Posts Tagged ‘windows’

VMs: Best of Both Worlds

Thursday 16 January 2014 2 comments

I admit it: I really get more work done on Windows 7, so that’s what I run on my primary machines. The integration with the hardware simply cannot be matched in Linux and it’s almost boring how things keep working so well without a bunch of tweaking. Most Linux users are constantly tweaking their systems, in part trying to resolve long-term issues. Were I facing a higher threat context, I would probably run Linux on the metal, but it simply does not work as well.

Instead, I run virtual machines. I keep Debian Wheezy on VMWare and I also have XP Mode for stuff that doesn’t work on Win7.

The latest VMWare Player (free version) does a really good job of making Debian easy to install. It correctly identifies the installer CD and may offer to install the tools for you right away. Don’t; wait until you get Debian installed. The menu on VMWare Player allows you to add the tools later. What happens is that it mounts the tools as a virtual CD, typically at /media/cdrom/. You can’t run it from there; you have to copy those files somewhere within the file system of the running Debian VM. I used /opt/. There, you can unzip the untar the files and run the installer logged in as root.

Basically the command is perl — you pretty much need only accept all the defaults for every question it will ask you. Then log out and log back into your user account; this will restart X with all the drivers.

This allows you to integrate it more fully into your Windows desktop and add permissions on your Win7 system folders and files for Debian to read and write. Frankly, the primary value is being able to run the weird networking stuff Linux offers and all the security. Your running Debian VM is just as secure as Debian stand-alone from viruses and malware. I know a few folks who do all their surfing and email on a Linux VM to protect their Win7 desktop system. The one thing you simply cannot get is the Linux X-server mouse behavior using mouse-paste.

I still recommend folks installing Debian if they can get by without a full-blown Windows installation. If your system has enough horsepower, go ahead and install VMWare on Debian and run XP or whatever version you need for Windows stuff. If you are just surfing the Net and doing simple stuff, that should work. Still some hardware is just not compatible with Linux and if you do any significant real work with specialized software, sometimes Linux won’t do it for you.

Make up your own mind, but don’t ignore the possibilities.

Addendum: I should have noted the laptop runs Debian Wheezy as before. There are too many factors I can’t control when I take that thing somewhere and try to use wifi connections I can find.

Tool Shed 6

Tuesday 7 January 2014 2 comments

Despite my years of tinkering with Linux, I find the printing framework (CUPS) still lags what you can get on Windows or Mac. Most people might never notice the difference, but when I need something out of the ordinary, I can’t do it on Linux. We all know that while some printer manufacturers do turn out nice drivers for CUPS, they never go beyond the driver itself by providing the rich software controls with their own packaged drivers for Windows. On the other hand, you also don’t have to worry about running those huge, fat printer control packages on Linux that bog down your Windows computer. Still, I sometimes need what Linux will probably never provide in terms of printed product. That most of the world is quickly abandoning paper output means this will become irrelevant soon enough, but for now, I have to run Windows for some things.

The headache of running Windows is that it remains unsecured by design. It’s not as if you can’t make Windows pretty tight against most malware, but doing so has always been the domain of serious and secretive MS engineers and expensively trained technicians. There are a wealth of policy tools built into the professional grade versions of Windows used in many corporate networks, but they are obscure and challenging to implement. Most of these are very sensible and really should be set by default, but MS is all about convenience and lowest-common-denominator. Your Home Premium Windows box lacks those tools. The underlying restrictions still work, but the suite of policy tools is part of the difference in price compared to the Professional version or higher.

Implementing those restrictions sensibly for you is what CryptoPrevent does.

It’s pretty simple. Download the free version of “setup.exe,” launch it and accept the defaults, then click “Apply.” You’ll have to reboot, but once it comes back up, chances are really good you’ll never notice the difference in how your system acts. Relaunch the application and hit the “Test” button to see if it works as designed. Only rarely does it fail and the site offers some guidance. Honestly, folks: This thing will disable a really large swath of malware out there today. The changes it makes should be the default on Windows for home users.

Another smart habit is simply using web browsers that lack all the bells and whistles for general surfing. I always keep multiple browsers installed, in part for testing, but also because each has different strengths and works better for one site or another. Most browsers allow you to disable lots of features, but it can be inconvenient unless you understand how to create additional profiles on the same browser you normally use. Even then, the browser might still do some things that are risky. One of my favorite browsers is called D+. It began as the Windows version of Dillo, available on Linux and BSD for quite some time. The current version of D+ actually works better than Dillo. You’ll need to run through the configuration options and test things to see how they work. You make the changes, close it, and then relaunch before they take effect.

The rendering is really quite different and takes getting used to. If you’ve used Lynx a great deal, you’ll recognize the layout is very similar, as both tend to ignore columns and tables. What you’ll see is usually more like what cellphone and tablet users see as the “mobile version” of most sites in a plainly vertical display. If you read the longer version of the description of D+, you’ll learn a lot of common browser features are left out on purpose. A crippled and simplified browser protects you from bad stuff, yet allows you to read the text and view most static images. A few sites won’t work at all for Lynx or D+, but that’s what “full feature” browsers are for.

If you really want to run Lynx, as I often do, you really should work through the Cygwin Project. Run the installer and check in the various categories like Networking and find a checkbox for the “lynx” package. The installer will take care of adding anything else needed to run Lynx. I rather like this excellent visual tutorial, even though it’s primary purpose is to allow running an obscure software project called PhysioNet. The point is, that particular page will show you how to get Cygwin installed and set up to run. You can adjust the size of the terminal window to suit your tastes via the usual context menu. It’s also a really great way to learn the Linux CLI without running a virtual machine. Lynx running from Cygwin is actually a better experience than it is on Linux because it reliably renders more common symbols and special characters that tend to disappear in the Linux version.

Outline of CompSec

Sunday 8 December 2013 Leave a comment

It’s Sunday and the prophet has a burden to share: Learn how to surf the Net safely.

Most Internet users are not sufficiently paranoid, and they leave way too many doors open for the kind of activity they engage. Most Internet users are brain-dead careless as it is, lacking any level of cynicism such as they might have in meat-space. One of my clients gets a pile of spyware almost weekly because of airhead habits.

The first thing to change is that person in the mirror: Are you a sucker for entertainment? Shopping and bargains? Do you chase the first search engine links to show up when you hunt for a particular artist or act? Have you not heard of search engine rankings and manipulation of “search engine optimization”? Has it not occurred to you that suckering Net surfers is about the most lucrative criminal activity on earth right now? Most Internet users are frankly stupid; not just careless, but egregiously hatefully stupid and impatient with any kind of precautions.

But if it occurs to you to think about it because you could prevent the worst of it, here are some things you can consider.

1. Think about compsec. What do you have on your computer? Pictures, documents, spreadsheets, banking information? Do you let your browser save passwords? Do you know if that saved password is secure? Whatever is on your computer is vulnerable. First, back up your important files to another device or at least to one of the free cloud services like DropBox. Windows has a functional back-up utility built right into the Control Panel; learn it. Second, think about where you are sending your computer into virtual space. What could be on the other side of that link? Are you aware most browsers can be re-directed multiple times in a second through a series of servers and addresses to places you never imagined? Are you aware that any given webpage might have active content served up from other sites?

2. Think about site content. Are you aware that any given webpage is downloading more than text, colors and images? Lots of hidden images called “web bugs” that do nothing more than load your browser cache with lots of unique identifying tags hidden in the image are on many sites. It’s actually not even an image, but your browser accepts it as one. The next site you visit can read those tags and track you all over the Net. Each webpage is likely to have a lot of scripting that controls how things are displayed, but can also download all sorts of junk you never notice, more scripts that do things to harm your computer. There is a large and thriving business where crooks and governments trade information about how to sneak stuff through your web browser and past your anti-virus and anti-malware defenses. Windows is full of such holes not yet patched.

3. Learn about web browsers. Install several different ones and learn how each does one or another thing better than another. Some have extra extensions you can add that make them work differently. Most have built-in security and privacy controls that people never examine. Several of them allow you to create multiple profiles within the browser, each with different settings. Learn how to turn off various features that make your browser an open door for malware; learn to surf without all those bells and whistles if you don’t really need them for various different kinds of sites. Learn how each kind of browser saves your passwords and whether it’s a good idea. Chrome doesn’t encrypt them, but there are add-ons that do; Firefox does encrypt. The new Opera browser does not (so far), because it’s built a lot like Chrome. Seamonkey does because it’s the same guts as Firefox, and with even more options to control how it works. There are dozens of variations built on the same guts as those, and many more with entirely different guts.

4. Learn about communication security: email, chat and encryption. Does it matter whether something is encrypted? That depends on what you are sending and who is on the other end. Could that person have a secret life that would get you in trouble? There’s only so much you can do before it makes you a hermit, so think in terms of balancing needs. On the other hand, make a game of learning encryption with some of your online friends. Do it right; exchange your encryption keys in person on a removable file device, then install them into your encryption keyring. If it really, really matters, learn how the worst criminals avoid getting caught. Learn how to research terminology in compsec that is unfamiliar to you. Ask questions of people who know.

5. Get real. Most of my computer ministry clients are poor benighted souls who imagine that their political views somehow place them under siege from the opposition. They imagine the opposition has threatening powers that they must fight. Just getting people to think that way is part of what political agitators try to do. So if you allow propagandists to win control of your thinking, you’ll be paranoid about things that don’t matter and won’t happen or can’t be fixed, while remaining totally a fool about things that do matter. The various government spy agencies are one kind of threat; the commercial spying operations are another entirely. Worst of all, they both work together entirely too much. Computers are just a tool, though admittedly one of the most important and ubiquitous tools in the world today. Learn what your computer can and cannot do against the fabric of what really matters in this world.

6. Consider using an operating system that is more secure in terms of giving you control. In terms of what’s available with easy access and price, sometimes Windows is the best choice. It’s also going to be always the most easily cracked by bad guys. Part of the problem is that there is so very much you cannot possibly know about it. Even genuine Windows experts have trouble understanding some parts of the system. Those who know it best will not tell you what they know without charging high fees. The Open Source world is just the opposite; the people involved are eager to tell you what they know. You will unlikely never need to know most of it, but the openness is itself a form of assurance that you can trust them. Also, keep in mind: If your computer has enough power, you can always run Windows emulators or virtual machines — it really isn’t that hard. You can install Linux and run Windows inside your computer as a separate environment, then shut it down when you don’t need it. You can also run Linux in a virtual machine on your Windows desktop for safer surfing. You can install Cygwin on your Windows computer and have the Linux commandline at your fingertips, or run the X server and run a Linux desktop in Windows. You can also learn to run Linux from a CD or DVD, booting into a different OS completely that cannot be changed by crackers or malware.

Nothing is impervious to determined cracking, but we can raise the price for such attacks. How much does it matter? Don’t be lazy. The threats are real, and get worse depending on your activities. It’s not getting any better. Some recommendations you can research:

Browsers: Chrome/Chromium, Opera (both the newer webkit and the older version), Firefox (research variations like Pale Moon), Seamonkey.
Browser extensions: Ghostery, Adblock, Click&Clean. Several different password safes.
Browser cache cleaners: CCleaner, Bleachbit.
Private search engines:,
Encryption: GnuPG is currently the best for free.
Cygwin: A way to run Linux stuff on Windows, particularly useful for Lynx browser.
Email clients: Opera Mail, Seamonkey, Thunderbird, Claws. Each has unique features for security, and most of them will can work with GnuPG for direct encryption and decryption.

More: If any part of the name says “toolbar” it’s bad for you, even if it comes from your anti-virus provider. Never install anything regarding coupons. Never install software associated with any social website, news site, etc. Check the site for an installer for any item you use, because it strips out bundled advertising junk. Look at the list of stuff they offer, because it tends to be safer than alternatives not listed. Avoid anything made by Adobe if you can. Never trust McAfee or Norton. Don’t use any Google services unless you have to; same goes for Yahoo and the other popular web portals. Use them for throw-away accounts; learn how to kill them and do it often. Learn how to get webmail accounts based in foreign countries.

Linux, Security and Control

Sunday 17 November 2013 1 comment

Running Linux doesn’t merely put you in charge of things; it grants a sense of power you won’t easily get from Windows or Mac. But it’s really about the people involved.

The primary reason Linux computers seldom get viruses is the Linux user culture. Just the introductory readings for those considering migrating their computers to Linux will teach you constructive paranoia. You won’t get this from Windows users unless you go looking for it, but in Linux it is the first assumption of the entire user community. You do get a version of paranoia from using Windows, with all the alerts and antivirus, anti-malware, etc. However, the big difference is with Windows you know you are helpless in the sense you will ever remain dependent on others.

In Linux land, you are only as dependent as you want to be. Real experts in Windows have a reflex to keep their information out of public view. All the Windows security forums are terribly elitist in the peculiar sense of, “We know what’s best and we will tell you what we want you to know.” Linux communities are not at all like that. Plenty of Linux users don’t have a clue, but those who do will gladly explain way more than you care to learn. So rarely would you get that from a Windows expert, you tend to grab that information and save a copy of it somewhere. And the places where they post such information often flies under the radar. Linux information is paraded in the streets.

You don’t have to become an expert to run Linux, but it’s actually difficult to avoid some level of expertise uncommon among Windows users. This is partly the dynamic of what sort of people are drawn to Linux in the first place. They are looking for something they can’t get with Windows, and the various somethings people search for often includes open access to expertise.

Yes, there are precious few viruses and malwares that run on Linux. Some major portion of that is proof-of-concept. Most of them require the kind of clueless user behavior common among Windows users and wholly uncommon among Linux users. Ever hear of Android, the smartphone OS? It caters to stupid users and gets plenty of malware. Almost no desktop version of Linux does that. Besides, it’s the cellphone functions of Android that open so darn many doors to malware in the first place, functions you won’t find in any other type of Linux. Android is typically not considered “Linux” in the minds of most people because it has such a highly specialized use. Every other use of Linux tends to be secure.

Indeed, Linux servers get more attacks than Linux desktops. Again, that’s because the single greatest likelihood of idiocy is a server admin who runs the simplest, and most easily cracked, software their Linux server. They use a Linux server because the OS is free and/or they believe it’s secure, but then dump some goofy, trendy server junk on top of it. Worse, as non-participants in the Linux user culture, they have no clue how to perform the most basic security checks and chores. A truly large percentage of the Internet runs on good, secure Linux servers controlled by well-clued server admins (not to mention a lot of BSD and other types of Unix).

And if it matters to you, there are free AV packages for Linux; just check with AVG or BitDefender, for example. You’ll notice they protect against Windows viruses because the whole point is wiping out such threats before they get passed on to a Windows machine. At last count, I believe the total count for Linux viruses is less than 100, and most of those are obsolete. Frankly, it’s the mutual incompatibility of the various distributions of Linux that almost necessitates each virus be built specifically for the particular machine it attacks. Then again, the default desktop installation isn’t running very many services, particularly those commonly exploited as entry points.

But the number one selling point for Linux is not all the crap you are likely to read from the fanboys. They ooze with religious fervor about running their favorite brand of Linux. They’ll go on at length describing the joys of things almost no one except a fanboy cares about. They assume every computer user will appreciate what drives them. That’s the primary reason the wider computer user base is so slow to adopt Linux.

The single greatest selling point is not even the control Linux gives you, but the sense of control.

Real security? Who can really say just how secure something is until it’s attacked? You’d have to learn a lot just to know how to check for such attacks, never mind discerning whether the attacks were even competent. With Windows, that is pretty obscure stuff, and often requires specialized tools to interpret the raw data. With Linux, it’s less obscure data dumped into a fairly simple log file, if you want it. The instructions for reading that data are already installed on your computer, most likely — try looking in /usr/share/doc/ for a folder like iptables. Or the man command in conjunction with any command you might know about. When the documentation on your system is scant, you’ll often find something telling you where to get more on the Net.

But if you learn the basic information for one thing, it applies to just about everything in Linux. And if that’s too obscure for you, just use a search engine. It’s all over the place. Just use the terms you are familiar with, or join any user forum, or ask any individual Linux user. They only reason they might not answer is they are trying to help lots of other folks. There are thousands of folks out there who’ve faced really small troubles and are glad to tell about it, along with those few who faced more serious trouble. The entire Linux user base wants you to be secure and successful. Most likely they will not be patronizing to readers.

In other words, it’s more about the people than about the operating system itself. You get to choose what matters to you, and how much you want to learn. It’s all there in the open because of the user culture.

Addenda: As someone noted offline, Linux is all about DIY and taking control, becoming self-reliant.

Busy Day

Wednesday 13 November 2013 Leave a comment

This is what my posts look like when I’m too busy actually working to do a lot of deep contemplation.

I fixed a Vista laptop being passed from elder to younger relative. Simple answer: First, unlock the Administrator account. Kill the previous user account and delete all the files. That’s where most of the virus and malware infections were hiding. Then create a new account for the new owner and lock the Administrator account back up. But not before running a bunch of scanners and removal tools and turning off services no one needs. If something refuses to uninstall, drop into Safe Mode and simply delete whole directories where the stuff resides, then use a Registry cleaner to break any links left over. Then defrag — it easily takes 18 hours on a Vista machine that hasn’t been defragged before. Install good free software and make sure the settings favor privacy, with addons that help (Adblock, Ghostery, etc.)

It actually runs half-way fast now.

Lots of people are getting hit with Conduit. It’s almost like a Trojan, pulling in other, nastier stuff. Malwarebytes gets most of it, but you still need a tool like CCleaner to clear associated installs and clear the Registry. You also really need to kill the cache regularly on Vista, as I noted in a previous post some weeks back.

I do it because I like people and enjoy poking at computers. I hate Windows, but I’m willing to mess with it because some folks can’t imagine computer use with it. Such is life.

I did make it to the gym and during that ride out and through the workout itself I thought about how Obamacare had two main purposes. One was to empower the health care insurance industry and associates. The other was to ensure Americans suffer yet another woe on top of a trashed economy and oppressive government: Now we can be forced to accept torturous medical care that does nothing but kill us off sooner. I suppose it’s one of the reasons God prompted me to get as fit as possible, and to keep pushing these two years later because I have to maintain what I got. It was not a simple matter of lifting weights and going for a run or ride. There are complications in my joints, but I’m still at it and not giving up. Honestly, I don’t have a simple goal. It’s just get as fit as possible. Seems to me the less obvious meaning is have no reason for medical care.

While it’s obvious the dominant power behind this Obamacare is the money and power, but I feel certain there’s a few folks cackling with glee at the prospect of added suffering and earlier deaths.

To some degree, I’m doing what I can to make computers fit, as well. I want folks to have healthy computers because the Internet is currently our one and only way to get around all the lies and sneaky efforts to kill us off and keep us from learning truth from each other. I suppose there will come a day when folks will stop asking me to fix Windows and start installing alternatives that aren’t so easily ruined.

Slimboat Is Better than Chrome

Friday 25 October 2013 1 comment

Update: There have been reports of suspicious activity from Slimboat and Slim browsers. At least one user reported a distinct attempt to download malware coming from the running process. I will add my own finding that when you tell Slimboat to clean the cache, it still leaves way too much in places you wouldn’t think to look. Also, I tend to think the forum established for questions and bug reports at the Slimboat website may be at least partly astroturfing, because a couple of reasonable comments were quickly deleted by the admins. Caveat emptor.

Original post follows…

You have to understand something about Google: They are easily some of the biggest liars on the planet. Not in the sense you can’t trust anything they say, but that you can’t trust their motives on anything they do. If Google announces plans to do something, they’ll try to do it. Often enough, they succeed. However, at the same time there is always a bucket load of sneaky and downright hateful crap they do in the background to take advantage of us. Google would sell you into slavery if they could get away with it. Instead, they’ll settle for tracking you to the point they know your habits better than your spouse. And they will sell that information; count on it.

So with full cynicism we proceed to take advantage of them. Instead of using Google Search, I use Startpage is based in the Netherlands, and uses Google’s search engine without letting Google see anything about you. All Google knows is thousands of search requests coming out of Startpage, and no differentiation from one to the next. That way you always get generic search results, not something supposedly tailored to your known tastes and habits.

We know about Google Chrome browser, and some of you may know it’s built on top of the Webkit framework. Webkit developers are working hard, but they are not nice people. I say that because of how they respond to very reasonable feature requests, even when someone writes to code for them. They’ve gotten pretty ugly at times, I am told. Still, it’s not a totally useless tool for building browsers. But Google Chrome (and the Open Source Chromium version of it) are missing features that would serve better to protect your privacy and improve your user experience. For example, they refuse to encrypt saved passwords, so that anyone with a nifty script can steal them from your browser. Google is not very responsive, either.

So some time back when the EU demanded a certain amount of neutrality for browser choice, some folks came up with a couple of browsers to meet that requirement, giving them away as free downloads. Slim Browser rides on top of Internet Explorer, and handles some issues better. But Slimboat is built on top of Webkit and does a lot of things Google refuses to do.

For example, your passwords are encrypted and you can have them locked behind a master password. Adblocker is built into the browser, and is easier to control if you have a mind to do so. You can download YouTube videos without all the rigamarole I used to go through with scripts and so forth, plus you can install a free plugin and Slimboat will convert the Flash video on-the-fly for you. I’m still not happy with how they handle font choices, but I’m trying to come up with a work-around using CSS — Slimboat does allow you to install your own user CSS file to control some of its display options.

Yes, you might run into some stability issues, but less and less as time goes on. For my Debian Wheezy, I can’t use the installable version they offer. I just grab the generic Linux 64-bit, unzip it and drop it into my home directory. From there I can link to the executable file and run it with ease. Runs just fine, thank you. I’ve not had any trouble with things like JavaScript or page element placement on websites.

Folks, I recommend Slimboat browser.

VMWare Player on Wheezy

Thursday 10 October 2013 1 comment

It doesn’t really matter why; you might have any number of reasons for needing to run Windows software on your Linux box. Sometimes WINE is enough. It works pretty good for things like Notepad++ and it’s not too bad if you like MS Office 97. Too often what you need to run requires Windows itself, and that means running a virtual machine (VM) on your Linux box.

For most things I find Win2K adequate; it demands less from your system as a VM. However, the procedure is pretty much the same for WinXP. I’ve not tried it with anything more recent from Microsoft because my system isn’t all that powerful. I have a Dell Optiplex 780 made for Win7, running a dual core Intel 2.93Ghz CPU and 4GB RAM. The OS is Debian Wheezy 64-bit with XFCE.

The instructions on VMWare’s site are hard to find and incomplete. You can scavenge various forums and blogs and usually get some good advice, but much of it is out of date, including the official Debian wiki articles. VMWare offers a 64-bit version for their current free engine (6.0.0). On Debian, you’ll need at least the packages “build-essential” and the kernel headers (“linux-headers-`uname -r`” is what you type for apt-get or aptitude to identify yours). There may be some other stuff needed, but I’m not working from a fresh install of Debian. For example, I’ve already installed all the stuff necessary to build Firefox.

Find out where you downloaded the VMWare file and prepare to obtain administrative credentials, either via sudo or by logging in as root. The file name is something like VMware-Player-6.0.0-1295980.x86_64.bundle or it may have gotten changed to something with a different extension. Change the extension to bundle and change the permissions on the file to make it executable — i.e., chmod a+x VMware-Player-6.0.0-1295980.x86_64.bundle on the console. Then execute (on the console, ./VMware-Player-6.0.0-1295980.x86_64.bundle). It should open up a window and walk you through the various requirements. You don’t need a code, which means it will become the free non-commercial use version.

Once installed, use the software from your normal user account. It should appear in the menu somewhere, typically under “System.” Once the window opens and things settle down, you should have the option to create a new VM. Drop your Windows CD (or mount the ISO as a virtual CD) into the drive and wait for your system to recognize it. Then click to create a new VM. It should recognize the mounted CD as the proper source and give you a chance to proceed. I typically choose to double the size from the default virtual hard drive to ensure I have room for all the software I need to install.

I highly recommend you run the full installation without the toolkit. You’ll get the most primitive VGA window, but downloading the toolkit too soon will stall the installation of Windows. Many folks report that happens anyway. In the window menus you should find a “send Ctrl+Alt+Del” but that may not work, either. Just tell the VM to reboot and it should recover and proceed from where it froze up. Once the thing is up and running, then install the toolkit. As soon as possible in all of this process, I disable the ethernet connection for Win2K.

For Win2K you’ll need SP4 and the final roll-up from Microsoft, otherwise the toolkit won’t install. What happens is the toolkit downloads automatically, then is mounted as a virtual CD in to your virtual Windows computer. Simply double click the icon for that virtual CD and it should begin installing. Once done, you’ll have the option to use your system video capabilities. Also, you won’t have to hit Ctrl+Alt to release the mouse from the VM; it will simply transition in and out automatically. You can revisit the virtual machine settings. I usually give it both CPU cores, but most of the defaults work otherwise. One handy item is setting up a shared folder for work on your host machine. I have a folder in my $HOME called “Projects” that I label the same for the VM. Then I place an icon on the Win2K desktop for easy access.

For WinXP, you can typically allow it to connect to the Net long enough to run all the updates from Microsoft. You will need to run the usual AV, anti-malware, etc., to protect it or disable the ethernet.

Now it’s ready to install software. On my machine, the only thing that taxes the system at all is DOS software running on a Windows VM. Apparently stepping down from a hosted 64-bit to 32-bit is easy, but dropping farther to 16-bit is pretty resource intensive. Your mileage may vary.

The preferred shutdown method is to suspend Windows through its own menu. Often when you go back, VMWare Player will forget what it was doing last time and lose your VM from the list. You’ll find it under $HOME/vmware and keep double clicking until it starts the thing up. You’ll get bogus warnings about missing hardware drivers but justs give it time to load them and things should be back where you were before, at least in terms of window size, if not placement.

Connecting a USB drive or other removable file system in your VM usually disconnects it from Linux. You’ll need to learn how to navigate the menu system for VMWare Player itself and get used to where they place those things.


Compsec: Losing Control

Friday 27 September 2013 Leave a comment

The single greatest threat facing computer users is loss of control.

Unaccountability is a two-edged sword. It’s bad enough people in power refuse to account for their actions to those affected, but we also have a full range of areas in life where control is taken from us indirectly. That is, we who want a measure of control have been herded along with all the folks who don’t want to be bothered. That latter group is by far the dominant species in the herd.

You can look up various search terms that include “computer” and “apocalypse” and get quite a few articles. Add the concept of “false flag” and you still gets tons of articles. We’ve already seen truly major computer security threats sponsored by the US government as a tool of espionage that can’t be targeted too cleanly. In the nature of standard human negligence, a tool of espionage designed to attack one kind of vulnerability on the enemy’s computers can easily spread to every computer with similar vulnerabilities. We could easily see a form of spyware infecting a the majority of common household users all over the world.

Don’t be too sure that wasn’t the plan in the first place. It’s not a simple matter of Windows having a backdoor wide open for the likes of NSA. Windows has always been vulnerable to control from Microsoft engineers. Whatever they wish to do with that operating system will happen at their behest; if your system is connected to the Net, their controls will find you. That same path is easily shared with any agency of the US government having the gall to demand it. That means you could find your system erasing itself entirely, installing and running all kinds of software, or simply downloading and displaying by force images you simply don’t want to see. There are multiple openings of those sorts written into the system on purpose. While MS has seldom availed themselves of such controls, the possibility has always been there. People running Windows have never really had control of their system without completely disconnecting it from the Internet forever.

This remains the single biggest threat in terms of getting what you want from the computer hardware and software that you buy: It’s never really yours. Right now there is a sudden rise of threats to families from spyware secretly planting evidence of things like child porn on private computers and then alerting the authorities that you have it. More than once it would seem the authorities themselves are planting this garbage on computers. You won’t have a clue when the SWAT team bursts through your door at 3AM. This has happened already to more than just a few. Yet disconnecting is not really a viable option for most.

The system has slowly created a social dependency on computers. If you don’t have some means of connecting to the Internet, you are today isolated from a major portion of minimum social expectations. Kids in school? The school administration wants an email address. Churches, too. Just about every government agency you encounter these days does the same thing; those who don’t will be required to do so soon. Want a job? You are almost required to have a Facebook account just to be taken seriously. Because we can all connect cheaply and easily, we almost have to just to stay out of trouble.

And God help you if you aren’t part of the mainstream near-monopoly Windows OS users. You’ll get by with a Mac — just barely — but with anything else, you had better be awfully savvy. The system wants to you dumber than a rock or you might start making unique individual demands, and uniformity is a vital necessity of bureaucracy. Working to govern through computers makes that enforced uniformity even easier. At the same time, the economy is collapsing enough to make buying a new computer highly unlikely for many. So we’ve got millions of WinXP grade machines running just fine, but with insufficient horsepower to run even Win7, much less Win8. That is, run it so as to have any use of it as a general purpose PC.

Right now I’m advising a lot of people to switch to Linux (primarily Xubuntu) before WinXP drops dead in April 2014. Not because I’m pushing a new religion as with most Linux zealots; I do this because it’s a valid answer. However, along with this comes the vital necessity of them learning a bit more about computers in the first place. They’ll have to learn the different interface (XFCE) and different operation and maintenance habits. With poverty comes more work just to survive, and that means more work in every measure of life. Even if you keep XP, you still have to work harder to keep it secure and operational. Either way, you’re going to need a bigger investment of yourself into the system to use it over the near term.

[Side note: The 12.04 release of Xubuntu runs quite well on most XP-grade systems and will be supported officially until late 2017.]

If you don’t take a greater interest and assert more control, your life itself will tend to spin out of control when things get harder; computers are just another facet of this.

Bits and Pieces 13

Sunday 22 September 2013 1 comment

I’m testing a nutritional supplement, recommended to me by both Old Jules and the Mandala Lady. The official name is serratiopeptidase but it’s more commonly known as “serrapeptase”. It’s a body enzyme that fades from production beginning around age 20. The primary noticeable effect of the enzyme is reducing scar tissue, but it appears to affect all scar tissue in the body, even what you can’t see inside your joints and such as fibroids and other little nasties. Further, I noticed it offers a very broad-based boost to the metabolism itself. It appears synergistic with other supplements, typically making them work a little better. However, for many folks it may take 3-5 days to get rocking and rolling smoothly. I’ll update after I’ve used it for awhile.

Because of my computer ministry clients’ needs, I’m running Win7 on my desktop. I don’t like it, but the writing tools are better and it’s a whole lot easier to test software before I recommend it to people. It’s also easier to learn the new tricks I need to rescue systems with real troubles, since the bad guys keep changing their game.

My old favorite browser, Opera, has changed a lot. The newest implementation has shifted over to the WebKit engine so it acts a lot like Chrome. It’s really not up to full production use just yet, but version 16 is a start. However, they also split out their mail client and it’s better than ever. Just look for Opera Mail client, currently for Windows only. If you’ve ever used the older bundled mail client with Opera, installing the new one will automatically pick up your configurations, accounts and mail storage from the older version. Folks, I love this mail client.

But I’m still running Debian 6 on my laptop. I don’t get to use it much, but it’s still much better on that hardware than anything else. Most of them time I drag it along on service calls in case I need to set up a home router or download stuff specially for their machine. More than once I’ve helped someone cobble together a quick webpage as the best way to display a collection of photos or something on their system. I find it easier to use my own familiar software for that than to use Notepad or have to install something they won’t use on their system. I frankly hate how MS Word and Libre Office create webpages, loading them with too much unnecessary crap code.

If you want to try something that makes clean code without having to write it all out yourself, try Amaya. It’s free and runs on all platforms. It’s just a tad cranky to learn, but it’s about as good as you can get with a WYSIWYG editor for webpage code.

For those of you who still like the idea of ripping off YouTube music videos, the simplest path is to use a single tool. However, you get to choose from two versions: Slimbrowser based on the IE engine (Trident) and using many of the same kinds of settings, or Slimboat Browser based on the WebKit engine. Both display a button on YouTube pages (usually upper right) allowing you to download directly. You get to select from the various quality versions and formats, plus you have an option to transcode directly into MP3 format. The first time you do, the browser will probably download a codec for it. It will pull down the video in your chosen format then produce an MP3 from it, leaving you both in the same folder. Both of these come from Flashpeak and I have little idea about the company behind it. And to be honest, I really can’t find much use for either browser aside from snagging music from YouTube.

Net Speculation 2

Sunday 15 September 2013 Leave a comment

This is nothing more than my gibbering mind dreaming up vague probabilities. I can’t account for whence some of it comes, but take full responsibility for the idiocy.

Linux will soon be almost entirely a corporate product. It will remain Open Source, but will fragment severely between a handful of big players, with only a very thin scattering of independent projects. The newer generations aren’t volunteering to code and the older is getting too old to carry it all. So the bulk of development will pass to those few businesses that stand to make money keeping things alive; they will host the developers who will be devoted almost entirely to their corporate needs.

The desktop will remain alive for some years to come. Some types of work can only be done that way and it involves way more folks than the big CEOs want to believe. Because the serious need for millions of work stations will continue, the hardware will continue in production. Linux will become more standardized in terms of the desktop interface — that is, in the sense that almost no one will use anything except what comes on the corporate work stations. Linux will probably grow in numbers quietly among business and government offices. Microsoft had better wake up and bring back their desktop with serious support.

The NSA won’t go away, but they will be severely weakened, as will most similar agencies. Exposure means people will make it a whole lot harder real soon. Protocols and means of transmission more resistant to such efforts will proliferate and the surveillance industry will be weakened badly for quite some time.

More and more Internet endpoints will be dominated by local mesh networks. These will be quite independent (at least potentially) and serve to mask an awful lot of users. In urban areas, the mesh networks will take over and some ISPs will struggle to survive as a business. Those who survive will figure out why they are losing customers and start delivering services instead of working so hard to deliver customers to the marketers and governments.

As the Network Civilization arises, many old business will drop off the Net. Old models of making a profit will sputter out rather suddenly and only those entrepreneurs keeping up with the changes will make any money. It really isn’t that hard to extrapolate and innovate when you realize what simply will not work any more, and what it takes for people to give up their money. They surely will, but not for the same things as previous generations.

In a year or two we can all reread this and laugh.


Get every new post delivered to your Inbox.

Join 416 other followers