5. Stupid licensing terms and anti-piracy protections
The new licensing terms for Vista only allow you to reinstall the OS once. I’m not a pirate — I have no problem paying for software I use, but I’d rather not have to purchase it multiple times if the OS itself breaks down. If a reinstall is needed (which unfortunately has been frequently necessary on my Windows machines), I would need to purchase a new copy of Vista. Plus, what happens if I decide to upgrade my CD drive to a DVD burner? What if my hard drive crashes and I need to replace it? Why can’t I reinstall the copy of Vista I already own? Also, some have pointed out potential problems with WGA, an anti-piracy application that will occasionally report back to Microsoft on the status of my copy of Vista, and can disable most functionality of the OS if it is suspected to be a pirated version. No, thanks.

4. Exorbitantly high cost
Pricing for Vista is out and it is expensive — the Ultimate edition comes in at $399. Ouch. Of course the other flavors and versions are less expensive, but with less functionality. Plus, remember this cost is only for the OS; and most users need other software to be productive. Shelling out so much cash for just the operating system requires considering alternatives to additional expensive software.

3. Nefarious malware
Windows has been and will continue to be the main target for malware. Spyware, adware and lots of other garbage can will turn your computer into a spam-messenger or bot awaiting nefarious commands of some remote hacker kid. I doubt a new OS will be totally hardened against it, despite Microsoft’s claims to the contrary.

2. Perpetual security issues
Even with a greater focus on security, critical patches and serious flaws are being found every month. Admittedly, Microsoft has made great strides to make their operating systems more secure, but it’s just not there yet. But, as stated above, Microsoft OSs are the biggest target out there. Exploits found in the OS is one way to get malware onto the system, the other way is user-error — usually by installing infected programs.

Also, all of Vista’s security features are new — which means they can’t be totally secure. Microsoft is rewriting all of the networking program stack, which is sure to be the focus of future critical patches. Only history can measure security. Look at how XP matured — it’s relatively solid now, but it took it to SP2 to get it even close to where it should have been. I doubt Vista will be much different.

1. Better alternatives
Microsoft should be carefully monitoring two competing operating systems: Mac OS X and Ubuntu Linux. Although neither is perfect, Mac OS X and Ubuntu Linux are shaping up to be tough competition for Vista.

OS X is notoriously easy to use and just works. Apple’s stock continues to rise because once people learn OS X, they won’t go back to Windows. The iLife suite provides functionality for all of the fun stuff computers can do and Apple’s hardware is sleek and sexy. My next computer will be from Apple, largely because of OS X and iLife.

Ubuntu continues to get better; it’s a great alternative operating system. Sure it’s another flavor of a million flavors of linux, but I like where it’s heading. First of all, you can’t beat the price — Ubuntu is totally free. And it comes bundled with tons of great open-source software. Once it’s installed, you have a whole bunch of great applications and the ability to easily download and install thousands more. I have been using Ubuntu for quite some time now on an older computer, and it’s great. I certainly won’t be replacing it with Vista.

I have been a fan of Thunderbird (read my review) for quite some time, and recently came across an extension called Enigmail which promised to give me the PGP security capabilities I was looking for. The Enigmail extension provides the security in a simple and straightforward way and nicely integrates into Thunderbird. The encryption is handled by the GNU Privacy Guard (GnuPG), a free version of PGP.

Here is a simple example of how PGP works. Dave wants to send Jesse an email. Both Dave and Jesse have Thunderbird and Enigmail installed. Both use Enigmail to generate a key pair. Dave gets a private key and a public key, and Jesse also gets his own public and private key. The public keys are public; Dave and Jesse share those with each other. The private keys are private, they should never be shared. The two keys work together to encrypt and decrypt messages. If something was encrypted with the public key, it can only be decrypted by the corresponding private key.

OK, back to Dave and Jesse. When Dave sends Jesse an email, Dave encrypts the message using Jesse’s public key (Dave has access to Jesse’s public key because it is public). When Jesse receives the message, Enigmail will automatically decrypt the message using Jesse’s private key and Jesse will read the message. To anyone else viewing the message it would look something like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.3rc2 (MingW32)


hQIOA6x3yUQjMAdqEAgAvyC+x6frLRnxE8u67BRQAFb2Jrj
NQdBoN2uFKH6x2DGJeggTSL2aGyABsFSr8eva4j4QWSnVfa
DC5P5EOwEQykSvK65TC9Mi5nX6DpEaClQAz/FDIyM+gr3r0
WYWE560YS4KSKz8CHPkIK3E3MruZVNTSn7CVQjHNbzJmgpJ
fgij2jFt59PgXpUgYxX5idkV0TitdR2O7Uv/VBSbRJCpWlK
hQDcX/k21Gcd89sqES6g6iP/pYXYghCo36pitjIhIwf7Bhk
Tv7rCDjQ8QR4+WFnYk9UVjL9KbWlqbn2awBejVQOqSH2j/f
QV4ry7qPVDODGlY0plIy28nUv7WaNt18E+9mS1e+AcGc/5V
WswmxMwM65qV7/1MiqaJ9fc8NdzUsA3peAfiv56dJuJJQRp
W/PD5WKWf9dDUmwRX6Qql36MMQCguwcBfhZZ1rVFQuZYARh
aiMjOS1+Xhrk8FQZnRYu+rmEpT6sXdkpAdvKelE1y/v5lDs
PdLACAEOW7aQoaxAm03WL4w/jGZAI5FB70VUG9kyEN+Xy2E
fUPF2LBTc/72pjvDrxb6O7lMXtpfgy49Lt+2clg2yqvefBt
jg/GmbdxGZMz1rWXDUuZsd9GdfKwxrmvQN8fSTc7FKcIC7h
1uYv7X8dpubuVdParSQKS4WX7d+7J/CNgUQkWytrMtcdWuH
pRgPtdSlxbIC1GQ7
=OCNT
-----END PGP MESSAGE-----

When Jesse wants to reply to Dave’s initial encrypted email. Jesse encrypts the entire message using Dave’s public key and sends it to Dave. When Dave gets the message, it is decrypted using Dave’s private key. Neither person ever touches the other’s private key — it remains private. Dave and Jesse have now exchanged emails securely using PGP.

PGP is strong stuff. Famous cryptographer Bruce Schneier said PGP is “the closest you’re likely to get to military-grade encryption” (Applied Cryptography, p. 587). The reason it is so strong lies deep in PGPs cryptographic and mathematical roots, which we won’t delve into here. Just know that it’s not going to be cracked. Experts doubt any groups, even large government agencies, are capable of decrypting PGP messages. It’s good encryption.

Another great tool I found for PGP encryption and message signing is WinPT (Windows Privacy Tray). It’s a free, open source program that manages your PGP keyring (your public and private keys) and the public keys of others. One of the cool things about WinPT is that it’s a standalone application that you can use to encrypt or sign messages in a regular text document. So, for example, if you’re at work and don’t have access to your Thunderbird application, but you do have webmail access, you can still send encrypted and signed messages from your webmail client. You can also decrypt messages sent to you. All you need to do is copy and paste the plain text into the WPTray clipboard and select the Encrypt, Decrypt, or Sign options. WPTray will do the dirty work, and you simply copy and paste the results into the message body and send the email.

You can check out my public key page to import my public key into your PGP key manager so you can send me an encrypted email. Please don’t send anything which may compromise national security, but if you want to keep Mom’s famous apple pie recipe safe, PGP is great encryption, and using Thunderbird and Enigmail together make it easy and available to the masses.

I decided to install an alternative operating system. Even though I own a license for Windows XP Pro, I decided to use Ubuntu linux as the primary operating system for the machine. I used Ubuntu for several reasons:

• It has what I need

Ubuntu is a linux distribution, meaning it contains the operating system (linux) and a collection of other open-source software packages. When I install Windows XP, I don’t get a whole lot included with the operating system. I still have to purchase or download free alternative software for word processing, virus scanning, image editing, etc. With Ubuntu, most of the software I need was included on the installation disc.

• It’s free

I can’t afford to shell out big dollars for software, and I’m not a software pirate. The operating system and included software are totally free. The folks who create Ubuntu will even ship you the CDs for free.

• It’s secure

With Ubuntu, I don’t need to worry about viruses or spyware. Because Ubuntu is a *nix-based OS, the user accounts are not machine administrators and each user has individual settings and storage space. That means the kids can’t change system settings and wreak havoc on the computer. They don’t have access to other users’ files, meaning they can’t destroy Mom’s recipe cards she has been typing up for the last two weeks.

There are several other reasons why I chose Ubuntu. Installing new software and updating software is a breeze, so system maintenance is drastically decreased. I can also use the system as a file server, so it can act as a central repository for all of our mp3s, photos, other files, and backups. The data can be accessed from Windows, Mac, or other Linux computers on our home network. Ubuntu can also act as our print server, so all other computers in our home can print to the printer hooked up to the Ubuntu machine.

However, Ubuntu isn’t perfect. I didn’t like that it didn’t support mp3s and other video formats out of the box. It also didn’t have support for Flash or Java. However, I have discovered a few scripts (Automatix and EasyUbuntu) which can easily add all of the formats, codecs, and other niceties missing from the install discs. One other thing missing is power management. Since this computer can go long periods of time without being used, I would like to have it go to a standby mode to shut off the hard drives and monitors after a period of inactivity; but it would need to support wake-on-LAN. I have read power management is currently being developed for the next version of Ubuntu, so I am looking forward to easily updating my software for this feature.

Overall, Ubuntu has been great for my needs and is getting better. I have had some issues getting the file and print sharing just right (fodder for future articles), but Ubuntu has been a great alternative operating system so far because it has what I need, it’s free, and it’s secure.

Without a router, your computer is connected directly to the Internet. Or a better way to think of it is that the Internet has a direct connection to your computer.

With a router, your computer is on a separate network from the Internet (but still has access to the Internet). The router doesn’t let anything into the home network that doesn’t belong there. Specifically, a computer on your network must ask for information from the Internet for your router to allow information from the Internet to enter your home network.

The techology routers use to help share an Internet connection also adds a security layer to thwart worms, malware, and other internet-based attacks. This techology called NAT (which stands for Network Address Translation), essentially creates two separate networks.

Here is how it works: let’s say you request to access yahoo.com. Your request first goes to the router, which notes that you are making a request to yahoo.com, and forwards the request to yahoo.com. When a response comes back from yahoo.com, the router forwards the response back to the computer that issued the original request. If traffic comes in from Evil-Internet-Worm.com unsolicited, the router knows that no computer on the network has requested information from that site and blocks it. Evil-Internet-Worm cannot get through and infect your computer.

Routers are not terribly expensive, plain wired routers are around $30 and the increasingly popular wireless routers can be had for less than $100 and even cheaper on sale. Wireless routers need to be set up properly to make them secure, but offer the same separation from the Internet using NAT as wired routers do.

If you have broadband and you don’t yet have a router, you’re just asking for trouble.

The rise of viruses and worms has been well documented. Few computer users have been immune to the flood of these malicious bits of code, especially considering their rise in popularity and severity. Today’s viruses aren’t semi-funny hoaxes, they are just plain nasty.

Festinate reactions to ActiveX pop-ups can have very dangerous consequences. Malware authors know most users instinctively press the “Install” button by force of habit, and exploit that tendency to get their malware on to your machine. This particular subset of malware is typically called adware or spyware. This stuff is more annoying than destructive, but it can change your homepage, monitor your surfing habits, serve up ads endlessly, and redirect you to sites that you don’t want to go to.

So, how do you battle malware in your home or business? Here are a few tools that will help you get rid of malware on your machine. The first time you use these tools, you will be amazed at how much of this garbage has crept onto your computer.

Ad-aware Plus has a freeware version which will take care of just about everything.

Spybot – Search & Destroy is my personal favorite, but it is almost too thorough — just make sure not to remove any legitimate tools or you will have to reinstall them.

Most of the improvements in wireless technology have been in the user-friendly category. In fact, many of these improvements that now let four-year olds set up a wireless network have made this networking medium dangerously insecure.

Don’t be tempted to use the “works right out of the box” functionality of wireless routers and access points. The factory defaults for these items are well-known and exploited. Let me give you a quick example:

Jeff purchases his LINKSYS 11Mbps Wireless Access Point Router, takes it out the box, plugs in his cable modem to the WAN port, plugs in the power supply and turns it on. Jeff grabs his laptop, which has built-in wireless equipment, boots up and sees his new wireless network in a pop-up bubble off his Windows XP taskbar. He opens Internet Explorer and begins to surf the ‘net wirelessly. Cool, right?

Well, later that night after Jeff surfed from every room in his house (just because he could), a fourteen-year-old kid who stumbled upon wardriving.com and made her own antenna out of a Pringles can decides to begin her career as a hacker. She points her antenna out her window and goes to her computer to see what wireless networks show up on netstumbler, this cool new program she just downloaded.

After scanning, netstumbler shows 3 networks in her neighborhood alone. These networks are named: linksys, jonesfam, and cantHackMe. She smiles because she now can have some fun. After reading for 30 minutes on the web, she knows the linksys network is now her network. The jonesfam network may not be that interesting (unless she has a crush on one of the Jones boys), and the cantHackMe network may just be too much effort for a beginner. However, she has learned that a network with the default name of linksys means it is wide open — in fact, if she were malicious she could teach a lesson by logging into the wireless router with the default password of ‘admin’ and lock the rightful owner out of their own network. But that would be mean. So she connects to the linksys network and downloads pirated movies all night, knowing that even if the RIAA is watching, they will be knocking on someone else’s door.

Given the above example, the average computer user should do follow these steps when setting up a wireless network. The first three are mandatory, four and five are highly recommended to lock down your wireless network.

Step 1: Change the name of your wireless network

The name of your wireless network is called the SSID. Most wireless routers and other equipment come with easy-to-use web interfaces. Simply log on to your equipment as shown in the user manual (yes, even read it!), and change the SSID. Try not to enter any personal information that may invite trouble (for example: the jonesfam network may be a hot target for young teenage girls).

Step 2: Disable SSID broadcasts

Once you’ve change your SSID, your wireless equipment may be shouting that name to any wireless equipment that can hear. Turn off the broadcast makes it even harder for hackers to discover your SSID. The SSID is comparable to a username, sure that hackers still need the password, but if have to figure out the username and password, their job is much more difficult.

Step 3: Change the default administrator password

The default passwords for wireless equipment are widely known and readily available. You don’t want hackers locking you out of your own network. Use a good password, change it, and change it often.

Step 4: Enable WEP

WEP stands for Wired Equivalent Privacy, and is basically a method of encrypting the data going back and forth wirelessly so that only the intended recipient can read the data. WEP is not perfect, but it should keep out everyone but the super hacker who would need several days worth of encrypted data to break it. For small home networks, this isn’t realistic, so WEP should be fine.

Step 5: Choose your friends

All networking equipment comes with a MAC address — a number that identifies each unique piece of networking equipment. You can enter in the MAC addresses of the cards you own and that are authorized to use your wireless network. All other MAC addresses will be ignored. Again, this isn’t perfect, but it’s more than enough to dissuade the casual hacker.

So, no need to fear your neighborhood eighth-graders or other hackers. Follow the steps to make your wireless network a very unattractive alternative for would-be hackers. You will never have a totally secure network, wireless or wired, but the idea is to make it a lot harder to break into than the next guy down the street. Let him get the visit from the RIAA.