Dear User2008-11-19T11:26:30ZNorman PerelsonCopyright 2008, Norman PerelsonSPHPBLOGLive dangerously, Safely. But nowhere in the list of features do they mention that it is nowhere near 100% protection nor will they tell you that using the product will slow down your computer by up to 50% or more.
As the protection factor approaches 100% the usability of your computer approaches 0%. The only way to make your computer 100% safe from malware is to switch it off!
So, for more than a year now I have stopped using any anti-virus products. I practice self discipline when deciding what programs to trust and what web-site buttons to click on. And the only trouble that I have had during this period was when my laptop was stolen by robbers.*
However my behaviour is not reckless. I use a simple methods to stop malware from finding me a soft target.
1) Use an internet router. This acts as a firewall preventing direct attacks from the Internet. Do make sure that your wireless access is encrypted and password protected. And do not create 'demilitarized zones' in the router. If you must open a port for remote access - only do so if you understand the risk.
2) Use a good operating system. If you are using Windows, choose Vista rather than XP. (Anything earlier than XP is becoming secure through neglect by malware writers rather than inherent strength.) Any flavour of Unix/Linux or Mac OS-X is also very good,; again partly because of neglect by malware writers. Important: If using Vista, do not disable the UAC - it is there for a reason (see more about the UAC below).
3) Give any user account with administrator privileges a strong password.
and, last but not least... 4) Give your normal everyday user account 'Limited' or 'Standard' privileges. Being logged into your computer with administrator rights is nothing less than reckless. hundreds of thousands of malicious programs are on the Internet just waiting for a chance to infect your computer - but they can only affect your computer if they have the rights. While running as a standard, or limited, user, those malware programs will be forced to ask you for administrator permission.
Windows Vista is much more user-friendly when you are running as a standard user. The UAC (User Account Control) is an irritation when you are logged in as an administrator - it never asks for a password and so one gets into the habit of blindly pressing the continue button... dangerous behaviour. On the other hand, as a standard user, running in your own 'sand box', you will seldom encounter the dreaded UAC pop-up. Instead you will be comforted by the UAC asking for an administrator password when you make a mistake or if you are wanting to do something that really does require administrator privileges. There is seldom anything that requires one to log in to an administrator account.
Many computer 'power users' consider themselves to be expert enough to regularly use a user account with administrator privileges. They are missing the point. A truly experienced user will insist on being a standard user. In the Linux environment, only 'root' has administrator privileges. It is common knowledge that it is dangerous to be logged in as root, but with Windows, users do it all the time. No doubt that is because, up until Vista, one had to be logged in as an administrator to do simple tasks like install a printer. The UAC has given Windows standard users the power to perform administration with the entry of a password, similar the the sudo command in Linux.
In spite of all the benefits of being a standard user, Microsoft still installs the default user with administrator privileges. I wonder if they will fix this in Windows 7.
* They were honest robbers; I asked them to leave my laptop and they said "no, we can't do that".]]>http://dearusr.shoso.com/index.php?entry=entry081106-2315042008-11-06T00:00:00Z2008-11-06T00:00:00ZBad Old Days In the hope of finding an easier way I googled "SCO Openserver Linux file transfer" and the result I was a vivid reminder of my first encounter with SCO Unix in 1997. Unix was expensive, so, on advice from the SCO distributors I bought a single-user licence for SCO Openserver called a "Host" licence. Because I was just going to use this myself for software development, and therefore I was going to be the only user, it seemed the correct choice.
Installation of SCO Openserver was quite a challenge because half the computer hardware that was readily available was not compatible with Unix. I remember that it took a lot of effort, trial and error, and long distance telephone calls before I managed to get the system to boot for the first time.
And then, later I discovered to my disbelief that it had no way of being networked. What it could do was allow one to connect one or two dumb terminals to share the "host". Can you imagine an operating system so crippled that the only connectivity was by serial port? I was forced to upgrade to a single user Enterprise edition that added networking so that I could test my program.
Even the Enterprise version could not network with Windows computers - although for a price one could order an add-on for that 'advanced' feature. Backing up data was only possible onto 1.4 MB floppy disks or tape drives for larger capacity. CD writers were not affordable and flash drives were not invented yet, and werenot supported by the operating system in any case.
I am so glad that today I can download the latest version of Linux for free, and enjoy so much more with much less hassles. I could buy a luxury car for the price of an equivalent operating system back then.
Before you complain about some feature of your operating system that doesn't work, or having to use an obscure command to transfer a file from one computer to another, just think of how things were just 11 years ago.]]>http://dearusr.shoso.com/index.php?entry=entry080624-0626352008-06-24T00:00:00Z2008-06-24T00:00:00ZDemand! It's the right thing to do Unfortunately, for a few users I made the mistake of adding a form-feed character onto the address data. This caused an extra form feed to happen after printing each sales voucher. Users who received this bug and reported it were quickly helped to delete the extra form-feed character.
Now, seven years later, a user calls to say that their printer is feeding an extra page. I still remember this having happened long ago, but it is impossible to enter a form-feed character into the database from the keyboard, and, because of subsequent updates to the program, the easy fix that I had used long ago could no longer work. The user did not tell me that it had been like that for many years - in fact I understood that it had just started doing now. He said it worked correctly before and that nothing had been changed. Suggested that he restart the computer and switch the printer off and then on again; he said that he had done that already several times. I asked him to check that the printer was not the problem. The next day he advised me that he had swopped the printer with another one, but the problem remained the same.
After much questioning it eventually became clear that the computer had been feeding an extra page "for years". The user had been winding the paper back by hand after each sale.
I wish users would not be so easygoing. It not only makes me feel bad that they had been so long-suffering, but leaving the fault uncorrected has now made it more difficult to fix.]]>http://dearusr.shoso.com/index.php?entry=entry080607-1357472008-06-07T00:00:00Z2008-06-07T00:00:00ZMalware trap If you are a typical computer user then you are giving those evil doers plenty to be gleefull about.
For a start, most people install some sort of anti-virus software. That's a big win for the malware writers. It is, after all, giving them the satisfaction of having scared you into parting with your money for a software product that does not help you but instead slows down your computer.
There are probably millions of pieces of nasty computer code in circulation that is mostly just an irritation, and many millions more that are a constant bane on the life of most computer users. In the latter category I include animated or flashing adverts and pop-ups, as well as web pages with lots of graphics that take long to load and add to your Internet bill. Anti-virus and firewall programs - the most popular and expensive utilities - do nothing to stop that sort of malware.
In fact computer virures are almost totally extinct! Your anti-virus software, assuming that it does its job well, is scanning everything that passes through the interfaces of your computer, looking for each and every one of hundreds of thousands of extinct viruses. Your fancy firewall blocks your own usage of your network so that either you have to turn it off or you allow all the programs that you use to tunnel through your carefully installed firewall. A firewall full of holes is not likely to stop a good hacker.
But it gets worse. Many home computer users won't spend big bucks on malware protection but instead find free offerings on the web. Many of these are supposedly commercial products with free trial offers. The funny thing about these free trials is that they always find malware on your computer but often cannot remove it with the free trial version. Eish! Find another free removal tool and try that. But, unbeknown to the user, the new tool was itself malware in disguise and goodness knows what you have infected your computer with now. The situation quickly snowballs so that the only solution is to reformat your drive and reinstall your operating system.
Some of these free 'solutions' are presented with the appearance of well-known commercial anti-virus software. This can give the untrained user a false sense of comfort and trust for what is in reality just a scam. Remember - if it does not say 'Norton' then is is not Norton.
There are four ways to cope with malware: 1. Avoid it by being extremely careful. (You cannot be too paranoid.) 2. Install the best commercial protection software. (I hope you have really fast computer.) 3. Be carefree and reformat your computer when it gets too bad. (Irresponsible - you are likely to unwittingly become a 'spambot' or 'phishing' site.) 4. Use a good operating system. And use it wisely. (Tip: Do not give yourself administrator privileges.)
I choose option 4.]]>http://dearusr.shoso.com/index.php?entry=entry080603-0121082008-06-02T00:00:00Z2008-06-02T00:00:00ZInflation affects software design One such limit was reached a few months ago when price per gramme of gold jewellery exceeded R1000.00.
Then another jeweller complained that he couldn't invoice a R10M piece of jewellery. And yet another jeweller had made pre-payments to Rolex for over R10M and the creditor's age analysis overflowed with such a large negative amount.
These limits are reached every 5 to 10 years due to our ever-present inflation. I accept that without complaint.
What I cannot imagine is how any accounting software can cope in Zimbabwe with prices rising 10-fold every couple of months. Is it legal for companies there to do their accounting in US$? I suppose they could use scientific notation...]]>http://dearusr.shoso.com/index.php?entry=entry080515-2057562008-05-15T00:00:00Z2008-05-15T00:00:00ZDoing the impossible - for a fee It happens every year - auditors want to see a detailed list of inventory so that they can do some spot checks to 'prove' that it is correct. And, they want it detailed separately for each of your stores. But what if you didn't print these reports and the auditors only ask for them several months later? A report of current inventory is not good enough - it must be valid as at financial year month-end.
These detailed stock reports would run into several hundred pages and no business owner wants to 'waste' so much paper and ink, and so they conveniently forget to print the reports. That's why they email me to help get the historic reports.
I have, for some time now, been making nightly backups for most of our users who run Linux servers. The help request was from one of our overseas customers. Fortunately, this was one of our Linux users who we provide full support. I quoted a fee to recall the data from archived backups which I maintain, and extract the required reports - converted to MS Word documents.
On being given the go-ahead, the client had all the reports in their email the same day - together with an invoice for my service. For the first time, I made a profit out of the impossible request of company auditors.]]>http://dearusr.shoso.com/index.php?entry=entry080515-2046172008-05-15T00:00:00Z2008-05-15T00:00:00ZName ambiguitySystem manager 1: You spelled user georgina goergina. Isn't that wrong? System manager 2: I'm dyslexic - it's probably wrong System manager 1: Okay, I added another user, spelled georgina, now she can choose either name. System manager 2: Who? ]]>http://dearusr.shoso.com/index.php?entry=entry080408-1318222008-04-08T00:00:00Z2008-04-08T00:00:00ZCaps num-lockedUser: The computer won't accept my password Support: Is the caps lock off? User: Yes I checked that Support: Try it again User: It still doesn't work Support: Are you sure the caps lock is off? User: Yes Support: Are there any lights on on the keyboard? User: Only the middle one Support: What is that light labeled? User: The letter A Support: Press the caps lock key User: Now the light went out Support: Try the password now User: It worked
It seems that the num lock and the caps lock lights were swopped. That could confuse anyone!]]>http://dearusr.shoso.com/index.php?entry=entry080121-1728482008-01-21T00:00:00Z2008-01-21T00:00:00ZEducation wanting Is it because data stored on magnetic media, which is invisible to the human eye, is not real to these users? Or is it that they have total faith in the reliability of the system?
Actually, I should not get angry, because making backups is not a natural thing to do. We have one of each of most things - cars, cellphones and bodies for example. Our teachers at school never ever taught us to make backup copies of our school notes or homework.
We are taught from a young age that we should look after our physical possessions. We lock our homes and our school lockers. When we are older we learn about insurance for our car, our home, and our lives. We drive safely. We invest our money wisely. All these things are hammered into our psyche by commercial advertising and public service announcements. But the importance of making data backups is left to users to experience for themselves.]]>http://dearusr.shoso.com/index.php?entry=entry080118-1718422008-01-18T00:00:00Z2008-01-18T00:00:00ZRemote access rocks I was waiting for a download to finish on an Ubuntu Linux workstation and for fun I VNC'd into one of my Windows XP workstations. From the desktop of the Windows XP I VNC'd back into my Ubuntu workstation. The result was not what I first expected. It took half a minute before the screen was stable due to the recursive screen updates. But it was fun. See a full-sized screen shot in a new browser window by clicking on the image above.]]>http://dearusr.shoso.com/index.php?entry=entry071226-1858142007-12-26T00:00:00Z2007-12-26T00:00:00Z
