What are Tips for 2 college kids taking new T42's to School

[thubten]

Hello.. What a GREAT forum you have evolved here.
My 2 kids are taking T42's to college. One a 14" SXGA and one a 15" SXGA. I have purchased sleeves for them to use in their backpacks, and need guidance on general tips and 'rules'. They are solid PC people who have never owned a laptop.
OK: I have so far:
1) Support with your fingers the CD/RW drive underneath when inserting your CD into the drive.
2) Turn off power BEFORE you close the lid and move around.
3) Do not block the fan exhaust ports when laying on your bed and using the laptop.
4) The usual .... clean up drive, remove adware, popups etc, defrag, update definitions and scan etc etc.
5) Cleaning of the Display etc.
6) Do not compress the laptop with books and damage the screen.
How about some more suggestions for new users.
Thanks

[c333]

Resist temptation to hug laptop tightly

In an effort to make friends, don't immediately dismiss those with dell laptops. And, so you don't look pompous, don't immediately show such dell users the thinklight, active protection, or build quality. Doing so may cause them to cry.

Anyway, for real:

Put your name on it, and maybe one of those reward stickers you can buy

Lock it up with a good lock. Never leave it at a desk while you go hunt in the stacks

Don't drink anything near it

[Vindicated]

By default when you close the lid it will go into suspend mode, which as you know still uses power. You can change this so it will go into hibernation or shut off (I picked hibernation).

To do this right-click on your desktop and go to Properties. Click on the Screen Saver tab, then the Power button, once your there click on the Advanced tab and you'll see "Power button" options.

[Navck]

Number 1 = Unnesscary if you push lightly

[GomJabbar]

By default when you close the lid it will go into suspend mode, which as you know still uses power. You can change this so it will go into hibernation or shut off (I picked hibernation).

To do this right-click on your desktop and go to Properties. Click on the Screen Saver tab, then the Power button, once your there click on the Advanced tab and you'll see "Power button" options.

Yes suspend mode uses power, but it's so little, you can leave it in suspend all day. Some prefer suspend and some prefer hibernation. I happen to use suspend on my T42. So I say: 'Whatever rocks your boat'.

Probably the biggest tip here is to not leave the laptop unattended even for a moment. A Kensington lock can help, but they aren't perfect. I would still get one though, if I was using it in school. Perhaps there are other better locks out there, or other methods of theft protection. I think I read somewhere about a motion sensor type device that would sound an alarm if the computer was moved. You might look for something like that.

[doppelfish]

Lock it up with a good lock

And it's not a Kensington lock we're talking about.

cheers,
-- fish

[rideDPU]

Gomjabbar -- I have a Targus DefCon lock that has a motion sensor in it. Move it for more than 3 seconds a piercing, shrill scream greets you.

thubten -- try to resist the urge to touch the screen...I know it happens some, but the less it happens, the easier it is to clean.

I'm not sure if your kids know it or not, but its much easier to keep junk software off in the first place, than to remove it later -- with that in mind, you may advise them to be mindful of their roommates playing on their computers. I came back freshman year to find my roommate playing some online poker game on my desktop....talk about a lot of spyware etc.... (Now I have my T42 and life is beautiful!)

I use clorox brand wipes on the outside of my computer. (DON'T get ones with bleach in them!) I think if you search the forum, you will find some more information about this -- just keeps the black finish nice and clean.

Try not to let the battery run all the way out. (I think most laptops default to shutting down before this happens, but I'm not too sure..)

If the computers have bluetooth, you may consider turning disabling discovery. (Granted, I enjoyed sending random messages and files to a couple of my unsuspecting friends when they got new Powerbooks)

If I think of anything more, I'll post it...but I've got to wake up first.

Mark

[JaneL]

I use clorox brand wipes on the outside of my computer. (DON'T get ones with bleach in them!) I think if you search the forum, you will find some more information about this -- just keeps the black finish nice and clean.

Actually, he could just read the FAQ. It's item #18.

[rideDPU]

That's right! I knew I had seen it somewhere before...as usual, Nonny to the rescue!

Mark

[cwestwater]

I'm not sure if your kids know it or not, but its much easier to keep junk software off in the first place, than to remove it later --

In other words install Firefox!

[CaptainMorgan]

Resist temptation to hug laptop tightly

In an effort to make friends, don't immediately dismiss those with dell laptops. And, so you don't look pompous, don't immediately show such dell users the thinklight, active protection, or build quality. Doing so may cause them to cry.

One thing I would urge is not letting anyone use it.. even if they use it right in front of you.. I don't know about many here, but I can't stand when someone touches my Thinkpad - it's mine dammit! Thankfully, not one person has touched mine yet, even if they think Im crazy - If somethings wrong, tell them to learn to fix the system themselves, or, have someone walk them through it.. key phrase here. If I were to have difficulty, I would rather have someone stand beside me and explain things as I do them, this way here my system stays mine and I learn in the process... not letting someone do their deed on my laptop.

Don't let it out of your sight, for a second! Or, get one of the security features others have recommended. Consider theft insurance, theft devices, protcols etc.. One thing that's standard I use is a BIOS lock, System lock and Master lock. Potentially and hopefully, if one were to steal it they would not gain access to my system and important files and information.. however, an OS disk can wipe out the system and they could subsequently install their own system. Thus, back-ups are vital.. and in this case I would utilize theft insurance, (but I don't know the details) and would get a new system and simply intall the backed up information.

When not in use, store it in a well hidden place, if that's your only option.. not out in the open for some residence hall visitor to see and grab and walk away.

I also, when in a reasonably safe zone that I know no-one will literally walk away with it, put a 1 minute screenaver password on.. for example, this weekend my brother-in-law tried gaining access to the house PC after I walked away from it.. I knew he would do so and turned on the screensaver password.. got a good laugh out of it, but he didn't ask if he could use the system so it serves him right.

Call me paranoid, I call it cautious - I and others invest a lot into our systems.. money, time and effort and keep important information for someone to just simply gain access and screw something up.. no thanks.

EDIT: I would also suggest keeping system processes to a low... I generally keep mine between 37 and 45-7 depending on what Im doing... Resting system, basically doing nothing is nice if it's below 40.. The thinkpads come bundled with over 50 processes, as most of you already know... and this hampers system performance and battery life. I had 56 when I first got my thnkpad and after reinstalling the OS and software I keep below 40 the fan acts normally and battery life is extended.. .02

[whizkid]

Use the power-on AND supervisor passwords. It's not that much of a hassle.

I don't know if you can still do this with the newest machines, but if you can, *DO* use the personalization editor so that when the machine is first turned on and asks for the power on password, it shows who owns the machine and how to return it. Just in case someone nice "finds" it, make it easy for them to do the right thing.

It's best to put a work or dorm office address in there.

Consider something like yellowtag.com too, so a finder wouldn't even have to turn it on.

[dsvochak]

As someone once said "Even paranoids have real enemies". I think some paranoia regarding a notebook is useful.

1. I'm surprised no one said this but get a good carrying case. Search this forum for "notebook sleeves" or "notebook cases" and find one that suits your style, budget, etc.

2. Get a cheap desktop and use it for games and general internet surfing. Save the TP's for the important stuff.

3. Make sure your insurance covers "replacement cost" specifically for notebook computers. If not upgrade.

4. Use every security feature you can find, but always remember the bicyclist's rule that "the only safe lock is the human eye". That is, when in public, never let it out of your hands/sight.

Good luck.

[Navck]

Don't worry, the Dell users will instantly be repulsed by your Thinkpad.
Infact, the Apple fanboys + Any notebook that looks fancy fanboy is repulsed by Thinkpads. The reason is it looks "UGLY" to them. They like lights and two tone color. We like plain and black... No worrys, put a XPS Gen 2 next to a Thinkpad, they'll try to steal that instead.

[c333]

Gomjabbar -- I have a Targus DefCon lock that has a motion sensor in it. Move it for more than 3 seconds a piercing, shrill scream greets you.
Mark

From what I've heard, if you put your hand over it, its barely noticable. Also, drop it in a glass water and it will fry itself to death in a dew seconds.

[rideDPU]

From what I've heard, if you put your hand over it, its barely noticable. Also, drop it in a glass water and it will fry itself to death in a dew seconds.

You can still hear it with your hand over it, but like you say, the effectiveness is not really there (especially if you fry it with water)...you can still use it as a regular lock...every lock can be defeated some how (snip the small cable with a small set of bolt cutters for instance...), but the main issue is convincing the thief that it isn't worth his time...additionally, perhaps the original noise will be enough to startle him into trying for a different laptop....

Mark

[K. Eng]

The one piece of advice I give to people, regardless of what kind of system or OS they are running is: never run in root. In Windows, that means not using an account with Administrative privileges for normal tasks.

Generally I create a 'regular' user account with limited privileges for day to day tasks. In theory this should reduce/limit the amount of damage that bad software can do to the operating system. Also, you cannot accidently make fatal changes to the OS settings while in a 'regular' user account.

[JHEM]

Add a rider to your homeowner insurance policy for each of the laptops.

Costs about $20 per year and covers loss or theft ANYWHERE!

If you've purchased these units within the past 30 days, call IBM/Lenovo and purchase an Accidental Damage warranty for each system. Covers any possible damage to the units including spilled beer, broken displays, etc., etc.

Regards,

James

[GomJabbar]

If you've purchased these units within the past 30 days, call IBM/Lenovo and purchase an Accidental Damage warranty for each system. Covers any possible damage to the units including spilled beer, broken displays, etc., etc.

Yeah, spilled beer can be a problem. It flows rather freely in some campus's dorms and Greek houses. At least it did in my day.

Toga, Toga, Toga...........

[thubten]

You guys are great
MY new college student tips for thinkpads list is growing:
OK: I have so far:
1) Support with your fingers the CD/RW drive underneath when inserting your CD into the drive.
2) Turn off power BEFORE you close the lid and move around.
3) Do not block the fan exhaust ports when laying on your bed and using the laptop.
4) The usual .... clean up drive, remove adware, popups etc, defrag, update definitions and scan etc etc.
5) Cleaning of the Display etc. Do not touch the screen.
6) Do not compress the laptop with books and damage the screen.
7) Lock it up, never let it out of sight
Don't operate in root administrator mode..be a user w limited
privileges.
9) Keep system processes low to conserve power.
10) Use supervisor bios protect password and power on password
11) Good sleeve &/or carrying case
12) Look into insurance and Lenovo Damage warranty.

What do you all think of Stealth Signal or Computrace hidden software for recovery ($50 per year) . Stealth can send thru any firewall and is hidden and encripted. You password protect the bios and toggle off boot from Cd so no one can reformat the drive. They claim up to a 90% recovery rate. I talked to U of I campus police and they said good stuff.

http://www.stealthsignal.com/www/index. ... country=us

https://www.lojackforlaptops.com/default.asp

also others in the game:

http://www.securitykit.com/30012.htm

http://www.absolute-protect.com/

also there is a motion sensing alarm like Targus DefCon
http://www.securitykit.com/30012.htm

all for now

[JHEM]

What do you all think of Stealth Signal or Computrace hidden software for recovery ($50 per year).

Correctly setting the User and Supervisor passwords will prevent the unit from BOOTing and therefore defeat any HD embedded recovery program.

More useful is a simple label on the top of the unit:

This laptop is protected by a password that CANNOT be removed except by the owner!
REWARD for safe return to:
Name
School Address
Cell phone number

Two in college at the same time! BT/DT, couldn't afford the t-shirt!

Regards,

James

[revolutionary_one]

I'm kinda confused about what you said JHEM.

Adding 20 a year to your homeowers insurance covers loss or theft of the notebook occuring ANYWHERE, I am not aware of such a policy...and would definately like to get some more info.

Also, how much does actual theft raise the premium on the insurance?

[thubten]

Correctly setting the User and Supervisor passwords will prevent the unit from Booting and therefore defeat any HD embedded recovery program.


Stealth Software's signal is embedded and hidden; it sends a signal out EACH session the laptop connects to the internet. You can go from any pc and view the internet connection activity on your laptop. When it is stolen, you notify the cops, obtain a police report # and then notify Stealth. They contact the ISP where the next connections are made, find out the location of the thief and pass that on to the local police. Works anywhere in the world. Used by congressional staffers etc. Stealth and Computrace both have a very high laptop recovery rate in the 90% range. Stealth seems the better of all of them; it can bypass any firewall the thief puts on. They offer a somewhere around $1200 laptop recovery guarantee, provided the user notifys the police and Stealth within 72 hours of loss. I loaded it on both laptops, cost me $50 per laptop per year. The moment I opened Internet Explorer on one laptop, I saw on my desktop pc at Stealth's website that I had made a connection, and traced my laptop to my ISP, and it even had a map showing where my ISP was! So to use this method of recovery of a stolen laptop, the thief has to have access to the Internet, so a guest password would be ok with a blank for the password. Correct? You use the supervisor password to block reformatting of the HD via a CD boot etc. so Stealth's hidden (and unknown to the thief) software cannot be erased. Correct?
All for now and always thank you helpful folks.

[Vindicated]

Only run in limited mode? Are you kidding? Limited mode in Windows XP is a joke, this isn't Linux. Go ahead and run in administer, it's going to save you a lot of hassle, specially when installing software or playing games. Instead install a good antivirus and firewall. Most computers ship with Norton or McAfee and unfortantly there just not good enough. The no question best antivirus is Nod32, runners up include Kapaskery, Panda, and Trend-Micro (used in PC-Cillin and Vcom's System Suite). For your firewall go with ZoneAlarm or Sysgate (I prefer ZoneAlarm). You mix that in with a good Spyware utility (Current best is Spyware Doctor) and you'll defeat 99% of online threats. If your paranoid get an program or subscribe to a VPN service that makes your surfing anonymous (personally I think it's overkill). However these suggestions aren't just for laptops there for computers in general.

Being laptop specific though - CompuTrace and the other PC lockjack programs are worthless if you have a BIOS & Power-On password . In order for them to work the user has to login and access the internet. It'll be sold before that happens. And if the thief can defeat the BIOS and Power-On password he sure as hell would be able to clean CompuTrace with free utilies found easily on the web (e.g. Active@ KillDisk). The Windows XP Admin password can also be defeated & changed easily too so IMO theres little reason to enable that either.

Another thing you have to keep in mind is yeah the Thinkpads have tons of security but it's a pain in the [censored] to enable it all. I certinly don't like entering 3-5 passwords everytime I want to bootup to check my email. It might be worth it if you have nucular secrets but not for the college student trying to play Counter-Strike and download illegal music. The BIOS & Power-On passwords (no need for superviser either) are enough for the average joe and paranoid bob.

And really theft isn't that big of a deal; well it is but its not a big threat. I know a lot of people who don't even own laptop locks - they just never leave their laptop anywhere. I'd be more worried about dropping the laptop or getting a nasty virus. Another realistic threat is heat damage from the sun - avoid leaving your laptop in your car (hidden or otherwise) - on a hot day the motherboard and plastic internals can actually warp & melt. It's not like a car stereo thats designed to take those kind of high tempatures.

And that's really it. Be realistic about the threats you think you'll encounter and you should be fine.

[GomJabbar]

Only run in limited mode? Are you kidding? Limited mode in Windows XP is a joke, this isn't Linux. Go ahead and run in administer, it's going to save you a lot of hassle, specially when installing software or playing games.

I disagree. Microsoft itself recommends not running in Administrator mode when connected to the internet, unless it is really necessary. Sure, you run your antivirus software, firewalls and such, but if a virus does get past your defenses, I can't do so much harm if it doesn't have the permissions needed to execute.

Another consideration is; I you have your laptop, say in the dorm room, and during a lapse of vigilance someone comes and goes on line, or plops in an CD with a virus, you could become infected. If the laptop is not logged on as Administrator, the risk is reduced.

I have 3 user accounts set up on my ThinkPad. An Administrator account, for obvious reasons, a Power User account for normal use, and a Limited account for when I need to let a family member borrow my laptop.

[JHEM]

Correctly setting the User and Supervisor passwords will prevent the unit from Booting and therefore defeat any HD embedded recovery program.
So to use this method of recovery of a stolen laptop, the thief has to have access to the Internet, so a guest password would be ok with a blank for the password. Correct? You use the supervisor password to block reformatting of the HD via a CD boot etc. so Stealth's hidden (and unknown to the thief) software cannot be erased. Correct?

You're confusing Windows passwords and the Thinkpad's built-in password system.

Setting the Power On (POP) and Supervisor (SP) passwords prevent ANY of the "call home" recovery systems from operating as they all rely on a bootable laptop.

The thief has your laptop, turns it on and is presented with the POP. Dang! Machine won't BOOT.

A few minutes on the internet and he learns that all he need do is remove the CMOS battery for a few minutes to clear the POP.

He puts the CMOS battery back in and is now confronted with the SP. Double dang! Still won't BOOT.

A few more minutes on the internet and the thief learns that in order to clear the SP he will either need to A) change the motherboard, or B) send the unit off somewhere for professional assistance, either of which will cost him $$$. (Yes, there are instructions available online for editing the EEPROM, but it's not something the average criminal is capable of.)

At this point the thief is looking to get some return on the effort expended in purloining your Thinkpad and just possibly might call the phone number on the label to report he's "found your laptop and how much is the reward?".

Regards,

James

[JHEM]

Adding 20 a year to your homeowers insurance covers loss or theft of the notebook occuring ANYWHERE, I am not aware of such a policy...and would definately like to get some more info.

It's called a rider and adds theft/loss coverage for specific items to your existing homeowner's policy. I also have riders for most of my wife's jewelry as well as my art and other collections.

Also, how much does actual theft raise the premium on the insurance?

We had a rental car broken into in CA years ago and some of my wife's jewelry stolen with our carry-on luggage. Our claim for $11K was paid in full and there was no increase in our basic homeowner's premium.

Regards,

James

[Vindicated]

I disagree. Microsoft itself recommends not running in Administrator mode when connected to the internet, unless it is really necessary. Sure, you run your antivirus software, firewalls and such, but if a virus does get past your defenses, I can't do so much harm if it doesn't have the permissions needed to execute.

Another consideration is; I you have your laptop, say in the dorm room, and during a lapse of vigilance someone comes and goes on line, or plops in an CD with a virus, you could become infected. If the laptop is not logged on as Administrator, the risk is reduced.

I have 3 user accounts set up on my ThinkPad. An Administrator account, for obvious reasons, a Power User account for normal use, and a Limited account for when I need to let a family member borrow my laptop.

Well that's fine to disagree and you look like you got your system down the way you like it. I'm not here to tell you your system is wrong (if it works for you by all means continue to use it), but I do feel your uninformed in some areas - namely: how modern firewalls work. I'll galdely admit that your right that running in a limited account will offer you some protection, but modern firewalls that pass what is called a "leak test" will provide all that protection and more. With a limited account there are many programs you simply can't run. Even using the Run As user doesn't always work properly. Microsoft was trying to do like linux and at first it was a smart idea - everyone was recomending you do this. However modern firewalls are now subjected to what is called a "leak test." ZoneAlarm is one firewall that passed with flying colors. This firewall will not only protect you from outside threats, it will also protect you from inbound threats - meaning a program won't be allowed to excute a command invoking another program without express permission. ZoneAlarm and many newer firewalls are also advanced enough to detect viruse like actions. As soon as a program tries to modify, delete, or run another program the firewall stops the action and issues an alert. This allows you to be in admin account while having equal or greater security then a limted account. An admin account also has more control of the firewall and of what it can block and allow. giving you much better flexibility. If you believe that you can't damange other accounts by being in a limited one your sadly mistaken. Viruses can and do take advantage of the Run As User command flaw.

As for your dorm room senario, the simple fix would be to have a screensaver on which requires a password check to resume back to the desktop. That would stop the casual walk-by threats that are unlikely to happen to begin with . But if it did happen and they did managed to get passed it (e.g. accessing the PC during the screensaver's grace period) the firewall & antvirus (which can and should also be password protected) will protect you. The infected files on the CD would get detected, and even if it was the newest bread of super-viruses, the firewall would stop and prevent it from spreading and doing any damage.

[GomJabbar]

I do feel your uninformed in some areas - namely: how modern firewalls work. I'll galdely admit that your right that running in a limited account will offer you some protection, but modern firewalls that pass what is called a "leak test" will provide all that protection and more. However modern firewalls are now subjected to what is called a "leak test." ZoneAlarm is one firewall that passed with flying colors. This firewall will not only protect you from outside threats, it will also protect you from inbound threats - meaning a program won't be allowed to excute a command invoking another program without express permission. ZoneAlarm and many newer firewalls are also advanced enough to detect viruse like actions. As soon as a program tries to modify, delete, or run another program the firewall stops the action and issues an alert. This allows you to be in admin account while having equal or greater security then a limted account. An admin account also has more control of the firewall and of what it can block and allow. giving you much better flexibility. If you believe that you can't damange other accounts by being in a limited one your sadly mistaken. Viruses can and do take advantage of the Run As User command flaw.

As for your dorm room senario, the simple fix would be to have a screensaver on which requires a password check to resume back to the desktop. That would stop the casual walk-by threats that are unlikely to happen to begin with . But if it did happen and they did managed to get passed it (e.g. accessing the PC during the screensaver's grace period) the firewall & antvirus (which can and should also be password protected) will protect you. The infected files on the CD would get detected, and even if it was the newest bread of super-viruses, the firewall would stop and prevent it from spreading and doing any damage.

You might be right about me not understanding how modern firewalls work. I don't claim to be a firewall expert. But reading over the Help File that came with the latest version of free ZoneAlarm version 6.0.631.003, (which by coincidence I downloaded and upgraded yesterday, even before I read your post), I don't see it to be the super protector, that you seem to imply.

From what I can see, ZoneAlarm protects against changes to programs that use the internet and from changes to a few other programs. In addition, it prevents these programs from executing risky activity. ZoneAlarm firewall by itself does not protect against trojans, viruses, or spyware (although with an upgrade to Security Suite, you can get these features). If a program is changed and tries to access the internet, an alert pops up. For most users, some of these alerts can be rather cryptic. Allow or not to allow, that is the question. If one gives the program alert the OK to run and it is malicious, then that computer has been compromised. See the following that I copied from ZoneAlarm's program help menu. Italics added.
===============================================
Understanding Program Control
Everything you do on the Internet-from browsing Web pages to downloading MP3 files-is managed by specific programs on your computer.

Hackers exploit this fact by planting "malware"-literally, malicious software-on your computer. Malware can masquerade as harmless e-mail attachments or as updates to legitimate programs. Once on your computer, however, the malware can hijack trusted programs and carry out dangerous activities under the guise of legitimacy.

Zone Labs security software protects your computer from hackers and malicious attacks by assigning policies to programs that indicate their level of trustworthiness, and specify the actions they are allowed to perform.

Users of ZoneAlarm Security Suite have the added feature of OSFirewall protection, which detects when programs try to perform suspicious or potentially dangerous actions, such as changing your computer's registry settings.
.....................

Safe programs
Zone Labs security software validates your programs against a database of known safe programs and automatically assigns the permissions required for the programs to function properly. If you accepted the default program settings in the Configuration Wizard, Zone Labs security software is set up to automatically configure the most popular programs in the following general categories:

Browsers (e.g., Internet Explorer, Netscape)
E-mail applications (e.g., Microsoft Outlook, Eudora)
Instant Messengers (e.g., AOL, Yahoo!)
Anti-virus (e.g., Symantec, Zone Labs)
Document utilities (e.g., WinZip® and Adobe® Acrobat®)
Zone Labs software applications
Even programs that are considered safe can be used by hackers to perform actions that are not. OSFirewall protection, available in ZoneAlarm Security Suite, displays alerts when it detects suspicious or dangerous program behavior. For more information about these alerts, see Program alerts.
------------------

Advanced Program Control tightens your security by preventing unknown programs from using trusted programs to access the Internet, or preventing hackers from using the Windows CreateProcess and OpenProcess functions to manipulate your computer.
===============================================

You said: "The infected files on the CD would get detected, and even if it was the newest bread of super-viruses, the firewall would stop and prevent it from spreading and doing any damage." I believe that ZoneAlarm would prevent internet access by the program - provided you did not give the alert the OK the next time you went online. However, I do not believe that a firewall by itself would stop certain viruses (for lack of a better example) such as Stoned or Natas, which don't need the internet to do their damage.

Regarding running as Limited user, I said the risk is reduced - I did not mean that risk is eliminated. I don't believe there is any single solution that will protect your computer from malware and spyware. It takes a multi-facited approach.

[Vindicated]

Sorry, yes ZoneAlarm (free) does not have the extra security features. I implied and should have specifically said ZoneAlarm Pro and ZoneAlarm
Internet Security Suite. I have the Security Suite installed with the antivirus turned off, in its place I use Nod32. In additon to ZoneAlarm's Spyware protection I use SpySweeper which is actually much better (although current tests show Spyware Doctor to be better as it removed one threat Spysweeper couldn't).