For those who aren’t tech savvy, the word “source code” refers to the so-to-speak “recipe” for the development/creation of a program.  It is literally the instructions that are more or less written by computer programmers.  This kind of information is proprietary and is often a trade secret, much like the coveted ingredients list for Coca Cola or my moms apple pie.  If one were able to obtain such information, say a competator or the creators of compuer viruses, one might use this information to one-up the software or, more importantly, exploit design flaws to circumvent the software.  In short this means it is quite likely there will be a new breed of viruses on the horizon that will be capable of outsmarting Norton, rendering it useless and crippled.

Symantec has been trying to downplay the severity of this breach by stressing the age of the code, stating that the origin is a version of their software that dates back to 2006, or so we’ve been told thus far.  This is an attempt to defuse the concern by implying that their latest software is far different at its core and that there won’t be very much that is useful to virus writers because they still don’t have their hands on the latest blueprints.  But the reality of the situation is far less peachy than they would like to paint it.  In the world of computer programming software and even entire operating systems will retain a fair chunk of old code from previous versions simply because, well, it’s already been written and if it “works” then there’s little need to rewrite it from scratch.  I’m not saying source code is never rewritten, revised or updated from time to time, but when it comes to large programs such as Norton Antivirus that’s made up of tens of thousands of lines of code it could easily be argued that there is likely a good percentage of old code that has been retained for years without ever being modified.  It would be like having a castle or fortress that is under continuous construction and maintenance.  You can’t afford to tear the whole thing down every year and rebuild it from scratch, so instead what you do is build around and upon the existing structure and make repairs to the parts that need repairing the most.  This means that likely most of the fundamental structure is retained and knowledge of the construction of such a structure could be used by an enemy to find a previously unnoticed vulnerability.

In the interest of full disclosure I will have to admit that Norton hasn’t been on my list of recommended software since the late 90s when it was practically the only anti-virus software available.  It’s early bird status was followed by years of successful marketing and advertising, which lead to its continuous wide spread recognition of the software/brand name, giving the impression to novice computer users that Norton really is the best thing out there.  ”How could it not be good when its so popular?” they might ask themselves.

I am here to tell you that the number one problem I fix for people in this line of work is virus removal and far too often I see systems that are running Norton that have become utterly trashed by multiple viruses while Norton gives inaccurate scan results, claiming the system is clean and virus free.  This is particularly irksome to me because when you consider the wide spread saturation of their software along with the monetary cost to the users for the renewal every year you would have to expect the company to use their position and resources to everyones benefit.  Despite its wide spread usage and price tag it fails to survey new viruses and develop new definitions for capturing and stopping them in an effective manner and so many users never seem to get their moneys worth.  I am willing to give the benefit of the doubt and accept the fact that there is no such thing as a “perfect” antivirus software, but you should expect to be given better treatment and results if you’re paying upwards of $70 a year for protection, especially when there are free alternatives out there that have been statistically shown to do a comparatively better job.  And to think these kinds of problems existed before some of their source code leaked.  Now that some source code has leaked and the potential for new viruses to be developed to exploit Norton itself are likely right around the corner I feel obligated to suggest that people avoid using it all together.  No amount of marketing or PR can change the consensus of most IT professionals who can see past all the BS and to me this incident is more than just one more nail in the coffin.

So what do I recommend instead of Norton?  I mentioned that there is “no such thing as a perfect antivirus” but there are alternatives that hold a higher reputation than Norton that cost a fraction of what Norton costs or even nothing at all.  In past blog entries I’ve mentioned Microsoft Security Essentials, Malwarebytes and Combofix and still recommend them, so here’s a little information about them.

Microsoft Security Essentials is a free antivirus solution that Microsoft itself actually produces and it’s quite popular in the IT community right now for a couple of reasons.  I already mentioned that its free but it is also effective and not as resource intensive as other software.  There’s also a new stand-alone bootable version of it that’s going through public beta testing right now which is handy to have for particularly difficult viruses.  You can read more about it here.  Be aware that there has, in the past, been a rogue malware impostor simply called “Security Essentials 2010/2011/2012″ which people have confused with the real deal, falling victim to a trap.  You can download the real deal from here.

Along side MSE I also recommend users purchase the full copy of Malwarebytes for the one time payment of $25.  Some of the handy features it has is an active connection monitor which will automatically block your computer from attempting to connect to known malicious web servers.  It also features an active process monitor like a traditional antivirus and will help prevent a good number of rogue malware type software from infecting your system.  There is a free version of this available but its active monitoring features are disabled. I’ve been using it in the field for over 2 years now and it has worked incredibly well for helping clean systems that had already become infected.  You can read more about it here and download/purchase it from here.

Finally a tool I use quite often to help clean systems that have already become infected is a program called Combofix, which is free.  This isn’t so much a traditional antivirus that runs in the background as it is a stand-alone utility for scanning a system after it has become infected.  It is regularly updated so it’s best to not bother downloading and using it until you actually have to.  You can read more about it here and download it from here.

In conclusion I strongly advise my clients to not use Norton Antivirus because it’s one of the most over-hyped, over-priced products out there right now and with the news of parts of its source code being leaked it only stands to become an even less effective product that will do less to protect you than other cheaper alternatives out there.

Speaking of alternatives, there is always the option of picking an alternative operating system such as Linux.

Linux is a free open-source OS that comes in many flavors.  We are already seeing Android being adopted by smartphone and tablet users like crazy and it is just one example of a Linux based OS that is taking the world by storm.  But for desktop and laptop users there remains a need for a full fledged desktop OS and there are many out there to choose from.  My personal favorite is Ubuntu Linux which you can check out at ubuntu.com.  It’s not for everyone but I can easily say that it is a very ideal choice for the average user.  Keep an eye out for future posts; I intend to record a new introductory video for Ubuntu 12.04 when it is released this coming April.

Phase 1:  Safe Mode (with networking?)

Almost every version of Windows out there (from Windows 95 all the way up to the most recent Windows 7) have a hidden menu you can access at boot that gives you access to a diagnostic profile called Safe Mode.  Safe Mode is a sort of back door mode into Windows that loads the absolute (or nearly) bare minimum of device drivers and background services.  It’s sort of a bare bones environment that is suitable to start your repair from primarily because most viruses aren’t auto-started by the system in this mode, but it’s not perfect.  More on that in a moment.

To access Safe Mode you need to press the F8 key on your keyboard at a VERY specific time.  Typically when you turn your computer on you’ll see a screen that either has the logo of the manufacture of the PC or perhaps some generic startup relating to your BIOS.  At some point that all goes away, your screen will be black for about 3 seconds, and then Windows will proceed to boot with the little scroll bar loading away.  It’s during (or just before) that 3 second window of blackness that you need to start tapping the F8 key.  If done correctly, you’ll be presented with a menu that looks like this:

You’ll use the arrow keys on your keyboard to move the highlighting selector bar.  Typically I will select Safe Mode With Networking, as this allows me to access the Internet and download utilities as well as give these utilities access to definition updates for itself later.

After you select Safe Mode With Networking and press Enter your screen will be bombarded with a slathering of strange and mysterious words…

Don’t worry, this is normal.  (Note: If instead of this screen above you get another menu asking what version of Windows you want to boot, just press Enter again).

Eventually you will get to the familiar blue colored user login screen and you might see an account called Administrator shown there that you’ve never seen before.  If you do, go ahead and select it to log in as “Administrator”.  Otherwise, select your own user name.

Once you’re logged in you have a few options you can take.  The safest way to get started is to actually bring a copy of your utility software with you on a thumb drive or CD to install it from, instead of downloading via a web browser.  The reason it’s not a good idea to try and download via a web browser is because a lot of viruses tend to wrap themselves around a browser’s EXE file so that when the browser starts, so does the virus.  This could potentially happen with a lot of other software so it’s best to try and resist the temptation to run any programs except for the cleaning utilities we’re about to install.

Phase 2:  Cleaning

There are only three pieces of software I typically use with great success in the field for removing viruses and malware.  They are:

• Malwarebytes
• Combofix
• Microsoft Security Essentials

All of the above are free with the exception of Malwarebytes, which functions with all its features on a 30 day trial when you first install it (note that you will see an error message appear when you tell it to start the trial while in Safe Mode; this is normal and you can ignore the error by clicking the OK button when it appears).  To keep the full version running you have to buy it for the low one-time payment of $25 and I strongly recommend it.  Apart from these three the only other tool I use is Google, which I’ll use to lookup exact phrases found within suspicious malware to see if I can find other people talking about that particular virus somewhere online and hopeful discover what unique thing they did to remove it.  Fair warning:  Your mileage may vary.

I typically start by installing Malwarebytes first (however I have had one experience where I wasn’t able to do this until after I ran Combofix so you might need to flip the order of these two tasks), applying the most recent update for it and then running a full scan, removing all infected objects it finds.  A typical scan can take around a half hour to do.  When it’s finished, you just need to click the “Show Results” button and then make sure the results listed all have check marks next to them and then click “Remove Selected” in the bottom left.  If an object doesn’t have a check mark when you first view the results it means Malwarebytes thinks it could be a false-positive result.  Use your best judgment and google to determine if either the file is malicious and/or if the file is a necessary part that can be removed without grief.  A reboot will likely be required when it is finished.  Be ready to hit F8 again when you do this so you can come back into Safe Mode and continue your work.

One thing I’ll often do while I’m waiting for a Malwarebytes scan to complete is take a look at the MS Config utility and see what items are enabled to auto-start when you boot into the system.  To access this, click Start, then click Run (or just click into the search box if you’re using Windows 7) and type in “msconfig” without the quotes into the box and click OK.  Then click the Startup tab at the top.

In this startup list are programs that are told to run right away when you first log into your system.  Almost all of these items are non-essential and to be on the safest side you could probably get away with unchecking all of these items, but that’s usually overkill and might rob you of some convenient feature you’d like to have.  Look carefully down the list for items that have empty path names, or very bizarre characters in their name… I have to admit that at this point experience with this stuff comes in to play.  If you don’t know what something is you could look it up by name with google on a separate computer before deciding to uncheck it  Alternatively, you could use the uncheck-all-the-things strategy and then go back later to add check marks back into the few items you know you need enabled.  You can also check out the Services tab which is to the left of the Startup tab, check the box that says “Hide all Microsoft items” and then use the same judgment to decide if there are third-party services running in the background that don’t need to be.  Google is your friend here for helping to determine if a service is useful or not.

Another thing I’ll do while waiting for a scan to complete is open the Add/Remove Program (Programs & Features) applet from the Control Panel to view all the software that’s been installed on the system.  I target toolbars of any kind first, next by software that is unfamiliar to the user.  Again, google is a useful reference here because you don’t want to remove something that’s known to not be malicious.

The next step is to run Combofix which you can find a tutorial about by clicking here.  It is pretty strait forward:  double-click on the combofix.exe file that you downloaded and follow the on screen instructions.  It’s own scan will also take about 30 minutes or so but it is very sensitive so once you kick it off, don’t touch the computer until its finished.   There is almost no interaction required with the software and it will automatically remove anything malicious it finds, producing a log with a lot of interesting jargon at the end that you can forward on to an expert for further analysis if you’d like.

After all this I’ll typically reboot the system and let it boot normally and then install Microsoft Security Essentials, running a full scan with it right after and checking to make sure the trial mode has been enabled on Malwarebytes.

If all of the above didn’t work, something I’ll try next is to reboot back into safe mode and use the control panel to create a new user account, then log off and log back in under that new account and repeat all the same steps above.  The reason this might help is because viruses tend to damage registry entries for accounts that existed when it found and infected the system.  Because we’re creating a new account in an environment that hopefully didn’t auto-launch the virus, we can then create a fresh account with it’s own default settings and preferences that hopefully won’t be manipulated by the virus.  This kind of problem could also be reversed using the System Restore utility but I’ve found that a lot of times (not always) I try to use this utility none of the restore points are any good.  I wouldn’t be surprised if previous restore points are destroyed by certain viruses making it even more difficult to undo the damage done.  In situations like that I’ve occasionally just created a new user account and migrated all the important user data (documents, etc.) from the old account to the new account, deleting the old one in the end because it’s irreversibly broken.

One last tip I’ve run across in a training video for a competitor of mine who will remain unnamed is to shut the system off by force instead of doing a soft reboot during this cleaning process.  In other words, hold the power button down for 5 seconds and then turn the computer back on after 20 seconds.  The reasoning behind this is that there are a few viruses out there that alter the shutdown script of events that take place during an ordinary shutdown and one of the events it injects into the script is to reinstall the virus during shutdown from a rogue location, as a Plan B so even if the live version of the virus is caught and removed it might be able to recreate the file from an encrypted copy of itself elsewhere.  If you decide to do this my only advice would be to backup the entire hard drive before doing so.  It’s technically dangerous… but probably not THAT dangerous… it’s best to remain on the safe side and not use shortcuts.

Finally a word about a couple of common viruses in particular I’ve run into in the last year:

A few of these viruses going around exhibit the symptom of making all your files and shortcut icons on the desktop vanish.  This is often done with a combination of changing the file attributes to enable the hidden flag, or by moving the files to a hidden location.  It is sometimes also conjoined with malware that tries to frighten you into thinking your hard drive is on the verge of failure, or at the least, claims to be antivirus software itself.  The goal of all such attempts is to get you to give up your credit card number.  Please don’t.

I’ve had great success removing the virus that causes these files to go missing but after it’s been removed it’s not always so easy to reverse the damage and restore the missing icons.  Fortunately there is one program out there that, for the most part, has been able to do this for me very simply and it’s simply called “Unhide”.  Use this program after going through all the above steps to be sure you’ve removed traces of the virus and hopefully it will get all of your stuff back for you.  You can download Unhide from here.

One other common symptom I’ve seen certain viruses exhibit is hijacking certain registry entries to alter file associations, specifically one which makes your computer forget what to run EXE files with, asking instead what program you’d like to open another program with.  I have found that in Windows 7 one trick of working around this is to right-click on a program shortcut and then click Run as Administrator.  This uses a separate registry association which hopefully has not been affected by the virus.  Using this Right-Click>Run as Administrator trick you should be able to run your scanning utilities like Malwarebytes and Combofix from within Safe Mode.

Phase 3: Prevention

Now that we know how much of a pain these kinds of viruses can cause we should talk a little about where they come from and the different ways they can end up on your computer.  I wrote a much longer blog about this topic which you can read here.  Basically it boils down to this:

• Make sure you install all available software updates for Windows itself as well as 3rd party software and plugins like Adobe Flash, Acrobat and Java (among others).  Updates are your friend and help to patch recently discovered security vulnerabilities.
• Pay attention to links people send you in emails.  It’s quite possible their email account has had its password stolen and is being used by a robot to send spam email with links to malicious websites out to everyone in their address book.  Warn your friends if you suspect their account has been compromised and suggest they change their email accounts password before following the steps above to attempt to remove a potential infection.
• Use good anti-virus software.  As recommended above, I prefer MSE and Malwarebytes.  Combofix is only to be used as an emergency utility; it doesn’t have a real-time monitoring feature.
• Consider using a software firewall to block unwanted inbound traffic and unexpected outbound traffic.  Zone Alarm Free is an excellent choice for this.
• Use an ad-blocking plugin to further reduce the chances of a virus sneaking in through a flash-based advertisement.  Ad-Block for Firefox is a great option.  You can also get it for Google Chrome from here.
• Along with these plugins, consider using a better browser.  Mozilla Firefox and Google Chrome have both become superior to Internet Explorer, especially in terms of security.
• Avoid installing “toolbars” for your browser.  If you install one by accident, disable it in your browser or better yet uninstall it via your control panel.
• Avoid using P2P file-sharing software like Frostwire or MP3Rocket.  These methods of file sharing do not have any form of user moderation and anybody can wrap a virus inside a file then name it something innocent/sensational looking to trick people into downloading it and installing a virus.
• Consider adding a parental filter to your computer; you don’t need kids for this.  Having a web filter like K9 Web Protection can be helpful to block your computer from accidentally trying to connect with a known malicious server.
• Lastly, though this is too extreme for most people:  Consider switching to Linux on your desktop.  Linux is free, open-source and is even more secure than MacOS.  Seriously.

I hope this advice has been helpful.  Please leave comments or suggestions about other tips and tricks you use to help remove malicious software in the comments section below!

Unfortunately there is no good way to send a fax from your computer using Skype. The audio compression that takes place when sound is transmitted from one side to the other undergoes a great deal of detail loss, and this results in error correction protocols taking over and throttling the speed of the fax modem down to a crawl. So in theory, you could use Skype somehow to send a fax but it would literally take forever.

Enter in online faxing services. These are companies that allow you to send and receive faxes over the Internet. In doing some research to find one that performed well and at a modest price I stumbled across someone recommending a company called PamFax.  It was not long after first trying their service that I was pretty sure I could close the book on this egg hunt.

PamFax is delivered to you as a small program you install on your system and use to create your account.  They offer a free membership program which allows you to send three pages for free to see if you like their product or not.  I decided to sign up for the free account and then used a nearby fax machine where I work to send a fax to my new PamFax number.  The instant the fax was sent my PamFax account page auto-updated itself to tell me I had received a new fax.  Faxes are put into an inbox, just like emails, and each fax is downloadable in PDF format.

Sending a fax is also very easy.  You can either use the PamFax program to upload files you want to send or use the virtual PamFax printer device to send your documents to PamFax when you press Print in any application.  Here’s a video that demonstrates how easy it is to send a Fax:

Of course there will be times when you need to fax a physical document that’s already on paper.  The best way to do that is use a flatbed scanner to scan the documents into a PDF file.  You can do this very quickly with any number of Scanner-to-PDF style programs and any scanner.  A free one I’ve found to work well is aptly called Scan to PDF by Ironfist Software.  It is a free utility that you can use to scan multiple pages and then save all of them as one PDF file, which you’d then upload to PamFax for faxing to one or multiple recipients.

The cost for sending a fax varies based on whether or not you want to pay a monthly fee.  If you don’t pay a monthly fee it will cost you 13 cents per page sent and you will not be able to receive faxes.  If you step it up to the “Basic” package you will be able to receive unlimited faxes at a monthly rate of $5.84 plus 13 cents per page sent.  The professional package costs $8.80 a month, includes 20 free page out per month (9 cents per page after that), allows you to keep your received faxes online forever, and gives you the ability to administrate employee access to the account and regulate their limitations.  So there’s something for everybody.

In the end I was pretty impressed with how easy it was to install and use PamFax.  What’s even more impressive to me is their support for Linux. It’s rare that I have to send a fax but the next time I need to I know exactly what I’m going to use.  Good bye Kinko’s!

These problems don’t strike me as novel or very interesting, mostly because you expect to see them occur at SOME point in time and at random.  Electronics wear out, lightning can strike at any moment, dust buildup shorts something out or jams a cooling fan; these things just happen from time to time.  But there was one issue I saw this year that really stood out as occurring more frequently than any other problem by far.  A problem  that seemed to happen so suddenly, so widely that you could almost call it “trend setting”.  So I wanted to take a look back and talk a bit about a problem I’ve seen more often than anything else this year:

“Warning:  You’re infected!  Click here now!”

The most prominent problem I saw this year, more than any other problem I got calls about, were from people saying they had gotten alerts popping up on their system similar to the one pictured above.  Typically you would be intimidated by a popup that said your system had a LOT of viruses on it and to click on various buttons/links to remove them.  Unfortunately it was all a ruse as these alerts were themselves part of a virus masquerading around as anti-virus software, taking computers hostage.   Their names and appearance had some variation but most of their tactics were the same:

• Prevent user from opening any other applications (including Task Manager)
• If you were able to open a web browser, any page you tried to visit would be replaced with a page that would fear-monger the user even further
• Change the browser proxy settings to point to a non-existent server and in doing so prevent the user from accessing the Internet for downloading removal tools
• Annoy the user with never-ending, obnoxious pop-ups that would invite the user to pay the developers of the fake anti-virus software ransom money
• Replicate itself across multiple, random locations on the hard drive, making it more difficult to remove manually

I began to get a lot of phone calls for this exact type of issue during the middle of the summer this year, and of course everyone wanted to know how their computer came to get this sort of junk software on their machine in the first place.  Along those lines:  Where do viruses come from, how could one have gotten on my computer and WHY on earth would someone create such an evil thing in the first place?

I don’t have the monetary resources to conduct an “official” study (and as such you should classify everything here to be anecdotal), so the next best thing I can do is look for things that were in common between PCs that fell victim to the same infection at about the same time.  The one thing that stood out the most to me was that Adobe Flash, Adobe Acrobat and/or Java were out of date and needed updates to be installed.

In the year 2010, Adobe has had to make multiple announcements about zero-day exploits found in their Flash plugin that could allow Flash to do things like crash a computer or to take control of it (e.g., facilitate the installation of a malicious payload or virus).

Just what is Flash, anyway?  Flash is a plugin for web browsers that has been a mainstay in webpages for over a decade.  Youtube videos, for example, are played within Flash.  Most advertisements you see on the web use Flash to animate video, elements, buttons, letters, etc.  Some websites are made entirely in Flash.  In the early days Flash was designed as an alternative to animated gif images and cartoon-like animations because for some uses it could actually conserve bandwidth because instead of pixels and color pallets taking up file space, you would instead be working with vectors (think connect-the-dots to create a shape of something, like a stick-figure man, and move the dots/vertices to animate it).  An awesome example of cartoon flash animation using very little bandwidth is www.homestarrunner.com (a favorite cartoon series I used to follow in the old days).  Over time Flash has evolved into quite a feature rich plugin that many have attempted to clone and dethrone, but all attempts have failed (so far).

In any case, as a result of being more efficient than animated bitmaps and saving web hosts money on bandwidth and faster loading times while increasing the “eye-candy factor” during the days of dial-up, Flash became a preferred/common means of deploying advertisements on the web, and eventually advertising itself became so big that there are now companies that do nothing but produce and host Flash-based advertisements for other websites. What this means is that many websites do not actually host/serve the advertisements that you see on their website, as they have offset the bandwidth requirements for this function to third party companies.  Unfortunately, because advertising is a big deal online, it raises the bounty and incentive a malicious hacker might have to penetrate the advertising servers and replace clean advertisements with infected versions that would download and install Malware all by itself, taking advantage of security exploits in the plugin that have not been patched by the user.  This has been going on for at least the last 4 years or more and it’s a phenomenon knows as “Malvertising”.

So what are some ways to prevent this type of thing from affecting you?

1. Make sure you apply updates for all software on your computer when presented with the opportunity

If you see an alert like the one pictured above, address it immediately.  Far too often I see users just minimize the window or click “Later” and forget about it for the rest of the session.  The same thing goes for Windows updates, Adobe updates and generally speaking any updates for software that you use on a regular basis.  Updates happen because security vulnerabilities are found and patched, or slight tweaks resulted in an increase of the programs performance, or because they are adding a new cool feature.  Whatever the case may be, software updates are your friend and you should welcome them without hesitation.  If you are asked to update a piece of software you have never heard of before,  just type the name of that software into Google.  With just 30 seconds of reading you should be able to determine if the program that has an update pending is legit or malicious.

2.  Use Anti-Virus software that is backed by a good reputation, not just hype and marketing

The two most common anti-virus programs I’ve encountered  on computers THAT WERE ALREADY INFECTED has either been Norton or McAfee; both have never seemed to live up to their hype or justify the sponsorship of PC manufactures and Internet Service Providers.  Norton in particular spends gobs of money on absurd advertisements about how you should protect your oscillating fan from David Hasselhoff or saving your unicorn from Dolf Lundgren.  The use of silly metaphors in them are meant to parody the fact that most people don’t understand viruses anymore than they understand Dolf scorching My Little Pony with a flame thrower, purely for illustrative purposes of course.  Lets dumb it down so much that people will say, “This is so dumb, it’s smart (advertising).”  Now we know why a copy of their software costs around $60 or $70 per year…

The sad truth about anti-virus software is that NONE OF THEM are perfect or necessarily worth their weight in dollars, simply because virus programmers have the upper hand.  If a hacker discovers a vulnerability that no one else has discovered yet, he may just keep it in his “stash” for use later.  OR, he might sell that knowledge to the Russian mafia or any number of other interested parties who have their own stash and secret agendas.  It is suspected the Stuxnet worm that ran rampant through Iran earlier this year was the product of a government agency, due to the sheer amount of zero-day exploits it contained for propagating itself, along with its overall sophistication and extremely specific targeting.

Was it a coincidence that days after Adobe announced the discovery of a zero-day exploit in their Flash and Acrobat Reader software in early June that a lot of people started to call me for the exact same Malware problem?  It’s quite likely the vandalism on advertising servers was timed to correspond with these vulnerabilities to maximize exposure.  It takes Adobe around 2 weeks to release patches for vulnerabilities like this so there is a window of time users are exposed and at risk, and this window of time extends out further if you avoid applying updates.

Despite this sad and depressing fact, you’ll be happy to know that many anti-virus programs do provide generous protections that you cannot otherwise get without them.  There are two programs I recommend everyone check out:

• Microsoft Security Essentials
• Malwarebytes

Microsoft Security Essentials is produced by Microsoft itself and is a free program you can install on your system.  It will actively monitor your computers activity and help prevent virus infection.  I encounter network security professionals in web forums here and there and most of them have really begun to sing praise for this program, because of it’s small footprint and high level of virus detection and removal.  Malwarebytes is another program that comes in a free form (though there is a paid version that automates all of it’s functions so you don’t have to do manual scans and updates with it).  Malwarebytes has been an absolute life saver for me this year as it was able to effectively cure about 8 out of 10 PCs of all their woes with one scan.

There are many other commercial (pay) anti-virus programs out there that are good, such as AVG, Avira Anti-Virus, Avast, etc., but I don’t have the time or resources to review all that are available.  While you might be able to find other websites out there that post “comprehensive reviews” of this type of software, it should not surprise you that sometimes these articles are just advertisements for commercial anti-virus software dressed up to look legit and non-partisan.  In my opinion, the best reviews for these things come from individual users and a great place to find reviews for antivirus software is Amazon.com.  They sell some anti-virus software and each of them have their own collection of user reviews that are worth reading over if you decide you want spend money on extra protection not offered by free solutions.

3.  Install A Software Firewall Solution

If your computer is directly connected to the Internet (and does not pass through a router of any kind) then you are putting your computer on the front line and you should protect it with some armor if you want to stand a chance in the wild jungle that is the Internet.  Firewalls prevent unwanted network traffic from passing between your computer and the Internet.  In the same way Flash has it’s own flaws and vulnerabilities from time to time, so too does Windows itself and many vulnerabilities can be exploited with nothing more than a network connection.  Having a firewall in place helps eliminate this possibility.  A firewall can also prevent rogue software that is already on your system from “phoning home, contacting the mother ship” to update itself or otherwise expose your personal data to would be data thieves..  It’s not anti-virus software, but it does add a critical layer of protection.  Windows itself comes with a firewall built in but it’s not as feature rich as some third-party applications out there.  The most popular free firewall that I know of Zone Alarm Free.

4.  Use a proper Ad Blocking browser extension

One of the great features of Zone Alarm Free is the ability to let it block advertisements for you, although its not very smart about it as it basically blocks all gifs or flash content embedded in a website.  This can break a lot of websites that have legit uses for Flash, like Youtube.  So you may want to look into a more proper ad-blocking plugin/add-on/extension for your browser.  A great one for Firefox is called Adblock Plus.

5.  Use a safe web browser

Recently I stumbled across a funny description of Internet Explorer:  “It’s a great tool for downloading Firefox or Google Chrome.”  And it’s the truth.  Internet Explorer has struggled to achieve a respectable reputation among security experts as being a secure browser, when compared to others that compete against it.  Among them are:

• Mozilla Firefox
• Google Chrome
• Opera

These are all very capable browsers that have a great reputation for handling security and also have shown impressive turnaround when vulnerabilities are discovered.  I would highly recommend you download and install one of the above browsers and start to use it instead of Internet Explorer.

6.  Avoid And Uninstall Web Browser “Toolbars”

The above image is an exaggeration of a point I would like to drill home:  Toolbars are 99% junk and often facilitate no additional functionality than a web browser already has built into itself.  Pop-up blocking and search bars are standard in all modern web browsers, for example.  Many times I have seen toolbars for “MyWebSearch” on computers that happened to be infected with a virus.  I can’t necessarily say there is a causal connection between that particular toolbar and an increase in exposure to malicious software, but its fair to suspect it because if you search for “mywebsearch” on google, every single link (except the first one) goes to instructions for how to remove it.  It’s clear that NOBODY wants this toolbar, and the same could easily be said for most toolbars.  Get rid of them, please!

The easiest way to remove most of these is to use the Add/Remove Software applet in your control panel (In Windows Vista/7, it’s called “Programs and Features”).  If this fails to work then you can often find instructions for manual removal by searching for them with Google.

7.  Avoid P2P Filesharing Programs

Limewire is dead, but the way it worked will live on in other programs like it.  The way Limewire worked mostly relied on you connecting to other peers like yourself and the mesh collective would commence to pass files back and forth in a decentralized fashion.  The problem for Limewire is that it wasn’t entirely decentralized, which is why they were able to shut it down like they did Napster several years ago.  But still, the primary way it worked was by letting anybody share pretty much ANYTHING they wanted, without any real fear if they did something like disguise a virus as a popular new song by some teen-pop musician and share it out to the world as a “joke.”  Using software like this is your call and any legal considerations involved weighs entirely on you.  If you do decide to use file sharing software of this nature, make sure you police all your downloads to be sure you haven’t downloaded a Trojan horse.

8.  Consider Adding Parental Controls To Your PC

Not everybody reading this (in fact, few people reading this) would be willing to walk forward and admit to visiting porn websites online, but such websites make up a large chunk of the web and due to the rogue nature of some of them you are more likely to find ads, script code laced with viruses or strait up automatic downloads for executable binaries with names like “Video.exe” that can lead to your computer being infected.  It’s quite plausible that you might even visit one of these sites “TOTALLY BY ACCIDENT!!!”  So one thing you might consider using is a parental control blocking application that filters out web addresses and reduces the chance of you visiting one by accident or otherwise.  A robust, free parental control program worth trying is K9 Web Protection.

9. Consider Using Linux For Internet Stuff

It would be hard for me to write all of the above out without making a passing mention of using a different operating system, at least part of the time.  I realize not many users are interested in making a big switch from one OS to another, but it is very easy to at least get your feet wet with a Live CD.  In the case of Ubuntu Linux you can boot the entire OS from a CD without making any changes to your computer.  It’s like playing a demo for a video game before deciding to install the full copy, for free.  Instructions for downloading, burning and booting are right on Ubuntu’s website so if you’re even SLIGHTLY tech savvy you may find you enjoy working in Ubuntu more than you do Windows and feel relief from not having to worry about viruses or malware infecting your system.

Conclusion

As I mentioned before, this Malvertising problem is not new but the spike in its frequency of occurrence this year was interesting to me.  It wouldn’t be far out to predict another wave of infections like this striking again, but with the above advice and your increased awareness of the possibility of being infected in such a way should help to drastically reduce the chances of you falling victim to something like this.

1.  I already own this album (in fact I own every Nine Inch Nails album; I’m what you would call a “loyal fan“).
2.  The album was published under the Creative Commons Attribution Non-Commercial Share Alike license.  This means I could give you a copy of the song because I purchased it.  Look out for musicians who publish their works under licenses like this.

So let’s get to using this Youtube Downloader thingy!

First, download the software from Download.com by clicking here.

Run/Open the file once you have downloaded it to install the software.  Once installed, you’ll have a new shortcut in your Start Menu.  This is what the program looks like when it’s running:

Leave this window up and go visit Youtube.  Find a video you like and then copy the URL from the address bar at the top…..

…into the first box in Youtube Downloader, like this:

Now click Download.

Once the video is downloaded you can convert it to an MP3 by changing the selector at the top from “Download a video…” to “Convert or play a video…”, like this:

Now all you have to do is click the Browse button to search for the file you just downloaded, and change the “Convert Video to:” box to read MP3, like this:

Now click Convert.  It will ask you about quality settings (and of course it’s best to just leave it on “Best Quality” and click okay).  That’s pretty much it.  A conversion process will happen, taking perhaps 30 seconds,  and you’ll be given an MP3 file that you can play on pretty much any portable audio player out there.  It’s up to you if you want to delete the original video file.

A word about piracy/file-sharing

Piracy/file-sharing can be a very polarizing topic to talk about, especially when the conversation occurs between professional musicians who make their living off writing music.  On one side of the fence you’ve got your Lars Ulrich and Gene Simmons who see piracy of their music as a direct threat to music sales and thus their paycheck.  On the other side of the fence you have bands like Radiohead and musicians like Trent Reznor who see the sharing of their music as a marketing platform that can increase band exposure, increase their fan base, and subsequently increase their physical merchandise and ticket sales.  Both sides are entitled to their opinions but I lean towards the latter group when thinking about this stuff.

Along the lines of music piracy is software piracy.  There is a software developer who goes by the name Notch who created a computer game called Minecraft by himself that has earned him nearly one million dollars in under a year, and it was still in the Alpha stage when it hit that impressive number.  He has a very keen insight into piracy and I would like to suggest you check out his blog post about the topic if you have the time.  It mostly boils down to distinguishing (or debating) the difference between the loss of potential revenue versus actual revenue lost, determining a fair way to measure the differences.

In marketing there is a strategy known as “loss-leader” and pirated music could be thought of as a loss-leader for a musician who has additional products to offer, like vinyl, or limited “deluxe edition” packages, not to mention concert tickets and who knows what else (one of my favorite musicians offers up everything from autographed cover art by Strom Thorgenson to 5 hour long studio workshops with the band and their very own equipment).  Then there’s new, up-and-coming musicians who don’t yet have anything better to hope for than a chance to be listened to and are willing to let people preview their entire collection in the hopes of turning them into a loyal fan who will go buy all their albums and other merchandise someday down the road.

Shameless plug: Check out my Kompoz profile to listen/download/pirate my music.

So about 90 seconds ago I learned about this website and knew I had to write a quick blog about it.  The site is called Ninite Easy PC Setup.  This is a website that allows you to download multiple popular Windows applications, from web browsers to anti-virus software, and install them all at once!!  This is a HUGE, HUGE time saver.

You look through their selection of software, check off the programs you want and it will create a custom bundle from your selection and wrap it all into one easy install package for you to download.  When you run the installer, it installs all the apps, one by one, automatically without user intervention and without any spam “extras” that might come along with some of them (like browser toolbars that do more harm than good).

Check it out at www.ninite.com

You don’t need anti-virus for Linux. Others in here will do a better job at explaining why this is, but in short, the OS has a big advantage here due to it being open source. The operating system is a product of crowd-sourcing, much in the same way as Wikipedia has been since it first showed up several years ago. And much like the highly-moderated articles of Wikipedia that require membership and an approval process for changes made to locked articles, so to is a strict moderation that goes on with the source code for Linux before it’s allowed to become part of the official distribution. Everybody is out to identify possible flaws or weaknesses or bugs in the source code and it’s much easier for any single person to make a contribution because the OS and much of the software that runs on it is open-source.

In Windows, the users don’t have the luxury of being able to dig through the source code to look for flaws. All they can do is report symptoms of problems to Microsoft, and the limited number of paid programmers that do have access to the source code then have to decide what flaws are the most important and which ones don’t merit their attention. So with Windows, a bug that affects only 500 people won’t be as important as a bug that affects 500,000 and probably won’t be fixed at all. But if it were Linux and if just one or two of those 500 people were a programmer who had access to the source code and figured out how to fix the problem on their own, the other 498 would actually stand to benefit from a patch that ends up being released thanks to the work of that one developer who had some spare time on his hands and decided to do something about a bug simply because he could.

So throughout the long life of Linux there has been this much more diversified, seasoned, multi-cultured source for development feedback that has helped to make it a much stronger, more “mature” operating system, especially in terms of the way security was designed. If there was ever a person out there who found a way to circumvent that security, there is at least one other who knows exactly how to repair the flaw. The reason viruses are able to best Windows is because their developers can only patch so many holes, and the ones they don’t have time to get around to end up being exploited the most. Third-party software developers that make Anti-Virus software make a killing because Microsoft is unable to handle this responsibility all by themselves, and even still, the best anti-virus software isn’t perfect.

The reason anti-virus software isn’t necessary in Linux is simply because the OS and its updates that patch vulnerabilities do the exact job anti-virus software in Windows is meant for: Prevent unwanted, malicious software or network activity from compromising the system. If there were a flaw in Linux found that allowed something like that, it wouldn’t be the job of some third-party software to safeguard the user against but the job of the OS itself. The reason anti-virus software even exists is simply because Microsoft is unable to handle the immense work load of patching their own source code as well as a crowd of Linux geeks can.

Am I saying Linux is perfect and invincible to viruses? Might it become more susceptible to viruses in the future if it were to ever become as popular as Windows is today? I would think that with an increase in the number of users would also come a complimentary increase in the number of clever developers that would only help to increase the number of eyes available to find flaws and fix them. Saying that Linux would get a lot of viruses down the road because more people are going to use it is like saying Wikipedia will become rife with widespread, uncontrollable vandalism because more people visit it. It hasn’t happened yet, and very likely never will happen because of the way it is designed, moderated and improved upon by the hive mind.

EDIT to add: As mentioned in the first comments below, I failed to acknowledge that while Linux is more robust in the area of security, nothing can compensate for the weakest link in this arrangement:  The User.  A novice user could easily be enticed by a sinister website  that tells them to download a deb file which might contain malicious code and absentmindedly install it or execute a destructive command from the terminal window because they didn’t know any better (like rm -rf ~/*).  Fortunately for novice users there is little if any need to actually venture out into uncharted territory like a terminal window or strange websites to get software, thanks to the official repositories that contain a HUGE collection of software which continues to grow.  I’ve even heard you will soon be able to purchase proprietary Linux-based software through it.  Unfortunately, little can really be done to compensate for user negligence, and trying to compensate for all possibilities would likely result in too many annoying alerts and prompts for the average user (like when Windows Vista sprang the UAC on its users).

There are only a couple of circumstances that I believe anti-virus software on a Linux platform would might be worth having which involve helping to protect other Windows systems.  Say you got an email from someone that contained a virus but you never knew it was there and forwarded it onto someone else who uses Windows, resulting in their day being ruined and you being blamed.  So that’s one scenario.  You might also have a Linux server administrating a network of Windows based workstations which you have read/write access to and use the server to conduct scans of these machines over the network, but at the expense of finite network bandwidth and CPU cycles on the server.

• Lightweight:  It’s written in Python and loads very fast.
• Simple:  Sometimes losing a couple “bells and whistles” is a good thing.
• Multiple platforms:  Gitso works on Windows, Ubuntu Linux and Mac OS X.
• Active Development Pipeline:  A feature request I submitted was approved for the next version less than a half hour after I submitted it.
• Open-Source:  Free as in freedom.

There are a lot of features in the coming versions of this software I have been looking for in a VNC tool for a long time.  And who knows, I might learn a thing or two about programming in Python with this little tool.

Recently, I posted the following in their Networking forum:

I have a new Linksys/Cisco router WRT54G2 v.1 with the latest firmware installed. I currently use port forwarding for things like VNC and SSH into my home PC. However, every time I try to set a new rule (for both TCP and UDP) up for bittorrent, the bittorrent clients I try say the port is closed. I’m using an Ubuntu Linux system, and both Transmission and Deluge will say the ports I select are closed, even if I change the port numbers and do another test. So I’m just wondering if anyone has encountered anything like this before and might have an idea of what could be causing this problem.

The thread was alive for a matter of seconds before a moderator locked the thread and replied with the following:

Please read the rules. We will not help with P2P apps.

I was surprised to see this happen, and that’s probably because I use www.ubuntuforums.org more often than any other forum for technical assistance.  Linux people like me approach the controversial topic of bittorrent a little differently…  I decided to send the moderator a private message to let him know what I thought about his decision:

Sorry for violating the rules. However, I would argue that I did not ask a question pertaining to P2P applications at all but a question strictly about networking problems with a Linksys router. I should also remind you that bittorrent is a common protocol used for the transfer of free, non-copyrighted information spanning from GPL licensed open-source software to free music or movies released under the creative-commons license, which is becoming more popular. There is nothing inherently illegal about using bittorrent (the protocol), but it would seem the moderators of techguy.org hold a contrary consensus that I feel they should consider revising in recognition of the legitimate and legal uses of bittorrent.

The above comment and any replies received in any form will be posted publicly on my blog. Thank you for your time.

I got a reply fairly fast.  Here’s what it said:

We cannot and will not assist in the illegal downloading of software through P2P applications, and that includes any impediments offered by networking components to such downloading. Any legal uses of such software are few and will unfortunately need to be included in this prohibition.

The policy has been in place for quite some time now and will not be changed.

Thank you for your concern,
Elvandil

I like his use of the word “prohibition”; like bittorrent is some sort of drug paraphernalia.  I also noticed Mr. Elvandil happens to be Microsoft MVP and a die-hard Windows user who is probably adverse to anything of value that isn’t proprietary.  This is just my own opinion as he is ignoring the fact that millions of people use Linux and a large portion of us download and share our Linux ISO files (for burning to CD) via bittorrent, among many other things 100% legal to share.  It is a world he is unfamiliar with or in denial about.

Fortunately in the world of Linux it’s recognized that bittorrent itself is not illegal at all and I was glad to see a helpful reply in ubuntuforums.org within minutes; a reply that made me realize that sometimes I can be a completely narrow-minded person, too.  ”Did you check your host-firewall?”  Why… NO!    So I opened my firewall manager Firestarter and sure enough saw blocked events taking place on the port I told my bittorrent client and router to use.  All I had to do with allow inbound traffic to take place on that port.  Talk about overlooking the obvious!

Since the founding of Microsoft by Bill Gates, who stepped down as CEO  effectively handing the reigns to Mr. Ballmer, the software company has refused to  release its source-code; the programing used to create their popular operating system.  Keeping it closed-source has been a strategy used by Microsoft to ensure they could maximize profits on sales of their product, but Steve Ballmer said he felt the time was right to go open source for a multitude of reasons.  “Not only did we feel like rubbing it in Apple’s face by removing the price tag from our product entirely, but we feel it’s time to get some help from the public on refining Windows.  Because let’s face it; they use Windows more than we do, so we might as well let them fix it themselves for a change.”

Ballmer went on to explain that with Microsofts’ closed-source model, the repair of bugs and security holes in their software is much more challenging.  “Our studies have shown that software developers and programmers actually become less productive in direct correlation to the amount of money you pay them for their work.  It’s gotten so bad that the shutdown menu in Vista took several months to create and design, and that’s pretty damned embarrassing if you ask me.”

Reactions to the unexpected change have been mostly positive to sarcastic.  Mark Shuttleworth, founder of Canonical which develops and promotes their free Ubuntu Linux operating system, considered the change to be a little amusing.  “You know what they say:  Imitation is the sincerest form of flattery.”  Apple CEO Steve Jobs responded to the move by boldly stating  “So what?!”  When asked if Apple would consider making a similar change in their software development model, he replied in a typical sales pitch: “It takes a lot of money to build computers as cool as ours.  Buy one,” he added with a crazed, hypnotic look in his eyes.  “You’ll LOVE it.”

The open-source version of Windows 7 was originally slated to be released late in 2009, but with the sudden change in development structure, Microsoft actually anticipates this date to be unusually ahead of schedule.  “Now that we’ve shaken our software development department down and replaced our laziest, most expensive programmers with dedicated Microsoft Windows fans who work for us out of sheer love for the brand, we anticipate faster development in the areas of security, stability and most importantly, system performance.”  Microsoft was also originally planning to release seven various editions of Windows 7 (Starter, Home Basic, Home Premium, Professional, Enterprise, Ultimate and Star Trek Collectors edition), but it has been deduced that by making the software 100% open-source, the user will be able to get any edition they want for free simply by selecting which edition they want during installation at no difference in cost.  “It’s a win win for everyone,” added Ballmer.

Also:  APRIL FOOLS.

http://en.wikipedia.org/wiki/Conficker
http://mtc.sri.com/Conficker/addendumC/

As stated in the links above, the virus takes advantage of a buffer-overflow vulnerability of certain server services on Windows based machines.  Microsoft issued an update (MS08-067) for Windows 2000 SP4, XP SP2 & SP3, and Vista to patch this hole back in October of last year. So if you have installed all available Windows updates you should be fine and not need to worry.  It is highly recommended you install all available updates if you have not done so lately.  To force your PC to check for available updates, click Start>All Programs>Windows Update and follow the on-screen instructions.

If your computer is directly connected to the Internet it is advised that you have a quality software firewall installed and blocking unexpected inbound traffic.  A comparison of free firewall software can be found here:  http://www.techsupportalert.com/best-free-firewall.htm

In addition you should also have a quality anti-virus software solution in place.  Any of the following will suffice:

• CA Anti-Virus
• Symantec Anti-Virus
• F-Secure Anti-Virus
• Panda Anti-Virus
• Kaspersky Anti-Virus
• McAfee Anti-Virus
• BitDefender Anti-Virus

I personally recommend  AVG Free Edition

In summery:

• Be sure to apply all available updates for Microsoft Windows
• Ensure you have some form of firewall blocking unwanted network traffic
• Install a quality anti-virus solution

Now lets all have a happy April Fools day!

I’ll just keep this very short.  Internet Explorer has once again dropped the ball in the realm of Internet security and it’s something that’s been present for over 48 hours already.  You can read about the problem via BBC’s website by clicking here.

The article states in bold letters at the top, “Security experts recommend switching to a rival browser until the problem is fixed.”  Need a rival web browser?  Download Firefox at www.firefox.com.  It’s free, faster and much more secure than Internet Explorer ever will be.  Seriously.  Why is it more secure, you ask?  Because it’s open-source, just like Linux.  But again… don’t wanna turn this into a “Microsoft sucks” bashing post.

Also, on the side, I should mention that I’ve see a LOT of Windows systems get hit with viruses in the last 3 weeks, a good chunk of which have come in from emails on Facebook.  Which isn’t to say that Facebook is bad.  It just doesn’t have much of an effective spam filter or virus scanner built into it.  You would think that after a few people have recieved the same spam from their friend whose computer was compromised, they’d start filtering messages with the same links, the same stupid subject line, and all the rest that comes along with basic social engineering-based viruses.  It’s what Yahoo and Google do.  So to you Facebook/Myspace users out there (and everyone else who doesn’t uses these services), be VERY cautious about clicking on links to websites you’ve never visited to before in email sent to you by a friend.  They may not have actually sent you something.  In fact, it’s possible their account password was phished, changed, and their account used as a lauch pad for spreading the same infection to other people (like you).  So be careful.

Just wait for the very end. 

Hey, Ubuntu freaks!  I’m going to have another Terminal tutorial coming out on Wednesday with an introduction to creating bash scripts.  Sit tight!

- – - – - – - – - – - – - – - – - – - -

Ubuntu 8.10 (Intrepid Ibex) was officially released yesterday.  Boosh!! Often with each new release comes a spike in the number of people who are trying it out for the very first time.  So to help the new users out, I’ve written this guide to introduce you to this popular Linux-based operating system and some of the cool software you can install on it.

Here’s what we’re going to go over:

1. Customize the appearance of Ubuntu (wallpaper, theme, fonts, dockbars, etc.)
2. Run Update Manager.
3. Install Flash, Java, Windows Media Codecs and MS fonts with just 4 clicks!
4. Install Compiz Fusion Advanced Settings Manager with one more click.
5. Install WINE with one more click and use it to run Windows based software.
6. Reveal Archive Manager in the Accessories menu and use it to create zip archives.
7. Install the libdvdcss2 decoder so you can watch DVD’s.
8. Install Skype from a *.deb file.
9. Install Google Earth using Terminal.
10. Install Virtualbox.

1.) Customize Your Ubuntu Desktop
Difficultly: Very Easy

The first thing anybody should want to do with their own computer is make it look the way they want it to look.  Who wants an OS that forces its users to conform to one particular layout over another?  With Ubuntu, you have a lot of flexibility.  You even have the option to use a different desktop environment.  GNOME is the default environment for Ubuntu and it’s what we will see used in the example screenshots in this guide. KDE (which looks very similar to Windows XP/Vista/7) is the default environment for Kubuntu;  xfce is the default for the lightweight Xubuntu.  There are others, such as Fluxbox and IceWM, that are geared towards being minimalistic in resource usage and makes them perfect for older, slower machines.

Below is a screenshot I took of my own desktop shortly after upgrading my computer from 8.04 to 8.10.

You may or may not like the looks of the default desktop.  I’ve always though this default background just looked like a bunch of coffee stains… You can modify the interface in so many different ways the possibilities are endless.  Check out this small gallery of Ubuntu screenshots I put together to see some examples of what you can do to your own Ubuntu desktop.

The best way to explain how to customize your desktop is to show you a video (albeit, from an older version of Ubuntu) that demonstrates how you can modify the following things:

• Changing Wallpapers
• Changing Screensavers
• Panel Properties (Location/Auto-hide/Background)
• Changing/Adding Desktop Themes
• Adding/Moving Launcher Shortcuts to your Panel/Desktop
• Modifying Menu Layouts
• Adding Applets to your Panels
• Modifying your About Me user info
• Customizing your Login screen layouts/themes
• Using Multiple Workspaces

EDIT: Since the original posting of this blog, Alan Pope has removed the video below from Google and I have not yet found a comparable replacement. A very good guide about how to do all of the above can be found here.

There are several little applets that widgets that can be added to your panel, but you can also make changes to the panel itself such as its orientation (Bottom/Top/Left/Right edge of the screen), its background (solid color or transparent), its width and a couple other minor things like auto-hide.  Be careful, it’s easy to accidentally delete a panel.  If that happens, right-click on a remaining panel and click “New Panel” to create a new one. Newly created panels will be completely empty and you will have to right-click on them and select “Add to panel” in order to add things back like a task switcher.

The video makes use of http://art.gnome.org/ during it’s demonstration of changing wallpapers and themes, but another noteworthy site you should check for such things is http://www.gnome-look.org/. My personal favorite website for wallpapers is InterfaceLift Wallpapers.  You should also check this site out for wallpapers, too.

You might have noticed in some screenshots of Ubuntu that some people have added a dockbar (similar to the one used in Mac OS X) to their Ubuntu installation.  Below is a picture of one in action.

Check out this guide I’ve written about adding Cairo-Dock to your Ubuntu install as it is one of the best available for Ubuntu (in my opinion).

2.) Run Update Manager
Difficultly: Very Easy

Typically, a fresh Ubuntu install is actually a tad bit older than the current status of the distribution (this happens with all operating systems, including Windows). So often times after a fresh install, your system might be needed a few updates to be applied. Running Update manager manually after installing can bring your system up to date with the latest security and software patches.  While Update Manager does check for updates automatically, it often doesn’t do it immediately after you login for the first time.  So after a fresh install it is a good idea to force it to check for updates.  To do this:

• Click System>Administration>Update Manager
• Click on the “Check” button to check for updates

If there are updates available, you simply click “Install” to install them.  It will ask you to enter your administrative password when you do this.  This is the password you created for the “first” user during installation. Piece of cake.

*Note: If you’re having hardware issues (e.g., 3D video acceleration not working, wireless adapter not in use, etc.) after installing all available updates, you should check in System>Administration>Hardware Drivers to see if there are any proprietary drivers that need to be enabled.  You simply check the appropriate boxes off for the driver needed, and they will be installed for you.

3.) Install Flash, Java and Extra Video Codecs in just four clicks!
Difficultly: Very Easy

In order to get the best multimedia experience out of our computer, we need to install a few programs and plugins.  Most of you out there are familiar with Flash, Java and multimedia file formats like Divx, Xvid, MP3, ASF, Apple Quicktime, etc. Installing decoders to open these types of files has been made simple by bundling them all together into one package.  And installing it is very easy.  To get started, do the following:

• Click Applications>Add/Remove (now called Ubuntu Software Center).   A new window will appear (see below.)
• Change the “Show:” drop menu in the upper right corner to “All Available Applications” (In Ubuntu Software Center, click View>All Applications)
  
• Search for the word “restricted”

• Once the search returns its results, check off the box next to “Ubuntu Restricted Extras”
• Sit tight. Don’t click the Apply Changes button just yet.  We’re going to check off a few more things

Frequently Asked Question: “What does it mean by restricted extras?”

Answer: The word “restricted” in this context is used to describe these types of multimedia plugins and decoders because most of them are closed-source and proprietary.  Hence, you are restricted from modifying their source code.

4.) Install Compiz Fusion Advanced Settings Manager
Difficultly: Very Easy

Compiz Fusion (the program responsible for the dazzling eye-candy special effects on Ubuntu) is included by default, but its advanced control panel is not. Need of this advanced control panel comes up if you are a power user who wants to use the 3D window management features to the MAX, which means turning your desktop into a rotating cube of multiple workspaces, among other nerdy things. You can also greatly customize your special effect animations and window behaviors using this control panel. So let install it!

• After you’ve checked off Ubuntu Restricted Extras in the above step, do another search for the word “compiz”

• Check off “Advanced Desktop Effects Settings” (shown above)
• Sit tight, and don’t click apply just yet.  There’s more we’re going to search for and check off.

Once the control panel applet is installed, it can be found in System>Preferences>Advanced Desktop Effects Settings.

*Notice: You will want to make sure you have Compiz enabled in System>Preferences>Appearence>Visual Effects before using the above control panel you’ve installed.  Otherwise changes you make with it will not be seen.

5.) Install WINE for running Windows-based software in Ubuntu
Difficultly: Very Easy

WINE is a program that acts as a sort of emulator for Windows programs to run on top of.  Instead of needing to use Windows for running that favorite application or game, you can run the program right in Ubuntu with the help of WINE.  The only catch is that not all Windows program run on WINE yet.  So you should search the WINE applications database to see if a program you’re wanting to use works with WINE.  Below is a screenshot of Half-Life 2 running in Ubuntu, thanks to WINE!

To install WINE:

• In the Add/Remove Applications applet (should still be open from the previous step), search for “wine” and then check off the box next to WINE in the results window.
• Finally, click Apply in the lower right corner to install WINE, as well as the other programs you’ve already checked off in Add/Remove.

Now if you want to run a piece of Windows based software, you simply double-click on the executable (like setup.exe) and it should run just as it would in Windows (provided the WINE Application Database lists that the program you are trying to use and says it works with WINE).  Shortcuts created by software installers are typically added to the Applications>Wine>Programs menu.  You can read more about using WINE here.

NOTE: If double-clicking on an EXE causes the Archive Manager to open instead of WINE, it’s because your default file-association needs to be changed.  To fix this, right-click on an EXE file then click Properties.  A new window will pop up with a few tabs along the top, one of which says “Open With”.  Click this tab, then select WINE from the list and click Close.  From now on, EXE’s will always open with WINE. Also, if you get a message that complains to you about an “execute bit”, it means the EXE file needs to be given permission to run as a program.  To change permissions, right-click on the file, click Properties, then the Permissions tab and check the box off near the bottom that says “Allow to be executed as a program”.

6.) Enable (reveal) your Archive Manager and create zip files
Difficultly: Very Easy

Some of you might be wondering: How can I create a zip file? The answer is with the included Archive Manager. This tool (for some weird reason) isn’t shown in the Applications>Accessories menu by default. But we can reveal it very easily by doing the following:

• Click System>Preferences>Main Menu
• Click on the Accessories menu in the left panel, then check off the Archive Manager (see below). Then click Close.

That it! Now when you open your accessories menu, you’ll be presented with a new shortcut to your Archive Manager. You can use this utility to create zip files. Keep in mind that it can also create other types of archives, such as tar.gz, and a few others (not RAR, at least not without an additional package installed to provide this option to you).  To explore the possibilities, click Applications>Accessories>Archive Manager.  Once open, click New in the upper left corner and take a look at the bottom of the window where you can specify archive file type, password locking and spliting.  After you create a new archive, you simply drag and drop files into the archive manager and it will add them to the new archive.

One other simple way to create an archive is to select all the files you want to put into a zip file (by CTRL-Clicking or SHIFT-Clicking them) or even by clicking on a folder containing the files you want.  Then once they’re selected, right-click on any one of these files or folders and a drop menu will appear.  Just click “Create Archive” and a wizard will appear asking you where you want to save the new file and what format you’d like it to be in.

7.) Install the libdvdcss2 decoder for DVD playback
Difficultly: Medium

Click Applications>Accessories>Terminal.  This will open a new terminal window.  (If you would like to know more about Terminal, check out my Terminal for Beginners guide). Copy the following command and paste it into the Terminal window and press Enter:

sudo wget --output-document=/etc/apt/sources.list.d/medibuntu.list http://www.medibuntu.org/sources.list.d/$(lsb_release -cs).list && sudo apt-get --quiet update && sudo apt-get --yes --quiet --allow-unauthenticated install medibuntu-keyring && sudo apt-get --quiet update

This will add the Medibuntu repositories to your 3rd party software sources (in other words, this tells Update manager to check one additional server when it looks for system updates).  Next we’ll install the libdvdcss2 decoder for playing commercial DVD’s as well as an additional set of video/audio decoders that weren’t included with the “restricted” extras from the steps above.  To do this, paste this command into Terminal:

• sudo apt-get update && sudo apt-get install libdvdcss2 w32codecs
  

..And press the Enter key.  It will ask you to type your password (which will not produce any characters on screen while you’re typing, so don’t expect to see *****’s show up) and say “y” for yes to confirm your command.  Once installed, you should be able to watch a DVD simply by inserting a disc into the computer.

NOTE: You may have heard a rumor that installing the libdvdcss2 decoder is illegal. If you live in the US and someone tells you this, refer them to 17 U.S.C. Sec. 1201(f). The binaries to crack the DVD video stream encryption are not illegal if you have a license to the content.  In other words, if you have purchased your own legal/legit DVD, then that means you have license to watch it.  After all, the content must be decrypted in order to make the content usable.  However, the law is not the same in all countries so you should check your local country laws.

8.) Install Skype
Difficultly: Very Easy

Skype is a very popular Voice Over IP application that allows you to make cheap phone calls from your computer.  They ask you for 10 bucks for your first set of calls and send special offers your way from time to time.  I’ve been paying 30 bucks a year for the last 3 years to make unlimited calls to anywhere in the United States, so that’s a pretty good deal if you ask me.  It also features webcam capabilities and conference calling.

Installing Skype is easy.  All you have to do is download the deb file from Skype.com.  Here is a direct link:

http://www.skype.com/go/getskype-linux-ubuntu

Once the deb file is finished downloading, double-click on it.  An installer window will appear with a “Install Package” button in the upper right corner of the window.  Click that button, and when it’s finished, you’ll find Skype in Applications>Internet.

9.) Install Google Earth
Difficultly: Medium

First thing you have to do is download Google Earth. To do that, visit this link: http://earth.google.com/download-earth.html

After you agree to the license, you’ll be taken to a new page where an automatic download will begin and ask you what you want to do with a file called GoogleEarthLinux.bin. Simply save this file to your Desktop for now.

Next we’ll need to open up a terminal window. To open Terminal:

• Click Applications>Accessories>Terminal

When you first open terminal you’ll be given a prompt where you can enter commands. You also will be sitting in your Home Folder. If you type in the letters “ls” (That’s ls, short for the word “list”, in lowercase), you’ll be shown the files and folders in your home folder. Notice that one of them is called “Desktop”. We need to change our directory so we can run our GoogleEarthLinux.bin file. To do this:

• Type “cd Desktop” (no quotes) and hit enter.

In the world of Linux, everything is case-sensitive, so be sure to Capitalize the word “Desktop” in the above command. This command will bring you to your Desktop folder. If you type “ls” again and hit enter, you’ll see the files which reside on your desktop right now. Listed somewhere should be the bin file you just downloaded.

Now for the magic!

• In terminal, type: “sh GoogleEarthLinux.bin” (no quotes) and hit enter.

After you press enter, the following window will appear, and begin to install Google Earth for you:

Shortly after the above screen appears, you’ll get another one that says the program successfully installed. You’ll then be given the option to run Google Earth right away. If you don’t want to, you can just click Quit, and start it later by going to Applications>Internet>Google Earth.

NOTE: Google Earth runs best on PCs that are equipped with 3D graphics acceleration cards/chipsets.  Some video cards require you to have their proprietary drivers enabled in order for them to be utilized by the system.  You can check to see if you need to enable any such drivers by clicking System>Administration>Hardware Drivers.

10.) Install Virtualbox
Difficultly: Medium

Virtualbox is a popular application used on many different operating systems that allows you to create Virtual Machines, upon which you can install any number of operating system.  So, for instance, you could be running Windows XP inside of a window on top of Ubuntu.  This is good for users who are trying to migrate from Windows to Ubuntu but are not quite ready to take the big leap or are being held back by one or two applications that won’t run in Ubuntu.

So here’s what you need to do:

1. Download the Virtualbox deb file for your particular processor architecture (i386 or AMD64) from here.
2. Double-click on the the deb file you downloaded to start the installer.  Click “Install Package” to install Virtualbox.
3. Once that is finished, you will need to add yourself to the vboxusers group.  To do this quickly, open up a Terminal window (Applications>Accessories>Terminal).  Once Terminal is open, paste in the exact text and press the enter key:  sudo adduser $USER vboxusers
4. Reboot the PC.

Another cool thing you can do is add scripts to your Nautilus file browser that will give you new abilities when you right-click on something.

Anyway, I hope you enjoy your new Ubuntu Linux operating system!

Seemingly by surprise to most Internet users, Google has launched a release of a new Internet web browser dubbed Google Chrome.  I have been using it for about five minutes on my super slow computer at work (it only has 256 megs of ram in the damn thing) and the first thing I’ve noticed with Chrome is that it is freaking FAST!  No joke.  My first instinct was to take a look at the task manager in Windows to see how much memory Chrome was actually using, and what I found was a little puzzling.  There was only one web browser window open, but 4 seperate instances of the Chrome.exe process running.  Interesting… So I decided to start digging into why it’s so fast, and what the deal was with these multiple instances.  Here’s what I learned:

If you do a search for Google Chrome, you’ll discover a little comic book that was put together by Google to help illustrate what they had in mind when they first started designing this browser and how it should function differently from other popular browsers like Firefox and Internet Explorer.  The most telling is on page 3:  ”When we started this project, the Gears Guys were saying that one of the problems with browsers is that they’re inherently single-threaded.  For example, once you have Javascript executing, it’s going to keep going, and the browser can’t do anything else until Javascript returns control to the browser.  So developers write APIs that are asyncronous — and every now and then the browser locks up because Javascript is hung up on something.”

In plain english, the way other browsers currently function is about as efficient as an HR department in a hospital.  The chain of programs (or people, if you continue the hospital analogy) is long and weak in that if one link fails, the whole thing snaps and everybody puts their arms in the air to say, “Not my fault.  Tough shit.”   The way Chrome funtions instead is to create multiple processes for all the different tabs as well as additional processes (such as Javascript, or other web plugins) that run seperately, and basicly decentralize everything.  This adds a great deal of speed and stability to loading web pages and running web applications.  It will also help reduce memory bloat that comes from lots of long term use of a web browser, because you can allocate different processes their own memory space.

One of my favorite features is probably something you’ll grow to take for granted: the New Tab Page, seen above.  When ever you open a new tab, it is an intential act persuant to going some place on the Internet.  The tab page is dynamically created based upon your browsing behavior.  Your 9 favorite websites appear with thumbnail previews of each one, for instance.  So after a while, it really becomes YOUR browser.  Which might not sound great to someone who’s trying to keep their birthday gift shopping or porn addiction a secret.  That’s why there’s Incognito Mode!

Another cool feature is the way pop-ups are managed and blocked.  If something is trying to pop-up, you’ll only see a little notification at the bottom of the window, and if it’s something you want, you just drag it up and out.

Anyway, I’d love to write more about this but I’m waiting for an important call that’s going to take me a while and wanted to get something written about this exciting new web browser.  I think it’s going to have a big impact on the way web browser function and we’ll likely see Firefox and eventually Internet Explorer.  The only drawback about this browser that I’ve found so far (other than the fact that they can’t “sandbox” plugins to a lower security level…nobody can yet) is the fact that it’s for Windows only.  There are also some websites with minor functionalities that don’t seem to work just yet (Java, not Javascript, comes to mind).  I am sure that will change rapidly though, as the browser is open-source…which means it will likely be ported over to just about every OS you can imagine.  Until then, I highly recommend this browser to Windows users.

I tried scoping to Media stuff. Still no moviemaker. I typed in movie. Nothing. I typed in movie maker. Nothing.

So I gave up and sent mail to Amir saying – where is this Moviemaker download? Does it exist?

So they told me that using the download page to download something was not something they anticipated.

They told me to go to the main page search button and type movie maker (not moviemaker!).

I tried that. The site was pathetically slow but after 6 seconds of waiting up it came.

I thought for sure now I would see a button to just go do the download.

In fact it is more like a puzzle that you get to solve. It told me to go to Windows Update and do a bunch of incantations.

You can read the entire text of this e-mail by following this link.

Clearly, this user is not running Windows XP but Ubuntu Linux.  Yet with their pop-up blocker disabled in Firefox 3, a malicious website presents a window that mimics a “real” warning.  But it’s actually a trap.  This is probably the most common reason viruses find their way into Windows systems — by exploiting a users lack of expertise and susceptibility to intimidation on a technical level.  So fair warning to you Windows users out there.  Fortunately for our Linux user, he’ll just laugh and close this window.  If you’re a Windows user and you see an alert like this, you should close it too (but run a virus scan using something like AVG immediately afterwords).

A good quote to go along with this might be:  Statistics are like a bikini.  What they reveal is suggestive, what they conceal is vital.

Because sharing is caring.

1. Buy Windows Vista for a couple hundred dollars — more after hardware upgrades to support Vista’s heaving girth and blubber — so you can continue to sit down to do exactly what you used to do with Windows XP: Browse the web, play games, write novels, download videos and other common tasks like scanning for viruses and spyware.
2. Buy a Mac, participating in an even more frequent (costlier) upgrade pow-wow… but you’ll look trendy while doing it. You’ll get to browse the web, play (a few) games, write haiku’s for your legacy-sounding text-to-speech software, listen to iTunes and other common tasks like reminiscing over I’m a Mac commercials and standing in line for 24 hours to buy a freggin’ cell phone.
3. Decide not to upgrade to Vista at all, eventually exposing your XP system to new security exploits that will never, ever, ever see a repair patch written for them. The lease is up… Perhaps you need something new but you don’t wanna pay anything for it?
4. Switch to Linux, forget about viruses, spyware, bloat-ware or software costing you time and money.

And so comes the question: What the f— is Linux? Linux is open-source software. It is a product that is the sum total of decades of volunteer collaboration made by millions of computer programmers world wide, and is one of the most refined, stable operating systems in existence today. Because it’s open-source, it’s considered public domain. You practically already own your own copy. It can be downloaded, burned, shared, installed on as many PCs as you wish for free.

Is Linux Right For You?

Well, it was right for me. I switched over just a year ago, and it was a lot easier than I thought it would be. Here are the applications I use regularly on my installation of Ubuntu Linux:

Firefox – Web Browsing
Evolution – E-mail
Audacity – Sound editing
Avidemux – Video editing
DeVeDe – Convert AVI to DVD
Gimp – Edit photos; similar to Photoshop
Open Office – Microsoft Office Replacement (can open and save in Microsoft format too)
VMware – Run a Windows XP virtual machine inside a window
Google Earth – View maps of the world and of outer space!
Pidgin – Allows me to chat on Yahoo IM, and about 15 others like AOL or MSN
Skype - Make phone calls around the world
Photoshop – Just kidding, I haven’t installed it, but I could and so could you.
Games – I don’t play games too much, but I recently installed Quake 4 and it runs like a charm. Though I could throw in some Warcraft 3 or WoW if I wanted to. More classic Windows games are on the way.
Much more…

The bottom line is that Linux is an available option to you that is free of charge and of obligation. And switching over to it will afford you the advantage of never having to feel chained to Microsoft’s vendor lock-in (or Mac’s vendor lock-in). You’ll also find yourself not upgrading your PC’s hardware for a few more years, as the use of system resources is much more efficient than Vista’s. And when support for your version of Linux is expired, you can just upgrade to the next version free of charge. So now if you actually need a hardware upgrade, you’ll have the extra dough to do so.

So with the aim of providing you with something practical, I’ve come up with a short list of things for you to check and consider when it comes to computer performance on a Windows system.

1. If your copy of Norton Internet Security/Antivirus is expired, DON’T RENEW IT! In fact, uninstall it as soon as possible. While Norton is a well known name, it has also become well known for not doing what it’s supposed to do at times, and more importantly, it slows your system down greatly. Instead of using Norton Anti-Virus, try AVG Free. It doesn’t cost anything, and CNET gave it 5 stars. It is a lightweight software that won’t bog your computer down when you first turn it on. For a firewall, consider using Zone Alarm, or the firewall that is built into Windows itself.

2. Skip Vista:

If you own XP, and are considering upgrading to Vista, DON’T DO IT! Vista, for lack of a better word, sucks. It is LITERALLY the slowest operating system on the planet, and you’ll find yourself wondering what you spent 200 dollars or more for in the first place. If you were looking for eye candy, consider switching to Ubuntu Linux. Otherwise, stick with Windows XP. Compared to Vista, it’s everything Vista said it could be, but a lot faster. XP is in line to get a 3rd service pack released shortly, and will be supported for a few more years to come. Get your money’s worth, and don’t spend more on a product you want but don’t need.

3. Switch to FireFox: I suggest this mostly because Firefox has a better reputation for being the web browser that is more stable as well as more secure. Tabbed browsing, pop-up blocking, RSS management, and version 3 right around the corner. You don’t have to replace Internet Explorer, but it would be good to expose yourself to an alternative once in a while so you know what is available out there.

4. Disable any programs that you don’t need at boot time: If you’re the kind of person who has Yahoo Messenger, the Weatherbug, third-party task bars (“toolbars”) that you almost never use or need, or any number of other such software loading when you first start Windows, seek a way to disable it. For users who are a little better than Novice, try running “msconfig”. In it, you’ll find a “startup” tab, which you can sort through and uncheck any application you don’t want to have load right off the bat. You aren’t uninstalling anything doing this, just disabling it from loading at first boot. This will help your system start faster. Another thing you can try is opening your control panel and using the Add/Remove Programs applet to uninstall software you don’t use.

5. Consider upgrading your system memory: If you’ve done all of the above, and your system still runs sluggishly, perhaps you need a memory upgrade. If you’re running XP, I would recommend no less than 512 megs of ram, or at least a 1 gigabyte if your a hardcore gamer. This will help your system boot faster and run more smoothly over all. The less ram you have, the more work your hard drive has to do, and that extra waiting time can really add up.

To attest to how efficient I keep my own Windows machines, I have a 366 Mhz laptop with less than 200 megabytes of ram running XP. Sticking with AVG as my virus scanner from day one has always kept me protected and my system running smoothly. Albeit, not the fastest machine in the world, but it is still plenty capable of browsing most Internet websites, doing word processing, and a few other common tasks. If XP can run “acceptably” on a system that old, your should be able to do the same or better with the 5 tips listed here.