Thursday, May 14, 2009

The 2009 Ars USB flash drive roundup

Shopping for a USB flash / thumb drive?  Ars Technica, one of the better online technical news sites, has completed a review of several, most in the 8 - 16 GB range.  The review is a bit apples to oranges, in that it reviews drives of different storage sizes (and storage size has an impact on performance due to its effect on what underlying electronic components are used).  It also doesn't delve far into the technical details that affect that performance.  But for most people, this review is probably quite adequate, and the reader can walk away with some simple choices.

Small wonders: the 2009 Ars USB flash drive roundup

http://arstechnica.com/hardware/news/2009/05/usb-flash-drive-roundup.ars
Posted by at No comments:

Monday, March 23, 2009

Microsoft's internal file copying utility

Need more advanced control over file copying under Windows?  Microsoft has made available their in-house utility that was formerly restricted to internal use.  Copy files with advanced control, pause and resume copies, and copy with greater speed.

The installation process is somewhat annoying, using a custom program -- that writes to the registry -- to unpackage the downloaded file in the the installer and supporting files.  Once you've done that, read the readme.txt file to get started.

LifeHacker article

Microsoft Technet article


Posted by at No comments:

Wednesday, March 11, 2009

Constructing PDF files for free

PDF files remain enormously useful for distributing both text and graphics in a universal and freely accessible format.  However, many people either don't know how to construct them or believe that expensive proprietary software is necessary.

More and more programs provide the ability to "export" or "save as" their content to the PDF format.  Recent versions of Microsoft Word do this.  The open source and freely available "office suite", OpenOffice, also provides the functionality -- it did so ahead of Word, perhaps providing some impetus for the latter's feature addition.  In fact, OpenOffice now offers a limited ability to import text from a PDF file so that it can be edited.

Further, there are a number of programs and utilities that allow for the construction of PDF files from disparate sources, especially via separate PDF files constructed by those sources.  One convenient and freely available program for doing this on Windows is PDFTK Builder.

PDFTK Builder can read individual pages or page ranges from multiple PDF files and combine them into a single, separate PDF file.  It can also perform some other straightforward tasks:  Splitting files, applying a background stamp to pages (e.g. a ghosted "Confidential" or copyright notice), rotating pages, and applying password protection against unwanted uses of file contents.

PDFTK Builder is a graphical front end to the command line toolkit PDFTK.  As is not infrequently the case with free and open source programs, the core functionality provides an interface that is lean in design.  The same development team or another one may separately create a graphic interface that packages that core functionality inside a prettier front end.

As an example of how all this can work, I recently needed to construct an announcement for a client's upcoming workshop.  The workshop had a flyer, and the presenter had a separate brochure describing their work.  An electronic version of that brochure was not available, making combining the elements a bit more interesting.  The client needed the announcement and the brochure to be held together, so that recipients didn't end up referring to the brochure and missing differing contact information that applied for the workshop.

I placed the flyer text into OpenOffice and then exported that to a PDF file.  For the brochure, I scanned it and tweaked the scans to reach a good compromise between image size and quality.  I then used the freely available and well regarded Irfanview graphics browser to "save as" those scans into two more PDF files.  Finally, I used to PDFTK Builder to combine the flyer and the brochure scans into a single, three page PDF file, reading each in from the separate PDF files I'd already created.

The result was a single PDF file carrying both the announcement and the brochure, and I was able to construct it in minutes while keeping my wallet in my pocket.  I don't mind paying for items that are of value to me, but I'm not going to pay several hundred dollars for a commercial program to create a single PDF file.  I had another option.  And now, so do you.


Posted by at No comments:

Friday, March 6, 2009

A personal limitation: Just try it

My previous post described frustration with the posting process and all the bits of knowledge one needs to accumulate to make it work.  That knowledge is often not laid out clearly and concisely nor in one location.

However, the frustration this causes also reflects what is perhaps a personal limitation.  I tend to be very cautious, and afraid of "breaking" something or exposing a security risk.  There are times when this has served me well, but at other times it does seem largely to get in the way.

In terms of blog posts, well, there is an "Add image" toolbar button here in Scribefire (once you hover over it and happen to catch its tooltip).  Instead of pissing and moaning further, I could simply try it and see what happens.  It's not as if I need reference top secret material.

Well, trying this and selecting the option to upload a file from my computer, I find that Scribefire gets a 404 response when trying to use the blog's (Blogspot) API, and hangs indefinitely when trying to use the other choice:  FTP.  In lieu of solving these problems, I'm left with one other ready option, which is to repeat the whole "Picasa Web" experience for this Google account, emailing myself the photo, and then trying the "link to image on the web" option that is also available in Scribefire.



Well, that appears to have worked. However, the Scribefire "rich text" authoring form gives no hint of the image's presence. Preview shows only a faint "broken image" icon which appears to be at the end of the post -- but, as I inserted the image at the end of the draft, this may reflect the final/actual location within the post.

It's only by viewing the HTML authoring form within Scribefire that I can confirm that the img tag is present.

Why do basic tasks like this continue to be so difficult and/or opaque?

I suppose I should try the free Microsoft post editor that has been receiving such favorable comments.  But I just can't bring myself to trust MS particularly with regard to long term availability of / accessibility to the product.  And it's yet more semi-arbitrary interface to learn.

Addendum:  Looking further, it appears that perhaps the "Link to this Photo" address provided by Picasa Web is a link to the photo's "page", rather than to the photo itself.  By looking at the URL's provided within the proferred "Embed image" HTML, I find a URL that appears to directly address the photo.  Trying that URL in the Scribefire "Add an Image" functionality yields the following:



Ah, that actually displays, including in the "rich text" authoring form.

So, "just trying it".  And keep trying, until you find something that works.

Never mind the frustration.  ;-)

(And just don't try to do it at the last minute, when you don't have time to figure things out for yourself.)


Posted by at No comments:

Composing blog posts; another hindrance

I've settled on Scribefire -- a Firefox extension -- as the best post editor of the lot that I've tried.  But I don't know it too well, nor much about composing blog-formatted posts.  I realized, in composing my previous entries, that this was limiting me.  In particular, a few screenshots would serve quite well, but I haven't worked out how to add them.  And to format them.

Can they go directly into the blogspot blog and storage?  That appears to be an option, in some cases.  Do I have to upload and host them somewhere, then linking to them?  If so, where, and what choice do I make to help ensure long term stability?

Picasa might seem an apt choice, since it is another Google property and is probably not going anywhere.  But Google tries very hard to make you install the full Picasa client onto your system.  I've found that most if not all locally installed Google applications -- as opposed to those used solely through the web browser -- exhibit obnoxious behavior.  They install and try to insist upon the Google Updater program, which sucks up system resources and slams through upgrades with no warning.  The programs upgrade themselves without warning nor control over the update process, and hook deeply enough into the host system that a reboot can be more or less essential.  They start scanning and indexing things without prompting; their behavior can only be altered, if at all, after the fact.

Finally, for Picasa, what does one do if one accesses multiple Google accounts including multiple Picasa accounts?

I needed to post some family photos recently, and I decided -- partly to avoid intersecting with other photo hosting that I've set up -- to give Picasa a try.  After a fair amount of Googling around for utilities and API information, I found that the one option for uploading photos to a Picasa Web (as they call it) account without installing the Picasa client software, is a recently added feature that allows Picasa Web to accept photos emailed to an account-specific, "secret" email address.

As a significant benefit, attempting to select multiple files at once for attachment, in gmail, actually worked.   I hadn't had too much expectation that it would.  I learned later that this multiple selection support is a recent addition to gmail.  I could add a reasonable number of pictures with a single email.

An added trick is not to wait for the draft email message to load all the selected files:  When you send the email, they are all uploaded again.  Instead, click "Send" right after adding the files via the file selection dialog box; any portion of the files not already uploaded before you click "Send" will only be uploaded once, instead of twice.

Actually, a "web upload" option was described, but when I accessed my Picasa Web account, the described control was not present.  Perhaps because it was a new account that did not have any albums set up.  But neither were their controls enabling the web client to create an album.  All very frustrating.  The email process deposited the first set of attached photos into a default "dropbucket" (or similarly named; I forget).  Once photos were in this default location, I could use the web interface to move them to a new album.

All very frustrating.  And that is a good part of my point, if any, behind describing this as a part of the hindrance to blogging.  You want to do photos?  It's possible, but every stage of the process seems to have poor documentation and limitations, whether intensional or merely short sighted.  It's not another account name and password to remember.  It's worse:  A whole set of ill-defined procedures that are platform-specific.

Some people seem to thrive on such random detail (the basic flow may make some sense, but the implementation details and their corresponding evocations are quasi-random -- arbitrary, at least).  For me, it's yet another set of arbitrary specifics, and my brain started subconsciously but seemingly quite specifically tuning those out somewhere in my 30's.

So, I'd like to author "better" posts.  But I'm bored to death with piddling details of the posting process.

Posted by at No comments:

Breaking the hiatus

This is not a particularly tech-centered post.  In fact, on a broader level, I've been debating what blogs to create and what items to post there.  I have both practical and/or technical comments to make, and philosophical ramblings (sorry) to, err, spam about?  But, I get overwhelmed by too much detail, particularly when it serves a purpose not intrinsic to myself, such as separating my angstful self from my more helpful and publicly presentable self.  Where do I draw the line?  How do I remember all the fricking accounts and passwords?  (Well, hopefully I've already answered the latter, a bit.)

The purpose of the post is to hopefully simply break up the overall blogging logjam that I've been experiencing.  It will hardly be the only such jam.  So, is a post such as this merely a part of the symptom rather than the solution?  It doesn't really matter.  It gets ink on paper, or electrons on to screens.  That is its purpose.  Sometimes, simpler is better.

Posted by at No comments:

Tuesday, January 27, 2009

Safely store your passwords (Windows; some support for Mac and Linux)

The KeePass application is one of the better options for safely storing password (and account) information on a Windows computer.  There is also some support for Mac and Linux, but I have not tried these versions.

For programs that use encryption, "open source" distribution becomes a serious consideration.  Only through examination of the source code, and with the ability to independently build the application from that source code, can the user (or expert, on behalf of the user) easily determine that the program is safe and does what it described as doing.

Here's the URL:

http://keepass.info/
Posted by at No comments:

A new way to blog

During the course of writing my entry on Abiword's Vi mode, I became rather frustrated with the way the Blogger built-in / online editor managed the configuration file "code" examples.  First, I needed to experiment to identify an HTML entity that would wrap the entries without being changed by Blogger.  Then, I found that whenever I previewed the entry and returned to editing, Blogger would remove one leading space from each line of those entries.  Even when I used the HTML entity for a non-breaking space, Blogger would not respect the indentation; it converted those to regular spaces and removed a leading space from each line.

I'd looked into alternative post editing clients previously, but I'd not managed to sort through the detail, spread around in various locations, to make a choice.  I returned to the task today, and I identified four candidates.  Although it was not initially at the top of my list.

Scribefire is being used to write this post.  User feedback and "looking around" convinced me that it was good enough and also that it does not pose any immediate security risk.  (To be more proactively certain of safety, I changed my Google/Blogger password before beginning to use it.)  A major reason for starting with it is that it is a Firefox extension.  The installation was therefore much less involved.

The other candidates are below.  I may comment on them in the future, as I try them.
  • Windows Live Writer -- I know, I know.  But it really does get favorable comments online.  I am considering a portable installation, which would be a bit more involved (not a lot).
  • Zoundry Raven.  It appears to be pretty full featured, although this now dated comment describes it as not being as full featured as Windows Live Writer.
  • w.bloggar.  It appears to be a bit further behind, was last updated at the end of 2007, and has a preference for Internet Explorer (version 4.03 supports IE) over Firefox (stuck on version 4.02).  However, it seems to have a good spirit.  It is also what the Zoundry Raven folks describe using before they developed their own product.
The candidates I chose are all available as free / donation products (although one should keep in mind that Microsoft has a habit of "taking things away").  For starters, until I am more comfortable with blogging, I'm not ready to spend $30 - $50 on a commercial product.  I found most of them before finding this summary listing that identifies a number of such free products.

Blogger itself has a list of complimentary software.  However, it appears to be rather outdated and not maintained.
Posted by at No comments:

Thursday, January 22, 2009

Ditto: Use a clipboard manager to hold and search prior copies

I get very frustrated with manual, repetitive processes that slow my actual work progress (the process isn't the goal) while making me behave like a robot.  One such process is the assembling of multiple pieces of information.  Windows has a "clipboard" that you can copy to and paste from, but it only holds one item at a time.  If you have several items to copy, this leads to repeated context switching as you grab one item, move to where you want to paste it, switch back for the next item... ad naseum.  Further, if you want to locate an item you copied some time previously, you have to return to the source (or the pasted location) and manually relocate it.

A little used but -- amongst its users -- wildly popular type of utility application is the clipboard manager.  What these do, in essence, is record their own record of each Copy or Cut action for future reference.  You can copy several items in succession, then move to a target document and paste them in one after another, recall each item quickly from the clipboard manager's memory.  Typically, the clipboard manager will have a hotkey combination to quickly pull it up and an interface that facilitates its rapid use.

Although I haven't used it, I understand that one of the most popular commercial clipboard managers is ClipMate.  However, for my use I have found the open source manager Ditto to meet my needs admirably.

Ditto can be run only as needed, or set to start up with Windows.  It can be installed or run as a portable application.  When activated, it records every Copy or Cut action to an internal database.  That database is implemented in SQLite, a very highly regarded lightweight database.  This means that Ditto can hold and search several hundred records very rapidly.

To extract the record of a previous Copy or Cut action from Ditto, you type the hotkey combination to invoke Ditto -- by default, this is Control-` (control plus the backtick key that typically appears above the Tab key on U.S. keyboards).  Ditto produces a list of previous Copy's and Cut's.  The first ten items are associated with a digit; you can immediately select one by just typing that digit.  You can also scroll through the list with mouse or keyboard, and double click or press the Enter key to select the desired item.  For formatted text items, you can obtain a plain text version (with the formatting stripped) by pressing Shift-Enter instead of Enter.

One thing that makes Ditto very powerful is its integrated search.  After invoking Ditto, if you start typing, focus moves to the search box and the listed contents are immediate reduced to those items containing, in their title or in the clip contents itself (when the two differ), the search term.  If your search term begins with a number, press Tab first to manually shift focus from the list to the search box.

In practice, this means that if you remember a portion of an item that you copied some days ago, typing in that portion will likely expose that copy almost immediately and with minimal effort.  The search function also works with wildcards, so that e.g. a search term of "http*" will list all the URL's that you've copied.

Ditto is very configurable.  You can specify the maximum number of clips it will retain, or the number of days to retain unused clips, or a maximum database size.   Hotkeys are configurable.  You can even share clips over a network connection, although I've never tried that.

Ditto appears now to know at least something about Copy actions that other applications flag as containing passwords.  Where this protocol is observed, Ditto will ignore such Copy actions, keeping those passwords from ending up exposed in its database.  This is a real comfort when working with a password manager such as KeePass.

However, as the user you do bear responsibility for remembering that you have a clipboard manager active and that clips can end up in the manager that you do do not want others to see.  You should make sure that Ditto respects the privacy of passwords if you copy them from a password manager.   Ditto can also be temporarily disconnected from the clipboard while you copy sensitive items, so that those items don't end up in its database.

As a precaution, I recommend scanning the full contents of the Ditto list/database occasionally, especially when you are first starting to use it, to make sure that no risky nor embarrassing items have been captures.  If they have, you can selectively delete those items with a click or a keystroke.

It addition to retaining Copy and Cut clips, Ditto can serve quite conveniently as a means of rapidly accessing commonly used items.  Individual items can be flagged so that they are never deleted.  You can then rapidly pull them up with a hotkey or the search facility, either for reference or for pasting.  If you have an address you type commonly, or a salutation, or a few phone numbers that you are constantly looking up, you can put them in Ditto where they are just a keystroke or a few away.  And they don't clutter up your screen or your desk with notes.

Ditto can rapidly become one of your most often used utilities.  And while I've found it very stable, it is possible for the database to become corrupted.  You may wish to add it to your backup routine, to ensure that you don't lose all those items at your fingertips.

Ditto supports a number of clipboard formats, but not all.  When an item is copied or cut to the clipboard, it is identified as having a certain format.  Actually, many applications simultaneously place multiple format versions of a copy onto the clipboard, from which the pasting application can chose.  You may find some formats that Ditto does not support; however, for most everyday copying, it works just fine.

Some copies do not place the contents onto the clipboard; instead, they place a reference.  Then the pasting application can use the reference to directly request a copy of the data from the application being copied from.  These references may not work when Ditto is used as an intermediary.  Again, this is not too common in the Windows world, but once in a while you may come across it.

When you copy or move files using the clipboard, Ditto does not retain copies of those files.  Instead, it gains text records describing the these actions.

With regard to clipboard formats, I'm no expert, but the above paragraphs reflect my understanding of some situations in which Ditto may not perform as expected.

Finally, Ditto is a pop-up application.  It occasionally has a bit of trouble with application focus.  In particular, sometimes double clicking a list item or pressing Enter will not trigger the Ditto window to close.  The item will be selected and moved to the top of the list, meaning it has been placed on the Windows clipboard.  In these cases, you can get the Ditto window to disappear by pressing the Escape key (Esc).  You can then proceed to paste as expected.

If you open Ditto and then decide you don't wish to make a selection, either click outside its window or press Escape.

There are more features and tricks, but that should be enough to get you started and to avoid the most obvious points of confusion.

Posted by at No comments:

Thoroughly disabling AutoRun

Prescript: You should definitely back up the registry before attempting manual changes, such as the one described below. For two reasons: 1) In case your editing is not valid and hinders or cripples your machine; 2) In case you want to undo your changes in the future.

For the latter, you may not want to reapply the registry backup, particularly if some time has passed; you would lose all the subsequent registry changes. But you, or a professional, can use the back up as a reference when selectively removing registry changes.

----------

From an email I sent to a family member. Useful information.

The Windows AutoRun feature -- which automatically runs programs (desired or not) when you insert removable media, whether CD, DVD, USB drive, or similar -- is apparently difficult to disable thoroughly, from a conceptual perspective. This article describes how to do so. You have to decide whether you want to; however, for myself, I find the risk and/or annoyance outweighs the AutoRun convenience. For example, one time I inserted a music CD, to suddenly find the computer grinding away. Apparently, the CD had copy protection software that was trying to install itself. I'd forgotten to hold down the shift key while inserting, which is supposed to disable AutoRun on a case by case basis (this article doesn't discuss the Shift key feature, or whether it works in all cases; probably not, given that it describes how AutoRun can fire up not just on insert, but when you open something, even a directory, on the removable media).

If you have AutoRun disabled, you can always open up autorun.inf on the removable media to see what it would have run, e.g. what the set up program is on an installation disk.

----

http://www.windowssecrets.com/2007/11/08/02-One-quick-trick-prevents-Autorun-attacks


Top Story, November 8, 2007
One quick trick prevents AutoRun attacks

By Scott Dunn
Posted by at No comments:

Monday, January 19, 2009

Vi (and Emacs) key bindings in the Abiword word processor

As a long time occasional user of the programmer's editor, Vi, I have found its modal nature (you edit using two (actually, three) modes: command mode and input mode) very convenient, once I become (re)accommodated to it. I wondered whether any word processors supported a Vi-compatible input mode.

Some googling revealed that the open source word processor, Abiword, has a limited Vi input mode. However, the instructions for enabling it were not clear; I found partial information on several websites, and I also found several comments from frustrated users who could not get the instructions to work for them.

To enable the Vi input mode, one needs to edit their AbiWord installation's file "AbiWord.Profile". However, the exact editing that will work is quite particular. In experimenting, it is apparent to me that AbiWord.Profile is rewritten each time AbiWord exits. Edits to the file that do not fit AbiWord's expectations are not written out when this rewriting occurs. In one set of comments, users indicated that when they deleted AbiWord.Profile, causing AbiWord to generate a fresh copy upon startup, their edits and the desired effects of those edits then worked as expected and persisted. I've not tried doing this, yet, and so cannot speak to it.

I did manage to get the Vi input mode working for myself. I am using Windows XP. Under XP, the file "AbiWord.Profile" is located under "\Documents and Settings\[user id]\AbiSuite" where [user id] is the name of the Windows XP account that you are using.

Within AbiWord.Profile, make the following changes:

Leave the element "Select" alone; don't change it. It will look more or less like this:


<Select
   scheme="_custom_"
   autosaveprefs="1"
   useenvlocale="1"
/>


Note that if you attempt to comment out element "Select" (to leave it in the file for future reference) while entering your own version of the element, the commented out version will be removed when AbiWord next rewrites the file.

Next, in the element "Scheme" as shown below:


<Scheme
   name="_custom_"
   ZoomPercentage="144"
   />


Add the attribute KeyBindingsCycle="1". The revised element will look like this:

<Scheme
   name="_custom_"
   ZoomPercentage="144"
   KeyBindingsCycle="1"
   />


Save the file. When you next run AbiWord, the key "F12" will cycle between the three available input modes: "default", "viEdit", and "emacs". If you exit AbiWord while in "viEdit" or "emacs" modes, AbiWord.Profile will be rewritten to include the mode you were in at the time you exited. For example, if you exit while in viEdit, element "Scheme" will be updated to include attribute KeyBindings="viEdit", like so:

<Scheme
   name="_custom_"
   KeyBindings="viEdit"
   ZoomPercentage="144"
   KeyBindingsCycle="1"
   />
This information is current for AbiWord version 2.6.6 for Windows XP (installation file "abiword-setup-2.6.6.exe").

Here are some of the resources I referenced while figuring this out:

http://linuxmafia.com/faq/Apps/abiword-vi-mode.html

http://www.jukie.net/~bart/blog/tag/vi

http://www.abiword.org/mailinglists/abiword-user/2003/Mar/0023.html

http://www.abisource.com/wiki/FaqEditorBindings

http://www.abisource.com/wiki/KeyBindings

http://www.abisource.com/support/faq/
Posted by at 1 comment:

Thursday, January 8, 2009

Free Security Software, Part 1

I hesitate to start this post, because there is potentially so much detail involved.  Further, I'm not an expert.  However, in taking care of myself as well as answering some questions for family and a friend or two, I've accumulated some useful knowledge and resources.

You need security software.  No, it's not perfect, and it can slow your machine down somewhat.   Nonetheless, it provides some much needed protection.  News articles I've seen that reference recent security studies, state that an unprotected Windows computer that is connected to a broadband Internet connection becomes infected on average in under 10 minutes.

A straight-forward and reliable option is to purchase security software from one of the major vendors, e.g. McAfee or Norton.  These products work well, are fairly straightforward to use, and update themselves with minimal maintenance required from the user.

There are times though when an alternative may be desired or needed.  You may be entitled to software as part of your broadband Internet service.  You may have difficulty with the license fees.  Or you may resent the way the commercial products are difficult to uninstall and try to pump you for license renewal fees, upgrades, and the like in aggressive fashion.

Whatever the case, I myself have found myself needing alternatives, and I've had a number of people ask for the same information.  Here's a brief summary of what I've encountered.


"Free" and Easy Peasy

Do you have broadband Internet at home?  Is it from a major provider, e.g. Comcast, AT&T, or similar?  Very likely, your broadband subscription includes a subscription to a security software package from one of the major vendors.  Although I'm not using it at the moment, as a Comcast subscriber I'm eligible for a subscription to... McAfee, I think it was, the last time I checked.  My parents are now on AT&T, and I just helped them install an AT&T-provided McAfee security suite.  If you have a different provider, check.  The packages offered seem to be from quality brands, and you've already paid for it.

For the AT&T-provided McAfee, installation involved first visiting the Yahoo partner website and signing on with the AT&T account credentials.  You then need to navigate to a downloads area, where their is an option to download the security software.  When the option is chosen, the web site presents you with a license code to be used when installing the software.   After noting the code, you can proceed to download the installation package.

After it downloads, you run the downloaded installer.  It prompts for the license code; once the code is entered, installation proceeds.

Once the security software is installed, it will automatically download updates on a scheduled basis.


Caveats

Sometimes there is trouble during the installation process.  The problem I read most about is that of conflicts between different brands of security software.  For example, I already had security software installed when I tried to add the Avast product to the mix -- sometimes particular products will co-exist without problem.  After Avast installed and I rebooted, my computer locked up and refused to complete booting.  I was able to use Windows "Safe Mode" to undo this, but a typical user might become stuck and this point with a non-functioning machine.

In general, it's best not to combine products of the same type from different vendors.  If you already have a product installed, and you are going to switch to whatever your Internet service provider (ISP) offers, it's best to uninstall the old product before installing the new one.

Keep in mind that once you uninstall the old product, you may have no active protection.  So, if possible it is best to first download the new product.  Then physically disconnect your machine from the Internet.  Uninstall the old security software, then run the installation program for the new software.  Once the new software is in place and running, reconnect your machine to the Internet.

Be careful of products that only download a "front end" installer but then need an active Internet connection during installation in order to download the rest of the product.  If you have one of these, you can't disconnect your Internet connection.  Try to uninstall the old product and install the new product quickly, leaving yourself exposed for as little time as possible.

As soon as the new security software is installed and you are again connected to the Internet, run the software's update feature.  There will likely be numerous updates for it that were created after the date when the installer was generated.

Once  the security software is updated, it's a good idea to run a full scan to make sure that your system is clean.


Free, but more work

If you don't have access to a commercial package, you can assemble a security suite out of free (for non-commercial use) products.  Some offer a complete suite; others serve only one or two functions and need to be combined with other products in order to build up more comprehensive protection.

Personally, I'm using Comodo's Firewall Pro for my software firewall:


For anti-virus and anti-spyware, I've been using AVG versions 7.5 .  Note that this version of AVG anti-spyware has reached its formal end-of-life.  The current version, 8.0, combines the two products into a single product.  The free version does not offer all of the features of the paid versions; in particular, it provides less pro-active scanning.  If you know what you are doing and are careful, this may be sufficient.  There is still some pro-active scanning, and you can always manually initiate a system scan.


When I had particular concern about making sure my system is clean from spyware, I added the "free" version of Spyware Doctor that is available via Google's software bundling service, Google Pack.  There are actually two free versions of Spyware Doctor.  The version from the Spyware Doctor site will scan but not remove threats.  The version from Google Pack will not pro-actively scan, for example when you download a file.  But it will do a manually-initiated system scan just fine, and it is capable of removing any threats that it finds.

Be careful about allowing Google Pack to install other software.  You can limit it to only installing the portions of the "Pack" that you want.  Pack seems to be very aggressive about taking control of the things that it installs.  I'd recommend limiting it to just Spyware Doctor.


PC Tools, the company that makes Spyware Doctor, also offers a "more modern" scanning program that attempts to identify threats based on their ongoing behavior rather than just a signature identified by a scan.  That tool, ThreatFire, also has a free edition available directly from PC Tools.  If used, it should be used in conjunction with a regular anti-spyware scanner and not by itself.  It's better at identifying ongoing malicious behavior, but its traditional scanning capabilities are too limited to be solely relied upon.


Finally, when Spyware Doctor was complaining about a file that AVG had no problem with, I located and added AntiMalwareBytes to the mix.  It was described online as being one of the few products that was fully effective against the problem that Spyware Doctor thought I had.  Further, it was described as being able to deal successfully with a number of threats that other security software packages failed against.



There are other high quality free products, but I have less familiarity with them.  Two in particular that I see mentioned consistently are Avira and Avast.




There are a number of resources for researching this software product category.  I've listed some at the bottom of this entry.


TANSTAAFL (No Free Lunch)

TANSTAAFL is the acronym for "There ain't no such thing as a free lunch."  The phrase was popularized particularly in Robert Heinlein's science fiction classic The Moon Is a Harsh Mistress.

The "free" products still require development and support.  They are free "for non-commercial use".  Typically, the company involved also sells commercial subscriptions and lives partly from this.  But if their income is not sufficient, the product will decline and they may go out of business.  If you use one of these products regularly, you should consider purchasing a license to support its continued development and support.

Further, in doing so, you allow the product to continue to be available to those who cannot afford or obtain a license.  Since the Internet is one big intersection, this benefits you and others indirectly by ensuring that more of the machines that you interact with, or that interact with the sites you use and rely on, are clean from infection.  With malware thus limited, the system works better for everyone.

If you purchase a license, you do want to be sure you are accessing the legitimate website for the company/product involved, and that the transaction is secure.  That topic is outside the scope of this blog entry, but I wanted to caution those unfamiliar with web purchases against making them when they are not sure it's safe.


Resources






Posted by at No comments:

Let the data dump begin

Over both the short and the long term, I've been providing advice to friends as well as accumulating a store of knowledge for my own use.  Recently, I've experienced an uptick in requests for my advice.  I've also found myself wishing for a better record of some of the items I've previously encountered.  Enter this blog.

As an opening, I'll mention that in order to be able to edit the blog concurrently while also maintaining my normal browsing habits, I downloaded and installed Google's new browser, Chrome.  In particular, Google does not allow a user to access more than one Google account simultaneously from within a traditional browser.  I view this as a shortcoming of their offer.  Running a second browser gets around this, as it maintains a second, independent set of data and credentials.  Further, with Chrome, each tab has its own process.  I believe this allows Chrome to access more than one Google account at a time, as the data and credentials are separate for the separate tab processes.

The Chrome installation and behavior, however, I found disappointing.  At the start, rather than downloading the entire installation package, I was limited to downloading an on-line installer.  Running the installer, I found that it proceeds by installing the Google Updater.  Something I'd acquired in the past via Google Pack and blocked from loading on boot when it kept annoying me including with its resource consumption.

Perhaps most concerning, though, was to encounter all the warnings from my software firewall and security package, alerting me to just now deeply and pervasively Chrome was apparently hooking itself into my system.  Most software installations, including both Firefox and Opera, do not produce such warnings.  Perhaps it is simply that Chrome is not yet part of the security software's database of recognized software, but the details looked more pervasive.
Posted by at No comments:
Subscribe to: Posts (Atom)