Author: Bill

HIPAA audit: The 42 questions HHS might ask

A document obtained by Computerworld from a reliable source indicates that Piedmont was presented with a list of 42 items that HHS officials wanted information on within 10 days. Specifically, Piedmont was asked to provide policies and procedures for:

  1. Establishing and terminating users’ access to systems housing electronic patient health information (ePHI).
  2. Emergency access to electronic information systems.
  3. Inactive computer sessions (periods of inactivity).
  4. Recording and examining activity in information systems that contain or use ePHI.
  5. Risk assessments and analyses of relevant information systems that house or process ePHI data.
  6. Employee violations (sanctions).
  7. Electronically transmitting ePHI.
  8. Preventing, detecting, containing and correcting security violations (incident reports).
  9. Regularly reviewing records of information system activity, such as audit logs, access reports and security incident tracking reports.
  10. Creating, documenting and reviewing exception reports or logs. Please provide a list of examples of security violation logging and monitoring.
  11. Monitoring systems and the network, including a listing of all network perimeter devices, i.e. firewalls and routers.
  12. Physical access to electronic information systems and the facility in which they are housed.
  13. Establishing security access controls; (what types of security access controls are currently implemented or installed in hospitals’ databases that house ePHI data?).
  14. Remote access activity i.e. network infrastructure, platform, access servers, authentication, and encryption software.
  15. Internet usage.
  16. Wireless security (transmission and usage).
  17. Firewalls, routers and switches.
  18. Maintenance and repairs of hardware, walls, doors, and locks in sensitive areas.
  19. Terminating an electronic session and encrypting and decrypting ePHI.
  20. Transmitting ePHI.
  21. Password and server configurations.
  22. Anti-virus software.
  23. Network remote access.
  24. Computer patch management.

HHS also had a slew of other requests:

  1. Please provide a list of all information systems that house ePHI data, as well as network diagrams, including all hardware and software that are used to collect, store, process or transmit ePHI.
  2. Please provide a list of terminated employees.
  3. Please provide a list of all new hires.
  4. Please provide a list of encryption mechanisms use for ePHI.
  5. Please provide a list of authentication methods used to identify users authorized to access ePHI.
  6. Please provide a list of outsourced individuals and contractors with access to ePHI data, if applicable. Please include a copy of the contract for these individuals.
  7. Please provide a list of transmission methods used to transmit ePHI over an electronic communications network.
  8. Please provide organizational charts that include names and titles for the management information system and information system security departments.
  9. Please provide entity wide security program plans (e.g System Security Plan).
  10. Please provide a list of all users with access to ePHI data. Please identify each user’s access rights and privileges.
  11. Please provide a list of systems administrators, backup operators and users.
  12. Please include a list of antivirus servers, installed, including their versions.
  13. Please provide a list of software used to manage and control access to the Internet.
  14. Please provide the antivirus software used for desktop and other devices, including their versions.
  15. Please provide a list of users with remote access capabilities.
  16. Please provide a list of database security requirements and settings.
  17. Please provide a list of all Primary Domain Controllers (PDC) and servers (including Unix, Apple, Linux and Windows). Please identify whether these servers are used for processing, maintaining, updating, and sorting ePHI.
  18. Please provide a list of authentication approaches used to verify a person has been authorized for specific access privileges to information and information systems.

Source: HIPAA audit: The 42 questions HHS might ask

Jeff of the HIPAA Blog talks more about the questions here and that the questions are pertinent to all firms with information security requirements.

My Yahoo! Blog » Want meaty new modules? You got it.

I have been using My Yahoo and Yahoo mail since 1997. Every time I think I want to go somewhere else for mail or a different home page, the folks at Yahoo make a nice and welcome change. Recently they have revamped the functionality in both the mail and the My Yahoo page. The mail beta has been out for some time now so I am going to focus my comments on the My Yahoo page changes. Both the mail and My Yahoo pages are in beta so your mileage may vary.

Appearance

Switching over to the new beta was easy and relatively painless. I was pleasantly surprised that my old theme, Stars & Stripes, was not too garish. Although the theme was fun, I decided to change the color by personalizing the page. I tried beige initially but the lack of contrast made it harder on my eyes so I settled on blue. Note: I do not know how to switch back to my old theme.

Some of the things I noticed:

  • I prefer the new layout when I use a wide browser window.
  • If you add it to a new module to the page and the fonts look fuzzy you need to refresh your screen.
  • Switching between pages(e.g. Finance page) is pretty slow. I think this is due to the advertisement.

Modules

The next thing I needed to clean up was the modules. Some of the modules are not supported. Since most of the modules that did not appear were not too important to me, I deleted them.

I added a few new modules. The mail preview is a module I have used in the past and found it almost useless. It kind of works. It has Web 2.0ish preview that is useless for most of my email. I suppose I could use it to delete email if that function was available but I think I will keep a separate window open to my mail. I get way too much low priority mail for this small interface to do me much good.

The Market Summary is a module I have not used in the past. It’s nice although I do not know why I need to know the market summary.

The TV Listings interface benefits from the improvements to the interface. Scrolling to the next hour was quick. I like the new Weather module.

Movie Showtimes and Evite are two modules in appear to be in development. I wonder what the folks are going to do with del.icio.us and Flickr. 

My Yahoo! Blog » Want meaty new modules? You got it.

Installing the Messaging Security Agent from the Security Dashboard

SMEX Error MessageThis week I upgraded the Trend Micro SMB installation on my “dog food” server to version 3.6. It kind of worked. The virus checking stuff upgraded nicely but the Messaging Security portion did not. I got this message, “Error 1923.Service Trend Micro Messaging Security Agent Remote Configuration Server(ScanMail_RemoteConfig) could not be installed”.

I researched the problem and it said I should check my privileges. After researching what privileges it was complaining about, I figured out that the privileges for the Administrator userid were just fine. So I rebooted and tried to install Messaging Security portion again. I was unsuccessful but this time it told me to install it from the Security Dashboard. I don’t remember seeing that message before but I was game. After a little research I found these instructions on how do this.

Installing the Messaging Security Agent from the Security Dashboard

These instructions were a little too short for me since the installation process asked me a few more questions than were included in the instructions. The installation process asked me which directory to install Messaging Security in and the “shared” directory. I was not sure what they wanted for the shared directory since this field was prefilled with C$. C$ looks like a “share” to me and I was clueless about a shared directory. If Trend Micro has a shared directory they want me to use, they hid it well. Since I was installing these files on my “H” drive, I assumed they wanted the “share” for the drive, H$. Anyway that is what I gave it. When I pressed the enter key, a screen showing the installation status popped up. The status screen updated several times over the next ten minutes before it finally completed. Now when I check the “Live Status” and “Security Settings” screens they show me that the Anti-spam is working. Since Microsoft’s Intelligent Messaging Filter catches most of the spam for my “dog food” server I got through this unscathed.

Free Firewall Software – Comodo™ Firewall

Comodo Free FirewallVersion 2.4

It’s Free. Forever. No Catch. No Kidding

Comodo Firewall Pro

The Award-Winning Comodo Firewall Pro
  • PC Magazine Online’s Editor’s Choice
  • Secures against internal and external attacks
  • Blocks internet access to malicious Trojan programs
  • Safeguards your Personal data against theft
  • Delivers total end-point security for Personal Computers and Networks

Install now for out-of-the-box protection against identity theft hackers, Trojans, scripts and other unknown threats

Free Firewall Software – Comodoâ„¢ Firewall

Yesterday I decided to upgrade my Trend Micro SMB software to version 3.6. While I was at it I decided to give their firewall another tryout. I was using Microsoft’s firewall so there must be something better. Within a few minutes I remembered why I was not using Trend’s firewall. Microsoft’s firewall is much easier to configure. If you have a bunch of exceptions to the rule, Trend Micro’s firewall is best forgotten.

Since I knew that there had to be a better firewall out there, I started looking around. Zonealarm is the traditional favorite. Comodo has a nice firewall that received some nice reviews recently and it is free, so I decided to give it a try. Since the online threats have morphed over the years I wanted a firewall that was easy and flexible to configure, have some built-in monitoring, and incorporate some application level filtering. The old port blocking firewalls are not very adept at catching the new online threats which take advantage of ports that are normally open(e.g. http-port80). It takes some application level filtering to catch the new threats. Comodo’s application level functionality reminded me of Microsoft’s ISA firewall. Microsoft’s ISA is a more robust product but Comodo’s application filtering looks pretty good.

Downloading and installing the program was easy. Configuring the program took me a lot longer since my laptop has an Apache web server, a FTP server, a MYSQL server, a Subversion server, and a VMware server on it and I wanted to restrict the access to these servers. The firewall will prompt you to add rules for specific programs. You can use the rules that the firewall creates but they were too general for me. So I changed them to be more specific. I restricted the ports and destinations available in each rule. My servers are for testing and development so there is no need to expose them to the world. Along the way I found out that I have a lot of chatty programs I have been ignoring and Google Desktop is the biggest culprit. It is amazing how many programs have to call home.

So far I have been impressed with the firewall. Its got great flexibility and monitoring capability. This is a nice addition to a layered approach to security.

Writer Zone: Windows Live Writer Beta 2 Now Available

Hey, this is a great tool for bloggers and now it’s improved! I was using w.bloggar last year. When I tried the original Beta of Windows Live Writer I immediately saw that it had the same Microsoft Look-and-Feel I was familiar with. It is not Microsoft Word but it had most of the features I used in writing blog entries. I was duly impressed. Within a month I had uninstalled w.bloggar. Here are some of its new features:

The Writer team has been working hard on a new release and we’re excited that it is now available for download!

Download

This release incorporates a ton of feedback from our discussion forums and your blogs. Here are some of the new features you’ll find in Beta 2:

New Authoring Capabilities

  • Inline spell checking
  • Table editing
  • Ability to add categories
  • Page authoring for WordPress and TypePad
  • Support for excerpts and extended entries
  • Improved hyperlinking and image insertion
  • Paste Special

Integration and Compatibility

  • SharePoint 2007 support
  • New APIs enabling custom extensions by weblog providers
  • Automatic synchronization of local and online edits
  • Integration with Windows Live Gallery
  • Support for Blogger Labels

Plus…

  • New look and feel
  • Available in 6 languages
  • Improved accessibility and keyboard support
  • Many other frequently requested enhancements!

Writer Zone: Windows Live Writer Beta 2 Now Available

WordPress Plugins | alexking.org | Share This

This plugin will allow your visitors to share your content via social bookmarking sites and/or e-mailing the post to a friend.

Source: WordPress Plugins | alexking.org

I decided to add another plugin to the mix. To get it to work the way I wanted it to:

  1. I edited the plugin itself to turn off the automatic placement of the link.
  2. I edited the Main Index Template and put the link, <?php akst_share_link(); ?>, on the same line as the comments.
  3. I adjusted the stylesheet.css to have a little more bottom padding for the categories class so the share_this icon did not overlap the bottom border.

My theme does not validate anymore?

After installing WP 2.2 I found out that my HTML would not validate any more. It was generating annoying errors about using ID=”links” more than once on a web page. All of these errors were occurring courtesy of the built-in links widget. It took me some time but I finally found the problem. I noticed that I was not getting the same type of error when I used a different theme. That led me to look at the functions.php in both themes. In the theme that worked correctly the links widget was redefined. In the Andreas09 theme the links widget was not changed. So I copied over the code that was working properly and integrated it into the Andreas09 theme. After a suitable amount of praying and crossing of my fingers and toes, I switched over to the modified version of the functions.php and refreshed the screen. Lo and behold, it worked!
[tags]wordpress[/tags]

WP 2.2 Installed

I just got finished installing WordPress 2.2. Everything went well except that I got nailed by the wp-cache plugin.  I had disabled it before I started the upgrade per the upgrade instructions. When I tried to run the upgrade.php file in the last step of the upgrade procedure, I got a blank screen.  After a little debugging I had to manually edit the wp-config.php and remove the line, define('WP_CACHE, true) line.

WordPress 2.2

On behalf of the entire WordPress team, I’m proud and excited to announce the immediate availability of version 2.2 “Getz” for download. This version includes a number of new features, most notably Widgets integration, and over two hundred bug fixes. It’s named in honor of tenor saxophonist Stan Getz.

Read more …

I typically try to update my WordPress web sites with the changed files since Mark provides a changed files archive. For kicks I decided to use WinMerge to compare the new version to the old version. After spending a couple of minutes creating a WinMerge filter to omit the wp-content directory, I see that there are 148 changed files and 22 new files. My filter may not be entirely accurate but that is a lot of files. Updating to the new version with an updated file list does not make sense to me. I am going to upload the new WordPress version to my website and upgrade to the latest version the “normal” way with one little modification. Due to problems I have had in the past with deleting files on my web server, I rename the original directories rather than deleting them.
[tags]wordpress[/tags]

Comic for 16 May 2007

Dilbert cartoon-2007-05-16

Link to Comic for 16 May 2007

I do not know how Scott does it. I am a fan of dashboards but I do realize that you can lead a horse to water but you cannot make them drink. Good decision-making is an art. Politics is just one of those key pieces of information we use to make a decision that you cannot put on a dashboard.

Need to archive?

From Susan Bradley’s blog(aka SBS Diva) comes…

I have rec’d an email from one of my clients saying that he needs to recover email from 2005 in regards to a lawsuit. There is barely a backup plan in place. It holds backups of everything for a few days only, written only to an external hard drive. I don’t think our users have any idea what pst files are. Is there anything inherent to SBS2003 that would help? Is there any products you recommend for the future?

There was never any requirement for archiving purposes in the past so no company policy was forwarded to me. So I don’t think there is anyway that I am liable.

First off you are not. Secondly, you are only required to do your best efforts to recover that email. In a typical SBS network here’s the forensic places that email will land.

First off when email comes into the server (assuming you’ve set it up so that the SBS holds the email and it grabs the email) and dumps it into the Exchange store. When your end users read their email and hit the delete key in their personal email boxes, it doesn’t really “delete” the email but rather it merely moves it to the deleted email folder. Unless you set a rule to delete that email, chances are, that email of 2005 might be there. If someone has deleted the email, then it sits on the server in the mail store for 30 days before it truly and utterly gets deleted.

If your clients use the default SBS mailbox setup, they don’t have pst’s but rather ost’s that the SBS box sets up automagically as part of it’s Cached mode setup. Outlook has a rule set up (I’ve forgotten when it kicks in) of prompting you every now and then “do you want to archive your email”. Once again, it won’t truly delete the email, but will move it to an archive folder.

You might find it easier to get onto their ‘exact’ profile to see the Outlook folder structures they have on the local system as well as the files on the server.

But last but not least, you are only required to make a reasonable effort to recover this. If your policy is to NOT store emails, then you can’t be liable if you can’t find them. Where you get into issues (as in Enron/Arthur Anderson) is when you have a policy regarding email (or any correspondence for that matter) and don’t follow it. If you say you are going to delete after 30 days and don’t, or retain all email regarding X client and don’t, that’s when it’s an issue.

Remember that the new Federal Rules of Evidence kick in when you get a lawsuit in Federal Court. At THAT time you need to ensure that all electronic documentation is maintained.

But need to have a long term need to archive? Check out Message Journaling (native), check out GFI (third party) http://www.gfi.com/mailarchiver/

Computers do add some nuances to rules of evidence and you can see in these articles – http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1253827,00.html and http://www.usdoj.gov/criminal/cybercrime/usamarch2001_4.htm

Link to Susan Bradley’s “Need to archive” article
[tags]security[/tags]

Don’t Panic, But New Discovery Of Electronically Stored Information In Litigation Rules Now Apply :: WRAL.com

Link to Don’t Panic, But New Discovery Of Electronically Stored Information In Litigation Rules Now Apply :: WRAL.com

Today I read a post over on Susan Bradley’s blog about the need to archive and I remembered this article. This article is a couple of months old and was written by lawyers practicing in the ESI area. It provides a nice overview of the discovery rules and the problems the lawyers are facing. Once you have a grasp of the discovery rules, it is much easier to recommend the policies and tools that will help you and your clients create a ESI plan/policy that will reduce the impact of discovery requests in the future. The final step is for your clients to run the ESI plan by their lawyer.

RE:25 Killer Code Snippets every Good Designer Should See

I found that this collection of CSS, scripts, html, and widgets caused me to rethink some of the stuff I am doing. I haven’t changed anything but I am getting some ideas of how I could use this stuff.

Round up 25 of the Best CSS, scripts, html and widgets that you can use on on your website or blog (Part 4) More…

More Fixups on the Reworked Reset.css

This is embarrassing! I have been using a version of Eric’s Reworked Reset in conjunction with my main css for a couple of weeks now and I did not notice that the strong/bold feature was not working in the content of the blog. Putting it back in was easy but it reminded of all of the things that are turned off in the reset.css that affect its use with an existing website but do not break it. Generally speaking, I am using very few selectors that cover the whole web page. This means that I specify the area of the web page I want to affect. In my case I added the following code, #content strong {font-weight:bold;}, to override the default action for the content area of the web page. I also added #content em {font-style:italic;} to restore the default emphasis.

The Best Free Software – Features by PC Magazine

I recently reread an article at PC Mag, The Best Free Software, and decided to update my list of favorites. Here are my favorites:

  • Security
    Although I do not have any complaints about their favorites I do not use them. I have used AVG in the past and it was good and stable. I prefer the commercial vendors for virus checking. My favorites in this category are KeePass and TrueCrypt.
    • KeePass is a password manager that stores the passwords in an encrypted file and via a hotkey will automagically fill in the correct userid and password for the site based on the title of the web page. If the title is not unique KeePass will present a selection of userids and passwords that match that title. If you login to a lot of secured sites this is a time saver and allows you to use long, random passwords.
    • TrueCrypt allows you to create a virtual disk that is stored on your disk drive as an encrypted file. This virtual disk will gracefully dismounts whenever your laptop hibernates or goes into standby mode. I use this virtual disk for my QuickBooks files and other sensitive data.
  • Productivity
    I like their selections in this category, too. I regularly use Notepadd++ and WordPress. Open Office is a nice package but Microsoft Office make my life so much simpler when I work with people who use Microsoft Office who are not technically savvy.
  • Utilities & PC Management
    I use both FileZilla and Foxit Reader in this category. Foxit Reader is faster, requires less disk space, and does not need to be installed. I recently installed Foxit Reader on my server because it takes up a lot less disk space and does not need to be installed. Both the free and professional version of Foxit Reader allow you to markup Acrobat files and print the marked up files. I use this feature for filling out rebate forms. The professional version allows you to save the markup data. My other recommendations in this area are PDFCreator and Portable Apps.
    • PDFCreator is a simple way to create Acrobat files. PDFCreator creates a virtual printer when you install it. When you print to this virtual printer it creates an Acrobat file. This is a great way to create and send Acrobat versions of reports via email. I recently installed this program on several computers at a nonprofit so they could create Acrobat versions of their monthly reports.
    • Portable Apps is a repackaging of several free software packages into a portable format. In my case I keep several programs I use infrequently on a USB drive. The Portable Apps format allows me to “safely” evaluate and use open source programs without mucking up my windows registry. The list of programs that I have on my USB drive include:
      • 7-Zip Portable
      • Audacity Portable
      • Clamwin Portable
      • FileZilla Portable
      • FireFox Portable
      • Gimp Portable
      • KeePass Portable

.[tags]open source[/tags]

SYDI and System Documentation

SYDI is a program to document your system. There are a lot of programs you can use to document your systems. Some programs are very sophisticated and provides lots of detail. Although these programs do not cost much, they inevitably have licensing issues and they provide a lot more detail than I care about. SYDI is a bunch of visual basic scripts that probe the system using WMI to create a XML file. At this moment SYDI provides enough documentation for me. With another script you can transform this XML file into either a Word document or HTML file. The documentation is not fancy but it is sufficient.

Recently I was updating my documentation for my server at home and decided that I was going to start saving versions of the server documentation. I initially changed the scripts to embed the date in the filename. I have since changed my mind and I have decided to store the XML files in a SVN depository. This way I can keep multiple versions of the XML file and compare these versions with the built-in Diff program or WinMerge. I still like the idea of embedding the date in the file name on the latest Word or HTML file.

As I was mucking about the scripts I decided to make a small contribution to the SYDI project and modify the XSL to generate valid XHTML code. I sent the XSL file to the developers and I will let them decide if they want to include it in the next release.

WSUS 3.0 problem partially fixed…Hmm

To make sure an upgrade works I install it first at home. I remain a little suspicious until I see that everything is working. As a test I release an unimportant patch to make sure WSUS still works. After a day I noticed that the patch had not been applied. A little checking showed me that none of my computers had checked in. That’s not good. A little more checking with the client diagnostic utility confirmed that the clients were talking but the server was responding with an error message. My setup under WSUS 2.0 used port 8531 for https and port 8530 for http. I switched the GPO to tell the clients to use the non-ssl port 8530 instead of 8531 and the clients could communicate with the WSUS server. Using 8530 is a temporary solution but I think I have the problem narrowed down. Hopefully this will be the only problem I have with WSUS 3.0.

WSUS 3.0 and ISA 2004 SP3 Updates

Windows Server Update Services(WSUS)

I was feeling a little adventurous yesterday and decided to update the Windows Server Update Services(WSUS). This package is a great tool for managing and tracking the updates to windows computers in a small business server environment. There are other products that may do a little better job but you cannot beat the price(Free). My version of WSUS was working okay but the console had always been very slow and occasionally I yearned for a little custom reporting. I could read between the lines, too. Microsoft really wants us to upgrade to 3.0 so you better be ready soon! I opted to get it done when it fit in my schedule. I cannot really complain about the slowness since I am running it on a server with less than the recommended CPU power. Before I could upgrade I had to install two packages:

  1. Microsoft .Net Framework Version 2.0
  2. Microsoft Report Viewer 2005 SP1

Although my version of WSUS had been migrated over to SQL Server, I did not need to alter the registry as indicated in the README file. With all of the prerequisites in place, I invoked the upgrade. The inplace upgrade took a long time but it completed without error. That is always a good sign. The only part of the upgrade I had not paid attention to was that the new console had completely replaced the old web-based console. The old console was no longer available. The good news is that I could run the upgrade on my workstation and I could install the new console as long as I had met the prerequisites(i.e. .Net 2.0 and Report Viewer 2005). After looking it was finished I went back to see what it had left behind. The SUSDB was gone. I did find a new SQL Server instance called “Microsoft ##SSEE” that was visible in Server Management console. It probably is a SQL Server 2005 Express database since it wants the SQL Server Management Studio to manage it.

Internet Security and Acceleration Server 2004 SP3

This service pack was released today, 5/1/2007. I did not see any advance warning in the mailing lists. Since I started updating the server yesterday and it was still in good condition for more updates, I went ahead and applied this one. This one installed without problems. I will add a new server configuration report for my records.
[tags]sbs, isa 2004, wsus[/tags]

More ideas on freeing up space on a windows server boot partition

Recently I have been plagued with low disk space on the boot partition of my SBS2K3 server. I was confused why this was occurring since I thought I had this under control. When I found some spare time I started to re-examine the typical culprits(e.g. log files and temp files). I found some files but they were not big enough to cause the problem I was seeing. Since I needed about 1 Gig free space for some major upgrades, I decided to go ahead and move the SBSMonitoring database to another disk drive and delete old patch files. This almost got me to 1 Gb. I even decided to replace Acrobat with the lighter weight PDF reader, Foxit Reader.

Today I found the problem! I had previously set up Shadow copies to store the copies for all disk drives on my backup drive. While I was using JDiskReport to look at the disk space I noticed that there were three large directories in the System Volume information for the boot partition. After a little snooping I figured out my shadow copies were being stored on the boot partition and they were being duplicated. As an example, I was getting a copy at 7:00 and 7:02. I do not know how things got screwed up but I suspect it occurred during a power outage when the backup drive went offline before the server. Fixing it was easy. I deleted the existing shadow copies and changed the settings to point to my backup drive. To fix the scheduling problem, I went into the Tasks control panel and deleted the extra jobs.

I was thinking of getting rid of Java and JDiskReport until it lead me to the source of my problem. I probably will remove it but not right now. TreeSize Free is a free, lightweight alternative. The Professional version is even better. It was much easier to rationalize removing Acrobat from the server. For those interested in using Foxit Reader to replace Adobe Acrobat on your server, the link is listed below. Acrobat uses about 80 Mb of disk space when installed. Foxit uses about 2 Mb, launches much quicker than Acrobat, and does not need to be installed. I do not browse the Internet from the server but I do look at Trend Micro reports while logged as Administrator on the server.

Now with Foxit Reader 2.0, you don’t have to endure such pain any more. The following is a list of compelling advantages of Foxit Reader 2.0:

  • Incredibly small: The download size of Foxit Reader is only 1.5 M which is a fraction of Acrobat Reader 20 M size
  • Breezing-fast: When you run Foxit Reader, it launches instantly without any delay. You are not forced to view an annoying splash window displaying company logo, author names, etc.
  • Annotation tool: Have you ever wished to annotate (or comment on) a PDF document when you are reading it? Foxit Reader 2.0 allows you to draw graphics, highlight text, type text and make notes on a PDF document and then print out or save the annotated document.
  • Text converter: You may convert the whole PDF document into a simple text file.
  • High security and privacy: Foxit Reader highly respects the security and privacy of users and will never connect to Internet without users’ permission. While other PDF Reader often silently connects to the Internet in the background. Foxit PDF Reader does not contain any spyware or adware.

Source: Foxit Software
[tags]sbs[/tags]