Tired of guessing or using trial and error to see what font will work for a project?

Look no further. The STC Font Browser runs in your browser window, immediately shows the True Type fonts installed on your system, and lets you edit the text as well as size you’d like to preview. Happy fonting!

In yet another attempt at using social engineering to get naive users to run untrusted programs, a malicious party has released a new Virus that sends itself around pretending to be from Microsoft and containing a cumulative security patch for May said to contain all fixes for Internet Explorer and Outlook*. What it really contains is a Trojan Horse that allows unfettered remote access to your computer and a copy of the Pinfi Virus.

E-mail can have it’s To and From fields forged very easily so it is wise never to judge the validity of such email based on those fields alone. Microsoft have indicated many times that they DO NOT send security patches via email, so any email purporting to be from Microsoft that has a program attached can be safely discarded.

If you use Windows and you don’t have an up to date Anti-Virus program, then you are asking to be infected eventually. Some Viruses do not require that you do anything but visit a web page in Internet Explorer to be infected so you can’t expect to be protected by diligence alone (In fact there have been Viruses in the past that required that you only be using Windows and connected to the Internet to infect you. No user action is required at all.). It should be illegal to use Windows and the Internet if you don’t have anti-Virus protection on your computer, particularly when there are many good free programs available. You should also check WindowsUpdate via your start menu (or if you use XP ensure you have auto update enabled) on a regular basis to have all the “real” security patches installed as soon as possible after their release. Not using Internet Explorer certainly doesn’t hurt either.

Google have just released details that they are soon to go down the “myGoogle” route and offering personalisation to their offerings. That will bring them into line with Yahoo and MSN who have both introduced personal pages to their services. Not enough is known at this time just how Google plan to differ their service from the others but it’s a good bet they will go for something flashy that uses a heap of DHTML like Google maps.

This raises some interesting questions for the rest of us, should those of us running dynamic sites strive to achieve some level of personalisation ourselves? Is it really worth the effort to do so? What are the benefits of doing so? Questions of that nature. The answer depends entirely on what the purpose of your site is, and what purpose it serves. There can be no doubt that personalisation can make a site much stickier then it would otherwise be, but if you are not chasing return business (who isn’t?) then what benefit is it to you? From HTMLfixIT’s perspective, we’ve plans to add some dynamic CSS touches to allow people to chose their text and link colour and size, change the display resolution and other things of that nature. All of which will be remembered by a cookie, but other then that I don’t see much benefit in our trying to become a portal as there are already too many of them out there. About a year ago, I did toy with the idea of allowing people to create an RSS page of their favourite feeds on HTMLfixIt as we’ve already been using feeds to provide some information to you (like the virus warnings on the left side of the front page) and I’d already done most of the work to create such a service. However it was security concerns that convinced me not follow it though. If we allowed people to chose their own RSS feeds for display, and somebody discovered a flaw in our RSS reader code. They could quite easily create an RSS feed that exploited that flaw and then subscribe our RSS reader to it. The result could be a possible compromise of our servers and that is something I’m not prepared to risk. I also expect to find reports of such activity popping up in the news in the future as crackers explore these new services from the big three. Any time you allow people to include untrusted non local content to your site, you take the risk that it may not be what it seems and we’re not prepared to take that risk at this time. Of course as my understanding of RSS and Atom feeds becomes more complete, I may find ways to parse the feeds and clean out any potentially suss content before processing the feed, and If I do that I’ll no doubt make the “myHTMLfixIT” code available to any that want it.

In the mean time, if you want to have a play with Google personalisation, you can have a fiddle with it by heading over to www.google.com/ig.

Netscape has finished their beta of the new version 8 browser that incorporates features from both Firefox and Internet Explorer. Right now, a visit to Netscape.com in any browser but Netscape 8 results in a ad page telling you your browser is out of date and suggesting you download the new browser. Following the link provided takes you to the NS8 page.

Netscape 8 looks pretty slick, and it might be an option for companies that don’t want IE, but have some reliance on it’s rendering engine for corporate intranets. Myself, I’m quite happy sticking with Firefox, Netscape don’t have anything like Firefox extensions and those extensions are the main thing that puts Firefox ahead of the competition. The other side of the coin is that Netscape are touting the security of their new browser, when in fact the Firefox code Netscape 8 includes is out of date and contains flaws that Mozilla themselves fixed in Firefox some time ago. Update: Within hours of Netscape’s version 8 release, 8.0.1 has come out containing fixes for all the flaws in 8.0, so if you were an early adopter, you need to go and get the newer version.

In a fairly unusual turn of events, a virus author has knocked up a version of Sober worm (Sober.Q), and the main purpose of this one seems to be to spam as many people with right wing German political messages, with links usually. This comes hot on the heals of the Sober.P worm that spread all over the world last month. As always, this is a Microsoft Windows only virus, Macintosh and Linux users are totally unaffected. (however that doesn’t mean they won’t get the right wing spam emailed to them from infected Windows machines.)

Update your anti-virus pattern files and if you are concerned you are infected, then head over to Symantec and download their free sober removal tool.

For general online security tips and freebies, you might check out our list of free anti-virus/anti-spyware and related security software.

The IEBlog has confirmed speculation that Microsoft is going to release an innovative new approach to web browsing called Tabs. Tabs allow a user to have several different pages open in the same browser instance rather then requiring that a user open a new instance of IE to view another site. Oh wait. Mozilla/Firefox, Opera and Safari have had tabbed browsing for a long time now. In the case of Mozilla and Opera that time is measured in years. I like the idea of a safer more featured Internet Explorer, but I hope they don’t call it “innovative” in their marketing as they appear to be just playing catch up to keep them in the same ballgame as the other modern browsers which did not have the disadvantage of having had development stopped for several years due to lack of market share competition. When you give a product away for free with your Operating System, and that product has over 94% of market share (as IE did until Firefox started reversing the trend) you don’t have much incentive to continue development and that is what caused the stagnation of IE.

Several flaws have been revealed by software security company eEye. The new flaws allow remote compromise of Windows PC’s without much in the way of user interaction. The flaws affect Internet Explorer, Outlook and possibly other MS software running on any Microsoft Operating System from NT4 to XP and possibly Win 2003 as well. Keep your eyes peeled for Windows update patches and in the mean time be careful of the sites you visit and the email you read. An Alternative is to install Firefox 1.0.4 for web browsing and Thunderbird for e-mail as they are patched with lightning speed when flaws are found and nobody is as yet actively targeting past flaws in either. You can read eEyes upcoming advisory site for more information. Eweek have done a nice write up on the issues also.