Implementing effective computer security

I am really surprised, how safe people feel in their daily computer work.

Whereever I hear people speaking about viruses and computer security they are quite convinced that a virus scanner is sufficient for secure computing. I can say, that I have removed a lot of viruses from a lot of PCs. Whenever I found an infected PC and ran several antivirus tools in parallel, I got different opinions of the scanners about how many and which viruses were found. If you ask real experts, you will get the answer that
  • there are differences in quality of virus scanner software and that
  • no virus scanner finds all viruses - and last but not least
  • they cannot search for all ever known viruses all the time (because this would simply take too much time - so during normal scans they usually search for the currently most common found viruses.
Running multiple virus scanners at once is usually not really an option because already just having running one, reduces performance drastically.

Apart from that you do not only have viruses. You are surfing to sites in the web that may have got infected and run spying and malicious code in addition to the original website code. A co-worker of mine got infected by a virus by surfing to his online-banking software which got hijacked by a hacker. (Of course, it was a Windows virus...).

In addition to the viruses which come with no or very few action needed to be taken by the user, hackers and spammers try to convince users (by email for example) to take more action, like sending over money or adding malicious code even to their own web pages or browsers (e.g. https://www.facebook.com/topic.php?uid=31987371885&topic=14985).

I am the first one getting angry when I see too much security. The computer is an important and powerful tool. Whenever I need to work on a machine with limited permissions, I get easily angry if something does not work just because disabled. But: Everyone should implement a little security!

On Windows the easiest is to:
  • install A virus scanner like AVG, Avast, BitDefender or other.
  • use Firefox or Chrome instead of Internet Explorer to browse the internet.
  • get the Addons Adblock Plus and NoScript. The latter can be quite annoying because of many websites not displayed well by default. While not very liked by most end users, I find it being very effective in relation to the additional work necessary. It is a good tool to avoid effects of cross-site-scripting.
  • use an E-Mail client that allows text-only display of messages. Again this might make your emails not very nicely displayed but shows you the real link (in HTML-mails the displayed link can differ from the one called when you click it) and keeps you free from a lot of typical e-mail viruses. Outlook is not the right tool at this point (no version of it). One option is Thunderbird (which I personally love because of the many options and long list of plugins available).
This paired with caution (e.g. not clicking on every link even without reading). Of course, the next level of security would be to get Linux instead of Windows, but I can understand if this is not a realistic solution for you (which applies when you are too dependent from other Windows-only software pieces). I personally found it very effective to install Ubuntu Linux at end users using Firefox with Adblock Plus and NoScript (as mentioned above).

Related posts: Why companies do not use Linux on the desktop, Going Linux.

Why companies do not use Linux on the desktop

There is a very long running discussion on LinkedIn with the headline "Why aren't more corporations using Linux as a desktop OS?" and after a while I had the feeling of the same reasons and arguments returning again and again.

So I went over all the comments again and tried to categorize the opinions (trying to filter out those who already replied earlier with same or similar arguments.

Here is the result with the 15 most mentioned reasons of not using Linux on the desktop - from the opions of the discussing people (the red ones I consider in fact being issues to be solved, my comments in italic):
  1. Slick Microsoft PR, Windows is the defacto standard or simply inherited monopoly. (18 votes)
    This is a fact, but not a reason for using Windows. If so, we would still ride on horses and don't have cars - just because horses were a monopoly for traveling (related to 11.)...
  2. Missing appropriate software on Linux (for particular needs) / Vendor Lock-in. (18 votes) - Mentioned were in detail: Branch specific, special used apps not platform independent and/or not integrated well, AD, Deployment, AS400, Sage, Meeting- and Conference-Software, Photoshop, Exchange-Integration, Smart-Phone-Integration, AutoCAD, Screen Reader, ...
    Yes, this is really an issue - and that is because the fact mentioned above in 1. and hence followed by 6. The result is that many developers and software companies still just focus on Windows.
  3. Compatibility issues Linux-Windows in software when collaborating. (13 votes) - Mentioned were in detail: MS Office vs OpenOffice/LibreOffice, some proprietary formats can't be read, Domain-Integration, Some websites are IE only, General compatibility-fears.
    The MSO vs OOL/LO issue is a really big one because many people write many documents and many people need to collaborate. There are many compatibility issues - already between different versions of Microsoft Office. The 2007 and 2010 docx, xlsx, pptx formats (yes, we have already two variants of the *x-formats) introduce a lot of possible conversion/open/save problems. I could write a long blog post just about those issues. Domain integration I do not consider important as I find the whole domain system outdated looking at current company structures (increasing cooperations between separate companies for example) and how they evolve. To develop IE-only websites nowadays is still done - although completely free of sense.
  4. Too much tech-knowhow needed (just for nerds, servers and/or for commandline junkies). (11 votes)
    In reality, if you want good work to be done, on Windows you also need much in-depth knowhow. It's just, that quite every guy or girl, spent hours in front of the computer gaming, already considers himself/herself a computer guru...
    What simply is not true is, that you need to be a commandline junkie or a nerd to use Linux. Those days are a long gone - Linux has graphical environment!

  5. People already know Windows and are simply resistant to change (and will struggle). (10 votes)
    Most people I met who showed resistance when I talked about Linux, weren't interested that much because they do not use computers that much - use it only when necessary for writing an email or surf some website. Those can be considered to be resistant to computers in general. Although even those could have a better computer experience going Linux, it's usually best to just let them continue until the next virus has biten their OS to death.
  6. Lack of awareness / Ignorance or simply decision of management. (9 votes)
    Yes, is an issue. People simple don't open their eyes. This point is somehow related to 5. I found that most people currently in management, grew up with Windows. That's simply their comfort zone and usually they are so busy and so convinced of themselves that they simply don't consider anything different. This will change over the years, when more people grow up with Macs or Linux machines. I do trust, that even without active marketing, people will notice the advantages plus their current suffering and move over slowly.
  7. (Migration) costs (get it to work, experience, train users etc). (9 votes)
    Related to 10. Of course, when considering a big change (and changing OS in a company is a big change anyway), investment is needed. I also have invested a lot of time into learning Linux, which only at the beginning is really tough until you understood some core things. And for the admins there is a lot more to learn than for the users. In my case I was so annoyed by Windows and the continuous suffering that - when I started - I was sure, it will be worth the investment - and it was! And honestly: Switching from XP to Windows 7 or from Office 2003 to 2010 is also eating a lot of money and requires additional training for the users.
  8. Missing Linux Knowhow (and not enough time to dig into it). (7 votes)
    Related to 7. Of course, in the beginning there is missing know-how. But seriously: Switching from Windows Server 2003 to Server 2008r2 also required additional know-how - even worse - you think, you know it, but then you oversee some relevant changes (like the syswow64 registry hive and separate 32-bit executables in that folder) during your first attempts. You have to struggle with the new versions because Microsoft urges you by quitting support for the older OS versions. In reality you don't even have time to dig into the new Windows details, isn't it? - New details, new problems...
  9. Hardware compatibility issues. (7 votes)
    Yes, you need to take care (which the normal default user does not - or cannot - when buying a new PC). I had problems with particular WLAN-cards, Bluetooth-adapters, sound and video cards first of all. Issue can be widely reduced by buying officially certified hardware for example (either by Canonical or the hardware vendor for example). Dell and Lenovo for example are vendors known to be very compatible with Linux (anyway you need to look at the particular model or just ask the vendor or partner of your choice). I usually recommend people: When buying, tell them that you want a Linux-compatible model - otherwise you will return it back).
  10. Less educated specialists/administrators available or cost more. (7 votes)
    Related to 7. - I am pretty sure that a real good Windows administrator will also ask more. By tendency, there are more people working in Windows environment, but total number of real specialists I think is not significantly more than in Linux world. But I understand, that this can be an issue for a medium-sized or small company just watching out for the cheap administrator around the corner.
  11. People don't want to run risks and do what the others do (using the market leader). (6 votes)
    Related to 1. Of course, if you do something new and you fail, people might argue and ask why the hack you didn't follow what the "expert" says. When you do something new then of course you make mistakes - but you will learn and get know-how. But you can do what fits for you. Doing, what the major part of others do (or recommend), you will never get, what really fits really good for your company.
  12. Better support (because you pay for the software and have a contract). (6 votes)
    This is completely wrong! You can also get payed support in open source world and a commercial company does never give you the guarantee of continued maintenance. In fact I already invested into software technologies and then the vendor discontinued the product (without selling it to somebody else - just let it die). The history of Open Office and Libre Office shows us, that open source is even the better path here. Oracle thinking of unacceptable changes? - The project was forked quasi in an instant! As long there are some folks being interested in it, it can continue to life - even if it's just you - it's your choice.
  13. Windows already there on the shipped PC. (6 votes)
    I have never ever kept the default installation on a PC - neither when I was still using Windows. In most cases it already started with partitioning that was not fitting my desires or needs. Next could be OS language or preinstalled software. And a Linux installation can be either done by a novice - it's easy (at least the Ubuntu, Mint or Fedora distributions - beside others). The only very annoying thing with a Windows preinstalled is: You already paid the license fee to Microsoft in that case and I am pretty sure, that Microsoft is not sad about it, if you overwrite your OS with Linux because: You don't consume bandwith, don't call support, don't ask stupid questions in forums etc - you pay without either asking a service for it...
  14. Too much confusion because many distros, desktop environments. (6 votes)
    Are you confused and don't know what to use? - No problem, I do recommend Ubuntu with it's default desktop - and choose the LTS version. If you don't have an idea what you might want, Ubuntu for sure won't be a bad choice. But the point is: You have the choice! People work in different ways, have different priorities and have different jobs. You might discover later that you prefer a different distribution. You may consult distrowatch.com. At this point I still find the Ubuntu distribution the most stable one (regarding the complete set of applications existing around) offering everything I need regarding features and additional packages.
  15. Windows (and apps) looks/works better, is easier to use and/or has better/more features. (6 votes)
    Simply not true. Why? Regarding the look: There are so many nice themes you can choose - for sure you will find one that you find cool. And of course you can choose a totally different desktop or window manager - there are so many around (you get an overview at wikipedia). Just combine the desktop of your choice with the theme of your choice - watch, what people do show on youtube! Finally you can either make your Ubuntu look like Windows XP or Windows 7 - watch this video. - Regarding the features: A standard Windows installation is totally barefoot and poor in relation to a standard Ubuntu installation. There isn't either Office installed by default (if you didn't buy it alltogether with MS Office included). People who find Linux has poor features sometimes think of particulare Windows software not available or running on Linux - that is more related to 2.
 Hope this helps.

Related posts: Popular Ubuntu desktop myths, Implementing effective computer security, Going Linux, Efficient desktop environment.


Efficiently following web news with RSS

As my productive machines are all running Ubuntu 10.04 where Firefox 3 is still the standard browser. It is not automatically updated due to a policy like "never change a running system". However, you can add another repository from Mozilla to get the latest stable Firefox, which I did a few weeks ago.

So I am probably one of the last persons suddenly missing the RSS feed icon at the right side of the URL location bar.

If you don't know, what RSS is: It gives you the possibility to read new blog and news site entries of different sites all from one place with the ability to track what you already read and what not - more information here.

I found this blog post telling that it got removed with Firefox 4 because only 3 percent of users ever clicked on that icon! - That is crazy! Are there still people surfing manually from one interesting page to the next? - I simply can't believe that!

Although I have upgraded to the latest Firefox already a while ago, I only now noticed the missing RSS button. I think, it is because I already have a quite stable set of feeds I read which does not change a lot any more. Maybe this is a reason for the 3 % statistics mentioned above...

Without RSS feeds I wouldn't be able to follow recent news in my areas of interest. There is so much news published on the internet and there is so few time to read. Without RSS feeds I couldn't get over the massive amount and read just the most important (and really new) information.

With the rising amount of smart phones I find it even more important to have RSS feeds as surfing the web on the smart phone is just annoying.

For all others, missing the RSS feed icon: It's now under Bookmarks -> "Subscribe to this page". You can get back the button by adding it to the toolbar (right-click into a free area on a toolbar and choose "Customize..." - there you find the RSS button which you can drag somewhere onto your toolbars).

Here is my way how I keep up-to-date:
  1. I select sites (Blogs, News-Sites, Forums etc) that publish good content in areas of my interests.
  2. I subscribe to those sites via RSS (clicking the Feedly RSS button) - Feedly is my favorite RSS reader.
  3. Then I categorize the feeds into Computer, Linux, Development, News, Science etc so that I can read news by category when I don't have time to go through all.
  4. Since having an Android smart phone I usually go fast through the headlines by starting the Google Reader Android app Feedly app while on bus or tramway - or waiting somewhere. I star/mark those items I want to read more in detail later or where I want to do more searching on the net for the topic - or if I want to comment later on a particular blog post.
  5. When back on one of my laptops or desktop I go to Google Reader site click the Feedly-button again and switch to starred/read-later items - as the feeds are synced with my smart phone and across different machines whatever has been set to read or marked with a star is the same status on all machines automatically. When I am done with what I wanted to do, I remove the star and done.
Even if you an artist, teacher, plumber or other profession - no matter, there are plenty of sites that might be worth watching. Don't waste time by continuesly surfing from one site to the next where you can't see immediately what you already read and what not!

Related post: Mobile phone situation, Firefox and RSS feeds in Google Reader, Why RSS Feeds and alternatives to Google Reader.


Outlook 2010 Meeting requests

It's been months now that I (have to) deal more intensively with Windows world now. Although you might know that I prefer my Ubuntu desktop over Windows I am not one of the "fan boys" ignoring people's or business needs. Honestly, nobody can accuse me of being ignorant on any of both worlds. And honestly, I cannot recommend anybody to go with Microsoft and Windows as a long-term strategy.

One of the recent changes introduced with Outlook 2010 I want to share with you today:
Imagine, you are using Outlook and create a calendar entry. You want to invite a customer, partner, supplier etc - an external person at another company - to this event. You may further enter some agenda or other information before sending the meeting request. So far so good.

In the past it was known that not all e-mail clients or collaboration suites do support meeting requests. There has been an independent standard defined for sending and receiving meeting requests - it's the ICS format. Even Outlook learned to use that format!

Anyway, not every client is supporting this. Before Outlook 2010 Outlook always sent the meeting information as text also (as by the way all/most other mail-clients and collaboration do also).

With Outlook 2010 they removed the event information as text which might lead to the effect that your invited persons never notice that you wanted them to invite to a meeting. The meeting information is simply missing in the email!

I noticed that just because Thunderbird does not read .ics attachments if Lightning is not installed. Only after installing the addon you get the meeting information displayed. I really don't understand why one line of appointment information text is too much to expect...

Related posts: Outlook Calendar Meetings, Maintaining multiple calendars.