamed Apreso, you sit down in front of your machine, equipped with a Webcam, press a button, and give your presentation slide by slide. Press another button and it becomes a compressed file you can send anywhere, with video of your face and your narration accompanying the slides in a neat three-pane view. The video, audio, and slide synchronization is flawless. Making a full-scale multimedia production is easier than ever, and the result belies the really hard work that this excellent program is doing for you. (Anystream Inc., www .agilitypresenter.com.)
Finalist N The ModeEleven Broadcast Screensaver System If you remember some of the early attempts at push technology, you probably recall bandwidth hogs with intrusive, distracting graphics. But they delivered useful or at least interesting news and information to your desktop whenever your computer was inactive. ModeEleven puts a new spin on the concept, combining the ideas behind blogging, data channels, and low-impact push technology into something fresh and original. You subscribe to one or more channels, and the screen saver fetches the latest data from them whenever your computer is inactive. Channels can be personal blogs, family photos, a bunch of linked pages, video, corporate news, product updates, or anything else you can imagine. They’re stored on ModeEleven’s server for a low monthly fee. The communication and relationship-building possibilities are endless. This is a fun, clever piece of code and an intriguing business proposition. (ModeEleven Inc., www.modeeleven.com.)
Communication Software WINNERM
Microsoft Office 2003 System When an office suite gains extensive XML data representations, document workspaces, shared attachments, and awareness of team members online, it transcends mere word processing, spreadsheets, and e-mail and becomes a full communications environment. When it adds an addictive, fun tool such as OneNote, and when it connects to back-end business processes through InfoPath, it transcends the suite moniker and becomes the Microsoft Office System. Within Office 2003, the surface changes are minimal in most applications, and that’s good for continuity and ease of use. Most of the changes are deep inside, all but invisible. They greatly extend the product’s power, although it reaches its fullest potential when coupled with a SharePoint server. FrontPage, however, has undergone dramatic changes in both interface and capability, progressing from a convenient way to build midsize Web sites to a contender among professional tools for maintaining a corporate online presence. (Microsoft Corp., www.microsoft.com.)
94
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
T EC H N I CA L E XC E L L E N C E AWA R DS
WINNER M BEA WebLogic Workshop 8.1
BEA WebLogic Workshop 8.1 is a shared, consistent development platform based on a simplified visual environment for J2EE experts and business-oriented developers alike. Programmers who have shied away from J2EE because of its apparent complexity have missed out on the power and portability of Java tools and their ability to integrate with existing IT resources. The latest version of WebLogic Workshop hides the complexity without limiting the underlying power to develop Web services, Web applications, portals, and integration projects. BEA has made great strides in adapting this tool to the leaner budgets and faster turnaround today’s businesses demand. BEA’s application of visual development to Web services is unique and praiseworthy. (BEA Systems Inc., www.bea.com.)
Development Tools Finalist N DevPartner Studio 7.1 The latest version of DevPartner Studio adds Microsoft .NET 2002 and 2003 compatibility and .NET memory analysis to its already impressive resume. DevPartner Studio plugs into Visual Studio .NET, but it’s no ordinary plug-in. It does source code analysis, searches for errors, applies best practices, optimizes, and checks for security holes. It also handles memory allocation analysis, garbage collection, and execution snapshots; it gauges real-time performance and highlights memory leaks and deadlocks. It can even trace execution across application tiers, from client to Web server to application server. DevPartner Studio is a long-standing favorite tool among developers, and these latest enhancements make it all the more powerful and useful. (Compuware Corp., www .compuware.com.)
Protocols Finalist N Serial ATA Unexpectedly, serial buses have become faster than parallel buses, and it was just a matter of time before the venerable ATA disk interface was supplanted by a serial version. The thin cables are a blessing in hot, crowded PC interiors, and the faster data rates reduce latency. Still higher speeds are on tap, and vendors are scrambling to make chipsets with native support for Serial ATA on the motherboards. And now that SATA is available for the full range of drive capacities, it will simplify server implementations too. (Serial ATA Working Group, www.serialata.org.)
Finalist N WS-I Basic Profile The Web Services Interoperability Organization has created a standard to make Web services interoperable. The WS-I Basic Profile builds on HTML, XML, and SOAP to define the ways services and applications can communicate with one another and exchange data. With over 160 member companies, WS-I is committed to promoting consistent and reliable interoperability among Web services across platforms, applications, and programming languages. (Web Services Interoperability Organization, www.ws-i.org.)
PHOTOGRAPH (TOP RIGHT) BY THOM O’CONNOR
Finalist N SQL Anywhere Studio 9 Though the world may not be ready for “SQL for the masses,” Sybase has the toolset to bring it to the burgeoning market of small and medium-size businesses. New features in SQL Anywhere include support for XML, Microsoft .NET protocols, and Web services, so small businesses can act like big ones when linking to suppliers or implementing customer-centric systems, using a consistent search-and-retrieval strategy. This latest version allows embedding in mobile devices, too. Complex queries run faster than ever, and cache management systems ensure concurrent, scalable enterprise implementations. Version 9 has major enhancements for improved performance and developer productivity. (Sybase Inc., www.sybase.com.)
WINNER M
802.11g The IEEE’s 802.11g standard defines the way wireless LAN gear communicates at up to 54 megabits per second while remaining backward-compatible with 11-Mbps 802.11b. This important breakthrough enables streaming media, video downloads, and a greater concentration of users without interference. In addition to technical hurdles, the standards group had to overcome commercial rivalries and FCC rule changes to enact the standard. (Institute of Electrical and Electronics Engineers Inc., www.ieee.org.)
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
95
PERSON OF THE YEAR M
Carly Fiorina Hewlett-Packard’s board recruited Carly Fiorina as CEO because it felt the company could use a good shaking up. After five decades of almost explosive growth, the company had plateaued. Fiorina gave the board all that it wanted, and much more, in the form of a merger with Compaq. This merger’s fiscal and market aspects were all but lost in Most notably, the acrimony and public debate that followed, but she made the merger happen and is making it work. Fiorina has never assumed that HP’s size would guarantee its position in the marketplace. She has pushed relentlessly for new and different products, and HP’s divisions have innovated accordingly. She has also protected valuable brand equity and has given HP an agnostic stance in the hardware and software platform wars. Further, she has positioned HP as the partNothing in her background—neither business ner of choice for managing and growing multiplatform environments. school nor her rise through AT&T and Lucent—could have prepared Fiorina for the arduous task of merging two vastly dissimilar industry giants. She has provided material for a generation of business writers and second-guessers. Meanwhile, inHP is back on a growth path, vestor confidence appears to be returning to both the tech sector and Hewlett-Packard. although history has not written the final chapter on the merger—nor on Carly Fiorina’s impact on the industry. But there’s no doubt in our minds that she is 2003’s Person of the Year.
M
M
PHOTOGRAPH BY GREGORY HEISLER
M
96
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
T EC H N I CA L E XC E L L E N C E AWA R DS
M
LIFETIME ACHIEVEMENT
Scott Cook In 1983, Scott Cook made it his goal to simplify personal finance for the masses. He succeeded— and revolutionized the world of software in the process. His secret? Listen to consumers. Let them lead the way. Cook was a cofounder of Intuit and is now chairman of the executive committee. His first product, Quicken, went through endless revisions and improvements as he applied the product-marketing techniques he had learned years earlier at Procter & Gamble. He introduced a few key concepts: Make it simple, and earn your customers’ trust. He invited consumers into the development process, asking them to test his products in their homes, then closely monitoring their trials and errors. As a result, Intuit was the first company to provide users with a kinder, gentler software experience, one that set the standard for consumer software products. Quicken’s launch in 1984 was just the beginning of Intuit’s mission to make money management easy. Under Cook’s guidance, the company expanded into small-business accounting software and tax preparation for both individuals and businesses. In 1995, Intuit added online banking and bill payment through its Quicken Web site, and the company now works with more than 2,000 financial institutions, having attracted one-fourth of all online banking users in the United States. Its annual revenue exceeded $1.6 billion in the fiscal Intuit’s success rests year 2003. largely on Cook’s shoulders, for his leadership and for his vision of empowering regular Joes and Janes everywhere to take control of their financial lives. We thank Scott Cook for making April 15 a lot less taxing for all of us—and, on a much grander scale, for leading the way in making software more intuitive and accessible.
M
M
PHOTOGRAPH © 2003 JAMIE TANAKA
M
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
97
TAKE
BACK THE
BY CADE METZ
NET
Everyone was supposed to have a voice on the Internet. Thanks to tools like blogs and wikis, everyone can. I L LU S T R AT I O N BY F E D E R I C O J O R D Á N
Think back to the earliest days of the World Wide Web. Before Amazon.com and E*Trade. Before CNN.COM and ABC online. Before CRM, ASPs, and B2B marketplaces. In the early nineties, when the Web first rose to prominence, few saw it as a business medium. Few saw it as a fresh outlet for major newspapers, radio stations, and television networks. The Web would be the tool of the masses, not The Man. Unlike newspapers, radio, and television—media that broadcast the ideas of a select group of people and corporations—the Web would give widespread voice to every one of us. It would let anyone quickly and easily exchange information with anyone else, fostering worldwide collaboration. It would engender “the decentralized, organic growth of ideas, technology, and society,” as its creator, Tim Berners-Lee, wrote in his memoir, Weaving the Web. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
101
102 BLOG TOOLS 106 WIKI TOOLS 110 RSS TOOLS 112 WIRELESS COLLABORATION 114 VIDEO AND VoIP 116 PUSHING SCREENS
104 Summary of Features: Blog Tools 105 Choice Blogs 108 Summary of Features: Wiki Hosted Sites 110 Choice Wikis 118 Meme Streets
Such expectations were summarily quashed by the midnineties. The Web didn’t give everyone a voice. It didn’t allow for the widespread exchange of ideas. With a browser, you could easily read Web pages posted by others. But there wasn’t a comparably simple and effective way for you to create, post, and update your own pages. Unless you were a seasoned computer user, building or editing a page with tools like Macromedia’s Dreamweaver or Microsoft FrontPage was far too difficult and time-consuming. Hosting your own site was a technical nightmare, and paying someone else to host it was expensive. If you did launch a page, there was no cheap and easy way to publicize it. Even if you could update it on regular basis, there was no effective means of telling people you’d done so. Sites are useless unless people know to read them. You could always post your ideas to online discussion groups, but these weren’t an ideal platform. Your words, limited to a few lines of text, were often lost among the multitudes of other voices. And you were at the mercy of the group administrator, who could delete your post at any time. Very quickly, the Web was commandeered by those with the money and expertise to maintain and publicize Web sites: corporations, other businesses, the existing mass media. Tim Berners-Lee’s creation had inadvertently brought much more power to the establishment than to the people. Then something beautiful happened. Early this decade, several new communication tools bubbled up from the far reaches of the Internet. These were tools that could at long last fulfill the Web’s initial promise, nurturing a free exchange of ideas. With blogs, short for Web logs, anyone can now stream ideas onto a Web page in a matter of seconds. With wikis, named after the Hawaiian word for quick, entire groups can easily post and edit pages, freeing the users from the constraints of discussion groups. With RSS, anyone can easily syndicate material across the Web and alert readers to updated content on his or her site. Other tools are popping up that let the “everyuser” regain control of the Internet. Applications like AirCQ and Colligo allow for free-form collaboration over wireless handheld devices. With the latest Voice over IP and video phone tools, anyone can send highquality audiovisual streams across the Net. With an app from ModeEleven, you can even push information via screen saver. Our contributors: Cade Metz is a senior writer at PC Magazine. Richard V. Dragan is a contributing editor, Ben Z. Gottesman is an executive editor, and Craig Ellison is the director of operations for PC Magazine Labs. Associate editor Sean Carroll and PC Magazine Labs project leader Neil J. Rubenking were in charge of this story.
102
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Naturally, these tools will soon find their way into the hands of big business. Companies like Macromedia and Sony are already using blogs to communicate with customers. RSS is quickly becoming a staple among news sites, including PCMag.com. But that’s almost beside the point. These tools will continue to empower the people. According to the Web survey firm Perseus Development Corp., more than 4 million people have built hosted blogs, and that number will grow to more than 10 million by the end of 2004. With blogging tools and the other apps in this story, you too can take back the Net.
Opinion columnists may not have views any better than your own, but they have one thing you probably don’t—an audience. Fortunately, you don’t have to convince J. Jonah Jameson to hire you. A blog can help you disseminate your views, and a hosted blog service can help you get started cheaply and easily. You can write about politics, gardening, your cats—anything you like. Depending on the service, you can post to your blog by browser, e-mail, or even phone. Enthusiastic bloggers can post breaking news before Peter Parker makes the scene. Blogs are everywhere. Doonesbury’s Zipper Harris is a blogger. Howard Dean tracks his presidential campaign in a blog (www.blogforamerica.com). Dan Bricklin, father of the electronic spreadsheet, shares his thoughts in a blog at www .danbricklin.com. For every celebrity blog, thousands are maintained by ordinary people. Launching a blog is about the simplest way to create a personal Web site. Once you’ve configured your blog’s appearance and characteristic options, you simply start posting. The blog software organizes your posts with the newest at the top and a calendar linking to older posts. You can keep the whole thing private, like an old-fashioned diary, or let a few trusted friends view it. But for most bloggers, the challenge is to attract as many readers as possible, and they let in anyone who stumbles upon their blogs. Themes or skins let you configure your blog’s appearance to reflect your personality; if you know a little HTML, you can do some fine tuning. Many services include interactive elements to keep visitors engaged, like the ability to rate or discuss posts. A search function may help you find bloggers with similar interests. Exchanging links or joining blog rings helps drive traffic to your blog. A few services make it easy to display the books and music that currently interest you, with automatic creation of thumbnails and links to Amazon.com. If you sign up as an Amazon.com Associate, you can even make a little money when visitors click through to buy books or CDs you recommend. You may well need that extra cash from your Amazon affiliation. A successful blog can outgrow a free or low-cost basic service, forcing you to choose a premium service or even set up your own Web site to host the blog. Some bloggers self-host because of concerns about retaining ownership of their blog entries, though hosting services make it clear that you retain
C O M M U N I C AT I O N
all rights to your posts. But like any Web hosting service, a blog host retains the right to delete content it deems obscene or illegal. And some users may simple enjoy hosting their own. Scholars today study the famous diary of Samuel Pepys for insight into everyday life in 17th-century England. Will your blog be just as famous in a few hundred years? No one will ever know unless you try. You will have some competition: Pepys’s diary is back, as a blog, with annotated copies of the original entries appearing daily (www.pepysdiary.com). You can choose from an assortment of tools that can host your blog for you; we tested the best of the bunch. In addition, we looked at one application for those who prefer to host their own. Read on to see what we think.—Neil J. Rubenking BLOGGING SERVICES Google purchased Blogger and the Blog*Spot hosting service from Pyra Labs earlier this year. Blogger and Blog*Spot are free now, with features of the former Blogger Pro premium service gradually moving into the free, ad-supported service. But until a feature has been transferred to the free service, there’s no way for a new blog to use it. As a result, we couldn’t test some premium-service features that haven’t yet been transferred. Posting to Blogger is a snap: Just enter plain text or HTML code in the editor, spell-check it if you like, and click a button. Previous posts are handily listed below, in case you want to edit them. You can click the BlogThis! button on the Google toolbar and quickly post a link to the page you’re viewing, with your comments. By the time you read this, the mail-to-blog feature should be available. With a separate subscription to audio Blogger ($3 a month), you can even phone in audio-only posts. Blogger doesn’t emphasize community interaction; it alone among our contenders doesn’t let visitors discuss or rate posts. Another serious lack in the service: Your Blogger blog is also completely public, with no means to limit access. And the ability to host images hasn’t yet trickled down from the premium service to the current free service. But it’s free, and that may suffice to convince you to join its 1.5 million registered users.
(Free. Pyra Labs, www.blogspot.com. llmmm ) LiveJournal is strongly community-oriented. In fact, you can get a free basic account only if a community member invites you; otherwise you have to pay. You can engage visitors with polls, and the comment system provides a fully threaded discussion area. Visitors can even get e-mail notification of responses to their comments. Enter a full user profile and search for other users with similar interests, link to friends’ blogs, even exchange text messages with other LiveJournal users. If you want, you can specify who’s allowed to access your entire blog or even individual posts. Community and content rule in LiveJournal, not fancy formatting. Users typically post entries to their blogs using one of several simple clients, though it’s possible to post using a browser. In either case, there’s no WYSIWYG editing and no hosting of images, and the spell-checker offers suggestions but can’t insert them. This combination of community interaction and simple editing apparently appeals to many. The LiveJournal site’s running statistics show over 600,000 active users and over 100 posts per minute. (Basic, free; premium, $25 a year. Danga Interactive Inc., www.livejournal.com. lllmm ) Unlike in the other services we reviewed, a Radio UserLand blog is created locally using desktop Web server software and then “upstreamed” to the Web, so you always have a local copy of all your content. You can optionally configure it to allow browser-based posting from other locations or posting via email. With the free Picture Tool add-in, uploading a picture is as simple as copying it to a specified folder. If you frequently type particular sequences of HTML or text, you can save them as named shortcuts; a quoted shortcut name in a post will be replaced by the specified HTML or text. UserLand controls the RSS 2.0 specification, so naturally this product emphasizes RSS (to learn more, see the section “RSS Tools,” page 110). Your own blog is automatically accessible as an RSS feed, or as multiple feeds if you use the Categories feature to organize your posts. The built-in News Aggregator can pull in RSS feeds from any source, including other blogs
Components of a typical blog page Blog posts are displayed in order, newest at the top.
A picture of the blog’s author graces each page.
Visitors click on a linked calendar day to view the day’s posts.
Posts from earlier months are automatically archived. This thumbnail links to Amazon.com. If a visitor clicks through and buys the book, the blog’s author gets some cash.
This link gets an RSS feed of the blog’s content. This permalink will still link to the post after it’s moved into archives. Visitors click on this link to comment on the post.
This link goes to the author’s profile. Recent comments are automatically listed here. Recent posts are automatically listed here.
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
103
you subscribe to. Just click to post a news item to your blog and add comments. A HotList displays the 100 most subscribed-to news channels. Visitors can comment on your posts, but there’s little else in the way of community or interaction, and you can’t limit access to specific users. Radio UserLand is especially handy if your aim is to air your views on current events. ($39.95 a year. UserLand Software Inc., http://radio.userland.com. lllmm ) Tripod Blog Builder is available to any of the 32 million Tripod/Angelfire members. If you decide to host your blog here, you’ll get all the features of a complete Web site. Basic service is free (with ads); premium service drops the ads and adds more storage, bandwidth, and some features. Premium members can have multiple blogs or multiple authors and can control access to an entire blog or to individual posts. Even basic membership includes image hosting, but premium members get an Image Aide tool to automate insertion of images in posts. Your blog can include a Buddy Page with links to friends and their blogs. Visitors can comment on posts in a fully threaded
discussion system, and owners get e-mail notification of new comments. You can enhance your blog by taking advantage of the services available through the Site Builder: Set up a photo album or guest book and link it to your blog page, for example. If you’re looking to create a complete Web site, not just a blog, Blog Builder is a good place to start. (Basic, free; premium, $10 to $15 for setup, plus $4.95 to $19.95 a month. Lycos Inc., http://blog.tripod.lycos.com. lllmm ) TypePad, the hosted service corresponding to Six Apart’s well-regarded Movable Type (reviewed on the following page), has excellent support for content above and beyond simple blog postings. Your blog can include one or more photo albums, which automatically generate thumbnails and attractive display pages. You can easily add books or music to typelists; TypePad grabs a thumbnail and link from Amazon.com. Your typelists automatically appear as sidebars, flanking your blog posts. TypePad’s editor isn’t WYSIWYG, so a little knowledge of HTML is helpful—essential if you want to include a photo
S U M M A RY O F F E AT U R E S
Blog Tools
www.pcmag.com.
p Premium service only o NO OVERALL RATING K
Blog*Spot
LiveJournal
Tripod Blog Radio UserLand Builder
TypePad
Weblogger
Xanga
llmmm
lllmm
lllmm
lllmm
llllm
lllmm
llllm
Basic service
Free
Free (by invitation)
$39.95 a year
Free
$4.95 a month
$9.95 a month
Free
Unlimited
Unlimited
50MB
20MB
Unlimited text
Unlimited N/A
Unlimited $25 per year
Unlimited $25 a year
Unlimited
1GB $8.95–$14.95 a month 200MB
1GB $39.95 a month
N/A
40MB free (owner 20MB can buy more) Unlimited 1GB N/A $4.95–$19.95 a month N/A 25MB–150MB
500MB
Unlimited text, 20MB images
Monthly bandwidth POSTING FEATURES
N/A
Unlimited
N/A
5GB–30GB
5GB
6GB
Unlimited
llllm
llllm
llllm
lllmm
lllll
llllm
llmmm
Posting via browser/e-mail/client software
yyo y y
yoy o y
yyy o o
yoo o
np n
p p
yyo o y
yp o o o
y
y
y
p
p
y
o
llmmm
llmmm
llllm
llllm
llmmm
llllm
lllll
WYSIWYG post editing
o
o
y
o
y
y
y
User can include images without writing HTML Spell-check available COMMUNITY/INTERACTION FEATURES
o y
o y
y o
p p
o o
y o
y
llmmm
lllll
lllmm
lllll
llllm
llllm
llllm
Site visitor statistics available
o
o
y (in top 100)
y
y
o
Friends list/Links to friends’ blogs Owner can enter profile
oo y o y
yy y
oy o
p p n
oo o
y o
o o
y o o
yo y o y
o y
yy y o y
Visitor polls/Visitors can rate posts Visitors can discuss posts/Threaded discussion Owner can be notified of new comments CONTENT FEATURES
oo o N/A o
yo yy y
oo yo y
oo yy y
oo yo y
yo yy y
oy yo o
llmmm
llmmm
lllmm
llmmm
llllm
lllmm
llllm
Automatic book or music links with thumbnails
o
o
o
o
y
o
y
Blog can contain/be a source of RRS content Ad-free blog SECURITY/ACCOUNT FEATURES
p n
yy y
oy
p
oy y
yy y
oy
o
yy y
lmmmm
lllmm
llmmm
llmmm
lllll
llllm
llllm
Owner can limit access to specific visitors
o o o
y o y
o o o
p o
p
y y y
y y o
y
Owner can ban specific visitors Per-entry security settings Local archive of blog content Solution for switching to self-hosting
o y
y o
y y
o o
y y
y y
y YES
Storage Monthly bandwidth Premium service Storage
Owner can schedule future posts Multiple authors per blog with distinct authorship Multiple blogs per account EDITING FEATURES
Owners can search for common interests Visitors can subscribe to alerts to new posts
RED denotes Editors’ Choice.
104
Download this table at
N/A—Not applicable: The service does not offer this feature.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
p
p
p
p y
p o
CHOICE BLOGS
C O M M U N I C AT I O N
album image in a post. You can post from your Boing Boing also gives the ability to subscribe without nobrowser, send posts via e-mail, post from your www.boingboing.com tification, a way to try a blog without risking This “directory of wonderful WAP-enabled phone, or even use third-party offending the blogger by unsubscribing. Visithings” is full of offbeat, fascinatstand-alone products. tors can comment on your posts or give ing, and thought-provoking posts. TypePad blogs are inviting and easy to navi“eProps” to especially good ones. (Basic, free; gate. The service’s comment system leaves you Dan Bricklin’s Log premium, $25 a year. Xanga, www.xanga.com. www.danbricklin.com in charge; you can enable or disable comments Hosts www.danbricklin.com/log, llllm ).—NJR on a per-post basis and hold incoming com- a blog by the tech guru who DO IT YOURSELF ments pending approval. Your visitors can read coinvented VisiCalc. Do you want to host your own blog? Six Apart’s posts or check out your lists of books, music, The Diary of Samuel Pepys Movable Type 2.64 is an appealing and welllinks, or friends. Link lists to recent comments www.pepysdiary.com rounded package. This core engine for the and recent posts appear automatically. And One of the great historical hosted version of TypePad (reviewed above) is TypePad produces the best-looking blog we’ve diaries, serialized as a blog. easy to install and use on your own, provided seen. (Basic, $4.95 a month; premium, $8.95 to The J-Walk Weblog you understand the basics of installing Perl $14.95 a month. Six Apart Ltd., www.typepad www.j-walk.com/blog Eclectic collection of informamodules and have a little admin expertise. .com. llllm ). Weblogger is a powerful system designed for tion, musings, links, and other We installed Movable Type to Windows and IIS 5.0 running with default Berkeley DB supgroups, not individuals. The administrator de- “stuff that may or may not interest you,” by John Walkenport for a database. Powered by Perl, this packfines roles: Contributing Editors write stories bach, a computer book author. age is a natural fit for Linux. It also supports and edit their own posts, Content Editors can connecting to MySQL and Postgresql as dataedit posts written by others, and Managing Ed- Longhorn Blogs base options, though these require downloaditors have full site control. New stories e- www.longhornblogs.com ing and compiling additional Perl modules— mailed or posted by Contributing Editors can A non-Microsoft site collection not something newbies will want to try. We be held for approval by higher-ranking editors. of 46 blogs on the forthcoming used ActiveState’s Perl 5.8 as our scripting enThese powerful features may cause some ini- version of Windows. gine for Windows. (Linux users normally get tial confusion in small, one-author configura- Neil Gaiman’s Journal Perl support by default.) tions. A Weblogger blog can host images, and www.neilgaiman.com/journal/ A step-by-step guide helped us get started. inserting them into posts is simple: Just in- journal.asp The popular novelist and comic Necessary steps include installing the DB_File clude each image’s name in quotes. Links to book author keeps up with his module from CPAN and configuring your Web other posts or to uploaded files are handled the audience. server to invoke Perl scripts. None of this resame way. patrickWeb quires a black belt in system administration, but Visitors can comment on posts in a fully www.patrickweb it’s tricky, and some previous experience with threaded discussion system. Using a free add-in, E-tired visionary IBM execuLinux or Perl will definitely help. you can poll your visitors from within a post. tive’s musings on technology. After installation, another script quickly genThere’s no support for personal features like PDC Bloggers erated the necessary database files, and we buddy pages or searchable interest lists; http://pdcbloggers.net were up and running. Users of Movable Type Weblogger creates a businesslike blog, based on Blogs as news coverage, from get full control over a well-polished blogging Manila. For a premium, it stores 500MB of con- Microsoft’s recent Professional tent and allows 6GB a month of bandwidth. Developers Conference. system, with good support for XML-based tem(Basic, $9.95 a month; premium, $39.95 a month. Scripting News plates to speed up new content. The user inhttp://scriptingnews Weblogger, www.weblogger.com. lllmm ) terface is largely the same as in TypePad for Xanga originated back in 1999 as a site for .userland.com end users, minus a few admin options. sharing book and music reviews. Driven by Tech thinker Dave Winer’s blog Movable Type administrators can set up any on scripting languages and more. member preferences, it quickly morphed into a Claims to be the oldest continu- number of blogs. The only trick is that you full-scale blog site, but it retains a marvelous ally running blog. See also http: need to access the file system on the server, ability to share reviews. Just name the song, //davenet.userland.com. which needs a few new directories—along with movie, or book that interests you and Xanga permission settings—to get new blogs started. grabs a link to Amazon.com, including a thumbOtherwise, everything can be done in the nail of the cover. Xanga aggregates the links into a Top 50 list. capable Web interface. The control over notifications and readClick the xTools button in the Links toolbar to comment on the er comments (including the ability to block troublemakers’ IP addresses) is appreciated. site you’re visiting, or post to your blog via e-mail. The attracRecent Movable Type customers include About.com, tive, fully WYSIWYG editor permits easy insertion of smileys, symbols, and links, and it automates the process of uploading Howard Dean’s presidential campaign, and the blog serializaand including images. You can try a free Xanga site, then uption of the Samuel Pepys diary (www.pepysdiary.com) mengrade to get more features and no ads. tioned above. If you have a little Perl experience, you too can It’s easy to locate like-minded people among Xanga’s 2.5 customize this slick and powerful personal-publishing system million users by checking out its blog rings. Members with and run it on your own servers with minimal effort. ($150; free similar interests can subscribe to one another’s blogs (when for individuals and nonprofit organizations. Six Apart Ltd., someone subscribes or unsubscribes, you’re notified). Xanga www.sixapart.com. lllll )—Richard V. Dragan www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
105
C O M M U N I C AT I O N
In many ways, wikis are the world’s simplest Web sites. Any member can add or edit pages. Users need learn only a few simple formatting rules—no HTML required—and previous versions of pages are saved for easy recovery from errors. The wiki’s content is built by all the members working together. If blogs are Webbased diaries, wikis are Web-based public bulletin boards. Ward Cunningham invented the wiki concept in 1995 to host a collaborative discussion of patterns in programming. He called it the WikiWikiWeb, wiki-wiki being Hawaiian for quick. Ward’s Wiki (http://c2.com/cgi/wiki), still going strong, hosts discussions on programming and wiki philosophy. Another robust wiki is WikiPedia (http://en.wikipedia.org), a wiki-based encyclopedia and a PC Magazine Site of the Week (www .pcmag.com/siteoftheweek/wikipedia) whose members and visitors have crafted over 300,000 articles. Formatting on a standard wiki page is exComponents of a typical tremely simple, though the details depend on the implementation. To create or link to a page, you simply name it using WikiWords—two or more punctuationfree words mashed together, with the first letter of each capitalized. If the page doesn’t yet exist, it gets created the first time you edit it. Some wiki implementations allow FreeLinks (links defined by surrounding the page name in specific delimiters, such as square brackets or asterisks). In theory, a determined troubleThe four lines starting maker could wreak havwith an asterisk will oc on a wiki, deleting become a bulleted list. pages right and left or To include an image, simply defacing them. you must copy its URL. But this rarely happens, maybe because other This link brings up a chart users can roll back the of structured text rules. changes. Besides, hacking a wiki is too easy to be a challenge for malefactors. In addition, wikis can be secured to make them less vulnerable to attacks. Want to test this style of collaboration but not prepared to install one of the free open-source wiki implementations on your Web site? You may be tempted to visit Ward’s Wiki and stake out a few pages of your own. If your pages link to one another 106
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
but not to anything else, you’ve created your own sub-wiki, or WalledGarden. But WikiSquatting, as this practice is known, isn’t acceptable behavior in the wiki community. Instead, use a hosted wiki service, also known as a WikiFarm. You may choose to create a public wiki or one open only to members. We’ve evaluated five services to help you make a choice. WIKI SERVICES EditMe wiki costs start at $4.95 per month. For a quick test, try the service at its demo site, which resets to empty every 4 hours. EditMe runs on Java-based software and offers an impressive WYSIWYG page editor rather than relying on wikistyle structured text. It’s easy to attach images and files and to insert images and tables into a page. EditMe retains previous versions of uploaded files as well as pages, so you can roll back to earlier versions. To personalize your EditMe wiki, you edit its style sheet or add your own links to the page menu. Visitors to an EditMe wiki fall into three categories: administrators, members, and the public. The wiki’s default configuration determines which groups can view pages, edit pages, create new pages, and attach files; you can override the default for any page. wiki page The combination of granular security control and easy editing makes EditMe a versatile choice. (Basic, $4.95 a month; premium, $9.95 to $24.95 a month. EditMe, www.editme.com. llllm ) Seed Wiki hosts noncommercial wikis free; if you want to sell things from your wiki, make it your primary Web site, or include images, you need to pay. You can
The current page has been assigned to these two categories. The user can create new categories or assign a page to existing categories. This line will be formatted as a header because of the initial pair of carets. Text within square brackets will become a link to another page.
also contract with Seed Wiki’s owner to create a full-scale wikibased site with additional features. This WikiFarm doesn’t just grow wikis; through customer requests it generates new ideas for high-end features. The free site serves as a test-bed and hence is frequently in flux. For example, during our evaluation the spell-check and automated image insertion features weren’t
C O M M U N I C AT I O N
working. Online help is sketchy, but the 1GB of storage per member and has no bandMORE ON THE WEB width limit. Socialtext’s practical editor uses owner invites e-mail queries. structured text, with a handy pop-up syntax Seed Wiki’s most unusual feature is wiki LOG ON TO PC Magazine’s home window. New pages are created using brackwidgets—actions invoked by a simple text page at www.pcmag.com for more ets rather than classic WikiWords. It’s easy string in a page. For example, “:;pagevisitorreviews, news, and opinions. to attach files, though slightly less easy to counter;:” becomes a live count of visitors. put an in-line image on a page. The resulting Other widgets can password-protect pages or wiki is crisp and professional-looking. trigger an e-mail notification of changes. Widgets available with One interesting twist: You can assign one or more categories the premium account can define user-input forms on a page, but to each page and view all the pages in a category as a blog. Memthis feature wasn’t functional during our evaluation. bers can e-mail new pages to the wiki, optionally specDharma Publishing’s bookstore (www.dharmapublishing ifying categories. By the time you read this, each .com) is an example of a site that “graduated” from Seed Wiki Socialtext account should able to launch as many to a custom site. The store owners can manage the site’s condifferent wikis as needed and invite the appropriate tent without any ongoing need for a Web designer. Whether team members. Bear in mind that each member adds your plans reach that far or not, you can use a free Seed Wiki to the monthly bill. ($30 a month per person. Socialtext Inc., to experiment with the concept. (Basic, free; premium, $5 to www.socialtext.com. llllm ) $20 a month. Seed Wiki, www.seedwiki.com. lllmm ) Socialtext Workspace wasn’t released until near the end of According to Advantive Associates, Swiki.net and the related our evaluation period, but it already had over 100 beta users. As NetUnify.org together host about 6,000 wikis. As a totally free the price suggests, this is a serious collaboration service for service, the Swiki.net implementation is naturally a bit on the business. It offers a free 30-day trial, as well as a public low-budget side. We had intermittent access problems during workspace. The service runs on Socialtext’s own Kwiki imtesting, and the spell-check button brought up a note saying plementation of the wiki standard. Each Socialtext account gets that the site’s subscription had expired.
S U M M A RY O F F E AT U R E S
Hosted Wiki Services
www.pcmag.com.
EditMe
Seed Wiki
Socialtext Workspace
OVERALL RATING K
llllm
lllmm
llllm
Basic service
$4.95 a month
Free
$30 a month per person Free
$20 a quarter per person
25MB 1GB
Unlimited (text-only) Unlimited (text-only)
1GB per person Unlimited
25MB 5GB
200MB 2GB
Premium service
$9.95–$24.95 a month
$5–$20 a month
N/A
N/A
Same, plus $60 a month
Storage Monthly bandwidth Underlying Wiki software STANDARD WIKI FEATURES
75–300MB 3GB–12GB Proprietary Java-based
2MB Unlimited Proprietary
N/A N/A Kwiki
N/A N/A Swiki
500MB 5GB Zwiki (with modifications)
lllmm
llllm
llllm
lllmm
lllmm
Wiki-style text formatting
o
y
y
y
y
Owner can create new pages using WikiWords/ brackets/other method Owner can lock page
oyy
yoo
oyo
ooy
yyo
y
o
o
y
y
Owner can revert to previous version/compare versions
yo
yo
yy
yo
Directory/record of recent changes created automatically “Breadcrumb menu” of recent page visits kept
yy o o
yy y y
yy y y
oy o y
r n yy y y
y YES
p Premium service only r Available on request o NO
Storage Monthly bandwidth
Back links are shown EXTENDED FEATURES
Swiki.net
TeamFlux
lllmm
llmmm
llllm
llllm
llmmm
lllmm
llllm
HTML permitted WYSIWYG editing available Images and files can be uploaded and included
y y y
y y
p
o o y
y o y
y o y
“Add comment” appends to page
o
o
o
y
y
WikiWords can be expanded for easier reading SITE FEATURES
y
y
o
o
y
lllmm
llllm
llllm
llmmm
llmmm
Multiple wikis for one account Owner can control appearance by selecting template
o
o
y
y
y
y
o
o
o
Owner can control appearance by editing style sheet Wiki adds menu of navigational links
y y o y
o y
r
r y y
y y o
o o y o
o o o
Wiki e-mails notification of changes Wiki keeps count of visitors to each page SECURITY FEATURES
r
llllm
llmmm
llllm
lllmm
lllmm
Password protection
y
p
y
y
y
Editing/viewing limited to members Per-page security settings Wiki easily blocks robots from indexing
yy y y
oo y o
yy o y
yy o o
o y
Owner can export Wiki to local copy
o
y
o
o
y
RED denotes Editors’ Choice.
108
Download this table at
N/A—Not applicable: The service does not offer this feature.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
r n
C O M M U N I C AT I O N
CHOICE WIKIS
Swiki.net’s versatile page editor can accept ei- EmacsWiki latter two options require an ODBC Control ther wiki-style structured text or HTML code. www.emacswiki.org/cgi-bin/wiki Panel connection—and separately installed Inserting inline images is as simple as uploading EmacsWiki is the place to go ODBC drivers. Thus, they’re a bit more work, them and then entering their names within spe- for information related to the especially if you’re leasing space on a remote server. By tweaking settings in a single ASP cial delimiters. You can also add boxes at the highly popular text editor, as well as some lively discussion script, you can switch between databases easibottom of a page that allow any visitor to apof GNU licensing in general. ly enough. You don’t have to be a programmer pend comments—even people without permisto use Open Wiki, but we appreciate its clean sion to edit the whole page. Security settings MeatballWiki can restrict access to members, restrict editing www.usemod.com/cgi-bin/mb.pl and often elegant VBScript coding. A “community of communiA guiding principle in Ward Cunningham’s to members, or open a wiki entirely to the pubties,” this wiki is about how original wiki effort was simplicity. The user inlic. Individual member permissions include the people form groups alone. terface of Open Wiki honors this with a funcability to view pages, edit pages, add or remove tional, almost spartan UI for posting and editmembers, and have full access to site adminis- Quicksilver Metaweb www.metaweb.com/wiki/wiki ing content. We like the clearly marked, tration. A bug causes membership information .phtml color-coded edit screen (with strikeouts) for to vanish occasionally, so keep a separate list of Sci-fi author Neal Stephenson viewing changes. Standout features include members. Swiki.net isn’t fancy, but it’s fully started this wiki as a way to emoticon support and built-in support for RSS functional, and the price is right. (Free. Advan- annotate his enormous (and for searching and syndicating content. (This tive Associates Inc., www.swiki.net. lllmm ) enormously complicated) Like Socialtext Workspace, TeamFlux is novel Quicksilver. last feature marks Open Wiki as a natural fit for designed for business collaboration, with per- Wikipedia companies testing wikis for collaboration.) member subscription fees. But TeamFlux is http://en.wikipedia.org/ Newbies should have little trouble with rougher around the edges, particularly in its An encyclopedia, wiki-style. At Open Wiki, though it isn’t at all evident how to help system. The page editor is flexible, accept- 300,000 entries and growing, create a new page (just saving to a new name ing both wiki-style structured text and HTML. it’s grassroots on a grand scale. does the trick). Besides linking content autoLike EditMe and Seed Wiki, it expands matically and supporting built-in keyword smashed-together WikiWords for display to WikiWikiWeb searches, Open Wiki lets users post custom make them easier to read. An image uploaded http://c2.com/cgi/wiki links and files along with their wiki entry text. The granddaddy of wikis, this while editing a page appears at the bottom; you Not only does Open Wiki let you get started site, started by wiki inventor can edit again to change its placement. The wiki Ward Cunningham, also quickly and easily within the familiar terrain of automatically becomes an RSS feed, but e-mail houses the Portland Pattern Windows, it also stands up as a worthwhile imnotification of changes isn’t available. plementation of some of the best wiki features. Repository wiki. Several functions can be handled only by re(Free download. Open Wiki, www.openwiki quest to the TeamFlux staff. It’s not unreasonable .com. llllm )—RVD to involve the staff in changing a wiki’s style sheet or exporting an archive copy of the wiki, but you shouldn’t need intervention to lock pages, revert to previous versions, or specify view-only access for some members. The service offers decent editing and security features, but we hesitate to recommend TeamFlux for business collaboration unless your budget So you’ve just launched your first blog, and you’re sudcan’t cover Socialtext. (Basic, $20 per quarter per team memdenly faced with two serious problems: (1) You’re not ber; premium, add $60 per month. Fluxent, www.teamflux.com. sure you have the time or the creativity to keep your llmmm )—NJR blog fresh and interesting; you need a quick and easy way to borrow material from other sources. (2) When DO IT YOURSELF
Open Wiki 0.78 is an easy-to-implement open-source solution for Windows. It includes support for XML-based style sheets and other bells and whistles, like RSS for syndicated content. This nohassle, simple and effective wiki has few administrative requirements and should let almost anyone host a wiki. Open-source and Windows aren’t often mentioned in the same breath, but Open Wiki is indeed a freely downloadable (and modifiable) ASP-based solution. Our test installation was on a machine running IIS on Windows Server 2003. Setup is simple, thanks to a Windows installer package (.MSI), which handles most of it for you. The only other significant prerequisite here is the Microsoft XML parser and a database (Open Wiki ships with an Access DB). We tested TeamFlux with SQL Server and took a look at the experience of connecting it to MySQL and Oracle. These 110
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
you do update your blog with new information, how will anyone know it’s been updated? Visitors could go to a site like www.weblogs.com, which lists recent updates, but then they might as well just check your site. You need a quick and easy way of alerting people to recent changes. No need to worry. You can solve both problems with RSS. RSS is a way of syndicating information across the Internet. Think of it as a protocol for sending and receiving online news feeds. You can equip your blog with an RSS feed, distributing recent changes to your readers. Or you can use an “RSS aggregator” to collect fresh material for your blog, grabbing RSS feeds from all sorts of Web sites, including news pages, portals, and etailers—not to mention other blogs. RSS is an acronym, but there was a falling-out within the group working on the standard, and as a result there are now
C O M M U N I C AT I O N
two groups, each with its own definition. According to one, it’s Really Simple Syndication; the other prefers Rich Site Summary. Still others opt for an acronym within an acronym: RDF Site Summary. RDF stands for Resource Description Framework. Part of the problem is that RSS is not a single, industry-wide specification. There are two competing RSS specs, and there are multiple versions of each. By now almost everyone’s comfortable with an Whatever you call it, whichever version you use, RSS operinstant-messaging client. Why fix something that’s ates in the same basic way. An RSS feed is essentially XML data not broken? The answer is the arrival of Wi-Fi. A that sits on a server, alongside a parent Web site. Typically, this new generation of tools let you catch the wireless data provides a rundown of the site’s latest changes, complete wave for flexible, ad hoc messaging and other with all the appropriate hyperlinks. If it’s attached to a blog, the collaboration abilities—even without an access point. As these feed might include a teaser for the blogger’s latest post. It might tools get more popular, it should be normal to go to your Wicontain the entire thing. If attached to a news site, it might inFi–enabled park or café and strike up an online conversation. clude the latest headlines or entire stories. With fine support for ad hoc wireless chat, Voice over IP, and Once a feed is posted, anyone with an RSS aggregator can video, AirCQ is a handy, low-cost utility for informal collaborasubscribe. This simply means that the aggregator will check tion. Though it lacks extensive support for security administhat XML data at regular intervals, retrieving any new material tration (or even a whiteboard), this software could be just what it finds. you need to get started with wireless collaboration. Sound complicated? If you’re a blogger, it’s actually quite Based in Nanjing, China, AirCQ is available as a download in simple. Most blogging tools (and all the hosted services we reboth English and simplified Chinese editions. Except for a few view in this story) include built-in software for quickly and easawkwardly translated phrases in its UI, the internationalization ily setting up an RSS feed from your blog. Many also include RSS aggregators, which let you seamlessly stream other feeds onto your blog. Even if you use a standInstant Wi-Fi Network alone aggregator, such as FeedDemon (www AirCQ and Colligo let users of Wi-Fi–equipped devices find any other .feeddemon.com), NewsGator (www.newsgator.com), users within range and create secure ad hoc networks with them, or SharpReader (www.sharpreader.com), the prowithout the need for IT intervention or an access point. cess is exceedingly easy. For more information on standalone aggregators, see our recent online roundup “RSS News Readers Browse for You” (www .pcmag.com/rssreaders). And you shouldn’t have much trouble finding lots of worthwhile feeds. Web sites such as Blogdigger (www.blogdigger.com), Feedster (www.feedster.com), and Syndic8 (www.syndic8.com) keep extensive lists of the leading RSS-enabled sites. Syndic8 alone lists more than 17,000 different feeds. Most of these feeds are blogs and news sites, but RSS also is branching Wi-Fi–equipped out into other parts of the Web. This summer, Amatablet Wi-Fi–equipped Wi-Fi–equipped PDA laptop zon.com started to offer RSS feeds. You can use an aggregator to retrieve a list of the newest books, CDs, or DVDs. Worried about the competing RSS specifications? is fine. The utility deploys to Windows 2000 and XP systems. Don’t be. Most tools publish and read both specs. And chances Simplicity is AirCQ’s guiding principle. AirCQ users with are they’ll soon be replaced by a new and improved spec, compatible Wi-Fi network adapters who are within range of code-named Atom, currently in development (www one another (with or without access points) can “see” one an.intertwingly.net). Some readers may know Atom by one of other. We had no problem connecting in a simulated small-ofits former names, Echo (for more information, see www fice setting, a Wi-Fi–enabled café, and a university network. .pcmag.com/article2/0,4149,1265721,00.asp). AirCQ simply discovers other users running the software. The competing specs have led to an awful lot of bickering, AirCQ’s friendly consumer focus shows in features such as but all this infighting hasn’t slowed adoption. RSS is even Auto-seek options for indicating personal interests (like sports poised to change the business world. Amazon.com is also or travel) and emoticons to liven up your chats. using RSS to exchange information with its partner sites. AcOnce you join a chat, you can send messages to other users. cording to Greg Reinacker, the founder of NewsGator, proThe feature set is simple but effective, though we would have grammers at at least one software company are using his aggregator to notify one another whenever they make changes liked to see whiteboard support, for example, and the ability to to their communal code base. The same convenience can do save chat transcripts. Besides chatting, you can send files and wonders for your blog.—CM business cards, which the recipient can accept or reject. 112
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
C O M M U N I C AT I O N
AirCQ supports VoIP and videoconferencing. For getting started with voice, there’s a handy utility that lets you verify microphone and speaker sound levels. Once it’s calibrated, you can request a voice chat with other users. Voice quality was fine on an 802.11b (11-Mbps) connection, though as we moved out of range, there was noticeable degradation—par for the course with VoIP. With a suitable Webcam, you can also videoconference. Again, don’t sit in the back corner of the Wi-Fi–enabled airport lounge and expect to get good performance. But with several bars of signal strength, both voice and video were up to the task. AirCQ doesn’t provide strong encryption over the airwaves, an issue for corporate road warriors. It does scramble all packets, though, and you can maintain a block list of unwanted users. Plans for the next release include support for sharing an Internet connection. Versions of AirCQ for Palm OS and Pocket PC handhelds are also in the works, due out in 2004. Though AirCQ lacks extensive security options, its low-cost, no-frills approach is appealing. ($19.99 direct. AirCQ Communications, www.aircq.com. lllmm ) With strong security administration features and Pocket PC 2002 handheld support, Colligo Workgroup Edition 3.2 is a serious, well-rounded package supplying wireless collaboration for business users. This utility earns high marks for usability and a truly innovative approach to managing Wi-Fi security for ad hoc groups of corporate users. Colligo installs to Windows 98 SE, 2000, and XP, and the download also bundles Pocket PC 2000 and 2002 versions, available in the same setup utility. Colligo takes on security and certificate administration, with excellent results. Besides supplying strong encryption over the airwaves, it tackles the problem of authenticating remote ad hoc users by offering an innovative (and patented) approach to managing X.509 certificates. The first time a Colligo wireless user is contacted, the program automatically generates a certificate that identifies him or her to the other user. In traditional cryptography, the so-called man-in-the-middle attack can be used to intercept the initial certificate. Colligo thwarts this by adding a separate step of identifying users on a separate channel (via e-mail or phone, or in person) where each party confirms a special threeword code (for example, raven cucumber deer) to ensure that remote (and invisible) users are who they say they are. Behind the scenes, these uniquely generated code words map to the underlying certificate. Don’t worry: After this initial step, all the certificate management goes on under the hood. (Fortunately or not, we expect that most informal users will likely skip the James Bond stuff up front and just click Accept right away.) The utility also lets you define custom ad hoc networks and groups so that the right users can find each other over the airwaves. Colligo promises support for joining ad hoc and wireless networks with access points. In testing, we got both modes to work but found that Colligo didn’t cooperate when we introduced one older 802.11b wireless card and driver in ad hoc mode. This is something AirCQ was able to handle: the trade114
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
off between greater security and more open access. Once you are connected, the support for collaboration in Colligo really shines. The excellent chat client has the ability to archive chat sessions as well as collaborate on whiteboard diagrams with multiple users. (Especially on Pocket PC PDAs, where you can draw with a stylus, this capability will be much appreciated.) Besides chat, you can send files and business cards and share both printers and Internet connections through one user; this lets handheld users print and get to the Web more easily on the road. A nifty mini-Outlook client, which shows your daily schedule, current appointments, and available meeting times, can be used to schedule meetings with multiple participants. In all, with its business focus and tight security model, Colligo’s wireless and chat tools deliver an appealing mix of collaborative abilities that will meet the needs of many mobile workers. ($69.99 download. Colligo Networks Inc., www .colligo.com. llllm )—RVD
A broadband Internet connection opens up a number of possibilities that just aren’t feasible over dial-up. In addition to speedy downloads of files, streaming multimedia content, e-mail, and instant messaging, you can use your broadband connection for videoconferencing or to replace your telephone. If you want to use your broadband connection for videoconferencing, the Viseon Visifone might be a device to consider. The Visifone is a self-contained desktop phone with a 6-inch TFT LCD , a variable-focus CCD camera with adjustable color and brightness controls, and a built-in speakerphone. It also has as audio inputs, as well as NTSC or PAL video input/output connections. It’s based on the same h.323 standard you’ll find in highend videoconferencing systems costing thouViseon Visifone sands of dollars. We tested the Visifone connected both to another Visifone and to a computer equipped with NetMeeting. The quality of the video and audio is a function of the bandwidth available between the two devices. On a local network, video quality was very good. On a call to a NetMeeting computer connected to an ADSL line, it was acceptable. The Visifone is targeted at corporations that want an inexpensive alternative to dedicated videoconferencing and at early adopters who want to add video to their communications. To set up the Visifone, you connect it to an Ethernet port on your
C O M M U N I C AT I O N
network, then configure it via the on-screen menu system. Unfortunately, the instruction manual appears to have been written by engineers for engineers. Unless you’re very network-savvy, the block diagrams and flowVonage connects your analog charts that make up nearphone through a Cisco 186 ATA. ly the entire instruction book will be intimidating. Once you have the unit configured and the appropriate ports open on your firewall, you can dial any other h.323-compliant videophone, but here’s the catch: Instead of dialing a phone number, you dial an IP address. Although the product does have a phone book that allows you to store frequently used names and IP addresses, it doesn’t have the ability to keep track of dynamically assigned IP addresses. Without support for SIP (Session Initialization Protocol) or DDNS (Dynamic DNS) for resolving dynamic IP issues, making connections to anything other than static addresses could be difficult. The Visifone is upgradable, so these problems may be addressed in the future. ($599 list. Viseon Inc., 866-484-7366, www.viseon.com. lllmm ) For those who don’t need videoconferencing and just want to use their broadband connections for voice communications, Vonage offers a compelling alternative. Vonage is a combination of a service and hardware. When you sign up, you receive a Cisco 186 ATA (analog telephone adapter). Setup is a snap; anyone can do it. You merely connect the ATA to your Ethernet network and plug in an analog phone. After a few seconds of initialization, you pick up the phone and hear a dial tone. On our tests, we connected the adapter to an SMC Barricade wireless router that was connected to our DSL circuit and made our first call within 30 seconds. The ATA is smart enough to figure out most firewall settings. We connected it to our corporate network, which uses NAT behind a firewall, and again it worked. And there’s no learning curve associated with the phone itself. You use it as you would any other phone. Vonage offers two basic rate plans: unlimited local/regional (which includes 500 domestic long-distance minutes) and unlimited calling within the U.S. and Canada. International perminute rates are significantly reduced. Vonage also includes a number of premium call features for which local phone companies charge extra, such as caller ID, caller ID block, Call-Waiting, call forwarding, and voice mail. You can configure voice mail to notify you via e-mail, e-mail a WAV file of the voice mail to you, or play your messages back online at Vonage’s Web site. Vonage currently covers 161 area codes in 91 markets in 35 states. You can request a phone number from any of the area codes available. A virtual second number is also included in the premium plan. If you travel to places where broadband is available, you can tuck your ATA into your suitcase and plug it in when you arrive at your destination. This could result in significant savings if you travel internationally. (Activation, $29.99; unlimited local/regional, $24.99 a month (including 500 domestic long-distance minutes); unlimited calls in U.S. and Canada, $34.99 a month; international rates vary. Vonage Holdings Corp., 866-243-4357, www.vonage.com. lllmm )—Craig Ellison 116
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
When it debuted in 1996, PointCast, a service that pushed the latest news to desktops worldwide, was considered by some the Internet’s killer app—until its erratic behavior and gluttony for bandwidth did it in. The service’s demise may have turned people off to push technology—or maybe they realized that e-mail was the ultimate push tool—but there were good reasons for the technology’s initial appeal. One of PointCast’s most enticing features was its information-packed screen saver. Glance over at your PC and rather than seeing flying toasters you saw the latest headlines. The screen saver was so useful that a great way to stay informed was not to work on your PC. A small start-up called ModeEleven is taking the best of the push screensaver concept. The ModeEleven Broadcast Screensaver System lets anyone create screen saver channels— whether proud parents pushing pictures of the kids to doting grandparents or large publishers sending the day’s top article or product reviews. According to ModeEleven, employers are looking at using the product to keep employees apprised of company news and policies. Each ModeEleven page can contain text, graphics, and even streaming video (fortunately, there’s a mute button). The pages can also contain hyperlinks to anywhere on the Web or to a
The ModeEleven Broadcast Screensaver System lets you push multimedia screen-saver content suitable for business or personal audiences. Screensaver content can be scraped from and linked to Web sites.
C O M M U N I C AT I O N
ModeEleven-provided discussion board for the channel. The company offers four subscription levels for channel producers, from basic Bronze ($4.99 a month), which lets one person create up to 30 active screens for 20 subscribers, to Platinum ($199.99 a month), which allows for 20 producers, 150 screens, and 1,500 subscribers. Channels can be listed in the ModeEleven directory or kept hidden and password-protected or IP-address–restricted. To create your screen saver, you can either upload photos into one of the canned templates or upload your own screens. High-end producers can use a Web-scraping tool to convert content from their sites into screen-saver pages. Reports are available, so producers can see how many people have viewed specific pages. Anyone can download the free ModeEleven player, which
plugs into Windows’ screen-saver system. Once you sign up, you decide which channels to subscribe to, and pages are displayed in semirandom order. There’s not a lot of public content yet, although if you’ve been wondering what former teen heartthrob Leif Garrett’s been up to since “Runaround Sue,” make sure to sign up for his new band, f8 on its public channel. To keep bandwidth use down, channel updates are pushed down only when the screen saver is in use, and only if the user has recently used the machine. The ModeEleven Broadcast Screensaver System is a finalist for our annual Technical Excellence Awards (page 94); it makes our PC ’s downtime more useful and entertaining. Maybe this time around, pushing screens will be more lasting. (Player, free; service, $4.99 a month and up. ModeEleven Inc., www.modeeleven.com. l l l m m )—Ben Z. Gottesman E
Meme Streets The most important effect of tools like blogs, wikis, and RSS feeds is that they bring new power to the people. Now more than ever, the average Joe can make himself heard on the World Wide Web. But there’s a wonderfully fascinating side effect to this take-back-theNet phenomenon. In bringing new power to the people, such tools also bring new power to the meme. In 1976, Oxford University zoologist Richard Dawkins published a book called The Selfish Gene, a fresh look at Darwinian evolution. Evolution, Dawkins argued, is a competition not between biological organisms but between genes. Individual organisms are doomed to die. But genes, hopping from creature to creature, can survive almost indefinitely. Even humans are no more than “gigantic lumbering robots” that genes manipulate in their battle for survival. Needing an analogy to describe this process clearly, Dawkins introduced the notion of the meme. A meme, he explains, is a “unit of cultural transmission”—anything that spreads from person to person as people imitate one another. Memes include “tunes, ideas, catch phrases, clothes fash118
ions, ways of making pots or of building arches.” The familiar seven-note jingle “Shave and a haircut, two bits” is a meme. It’s been bouncing from brain to brain for the past century. The miniskirt was a meme: Suddenly, in the spring of 1963, every young woman in the western world wanted higher hemlines. Three decades later, Cameron Crowe sparked a meme with Jerry Maguire, and you couldn’t go a day without hearing “Show me the money.” Memes, Dawkins argued, behave just like genes. They thrive by jumping from host to host. They’re subject to mutation. Take urban legends, particularly fertile memes that change a little on each retelling. Who hasn’t heard some version of the one about the man who wakes up in the bathtub minus a kidney? Sometimes he’s in Las Vegas, sometimes New Orleans. Sometimes he’s a she. Finally, memes survive or perish according to natural selection. Only the most effective have staying power. Certainly, a meme is effective if it has a particular knack for latching onto the human brain—if it’s useful, beautiful, intriguing, or perplexing. But a meme is often more successful if it can catch a ride with the
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Evil Bert, a Zelig-like Muppet with a tendency to turn up next to modernday villains (shown here with Osama bin Laden), and the strange “All your base are belong to us” images (the phrase comes from an old video game) are prime examples of memes spread by the Internet.
mass media—witness “Show me the money.” Film, radio, television, and print media have all hastened the spread of memes, but potentially the most successful meme machine ever invented is the Internet. It too can reach entire populations in an instant. But whereas other forms of mass media are controlled by a select few, the Internet is a meme machine that anyone can use. Memes spread like wildfire over e-mail. Chances are, you’ve opened your in-box and found the video of the dancing baby, or the $250 Neiman Marcus cookie recipe, or the story of Ronald Opus, shot and killed as he leaped from the top of a building. But they replicate in far more bizarre ways over the Web. For a while, you couldn’t get far on the Net without seeing a photograph doctored with the
phrase “All your base are belong to us,” a dreadful piece of English from a Japanese video game. Then the Web was littered with pictures of the Sesame Street character Bert standing next to history’s most nefarious people. But this is only the beginning. The latest Internet communication tools will surely take memes to a whole new level. With blogs and wikis, even more people can contribute to the Web’s meme pool. With RSS, Web memes can disseminate even quicker. Blogs have already proven particularly adept at spreading a meme that’s had precious little success over the past 25 years: the meme meme. Richard Dawkins coined the term in 1976, but it didn’t begin to catch on with the general public until recently, when it became a buzzword among bloggers. Consider yourself infected.—CM
KNOW YOUR WEAKNESSES NETWORK SECURITY
A
s the person responsible for your company’s network security, you know you are sorely outnumbered. A seemingly infinite number of potential intruders are lurking out there, and there’s never enough time to prepare. Without a doubt, the costs of cyberattacks are significant, as shown by the 2003 Computer Crime and Security Survey, conducted by the Computer Security Institute and the FBI. The 250 organizations that participated in the eighth annual study reported combined losses of $202 million, with causes ranging from theft of proprietary information, denialof-service attacks, and viruses to insider abuse of network access. How do you improve your odds? Your obvious first step is to identify system weaknesses. Vulnerability assessment scanners not only automatically discover security flaws on a net-
122
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
BY MATTHEW D. SARREL ILLUSTRATION BY JOSHUA ELLINGSON work but in some cases correct them, too. Such tools have been around for years, but only recently have they matured into more comprehensive and user-friendly—if still complex—products, with features like customized reporting, distributed threat assessment, and automatic correction of potential problems. Among the things such scanners can identify are known software bugs, viruses, and weak access control policies. Commonly found workstation vulnerabilities include open NetBIOS ports for file and printer sharing, as well as users who run rogue Web servers or peer-to-peer file-sharing clients. Vulnerability assessment scanners can also find improper configurations of applications, which can leave a network un-
Vulnerability scanners identify network insecurities.
R E V I E W E D I N T H I S S TO RY 124 GFI LANguard Network Security Scanner 3.3 l l l m m 124 MegaPing l l l m m 125 Nessus l l l m m 128 Retina Network Security Scanner l l l l m 129 SAINT 5 l l l l m 130 Security Analyzer 5.0 l l l l m 124 Editors’ Choice 126 The Basics:
protected. For example, Microsoft Exchange’s default configuration used to leave the server as an open SMTP relay, which could be exploited by spammers. This resulted in attackers hijacking servers and sending millions of e-mails that appeared to originate as legitimate traffic from the victims’ networks. Some vulnerability assessment scanners also take on patch management or the deployment of code updates to repair bugs. Web servers and e-mail servers require frequent patching, as do the underlying operating systems. This is especially true of Microsoft products, because they are such frequent targets. But patch management is a task that is arguably too complex to be tackled by such programs alone. Our story focuses on six vulnerability assessment scanners that are used to identify potential weaknesses among services such as HTTP, FTP, and SMTP on a network. These tools can give network administrators a quick handle on their security issues and are easy to deploy, because they don’t require agents to be installed on each system being scanned. Agent-based scanners, however, require the installation of small programs that collect more detailed information regarding vulnerabilities on each host. Agents report system-level vulnerabilities (instead of application- or service-level weaknesses), such as file permissions, user account properties, registry settings, and application settings, to a centralized database and also create less network traffic than agentless scanners. One of the scan-
MBSA and Nmap 128 Foundstone FS1000 Appliance 129 Performance Analysis 130 Scorecard 130 Summary of Features 132 Targeting Known Weak Spots
ners in our review, NetIQ’s Security Analyzer 5.0, offers an optional agent-based component. In our roundup, we did not include online vulnerability assessment tools, such as those offered by Foundstone and Qualys. Such services view your network from the outside, scanning its IP addresses from across the Internet to identify external threats, though a growing number can also assess internal systems and vulnerabilities. Our roundup evaluates each network-based scanner’s ability to assess, report, and in some cases correct vulnerabilities that may create an unsafe computing environment. We also take a look at a few other related products, such as two free networkscanning tools, a network-auditing tool, and a security appliance. Our contributors: Matthew D. Sarrel, CISSP, is a PC Magazine Labs technical director. Craig Ellison is director of operations at PC Magazine Labs. Konstantinos Karagiannis is a senior editor. Associate editor Davis D. Janowski and project leader Oliver Kaven were in charge of this story. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
123
GFI LANguard Network Security Scanner 3.3 50 IP address scans, $395 direct. GFI Software Ltd., 888-243-4329. www.gfi.com. OVERALL RATING: lllmm
GFI LANguard Network Security Scanner
3.3 covers the basics of vulnerability scanning well, though it lacks some of the advanced capabilities found in more enterprise-focused products such as eEye’s Retina Network Security Scanner and NetIQ’s Security Analyzer 5.0. LANguard cannot take the in-depth look at CGI scripting that Retina can or scan some types of network hardware, such as routers. But it’s also much less expensive than the products from eEye and NetIQ. To perform a basic scan of your network, you simply enter an IP address or range and press Start. LANguard gives you many types of predefined security scan profiles. For example, you can scan using only ICMP for discovery, scan all available ports, or scan for open shares or missing patches. You can also define and save your own security scan profiles. Without administrative privileges in a Windows domain, you can determine computer names, MAC addresses, open ports, operating system versions, and SNMP information, all reported in a tree structure of results sorted by IP address. With domain administrative privileges, you can determine significantly more information about each system, such as shares, user accounts, services, password policies, registry information, and installed patches. Your scan can also include testing for CGI abuses as well as FTP, DNS, mail, service, and registry vulnerabilities. The results are grouped by category and include either a recommendation for remediation or a BugTraq, CVE, or Microsoft Security Bulletin reference. Within the report generator you can create and save custom reports to meet your individual security needs. For example, you can generate a report of all systems that have either TCP port 80 (Web) or port 21 (FTP) open. As with Retina and SAINT 5, an included utility lets you compare two reports for new, removed, or changed •••
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Retina Network Security Scanner eEye Digital Security’s Retina Network Security Scanner impresses us with its flexible tools and the speed and accuracy of its scans. The tool’s detailed reports list not only vulnerabilities but the reference numbers identifying them on BugTraq, CVE, and Microsoft’s Security Bulletins. The reports are exceptionally well organized, never overwhelming users with too much result data. Administrators have more than just a large number of scans at their disposal with Retina; they can fix registry problems identified during scans with a button click. The product’s auditing tools, which let administrators zero in on known weaknesses on their networks, are unparalleled among the products we reviewed. We wish more vendors would incorporate auditing into their applications. With such tools, you can easily set up your own customized sets of scans, keeping them narrow and focused. Retina is one of the very few applications that combines complex tasks with ease of use, never leaving you wondering whether you’ve missed a step or made the wrong choice during the configuration or data analysis process. We also tip our hats to Nessus, a free open-source application created by Renaud Deraison, with an Honorable Mention. It is a full-featured and comprehensive vulnerability scanner that offers many configuration options (sometimes too many), and it is certainly worth considering if you have a limited budget and don’t mind having a user interface with some rough edges.
items, as well as alert and hot-fix changes. LANguard is also marketed as a patch management and deployment solution. During a scan of a Windows network, LANguard determines which patches have been installed on your systems and which are missing, based on GFI’s coordination with Microsoft. It deploys hot fixes as well as service packs. Note that because patch management is such a multifaceted, complex process, you may not want to rely on only a vulnerability scanner to determine what should be updated with the click of a but-
ton. Larger companies, for example, use their existing application distribution software, such as Computer Associates’ Unicenter or IBM’s Tivoli, to update their nodes with patches. For smaller companies that don’t have such software, the safest solution is for each node to run Windows Update. We also advise that companies of all sizes examine and analyze each patch before deploying it to prevent possible conflicts with existing applications or services. LANguard is available as a 30-day free trial. A number of features, such as scheduled scans, the report generator, results comparison, security updates via the Internet, and hot-fix deployment, are disabled after the trial period unless you license the product. This product is a good choice for administrators in need of a quick, low-cost basic scanner.—Craig Ellison
MegaPing 50 IP address scans, $325 direct. Magneto Software Inc., 650-494-3031, www.magnetosoft.com. lllmm
••••••••••••••••••••••••••••••••••••••••••••• •••••••••••••••••••••••••••••••••••••••••
Like LAN guard, Magneto Software’s MegaPing is a good basic networkscanning tool, especially given its low
NETWORK SECURITY SCANNERS
price. But the product lacks depth in the types of scans it can perform and cannot scan Linux or Unix hosts beyond portrelated vulnerabilities. MegaPing has individual tools that scan for specific information. The IP scanner lets you scan a range of IP addresses to see which ones are active, and it resolves the hosts’ names when that option is selected. Correspondingly, the NetBIOS scanner lets you scan a range of IP addresses and individual hosts—or an entire domain— and returns the NetBIOS names of hosts, MAC addresses, and logged-on users. The Share Scanner tool discovers open shares within a range of IP addresses or a domain. Finally, the last of the individual scanners is a port scanner. This tool lets you scan a range of ports, including authorized ports (consisting of well-known, registered, dynamic, or private ports) and hostile ports (those most likely to be used by hackers against your system). The scan results show you the open ports identified on target systems along with a list of potential legitimate and hostile uses for each port. Each individual scanner module has a reporting option that will save to either HTML or TXT formats. But unlike LANguard, Retina, or
SAINT 5, MegaPing has no utility to compare multiple scans or query the results for, say, a list of hosts with port 25 (SMTP) open. Running the individual scans is a bit time-consuming—especially if you want an overall security view of your network. Fortunately, MegaPing includes a security scanner that runs and reports each scanner as a single test. Unlike some products reviewed here, MegaPing shows you the status of all of the TCP and UDP ports on each system. While most security scanners analyze remote hosts, it’s not a bad idea to know which ports are open and listening on your local system. With proper permissions, you can scan and deploy Windows hot fixes and patches using MegaPing. But as we mentioned in the LANguard review, we don’t recommend that a network administrator rely solely on a vulnerability scanner to handle all patch management issues. A complement of other network utilities that are unrelated to security scanning round out MegaPing. DNS lookup, Finger, ping, traceroute, Whois, network time, and a set of process-reporting tools that are like Windows Task Manager on
steroids belong in every administrator’s toolkit. A 30-day trial version, limited to monitoring and security scanning of five hosts, is available for download. Like LANguard, MegaPing is a good fit for administrators in need of a basic, lowcost scanning tool. It will appeal more to administrators who like having individual utility “blades” as opposed to LANguard’s more wide-ranging scans.—CE
Nessus Free download. Renaud Deraison, www.nessus.com. lllmm
You certainly can’t beat this remote security scanner’s price: It’s free. The aim of the open-source Nessus project, in the words of creator Renaud Deraison, is “to provide to the Internet community a free, powerful, up-to-date, and easy-to-use remote security scanner.” Nessus offers a wealth of configuration and scanning options, though some users might find them overwhelming. An administrator may need to devote a significant amount of time learning the intricacies of the application to use it most effectively. Based on a client/server architecture, Nessus lets users run the administrative
What Are You Scanning For? Security scanners can check your network for a host of security threats. They can also recommend critical upgrades and patches for established applications, assessing everything from open ports to vulnerabilities in CGI scripts. We’ve provided a handful of examples for each category, but hundreds of other vulnerabilities and exploits are discovered daily. OSs
Devices
CGI scripts
Back doors
Applications
Ports
Patches
• Linux • Solaris • Unix • Windows
• Firewalls • Network appliances • Routers • Servers
• ColdFusion path disclosure • Count.cgi • CWmail.exe • Guestbook.cgi • IMail account hijack • Newdsn.exe • Zope DoS
• Back Orifice • CDK • Deep Throat • 4553 Parasite Mothership • Girlfriend • Netbus • Portal of Doom
• Exchange • IIS • Office • Oracle • Postfix • SQL Server • Windows Media Player
• 21 • 25 • 80 • 110 • 125
• Application version • Hot fixes • Linux updates • Windows Service Pack
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
125
The Basics: MBSA and Nmap b
eyond vulnerability scanners are some free basic assessment tools, such as Microsoft Baseline Security Analyzer and Network Mapper (Nmap). Both are free and can provide valuable information, though Nmap carries a somewhat steep learning curve. Microsoft Baseline Security Analyzer (MBSA), Version 1.1.1 (free download) is a Windows-only scanner that searches for vulnerable configurations that need patching or updating. It is designed for finding errors in Windows NT 4.0, 2000, or XP, as well as in key services and a few Microsoft applications (including Internet Explorer, Office, and Windows Media Player). Considering how vulnerable an unsecured Windows machine can be, MBSA is valuable to Windows IT administrators who can’t afford the third-party vulnerability scanners reviewed elsewhere in our roundup. Although MBSA can scan up to 10,000 machines, its interface, which resembles the multipaned Windows Update site, is bestsuited for scanning small networks or individual PCs. Results are broken down into three major groupings, and each includes subsections that list potential threats and links to pop-up windows that describe what was scanned and how to fix the potential problems. The information is comprehensive, though it can grow unwieldy if you’re scanning more than a few systems. The first and most basic report grouping, Security Update Scan Results, seems to be the least useful of the three. This lets you know whether your OS and key services like IIS have the latest updates. We were surprised by some of the silly, less-than-useful
messages we received, such as one claiming that the updates we had on our system were “more recent than expected.” Windows Update still seems the best bet for handling what’s covered by this first grouping. The software becomes much more useful in the Windows Scan Results grouping, particularly in the subsection called Vulnerabilities, which are really default misconfigurations. Is there an open Guest account? Is the Restrict Anonymous feature enabled? Security pros run through checklists like these on their own—typical home users do not—though the “how to correct this” links in the Vulnerabilities subsection explain how to harden a machine. The Additional System Information subsection, however, can be complex and confusing. For instance, neophytes will have a tough time following the software’s directions to disable administrative Windows shares.
MBSA provides links to problem descriptions and suggested fixes, but the information can sometimes be confusing.
SCORECARD We base the cross-platform capabilities rating on a system’s ability to retrieve data for different OSs or network devices. Interface reflects the ease of using and configuring the application. The extent of security checks a tool performs and the breadth of devices it can scan and test are represented by the security rating. For reporting we examine the usefulness and range of report formats available. For support we evaluate the documentation, online help, and commercial support available. Finally, the overall rating is not an average but an aggregate. –EXCELLENT –VERY GOOD l l l –GOOD l l –FAIR l –POOR
Va l
ue
t Su pp or
in g Re p
or t
y rit
lllll
lll
llll
ll
llll
lll
llll
lll
5MegaPing Nessus Retina SAINT 5 Security Analyzer 5.0
lllll
ll
lll
ll
ll
ll
llll
lll
llll
llll
ll
llll
ll
ll
lllll
lll
lllll
llll
lllll
llll
llll
llll
lll
llll
llll
llll
lll
llll
llll
llll
lll
llll
lllll
ll
lll
llll
llll
llll
lll
llll
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
Se
OVERALL
GFI LANguard 3.3
RED denotes Editors’ Choice.
126
cu
llll
Se tu in p a st nd al la tio n Cr os ca s-pl pa at bi for lit m ie s In te rfa ce
lllll
console, which executes vulnerability scans and holds databases on a machine other than the server. Client front ends are available for Java, Win32, and X11, making Nessus a true cross-platform tool that can scan Linux, Windows, and Unix hosts. Nessus provides an astonishing quantity of customized tests called plug-ins. These include interesting scans that look for vulnerabilities in routers from Cisco and other companies, CGI scripts, buffer overruns, remote-access connections, back doors, RPC, and SNMP. We installed Nessus on a workstation running Red Hat Linux 9 and were pleasantly surprised at the ease with which the installation script completed its job— something not too common in the opensource world. After installation, we used the command line tools to add the initial user and to generate the client certificate. We were then able to launch the Nessus
NETWORK SECURITY SCANNERS
The Desktop Application Scan Results page lists vulnerabilities and easy-to-follow fixes. The problem for most users, of course, is that opening all these pop-ups and trying to keep track of all the data is tedious. It would be much better if Microsoft came up with a GUI that works even more like Windows Update, letting you select and apply fixes, just as you would with updates. The software uses TCP ports 138 and 445 and UDP ports 137 and 138 to scan remote networks and systems. Until it can scan for other open ports and automate the problem-fixing phase of the subset of its security tests, MBSA will remain a must-have only for those who cannot afford anything better. (Microsoft Corp., www.microsoft.com/ security.)—Konstantinos Karagiannis Nmap (free download) is a sophisticated port scanner with versions available for Linux, Unix, and Windows platforms. (The Windows version is still under development and is not quite as stable as the Linux and Unix versions.) Available under the terms of the open-source GNU General Public License (GPL), the Nmap scanning engine is at the heart of many commercial Linux- and Unix-based vulnerability assessment tools, including eEye Digital Security’s Retina Network Security Scanner and Nessus. While Nmap’s heritage can be traced easily to the command line interface, NmapFE, also a free download, provides a complex but intuitive GUI and is now bundled with most Linux distributions. Despite the wealth of other features available, bare-bones port scanning remains Nmap’s forte. For example, Nmap lets you perform stealthy half-open TCP SYN (synchronization) scans to emulate what a hacker using that type of scan might see. Nmap also supports TCP FIN (stealth) scans, an even more clandestine scan that could help you determine whether you are vulnerable
Free — but not for the faint of heart.
executable file and log on to the X11 user interface without a problem. To configure scanning, you can either use the defaults or customize your scans, though the latter will take the average administrator quite some time, depending on the diversity of the network. You can also set port scanning to various levels, taking firewalls and intrusion detection systems into consideration. To get more accurate and detailed information from Windows-based hosts in a Windows domain, we recommend that you create a domain group and account that have remote registry access privileges. After completing this task, you get access not only to registry key settings but also to the Service Pack patch levels, Internet Explorer vulnerabilities, and services running on the host. The scan results are formatted based on domains, hosts, and associated vulnerabil-
to hackers in case your SYN scans are blocked. With TCP FIN scans you attempt to bypass your firewalls and intrusion detection systems. You can enhance both scanning methods by using fragmentation scanning, a technique that splits the TCP header over several packets, making it harder for packet filters to detect a hacker’s intentions. NmapFE is the GUI Using a services database, Nmap also front end to the attempts to determine the version number of otherwise comservices running on any given port on your mand line–driven network. This is helpful in detecting vulneraapplication. bilities based on outdated or flawed service releases. For example, OpenSSH versions older than 3.7.1 are vulnerable because of a flaw in the buffer management function and can be exploited by hackers. Furthermore, administrators— and those attempting to run unauthorized applications or services—tend to use nonstandard ports (for example, running a telnet daemon on port 22, a port usually reserved for SSH) in order to avoid a hacker’s attention or to circumvent firewall restrictions. Since Nmap queries the ports for services and versions based on its database, it can detect such situations. Not only can Nmap locate hosts on a network, but it includes TCP/IP fingerprinting features that let you determine operating system types remotely, as well as the types of firewall and protocols in use. For the most basic port scanning, Nmap is unrivaled. (Opensource, www.insecure.org.)—Oliver Kaven
ities. Reported weaknesses come with a multitude of suggestions, explaining the nature of the problem and listing fixes. Links to the Common Vulnerabilities and Exposures (CVE) dictionary (www .cve.mitre.org), which lists known vulnerabilities, and Microsoft TechNet (www .microsoft.com/technet), an online security resource for IT administrators, are also provided, offering administrators further access to information resources and existing patches. We found, however, that the summaries provided were a little inflexible. Nessus does not group results based on different criteria—such as specific vulnerabilities, host types, or severity—the way NetIQ’s Security An-
alyzer 5.0 and SAINT 5 do. You can build reports in six different formats—including pie chart and table options—providing the sometimesnecessary higher-level view. Still, the in-
Nessus displays subnets, hosts, and vulnerabilities, together with detailed information on how to address problems. www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
127
Foundstone FS1000 Appliance i
f you’re in charge of a large, complex network that is geographically dispersed, have to handle hosts on multiple subnets, and have $34,200 handy to dedicate to the task, consider the Foundstone FS1000 Appliance, a turnkey network vulnerability hardware solution. The FS1000’s scanning engine is impressive, but the most valuable aspects of the unit are its reporting and threat correlation capabilities. After running a vulnerability assessment, the device generates data that is presented in multiple ways, ranging from very-high-level overviews to extremely detailed reports. Foundstone’s FoundScore rating is another way of making results data more digestible. FoundScore is especially helpful if you want to track the security of your network over time. Every scan generates a score based on an algorithm that starts with 100 points (for a network with no severe vulnerabilities) and then deducts points for detected weaknesses, based on their severity. Some of the higherlevel views available are Risk by Platform, showing the distribution of serious vulnerabilities based on operating system, and Risk by Vulnerability, which reports the distribution of host risks. Using the threat correlation module, we were able to match vulnerabilities to hosts based on several criteria: OS, ports, available services, and banner information retrieved from the system. You can
ability to group results by type takes away from the versatility of the report formats. Nessus will appeal most to administrators who want not only a comprehensive scanning tool but also an in-depth longterm education in network security vulnerabilities.—OK
Retina Network Security Scanner 64 IP address scans, $2,550 direct. eEye Digital Security, 866-339-3732, www.eeye.com. l l l l m
eEye Digital Security’s Retina Network Security Scanner is a versatile, well-organized, and full-featured security scanner, offering vulnerability tests for Linux, Unix, and Windows platforms, as well as automatic fixes of many detected 128
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
also assign a “criticality” score from 0 (none) to 5 (extensive), to the overall risk score of any given host, bringing it to the top of your list if a matched high-risk vulnerability is identified. This enables you to identify and prioritize your most crucial hosts. We think similar features should be found in all vulnerability scanners. The FS1000 is built on a 1U rack-mount server with dual Intel Xeon processors, running Microsoft Small Business Server 2001. The device also runs Foundstone Enterprise, which has three components. An SQL back-end database is used to store all data, including scan configurations, results, and reports. The scan engine is the heart of the device and provides configuration options in a Win32-based application. And finally, Foundstone’s easy-to-use Web-based portal provides access to all aspects of the application, including scan configuration, asset management, reporting, and threat evaluation; it can also function as a central access interface if you are using multiple third-party scan engines that report to a centralized database. The Web portal module even includes code sifting, a technique employed to identify potentially sensitive content, such as e-mail addresses or names in your HTML source. Though we almost choked when we saw the FS1000’s price, we remain extremely impressed. It provides all the important data analysis features as well as a mature and easy-to-use interface. The FS1000’s tested configuration ($34,200 direct) includes the appliance ($6,700), Foundstone Enterprise software ($25,000, which covers 500 The FS1000 provides threat active devices), and the Threat Correcorrelation; it matches lation and Remediation components vulnerabilities to several ($2,500). (877-913-6863, www different criteria and .foundstone.com.)—OK assigns a rating to each.
The RollsRoyce of turnkey vulnerability hardware.
problems and the ability to create your own audits. These features give Retina the edge, earning it our Editors’ Choice. The auto-fix function is one of Retina’s most impressive tools and is unique among the products in this roundup. It lets administrators with appropriate access rights fix registry and permissions problems on remote nodes with one click. Equally impressive is Retina’s unique auditing tool, which lets you develop specific queries about vulnerabilities you’re already aware of on your network. Applications like Stealthbits Technologies’ StealthAudit (see page 132) are designed specifically to handle this function, but Retina is the only vulnerability scanner in our roundup to include this ability. You can create an audit by choosing cri-
teria from a variety of categories, including many popular services, servers, and even e-commerce–related vulnerabilities. Or you can create your own custom audits, which then can be included in the scan process and run against your selected targets. You can select the option to check against specific software versions, CGI scripts, patches, and registry entries. The installation process is straightforward, and upon start-up, Retina synchronizes its vulnerability signature databases with eEye’s server. When Retina opens, the main user interface provides access to four modules: the browser, tracer, miner, and scanner. The integrated Web browser lists all page elements in a tree view, and the tracer creates a traceroute and displays response times. But the
NETWORK SECURITY SCANNERS
miner and scanner modules are the brains of the operation. With its proprietary artificial-intelligence engine, the miner tries to mimic a hacker’s behavior by attacking security weaknesses. The scanner module is one of the best we have seen, in terms of both speed and accuracy. After defining a host or range of IP addresses, the scanner first discovers all responsive nodes and then launches predefined scans against the targets. The result presentation is extremely easy to navigate, listing hosts in one frame and potential vulnerabilities in another, but unfortunately you can’t sort them by type. Scan results are grouped by severity level for each host, and as with NetIQ’s Security Analyzer 5.0 and SAINT 5, the results include very detailed information about the problems found and possible fixes. Retina lists identification numbers and provides links for all vulnerabilities found in BugTraq, CVE, and Microsoft’s security bulletin, which are reference
SAINT 5 50 IP address scans, $1,835 direct. SAINT Corp., 800-5962006, www.saintcorporation .com. l l l l m
SAINT 5, which is avail-
able only for Linux and Unix platforms, is one of the most complex vulnerability scanners in our roundup. You can configure this tool exRetina’s clean interface shows hosts, vulnerabilities, and solutions. tensively, tailoring scans to your network’s charlists for known vulnerabilities. acteristics and determining the depth of The reporting engine builds three pre- the scans you run. You can even create defined types of charts: complete, execu- specific scans to run against databases, tive, and technical. You can also cus- services, and applications. tomize a report to fit your needs—a What most impresses us about SAINT feature that is absent from all other prod- 5 is the comprehensive presentation of its scan results. The detailed information inucts in this roundup except SAINT 5. Overall, Retina provides the best balance cludes, for example, links to all pertinent of features, strength, usability, and speed of security sources that might provide addiall the products in this roundup.—OK tional insights. Also, the results can be
P E R F O R M A N C E A N A LY S I S
Network Security Scanners PC Magazine Labs has taken an in-depth look at the six network vulnerability scanners in our roundup, as well as the tools included in our sidebars (the Foundstone FS1000 Appliance, Microsoft Baseline Security Analyzer (MBSA), Nmap, and Stealthbits Technologies’ StealthAudit). When we tested how well they could catch basic network vulnerabilities, all the scanners performed adequately. But the quality—and more important, the ease of use of the reports the products generate—varied significantly. Our test network comprised a Linksys BEFVP41 router and a mix of Microsoft Windows clients and servers (Windows 98, 2000 Workstation, 2000 Advanced Server, and XP). We also deployed Linux hosts (Red Hat 8 and 9 Professional, SuSE Enterprise Server 8, and SuSE 8.1 Professional) to test each application’s cross-platform capabilities. We updated all systems with all appropriate patches, but we did not fix a select number of critical vulnerabilities on the target hosts. On our Windows hosts we left vulnerabilities described in Microsoft Security Bulletins MS03-039 (Buffer Overrun In RPCSS Service, CAN-2003-0715, CAN-2003-0528, and CAN-2003-0605) and MS03-041 (Vulnerability in Authenticode Verification, CAN-2003-0660). Under the right circumstances, both can let hackers execute code on target systems. We left our Linux machines vulnerable with an exploitable version of OpenSSH (CAN-2003-0682, CAN-2003-0693, and
CAN-2003-0695), a file share (/usr) exported with no access restrictions (CAN 1999-0554), and a denial-of-service vulnerability in the Unix Domain Name Service BIND 9.1.3 (CAN-20020400). Such Linux vulnerabilities can create a severe security risk, compromising your network and data. All the products correctly identified the Windows vulnerabilities, and their reports included references to the appropriate Microsoft Security Bulletins. But the Linux vulnerabilities posed a bigger challenge to some of the Windows scanners. When we tested automated patch management for Windows-based systems, the two scanners that offer this feature— GFI LANguard and MegaPing—returned results that differed (as did the free tool MBSA) from the information we collected with Microsoft Windows Update. Some of the discrepancies stem from the way each application reports on security issues—for example, the rerelease of security bulletins. These can prompt a scanner to report that an update is missing, instead of reporting that the update has been superseded by a newer version. Because of such issues, we recommend that you rely on dedicated patch management products for this task. Finally, we tested the presentation and usability of the reports these scanners generate. Most systems overwhelm administrators with a flood of information that can’t be sorted, grouped, or searched. The reporting and result engines ought to let users focus on specific criteria, such as host name, IP address, vulnerability, and severity. Retina, our Editors’ Choice, does a very good job of results correlation, as does SAINT 5. Most impressive, however, is the very expensive Foundstone FS1000 Appliance.—Analysis written by Oliver Kaven
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
129
NETWORK SECURITY SCANNERS
customized so that you can sort them by characteristics such as host name, vulnerabilities, and severity. Though Linux and Unix applications generally have the reputation of being difficult to set up, we found the installation procedure very easy. Once installed and launched, the SAINT 5 console runs in a standard browser window, providing a dense but well-structured interface. The content of scan configurations are assigned to databases created in your console’s file system. Each database holds configuration data, results, and the corresponding report, simplifying the process of merging existing data. Conveniently, SAINT 5 can be configured to log on to Microsoft Windows domains—simply by using an administrative user name and password—to perform tests that require domain authentication. Much like NetIQ’s Security Analyzer, SAINT 5 offers a select number of configured target scans—a useful, timesaving feature. The SANS Top 20 Most Critical Internet Security Vulnerabilities
scan is a good example. This predefined test scans all selected nodes for the top 20 most severe and frequent vulnerabilities on Internet networks as defined by the SysAdmin, Audit, Network, Security (SANS) Institute. SAINT 5’s extraordinary reports are generated in the included SAINTwriter, a unique application that produces preconfigured reports tailored to meet the needs of either executives or technicians. And SAINTwriter’s trending feature enables you to compare scan results from two or more reports. Unfortunately, though, within reports there’s no query feature or grouping function that would help the user zero in on certain problems. While the reporting available is far more in-depth than any other product in this roundup, these features can quickly become overwhelming, especially if you start scanning larger networks. Overall, SAINT 5 is feature-rich and provides extensive analysis capabilities. It is definitely worth considering if your network includes a significant number of Linux and Unix hosts.—OK
Security Analyzer 5.0 50 IP address scans, $3,000 direct. NetIQ Corp., 888323-6768, www.netiq.com. l l l l m
If your organization is a pure Windows environment, NetIQ’s Security Analyzer 5.0 is an ideal choice. This well-organized vulnerability scanner performs comprehensive scans for known security vulnerabilities listed in an extensive library, as well as updated vulnerabilities it receives regularly from NetIQ via the Internet. Security Analyzer is the only scanner in this roundup that offers agent-based scanning, in which you can install agents on the hosts being scanned and, in turn, get more in-depth analyses of those hosts. Agent-based scanning distributes the processing of scans among the target hosts, encrypts data between the host and the security console, and doesn’t rely on Microsoft’s Distributed Object Component Model (DCOM), which is prone to exploits by hackers. There are numerous types of attacks that exploit DCOM to run malicious code on remote systems, and administrators will therefore often disable this feature if it’s not
• • • • • • • •• • •• • • • • • • •
Network Security Scanners
Download this table at
• • • •••• •••••• •
GFI LANguard Network Security Scanner 3.3
MegaPing
Nessus
50 IP address scans, $395
50 IP address scans, $325
Win32 Windows 98, NT, 2000, XP; Unix, Linux o
Local configuration not required for Windows/Unix clients • ••••••• • Custom-scans for routers/firewalls
Retina Network Security Scanner
SAINT 5
Security Analyzer 5.0
Free
64 IP address scans, $2,550
50 IP address scans, $1,835
50 IP address scans, $3,000
Win32 Windows 98, NT, 2000, XP o
Win32, Unix, Linux Windows 98, NT, 2000, XP; Unix, Linux o
Win32 Windows 98, NT, 2000, XP; Unix, Linux o
Unix, Linux Windows 98, NT, 2000, XP; Unix, Linux o
Win32 Windows 98, NT, 2000, XP y
yy
y N/A
oy
yy
yy
y N/A
oo o o
oo o o
yy y y
yy o o
yy y y
yy y
yy
oo
yo
yy
yy
y (with agent) yy
Windows patch detection via mssecure/ Registry/file date
yyy
yyy
ooy
yyy
oyy
yyy
Patch deployment capabilities Claimed frequency of vulnerability updates
y Microsoft update schedule
y Daily
o Daily
o Daily
o Daily
o Every 3 days
Supports templates/custom reports/queries
yyy
ooo
ooo
yyy
yyo
yyy
Supported report formats
HTML
HTML, text
HTML
CSV, HTML, text
HTML, Word
Detailed problem reporting
y
o
HTML, LaTeX, NSR, text, XML y
y
y
y
Reports include data for Bugtraq/CVE
yy y
oo y
yy y
yy y
yy y
yy y
oy o
oo o
oo o
oo o
yy y
oy y
y YES o NO
Direct price ••••••• ••• Application OS compatibility Full-target scanning Client agent available
Can scan multiple hosts simultaneously Can establish secure sessions to target Tests can be saved in profiles/schedules
•••• •••••
Reports include data for Microsoft TechNet Reports or results can be merged/compared Reports or results can be used for trending RED denotes Editors’ Choice.
•••
N/A—Not applicable: The product does not have this feature.
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
NETWORK SECURITY SCANNERS
Targeting Known WeakSpots m
ost of the products in this roundup follow one principle: You point them at all or part of your network, then let them loose to scan the terrain for any vulnerabilities. What you receive back are reams of data on all types of potential problems, in all areas of your network. If you’re already aware of specific problems on your network and want to zero in on them, however, an auditing tool like Stealthbits Technologies’ StealthAudit could be the answer. StealthAudit can narrow your network scans based on queries you feed it. For example, if you know that some nodes on your network don’t have the critical Microsoft Security Bulletin MS03-039 installed and want to identify those nodes, you could query StealthAudit with that specific request. This eliminates the burden on your network of performing an extensive, hours-long vulnerability scan that would produce a heap of unneeded information. StealthAudit is a comprehensive and extremely configurable agentless audit application for Windows-based networks. Information gathering with StealthAudit identifies more than just patchlevel issues; it provides a wide range of information about network nodes. The application provides an easy-to-use and extremely intuitive interface. StealthAudit is organized around the creation of jobs, which include the query, results, and accompanying report. You can create the query manually or via a wizard. By using resources like remote registry access, WMI (Windows Management Instrumentation), perfmon statistics,
StealthAudit’s query tools help you zero in on specific problems.
specifically required by important systems on their network. Deployment of Security Analyzer’s agent is very straightforward. You need to specify a port, generate an encryption key, and place that key in a DAT file for hostto-console communication. Also, from a log-on script, the agent can be installed on target systems in silent mode. You can either run tests on demand or use the scheduler to launch the scan profiles at predetermined times. Security Analyzer ships with a number of predefined scan profiles you might
Active Directory, and the event log, queries can cover an infinite number of issues. Examples of queries include Windows log-on–related settings and user privileges, a system shutdown without a valid log-on, display of disabled accounts, and password expiration. Queries can also identify Web servers that were secured with the IIS lockdown tool, high-risk services running on hosts, and NetBIOS-related vulnerabilities. The queries can be customized down to the level of manually editing the XML source, which can be helpful if you have a complex environment. You can use all queries to generStealthAudit’s queries can ate reports, which you can then be customized to scan for publish to your Web server, indicatspecific hot fixes based on ing the name of the user that generMicrosoft’s database. ated them and providing a hyperlink to the report. There are also many predefined reports available. Regardless of the size of your network, StealthAudit is an indispensable tool, especially if you often find yourself trying to collect targeted information from many nodes. The application also runs fast without taxing your network bandwidth, according to our anecdotal testing. (50-node license, $300 list per server, $3 per desktop; for Microsoft Exchange networks, $300 per host, $3 per individual mailbox or public folder. Stealthbits Technologies, 630-357-2513, www.stealthbits.com.)—OK
perform regularly, such as Microsoft Security Bulletin, Common Vulnerabilities and Exposures, and CERT and BugTraq advisory and analysis. Alternatively, you can create your own scan profiles from 21 different categories. Scan results are displayed in an organized, straightforward three-pane window. A tabbed interface lets you view your data in the left-hand pane based on host IP address, risk level, vulnerabilities, services running, users, fixes needed (ranked by risk), and the testing policies applied to the scan. The right-hand pane
More on the Web Log on to www.pcmag.com/securityglossary for comprehensive definitions of security terms in this story.
displays detailed information for the data element selected in the left-hand pane. The pane running across the bottom of the screen shows you a description of the vulnerability with links to additional information, as well as recommendations for fixes with links to patches, if available. Similar to Retina and SAINT 5, Security Analyzer has a comprehensive report generator. You can choose to generate reports on the current or previous scan results or run a comparative report against previous results to determine your remediation progress. You can also e-mail your reports from within the program. Organizations with pure Windows environments should be satisfied with the many options and features Security Analyzer provides. And if you’re not sure whether to buy it, you can use a limited trial version at NetIQ’s Web site.—CE E www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
132
w w w. p c m a g . c o m /a f te r h o u r s
T E C H N O L O G Y O N YO U R T I M E
The Comfort Zone BY DON LABRIOLA
T
Air Tech Computer Ergonomic Flex Foot Rest
Kensington ClipNGlow Task Light and Copyholder
The Kensington ClipNGlow Sitting in front of a Task Light and Copyholder is computer all day is a one of the most affordable great way to develop ways we know to reduce the chronic lower-back hassle and strain of on-theAir Tech pain, but if your boss road computing. Although not isn’t willing to buy strictly an you a chair with lower-lumbar support, ergonomic device, it your next-best bet might be a footrest. does a good enough Regardless of how often you change your job of reducing awkseating position, footrests ensure that ward motions and your feet and legs are always situated to postures to earn itself facilitate proper back curvature, reduce a spot in our story. foot fatigue, alleviate pressure points in The ClipNGlow is a USB gooseneck lamp your chair seat, and ensure proper circuthat you can attach to lation in your feet and legs. the top of a CRT or Consider either version of the ruggedKensington clamp to a notebook’s ly built Air Tech Computer Ergonomic LCD. A second clip lets Flex Foot Rest, which comes in 3-inchyou suspend documents in almost any high Standard and double-height Tall position, eliminating the contortions that models. Both feature a nonskid rubber are often necessary when working on a surface and a clever sliding tilt/height plane, in a waiting room, or in the back mechanism that can be adjusted with seat of a cab. When not in use, the entire gentle foot pressure. WHAT THE RATINGS MEAN Standard, $21.95 direct; assembly collapses into a tiny, featherlllll EXCELLENT Tall, $25.95. Air Techweight package that fits easily into most llllm VERY GOOD nologies Corp., notebook carrying cases. lllmm GOOD www.airtech.net/ footrests.html. llllm
146
llmmm FAIR lmmmm POOR
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
$20 street. Kensington Technology Group, www.kensington.com. llllm
Logitech
LapWorks Laptop Desk Ensemble The LapWorks Laptop Desk Ensemble is a collection of accessories that create an ergonomically sound portable desktop for notebook computers. Its main component is the folding Laptop Desk platform: When fully open, this traylike apparatus perches on your lap or between the armrests of a midsize chair to create a ridged surface that reduces hot spots by allowing airflow beneath the computer. In the office, it folds into an adjustable notebook stand that elevates the display and angles the keyboard into ergonomically correct positions. The Ensemble also includes the MouzPad, a 6- by 9-inch mousing surface that snaps onto the edge of the Laptop Desk, and the SwivlPad turntable, an ultrathin rubberized disc that, when inserted beneath your notebook, permits a full 360 degrees of rotation. Ensemble, $49.95 direct; Laptop Desk, $29.95; MouzPad, $9.95; SwivlPad, $19.95. LapWorks Inc., www.laptopdesk.net. lllmm
Logitech Cordless Optical TrackMan A well-designed trackball is easier on your wrist and forearm than a mouse, because you don’t need to move it around your desk. Plenty of trackballs are on the market, but few are in a class with the Logitech
PHOTOGRAPHY BY THOM O’CONNOR
he fledgling science of ergonomics has undergone a small revolution over the past decade, which has radically changed the way safetyconscious manufacturers design peripherals and accessories. Novel designs have all but replaced earlier ones that sometimes contributed to repetitive-stress injuries instead of reducing them. The latest principles of ergonomic design are now applied to everything from monitor stands to document holders, footrests, and luggage. Even the lowly keyboard continues to be reinvented in a mind-boggling array of shapes. In this story, we take a look at some of the most comfort-enhancing peripherals and accessories we’ve found.
AFTER HOURS
Cordless Optical TrackMan. As its name implies, the TrackMan combines a 27-MHz www.pcmag.com/ wireless interface afterhours with high-precision Go to our Web site optical tracking. It’s for more Quick also one of the few Clips and Gear & Games reviews. models that are best operated with your hand in a natural thumbs-up position. The TrackMan goes even farther, with motion-saving features such as dual wheel and push-button scrollers and one-click page navigation controls. Throw in a comfortable organic design, programmable buttons, and one of the smoothest trackball mechanisms we’ve used. Even people who hate trackballs might love this one.
ONLINE
MORE ON THE WEB
$69.96 list. Logitech Inc., www.logitech.com. llllm
PLUM Keyboard The QWERTY keyboard was designed to reduce typing speed and thus prevent typewriter jams. What its creators didn’t realize, however, was the detrimental effect of the unnatural twisting and stretching it forced on typists. The PLUM Keyboard (named after the first four letters in its top row) uses an easier-to-learn, more comfortable layout that places 74 percent of the most common keys directly under your fingers in their home position. Letters are arranged into easy-to-remember words, and keys line up in straight columns that eliminate the need to extend your fingers at odd angles. It may take some time for experienced typists to learn this new Samsung layout, but many people will find that the increased speed and reduced strain easily justify the effort. $139 direct. PLUM LLC, www.plum.bz. lllmm
Samsung SyncMaster 192T Positioning your display too high can lead to unnatural viewing angles and chronic neck problems. Most tilt-and-swivel
monitors lack even rudimentary height adjustments, but the 1-inch-thick Samsung SyncMaster 192T—a flat-panel display—boasts a uniquely designed cabinet and stand that support a full complement of positioning options. Besides allowing true vertical height adjustment, the SyncMaster 192T’s rugged stand can be tilted 90 degrees and even folded back onto itself to become a thin-profile wallmount bracket. Everything else about the SyncMaster 192T is just as impressive, including its bright, crisp 19-inch LCD, DVI and dual analog RGB inputs, built-in Plum stereo speakers, and clutter-reducing cable management system. Using anything less is likely to be a pain in the neck. $740 street. Samsung Electronics, www.samsungusa.com/monitor. llllm
Targus Matrix Notebook Backpack, NoteworthyExpedition Backpack Ergonomic concerns don’t stop when you shut off your PC. Even carrying your notebook the Targus Matrix wrong way can eventually cause back and neck problems. That’s one reason we’re impressed with Targus’s many backpack models designed for carrying computers. One is the student-friendly Targus Matrix Notebook Backpack, which holds systems with 15-inch displays, offers contoured mesh shoulder straps, and even includes a removable mobile-phone case. The Targus Noteworthy Expedition Backpack protects your notebook with air cushioning. It includes pockets for business cards, file folders, and power cords. It also provides foam pads that reconcile the hard, flat surface of a computer with the smooth curves of your back. Matrix Notebook Backpack, $69.99 direct; Noteworthy Expedition Backpack, $79.99. Targus Inc., www.targus.com/us/cases_ notebook_backpacks.asp. lllmm
3M Precise Mousing Surface withGel Wrist Rest Arching your hand upward when using a mouse exerts pressure on the ligaments and Lapworks nerves in your wrist. Do this often enough and you become a candidate for repetitive stress disorders such as carpal tunnel syndrome. The 3M Precise Mousing Surface with Gel Wrist Rest addresses this problem by raising your wrist to a neutral position. Its multicolored, microtextured mousing surface provides precise control for both optical and mechanical mice, and its highfriction backing material further reduces muscular stress by keeping the pad and surface firmly in place on your desk. But its strongest point is an amazingly comfortable gel3M filled wrist rest, which forces your hand into a comfortable, safe position without applying excessive pressure to the bottom of your wrist. This is the king of ergonomic mouse pads. $15 street. 3M, www.3m.com. llllm
TypeMatrix EZ-Reach The TypeMatrix EZ-Reach and the PLUM Keyboard are two different solutions to the same problem. Both reduce finger stretching by aligning keys in straight columns and increase typing speed by placing important keys such as Enter, Tab, Space, and Backspace as close as possible to your strongest fingers. The difference is that the EZ-Reach retains the traditional QWERTY layout, avoiding the need for you to learn the PLUM’s unusual keymap. And the EZReach’s slim shape lets you lay it directly on top of your notebook’s existing keyboard, without covering the touch pad. $99 direct. TypeMatrix, www.typematrix.com. lllmm
Typematrix
www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
147
AFTER HOURS
Stylish Slider The 2.6-ounce GSM/GPRS Siemens SL56 is an appealing but pricey fashion phone. When you’re not using the SL56 as a phone, its LCD screen displays the time. To answer a call, you slide the top half of the phone with your thumb to reveal a keypad and then use it as a voice, data, and MMS messaging phone. We found, sadly, that most people couldn’t figure out how to open it without an explanation.—Bruce Brown $250 direct. A&T Wireless, www .attwireless.com. lllmm
Not Engaging
Video Goggles No, you haven’t been assimilated by the Borg. You’re wearing a pair of Ingineo Eyetop sunglasses, which include a tiny microdisplay so you can watch videos. The Eyetop accepts any composite NTSC or PAL video source and displays it on a color 320- by 240-pixel screen. Choose a model according to which of your eyes is dominant. The adapter runs on four double-A batteries and plugs into your DVD player, camcorder, or other device. The sunglasses are stylish but primitive, and it takes some adjustment to get the image in a comfortable position, but the device really works.—Alfred Poor
The Nokia N-Gage portable game deck features online, mobile, multiplayer game play. It is a prototype of a brilliant concept: a mobile-game platform that can serve as a tri-band GSM phone, an MP3 player, an FM tuner, an e-mail client, and a personal information manager. Unfortunately, design flaws limit the device. For example, you have to disassemble the unit to change MMC modules. —Matthew D. Sarrel $299 list. Nokia, www.n-gage.com. llmmm
$449.99 direct. Ingineo SAS, www.eyetop.net. lllmm
Charge! Forgot your cell-phone charger? Caught in a blackout? The Innovative SideWinder can come to the rescue: This 3-ounce gadget is a tiny hand-cranked generator that breathes life into a nearly dead battery via an included cable. Two minutes of cranking gives you 5 to 6 minutes of talk time or half an hour of standby. The crank also powers an LED for emergency illumination. The SideWinder is a useful alternative to USB chargers and single-use battery packs with long shelf lives.—Bill Howard $24.95 direct. Innovative Solutions & Technologies, www.sidewindercharger.com. lllmm
148
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
AFTER HOURS
Play for the Green By Rich Brown Why play just for fun when you can play for cold, hard cash? These sites let you compete with others to win money. You won’t retire on your winnings—prizes generally top out at around $10—but most games cost only a few dollars to play. Regardless of how much you win, real-world stakes add an exciting dimension to online gaming.
Arkadium You have the power to choose your opponent in 21 head-to-head skill games, mostly of the parlor variety. You can launch games, find other players, and manage your account via Arkadium GameDek, an easy-to-use mini-app. Arkadium takes roughly 15 percent of the money wagered, and $250 per month is the maximum deposit. Standout features are GameDek’s ease of use, its colorful icons, and the ability to select your opponents. You can also look up the detailed winning history of other players, so skill levels are out in the open. The online help, though, is difficult to navigate. In an admirably community-minded move, Arkadium recently announced Developer Zone, where game developers can submit their creations for review and possible inclusion in the Arkadium GameDek system. If developers’ games are accepted, Arkadium shares its revenues with them. Arkadium Inc., www.arkadium.com. llllm
Ultimate Arena This site is a hard-core gamer’s delight, featuring the popular first-person shooters America’s Army, Counter-Strike, Unreal Tournament, and Unreal Tournament 2003. Gamers compete in one-onone or team matches, launching games directly from the player-matching lobby. They win money based on kills, team wins, and other factors, depending on the game type and entry fee ($1 to $10). Ultimate Arena’s take is 15 percent, and account deposit minimums are $50 for the
first month and $200 for each following month (although both can be increased by contacting customer service). In-game action is less chaotic than on the games’ public servers, because teams can have only up to 6 members each, and free-for-all games are limited to 13 players. But a drawback of Ultimate Arena is the sparse attendance (the most populated game we saw was a three-on-three Counter-Strike match). And although Ultimate Arena uses anticheat software, the player feedback system is the only remedy for players who maliciously shoot their own teammates and otherwise interfere with regular play. Still, it is easy to get in touch with other players and to view scoring and winning histories. Ultimate Arena, www.ultimatearena.com. llllm
WorldWinner Similar to Arkadium, WorldWinner offers a range of arcade, board, card, and puzzle games. When you launch a game from WorldWinner’s Web page, you are automatically paired with an opponent by the FairMatching system. In some games, FairMatching is sufficient, but in head-to-head games like chess and checkers, you might want to know more about your opponent than a FairMatching score and what was said in the game’s chat lobby. Another gripe we have is with the practice system. Although you can earn up to $10 by gambling against your own previously posted high scores, you can practice each game only ten times. WorldWinner offers many tournaments for cash awards that are generally higher than with the standard games, but we would like more one-on-one games where the chances of winning money are higher. The lack of player information and the feeling that you’re being shoved toward the money games detract from the experience. WorldWinner Inc., www.worldwinner.com. llmmm
QUICK CLIPS Age of Mythology: The Titans Microsoft expands its popular Age of Mythology world with the Titans, powerful beings who came before the other gods and aren’t happy about being replaced, as well as many new hero and myth units. The single-player campaign mode helps players learn how to control the various units, and hard-core types can jump right into multiplayer battles online. Age of Mythology: The Titans boasts cool animation, crisp graphics, and fun music to boot.—John Blazevic $29.99 list. Microsoft Game Studios, www .microsoft.com/games. lllll
Get Digital Get Digital provides next-day digital encoding for the timeconstrained music lover. After you send your CDs to the company and specify your choice of encoding format (AAC, MP3, WAV, or WMA) and bit rate, your collection is returned to you on the medium of your choice—DVD-R, DVD+R, or CD-R—along with a custom printout record of your collection. The company can also transfer the files to any portable MP3 player or hard drive at no extra charge.—Ted Huang 50 to 200 CDs, $1.99 each; 201 to 400, $1.49 each; 401 or more, $0.99 each. Get Digital Inc., www.get-digital.net. llllm
Star Wars Jedi Knight: Jedi Academy Twirling into battle with two light sabers sounds cool, and it is—at first— as are new combat styles and role-playing elements and a branching, mission-based story line. A standout feature is ridable vehicles, which make for one of the most thrilling scenes in the game series, despite imprecise controls. Still, saber fighting remains a button-mashing mess, and the Quake 3 graphics engine on which the game is based is showing its age.—RB $49.95 direct. LucasArts, www.lucasarts .com. l l l m m www.pcmag.com DECEMBER 30, 2003 P C M A G A Z I N E
149
ANOTHER YEAR DONE, ANOTHER 138 T-SHIRTS SENT—AND WE’VE JUST ORDERED MORE
J
Edited by Don Willmott
All right already. We get it. (Microsoft Outlook 2000)
J
Backspace on the Road: Milford, Michigan.
J
This text item is really funny because of text. (Internet Archive site)
J
Are congratulations really in order? (Netscape site)
J
Our government is full of checks and balances. (U.S. Department of Labor site)
The baby is sure to enjoy it!
J
(Amazon.com)
w w w. p c m a g . c o m / b a c k s p a c e If your entry is used, we’ll send you a PC Magazine T-shirt. Submit your entries via e-mail to
[email protected] (attachments are welcome) or to Backspace, PC Magazine, 28 E. 28th St., New York, NY 10016-7940. Ziff Davis Media Inc. shall own all property rights in the entries. Winners this issue: Bryce Benton, Scott Bicknell, Carl Brown, Bob Carswell, Bryan Hoch, and Garrett Kaste. PC Magazine, ISSN 0888-8507, is published semi-monthly except 3 issues in October (10/14/03 is the Fall 2003 issue) and monthly in January and July at $39.97 for one year. Ziff Davis Media Inc, 28 E. 28th St., New York, NY 10016-7940. Periodicals postage paid at New York, NY 10016-7940 and at additional mailing offices. POSTMASTER: Address changes to PC Magazine, P.O. Box 54070, Boulder, CO 80328-4070. The Canadian GST registration number is 865286033. Publications Mail Agreement No. 40009221. Return undeliverable Canadian addresses to PO Box 503, RPO West Beaver Creek, Richmond Hill, ON L4B 4R6. Printed in the U.S.A.
150
P C M A G A Z I N E DECEMBER 30, 2003 www.pcmag.com
