Q&A - 2020

Always show file extensions
by Chris Taylor (03-Jun-2020)

Since Windows 95, file extensions for registered file types are hidden by default. This can affect hundreds of file types, such as Word documents (*.docx), PDF files (*.pdf) and programs (*.exe). This can be a security issue. For example, let’s say someone sends you a file, or you download a file,  that is displayed in File Explorer as SecurityAlert.pdf.

Default settings

Is this truly a PDF file? Well, probably not if you are using the default settings for File Explorer. The registered file type PDF should have been hidden and the file displayed as “SecurityAlert, i.e. without the .PDF.  And, don’t be fooled by the icon for Adobe Reader – it’s trivially easy to add any icon to an executable file.

The file may actually be named SecurityAlert.pdf.exe. This is an executable file, a computer program, that may well be malware intended to do some form of harm to your system.

The problem is that, by default, Windows 10 hides the true extension (.exe) of the file. The double extension, i.e. the inclusion of .pdf in addition to .exe, is being used to trick unwary users into believing that the file is of a different type than it actually is.

To prevent any confusion, the default settings for File Explorer should be changed so that the extension of each file is always displayed. To do this, open File Explorer, select the View tab (1 below), and check the box marked File name extensions (2 below). The full file name is then displayed as “SecurityAlert.pdf.exe” (3 below).

File name extensions checked

Note that in the second screenshot, the full file name is displayed as “SecurityAlert.pdf.exe”. This tells you two things at a glance:
(1) The file is a program, not a document.
(2) Someone is trying to trick you into believing their malicious program is a harmless Adobe Reader document. The fact that they went to the trouble to add the icon for Adobe Reader to their program gives further confirmation that they are trying to trick you.


QuestionI am in the process of looking for a new laptop. I have not been a fan of Apple products, nor am I a gamer.  How shall I determine my requirements such as the type of hardware, screen size, processor speed, storage capacity, and sound quality? Do I look for an external camera and a DVD/CD player?

by Chris Taylor (27-May-2020)
There are almost as many answers as people wanting to buy laptops! However, some items to consider are:

  • Start with your budget and see what you can get for that
  • Decide the screen size you want
  • If your budget allows, go for a Core-i5 7th gen or later, or an AMD Ryzen 5 or better
  • A minimum of 8 GB RAM
  • 1 TB storage (HDD) or, if your budget allows 512 GB SSD
  • Keep in mind the number of USB ports you want (Type-A or Type-C)
  • All laptops (should) have a webcam
  • Do you really need a CD/DVD? That will limit choices severely. You can always get a portable unit for under $30.
  • Shop the sales; two seemingly equal computers can differ by $500!

[Editor’s Note: And, when OPL restore their series of information sessions (https://opcug.ca/opl-presentations/), look for Chris’s comprehensive discussion on How to Buy a PC.]

[Don't] Pay As You Go!
by Alan German (29-Apr-2020)

Don't Pay As You Go! I “cut the cord” on my landline telephone and moved exclusively to the use of my cellphone.  I looked through my past cellphone bills and created a spreadsheet of the number and frequency of telephone calls, text messages, and data usage.  From the data it was clear that a pay-as-you-go service would accommodate my specific needs and cost considerably less than a monthly plan. My choice of provider was Petro-Canada Mobility whose pay-for-what-you-use plan provides calls at 30 ¢/min; text messages at 15 ¢ each, and Internet data at 15 ¢/MB. These rates are all fine until I need to talk to a friend or a relative for an extended period, and especially if I need to make some sort of support call where I get put on hold and then spend hours troubleshooting a problem.  Then, the rate of 30 ¢/min would really blow through the dollars and quickly wipe out any savings on my previous plan. So, how do I save money under such circumstances?  The answer is to use an app to make free outgoing calls.  Two possibilities are Fongo Mobile and WhatsApp Messenger.  I use the Android version of these apps but there are also versions available for the iPhone. Both apps use VOIP (Voice Over Internet Protocol).  This effectively provides a free connection over an available Wi-Fi system, but can also result in the occasional bad connection and call dropout.
Fongo Mobile
Fongo provides a local Ottawa telephone number which means incoming calls on this number from anyone in the local area will be toll free.  However, it also means having a second  telephone number to deal with.  My preference, therefore, is to use Fongo exclusively for outgoing calls when I know they are likely to take considerable time.  Some other features of Fongo are free “Canada-wide” (except to the territories) calling, inexpensive international rates (e.g. 2¢/min to the US and UK), and free Fongo-to-Fongo connections.
WhatsApp Messenger

WhatsApp provides free text, telephone calls, and video chats but only on a WhatsApp-to-WhatsApp connection (however, this includes international contacts).  The app is smart enough to display only those in your list of contacts who are also subscribed to WhatsApp.  Sending a text message provides the ability to attach photos, videos, documents, and even voice messages.

A quick look at VPNs
by Chris Taylor (29-Apr-2020)

At the 2020-04-29 Q&A session, I presented some quick thoughts on VPNs.

VPN stands for “Virtual Private Network”. When you enable a VPN service, all your network traffic is encrypted and sent directly to the VPN server, which can be located anywhere in the world. Most companies running VPN services have VPN servers dispersed around the world and you can choose which to use. Once your traffic hits the VPN server, it is decrypted and sent on to your intended destination. To the destination (your bank, Facebook, Netflix, etc.), your traffic appears to be coming from the VPN server. When traffic comes back from that destination, it comes into the VPN server, gets encrypted and forwarded on to your computer where it is decrypted by the VPN service running on your computer.

Traffic routing without a VPN

Without a VPN, if you are at a coffee shop, anyone on the WiFi at the same location can sniff the traffic if it is not already encrypted (such as when browsing using http:// rather than https://…) The destination servers see your traffic as originating wherever the WiFi router is, i.e. in Canada.

Traffic routing with a VPN

With a VPN, your traffic follows the green path. All network traffic is encrypted between your computer and the VPN server and travels in so-called “encrypted tunnels”. All destination servers see your traffic as originating in the location (i.e. the country)  of the VPN server.

Good aspects of VPNs

  • You can evade geoblocking, where a service is unavailable because of (for example) your country of origin. If you use a VPN server that is located in a different country, your traffic appears to originate there.
  • While on a WiFi connection, your traffic cannot be sniffed by others on the same WiFi.
  • If your ISP is blocking access to sites that they feel are objectionable, or if they are throttling certain types of traffic, a VPN can get around this because the ISP cannot determine the sites you are visiting, the type of traffic, or the protocols you are using.

Bad aspects of VPNs

  • You could have a false sense of security if you think VPNs do anything more than they actually do.
  • You have to trust your VPN provider. They have access to all the information that flows between you and all the destinations you connect to other than traffic that is encrypted separately (for example if you connect to an https:// web site). They do know all the sites you visit.
  • Generally, a VPN service will cost money. There are some VPN services that will give you some VPN for free (TunnelBear – https://www.tunnelbear.com/ – will give you 500MB per month for free.) You can also use the Opera browser which will allow you to toggle free VPN-like services while browsing.
  • A VPN might slow your access. All your traffic is being routed through the VPN server and if it is congested, everything could bog down.
  • If you switch back and forth from the VPN being on and off, it can cause some services (Gmail is one of them) to think your account has been hacked, since you appear to be coming from Ottawa one minute and from Paris the next. They may lock your account.
  • There are countries where using a VPN, other than one that is sanctioned by the state, is illegal. This includes countries such as China, Russia, Iran, UAE, and Iraq. If you take your laptop on a trip outside of Canada, check to make sure you won’t end up in jail and/or paying a hefty fine!

Take Control with Quick Assist
by Chris Taylor and Alan German (08-Apr-2020)

Does someone you know need help with their computer but is some distance away such that it’s not convenient to travel in order to physically access their machine?  What you need is remote-control software.  Fortunately, one such package is built into Windows 10.  Meet Quick Assist – remote-control software that will let you see their screen, control their mouse and keyboard, and provide the ability for you to fix their problems, or show them how to accomplish tasks. All this without you needing to be at their location.

Both of you need to run the program.  Navigate to Start – Windows Accessories – Quick Assist, or simply type Quick into the search box.  Running the Quick Assist app will display a dialogue box (see screenshot).  On your computer, press the blue Assist another person button.  You will now need to sign in with a Microsoft account. For most people, the userid and password you use to login to Windows is a Microsoft Account. The person you are assisting does not need a Microsoft Account.

The system now displays a one-time, six-digit security code (which will expire in ten minutes).  Provide this code to the person you are assisting, for example, by telephone or E-mail.  They now enter this code into their Quick Assist box labeled Code from assistant and press the Share screen button.

A dialogue box now offers you the choice to Take full control or View screen.  Full control is the default option.  Press Continue.  A new dialogue box is now displayed on the other person’s screen saying Select Allow to let view your screen during this session.  The person you are assisting presses Allow.

The Quick Assist window on your computer now displays the other person’s desktop.  Any mouse actions or keystrokes you make are replicated to the other computer.  You can launch programs from the desktop icons, open the Start menu, change settings, install software, or do just about anything else on the remote  computer.  There is an option for annotation with which you can draw lines and circles to bring attention to the location of some feature on the desktop.  Other options include selecting the screen if the other person has multiple monitors, screen scaling, and pausing screen sharing (if the person getting assistance needs to type or display something sensitive).

You, or the person you are assisting, can stop the remote session at any time by simply closing the Quick Assist window.

Quick Assist

Freeing up More Disk Space
by Alan German and Chris Taylor (08-Jan-2020)

We have seen previously how to reclaim disk space by tweaking access to the Recycle Bin using the Disk Cleanup utility, and how to use a utility such as TreeSize Free to check what is hogging the available disk space.

The latter came in useful recently, when Windows was issuing a disk-full error.  Running TreeSize Free, and selecting Drive C: to be scanned, allowed the identification of a number of large folders that were redundant.  These included a 4.7 GB folder, plus a number of associated smaller folders, that were left over after uninstalling Android Studio.

Another oddball entry in the list of folders was found in the Users/toaster/AppData/Local/ directory (where “toaster” is my user name on the computer).  Here, a folder named VirtualStore contained a sub-folder named XnView that was using almost a quarter of a gigabyte of disk space.  This was yet another redundant folder left after uninstalling the XnView image manager.

TreeSize Free

Once identified, such redundant folders were easily removed by right-clicking on the folder name and selecting the Delete option in the context menu.  It should be noted, however, that when running TreeSize Free as a regular user, the resulting disk space is not reclaimed until the computer is rebooted.  To have files deleted immediately, use Shift-Delete.

Another utility that can be used to recover disk space is CCleaner. It can remove a lot of useless files. But be careful! It can also remove some really useful stuff such as saved passwords, browser history, and taskbar jump lists.

The safest way to use CCleaner is to click on Custom Clean in the left panel.

On the Windows tab, select only:

  •      Microsoft Edge: Internet cache
  •      Internet Explorer: Temporary Internet Files, and Index.dat files
  •      System: Memory Dumps, and Chkdsk File Fragments

On the Applications tab, select only:

  •      Internet Cache and Compact Databases for every browser listed

Review the list of all that CCleaner can remove and if you are sure you don’t need some category listed, select it.

Then click the Analyze button. Once the analysis completes, review what CCleaner says it will remove and, if you are happy with the list, click the Run Cleaner button.


Finally, we recommend that nobody use the CCleaner option for Registry Cleaner. If you don’t believe us, read:   https://decentsecurity.com/registry-cleaners/