1. They keep up to date with the latest releases – these people have adopted IE7 in the past and are now migrating en-masse to IE8.  IE7 usage has dropped from 35% in March 2009 to 14% in February 2010 and I guess this trend will continue until IE7 disappears entirely.The combined usage of IE7 and IE8 has remained fairly stable at around 36-37% of the market.  As IE7 has faded IE8 has taken up it’s share.
2. They have used IE6 for years, possibly in a corporate environment where stability is more important than modernity, or possibly just because  that is what was installed when their PC was first delivered.  These people are now starting to upgrade from IE6 to more modern browsers, IE6 usage has dropped from 31% in March 2009 to 20% in February 2010.The interesting thing is that these people don’t seem to be upgrading to the newer versions of Internet Explorer, rather they are migrating to other browsers, some are moving to Firefox or to Opera but the biggest beneficiary of this move seems to be Google’s Chrome browser.  Chrome usage has gone from less than 2% in March 2009 to nearly 6% in February 2010.As a footnote – Apple’s Safari Browser is also gaining users but I suspect that is due to more people buying Macs and iPhones with Safari installed rather than to people actually choosing to install Safari on their PC.

By amalgamating the version data from the Browser Trends website I have come up with the following graph.  Please click on the image to see the full size graph.

Amalgamated web browser trends Mar 2009 to Feb 2010

You can see how the more modern versions of Internet Explorer are maintaining their market share but IE6 usage is dropping quite rapidly while other (non-IE) browsers take up it’s share.

As a website designer I love this trend, I can look forward to a day when IE6 usage will have shrunk sufficiently that I can ignore it’s many foibles and design for 21st Century browsers instead.

As users of Microsoft’s newer browsers seem to keep up to date with the latest versions we can hope that they will all be using IE9 or even IE10 by then.  Internet Explorer is slowly becoming more standards compliant with each version so hopefully IE9 & IE10 will continue this trend and life will become much easier for me.

I dream of a day when the websites I create work properly in all browsers without me having to compromise the design to get to that state.

Fake Anti-Virus Windows

Recently we have had two cases of PCs (both running Windows XP and Internet Explorer) being infected by “drive by”  malware.   The user is surfing normally and comes across an innocent looking website, then suddenly up pops a virus warning, apparently from their own anti-virus software.  These messages are pretty scary and quite persistent, the correct response is to close the window (by clicking on the cross at the top right rather than by clicking within the window) and leave that website but if you aren’t sure you can easily end up allowing the site to install it’s “anti-virus software” on your computer.

Once the infected website has installed it’s payload (usually what is known as a trojan, from the Trojan Horse) on  your computer you have a big problem, it will pop up “anti-virus” windows all over the place and make web browsing and email impossible.  And, it will usually disable your own anti-virus software and make it very difficult to install any more.

Anti-Malware

The solution lies with the marvellous people at Malwarebytes.org, they offer a free download which, so far, has solved the problem for me.  The  paid version is well worth looking at too, it isn’t expensive and their work is definitely worth supporting.

Now if you have been very wise you will only have been using a limited account for your browsing rather than an account with administrator privileges; you can just login as an administrator and download the software you need.  Sadly some software doesn’t work that well without administrator privileges and most people set themselves as administrators to avoid hassle.  In this case it is likely that the whole computer is inaccessible and you will need to call on a friend so you can download the necessary software to a USB memory stick.

Removing the fake Anti-Virus Trojan

1. Visit the  Malwarebytes.org website and download their anti-malware product to a memory stick.
2. Boot the infected computer in safe mode (you can usually get this option by pressing F8 while Windows is starting up).
3. Insert the memory stick and run the anti-malware installation program
4. Use the anti-malware program to do a complete scan of the computer.  In safe mode you won’t be able to access the internet to update the malware signatures first but I found that the signatures were only a couple of weeks old anyway.
5. Hopefully the anti-malware program will find one or more offensive programs, use the program to remove them then reboot your computer, this time normally rather than in safe mode.
6. Now run the anti-malware program again, update the definitions from the internet and do another full scan.   Malware is a fast moving field and it is quite likely you will find more with a second scan.
7. Reboot again and all should be well.

How to stop malware infections in the future

Make sure your computer is fully updated with the latest updates to Windows and to your other software packages.    Vendors are pretty quick to release security patches; use them.

Install and use another browser;   our current favourite is Google Chrome, the design of Chrome makes it very difficult for Malware to affect anything outside it’s own browser window.  Microsoft try hard with Internet Explorer but even the latest versions are nothing like Chrome for security and of course they also provide the biggest target for Malware authors.

Installing Chrome for all users on your computer

By default when you install Chrome it will only install it for the current user, this is a nuisance if you want to get the whole family using the safer (and faster) browser.  The answer is to  download Chrome Pack , this offers you a whole raft of goodies from Google some of which you may fancy, but if you only want Google Chrome just untick all the other boxes.

Fonts have traditionally been a bit of a nightmare for web designers, the web browser loads the fonts from the user’s computer.  If the font you asked for isn’t installed on the user’s machine then it will default to something else, this means that what the user sees may be quite different from what you intended.

My first thought was “goody a chance to use Typekit for real!”.   Typekit is a new service which lets you use real fonts on your own website, the fonts are loaded on demand from the Typekit website.  This means that you can use proper fonts in a legitimate way but let Typekit deal with all the licensing issues.  You have to pay for most of the fonts of course but the charges are quite reasonable and an awful lot better than licencing direct from the big commercial suppliers.

Unfortunately Typekit didn’t have the exact font I wanted (they are very new and their library of fonts is still growing), but I did discover a free version of the font on fontspace which used the Open Font License (OFL) so I could legitimately incorporate it in the new website.   I was able to do this because the most modern browsers are now starting to support the CSS @font-face declaration properly (though to be fair Internet Explorer has supported @font-face since IE4 way back in 1997).

But of course to work properly I had to provide the browser with the font in a format it could understand.  Thank heavens for Fontsquirrel’s @font-face generator which converts  your existing font file into all the necessary different formats and even supplies you with the CSS code to use them.

So now I had fonts installed and ready to test, I always test any website as extensively as as possible but rarely have I had as wide a range of results  as this.  The following table shows my experience with the various browsers available to me.

All this is very confusing but the conclusion is that I think @font-face is now well enough supported to be used on a live site.   Support should get better over the next few months, particularly as Firefox users move on to version 3.5 (or even 3.6 which supports .woff files).

Domain Renewal Group - Domain Expiration Notice

Domain Renewal Group have been around for a little while now, a quick search finds their name mentioned quite frequently, usually in conjunction with the keyword scam.  There is a good little site which lists known domain name scams operating in the UK and Domain Renewal Group feature there.

It appears from various reports that Domain Renewal Group don’t actually transfer your domain name or renew it, they just take your money and do nothing.  I’m not sure if this is better or worse than actually transferring your registration to a bunch of pirates.

We always register domains in the client’s name so that they actually own their domain names and can transfer them away from us if they want to.  With personal registrations you can hide the owner’s details on the Whois database but with businesses this isn’t allowed.

Domain Renewal Group must get their information from Whois, then they send a letter to the owner asking them to pay for renewal of their domain.  This is quite cunning as proper registrars normally communicate via email rather than letter, by sending a letter Domain Renewal Group can avoid the person who normally deals with domain renewals (and who would recognise the notice as a scam) and go directly to the business which owns the domain name.  The owner will recognise the domain name and just pay the invoice, the amounts involved are small enough not to raise suspicion.

If you receive a letter like this from Domain Renewal Group or from anyone else contact your own registrar or the person who maintains your website before parting with any money.

What Chrome Frame does is tell Internet Explorer to use Chrome’s rendering engine (Webkit) rather than IE’s own rendering engine.  The benefit for the user is faster browsing, particularly when a website uses Javascript, Chrome’s javascript module is much faster than IE’s equivalent.  The benefit for the website developer is that Chrome is a good modern browser, standards compliant and supporting a lot of newer features such as HTML 5 & CSS2/3 which are not even supported in IE8.

The theory is that if a web page works in Chrome then it will work in IE with Chrome Frame.  Chrome Frame is still very new so they are not quite there yet but I’m sure they will get there.   All those IE specific problems which website designers have had to work around for years, including those still hanging around from IE6, will become a thing of the past.  Wonderful!

But will people use it?

The problem is that Chrome Frame, being a plugin for IE, has to be installed by the user.  Do you remember the bad old days when it seemed that every new site required a new plugin?  Once the user has installed Chrome Frame all will be well but that first installation is the sticking point.

As a webdesigner I can put a piece of code on any of my websites which pops up a window giving an IE user the option to install Chrome Frame so they can view the site properly, but I don’t really want to do that.  People are, and should be, wary of installing things when asked to do so by a website.  And I don’t want people to navigate away from my site because it is too scary or demanding.  In any case most sites work fine  in IE anyway so why do they need to install a plugin?

My real hope is that corporate IT installations might think that installing Chrome Frame to upgrade IE6 would be a good idea.  IE6 is currently the most popular browser in the world, largely because there is no reason for the big corporates to change to anything else.   But a plugin might be different, any existing applications will continue to work fine but new applications could use newer features without the extra coding needed to cope with the particular quirks found in IE6.  It could be quite a money saver.

Critical Mass

I will be monitoring my Google Analytics reports for the day when I see “unChromed” IE6 usage drop below 5%.   I think that will be the time to put the plugin code on my own sites.  And when it drops below 2% I will consider ignoring IE6 all together, a happy prospect.

In the meantime I will carry on as usual, coding around the quirks in IE6 and ignoring the other features I might use if IE7 & IE8 supported them.

I wonder what Microsoft think about Google writing a plugin for them?

Part of keeping your site secure is keeping the software up to date, just like you do with your own computer (I hope).  There is a constant battle going on between nice people improving and fixing software and nasty people trying to find new holes which they can exploit for their own gain.  The nice people are working for your benefit so take advantage of their labours and use the upgrades they provide.

If you have a self-hosted WordPress Blog, like this one, then you need to be aware of a new attack.   Take  a look at Lorelle on Wordpress for details.  If you haven’t upgraded to WordPress 2.8.4 then your blog is vulnerable to this attack.

We have already upgraded all the blogs we host, we keep an eye on software upgrades as a matter of course.  WordPress is very easy to keep up to date, some other packages require a lot more work, but we will always apply security fixes to any package we host.

No system is 100% secure but by keeping up to date you encourage those nasty people to look for easier targets.

And then there is Internet Explorer 6! The bane of any web designer’s life.  Getting IE6 to behave the same way as more modern browsers can be a real pain.  If a site works in any more modern browser it will probably be pretty good in all the others.  Anything that works in Firefox will almost certainly work  prettywll in Chrome, Safari and Opera and although IE7 and IE8 are not as good at complying with the standards they aren’t too difficult to work with.

IE6 Market Share overtakes IE7!

The problem is that IE6 is still installed on millions of machines around the world.   In fact I just checked out browser versions on the excellent marketshare website and discovered that IE6 has regained its position as the most popular browser in the world with over 25% of the market.  This is largely due to the advent of IE8, many people are starting to migrate from IE7 to IE8 which means that the market share of the newer browsers is being split.  If you combine the shares of IE7 & IE8 it adds up to more than 36%.

I guess that most people who have made the move to IE7 will be happy enough to let Microsoft upgrade them to IE8 so eventually IE7 will fade away as earlier versions like IE4 & IE5 have.  But IE6 is a bigger problem, it was the biggest browser for a  long time early on in the development of a lot of corporate systems, and it still works just as well as it ever did.
If you are running a corporate intranet the substantial cost of  upgrading hundreds or thousands of PCs  to a newer browser and retesting all your internal systems to make sure they still work properly is not matched by any real benefit.  It isn’t broken so don’t  fix it.

This means that while a corporation may have a lovely modern website for its external customers to use, it may only have IE6 installed for its own staff, that is the browser that has been tested against their internal systems.  But this means that when those staff do a bit of surfing in their lunch hour they are still using IE6 to look at everyone else’s websites.

IE6 for Ever

I can’t see this situation changing any time in the next few years, IE6 will continue its slow decline and new websites will have to contine to support it.  This support comes at a cost, extra testing, extra coding and of course a whole bunch of lovely new features like CSS2 & CSS3 which make building good websites much easier but which IE6 just doesn’t know about.

So much as I loathe IE6 I continue to use it every day for testing.   If your site doesn’t work properly with IE6 you could be losing 25% of the customers that have already made the effort to find your site.  That is like kicking out 25% of the customers in your shop because you don’t like the way they talk.  Not a good way to run a business.

That was more than a decade ago now and I have used AVG (both free and paid editions) on several machines since, and I have recommended it to many friends and colleagues.  But no more; AVG (or specifically the AVG Toolbar) has become the malware that it is supposed to be protecting me from.

Malware, short for malicious software, is software designed to infiltrate or damage a computer system without the owner’s informed consent.

Now I know that the AVG toolbar isn’t designed to damage my computer but you have to be pretty alert to stop it inflitrating your browser  and making it behave the way AVG wants rather than the way you want.  When you install AVG it will install the toolbar AND make Yahoo your default search engine unless you deselect the appropriate boxes on a fairly cluttered screen, this is annoying but sadly not uncommon, Java tries to install the Yahoo toolbar  every time it installs an update.

Now this is annoying enough but at least you can hide the AVG toolbar using the View/Toolbars option in your browser.  But No!  AVG will reinstate itself after a week, you have to use the AVG options (on the AVG toolbar) to stop it coming back every week.

Another, even more annoying, feature is that AVG will set and keep Yahoo as the search provider for your browser.  Now most modern browsers let you set a default search provider but also select from a list for specific searches.  I use Google as my default provider but I have about 8 others which I use from time to time, including Yahoo.  What AVG does is set Yahoo as the default search provider, and also make it impossible to change to any other search engine.

To change these unacceptable behaviours you have to change the Advanced Options for the AVG toolbar.  To do this you need to be displaying it, then select the drop down list just to the right of the AVG logo on the left (before the Yahoo search box).

Then select the Advanced Options tab and you will see a whole list of options, all of which should be deselected.  You can then save the changes, go to the View/Toolbars option for your browser and hide the AVG toobar for ever (or until a future update undoes  your work).

I have chosen to uninstall AVG altogether and install new anti-virus software from a (so far) better behaved provider.  I will be installing the free version of Avira anti-virus.  I have been using Avira for a few months now on one of my PCs and it seems very good;  lean, quick and well behaved,  just what AVG used to be.  The free edition will nag you briefly to upgrade once per day which I think is fair enough, it is certainly worth paying for and it isn’t expensive.

I presume that Yahoo (which I think is a good search engine) has paid Grisoft (AVG) to include these features in their software.  I hope they have paid them enough to compensate them for the customers they will lose because of it.  They won’t lose much when  I uninstall AVG free from my family PC, but I won’t be renewing the paid subscription for my work PCs either.

Installing the card and it’s associated Ralink software was quite straight forward and it seemed to work fine on our new network.  Or at least it worked fine for me, but using Windows XP we have separate user id for each family member, the adults have administrator access but the children only have user access (to limit the harm they can do while exploring).

The Ralink utility screen as seen by a non administrator

The problem is that while users with administrator privileges have no problem accessing a profile on the Ralink software, limited users, that is users belonging only to the USERS group can’t access the profiles functions or use profiles set up by other users. The only way for them to use the wifi link is to manually logon each time they sign on to the computer, a bit of a pain for our younger users.

The Ralink utility screen as seen by a Windows administrator

After a bit of fiddling and a bit of searching I found a useful entry on the internet which solved the problem for me but the explanation on the FixUnix forums didn’t go into much detail so I decided to go through it step by step for those, like me, who don’t regularly dive into Regedit to solve problems.

First you (using an administrator logon) need to create a profile for the link you want to set up using the Ralink utilities.  Then you need to use regedit to make this profile accessible to users without administrator privileges, it is this second part that I am documenting here.

Using Regedit to allow non administrators access to the Ralink profile

I will provide thumbnail pictures of each step at the bottom of this post, please click on the images to see the full size pictures.

1. First click on Start, then Run to open the Run dialog box. In the box type regedit then click OK.  This will start the Windows Registry Editor.
2. In the editor click on the edit menu and select the find option (or use Ctrl+F) to open the search dialog in regedit.  You need to search for the name of the profile you created in the Ralink utilities.
3. Once you find the profile, I found mine in the CurProfile field of

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0010

   you need to select the parent element, in this case the 0010 element rather than the CurProfile field.

4. Then right click on the selected element and pick Permissions from the drop down menu.
5. Scroll down through the different types of users (Windows XP Pro offers more options than XP home) to find the appropriate group, in this case Users (HOMEUSER\Users).  When you select the group you will see the existing permissions displayed in the bottom half of the window.
6. Click on the Allow boxes for Full Control and Read to give the necessary permissions, then click OK to close the dialog.  I did try just ticking the Read permission box but that didn’t do the job, Full Control was required to get access to the profile.
7. That is it; you can close regedit, logoff your administrator id and logon to a non administrator id, it should start using the profile automatically.  You still won’t have access to the profile functions but you will be able to use profiles set up by an administrator.

Please click on the thumbnails to see full size versions of the images in the gallery below.

We have a Whirlpool No Frost freezer which we bought a little over 1 year ago, so just out of warranty of course.  We have been pretty happy with it so far but a few days ago it began to warm up.  Normally it maintains the set temperature of -18°C quite well, but lately the temperature has started to slowly drift upwards, even with the Fast Freeze function on it wouldn’t go below -14°C and then -12°C.

Now this is obviously a pretty serious problem for a freezer, a freezer that doesn’t freeze is not a good thing.  So I rang our local refrigeration engineer. John Mazur in Moreton in Marsh has been very helpful in the past and proved to be very helpful this time too.  He was able to solve the problem over the phone.

It seems that there is a known problem with Whirlpool No Frost Freezers (or at least with some models).  Although they are supposedly frost free and so should not require defrosting, they do clog up over a period (in our case about 14 months).  The solution is simple, empty the freezer, leave the door open and then switch it off for a minimum of 24 hours.  During this period it will defrost a little so leave a towel or drip tray under the spout at the bottom of the door.

Whirlpool No Frost Freezer temperature display

After about 30 hours I switched the freezer back on and it came back down to the required temperature in another couple of hours, result! Thanks John!

I hope that this information enables somebody else to save the call out charge for a refrigeration engineer too.  But it does raise the question, if you have to defrost your Whirlpool No Frost freezer every year is it really a No Frost freezer? There isn’t a lot of ice to get rid of but you still have to go through the defrosting process.  We paid a premium for a frost free freezer but now it seems we have to defrost it anyway,  I think Whirlpool need to do a little work on this product range.