Practical Technology

for practical people.

August 26, 2009
by sjvn01
0 comments

FSF takes on Windows 7

The FSF (Free Software Foundation) has never liked proprietary software, but for most of its history, it’s focused on singing the praises of free software, and, with some distaste, its near-twin, open-source software. Not anymore. These days, the FSF is spending its time attacking proprietary software, like it did today, August 26th, when it went after Windows 7 in its new Windows 7 Sins: The case against Microsoft and proprietary software.

The seven deadly sins are, according to the FSF, the “seven major areas where proprietary software in general and Microsoft Windows in particular hurt all computer users: invading privacy, poisoning education, locking users in, abusing standards, leveraging monopolistic behavior, enforcing DRM (Digital Restrictions Management), and threatening user security.”

Beside the Web site, and a public demonstration at the Boston Common, the FSF elaborated on these points in a letter to the leaders of the Fortune 500 companies. Well, actually 499 CEOs since, as the FSF notes on the site, “We didn’t think Microsoft would listen.”

Yeah. I think that’s a safe bet.

More >

August 25, 2009
by sjvn01
2 Comments

Why Windows security is awful

A friend of mine suggested that I should include as boilerplate in my security stories, a line like: “Of course, if you were running desktop Linux or using a Mac, you wouldn’t have this problem.” She’s got a point. Windows is now, always has been, and always will be insecure. Here’s why.

First, desktop Windows stands firmly on a foundation as a stand-alone PC operating system. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2009 and Windows 7.

Most of these problems come down to Windows has IPCs (interprocess communications), procedures that move information from one program to another, that were never designed with security in mind. Windows and Windows applications rely on these procedures to get work done. Over the years they’ve included DLLs (dynamic link libraries), OCXs (Object Linking and Embedding (OLE) Control Extension), and ActiveX. No matter what they’re called, they do the same kind of work and they do it without any regard to security.

Making matters worse is that they can be activated by user-level scripts, such as Word macros, or by programs simply viewing data, such Outlook’s view window. These IPCs can then run programs or make fundamental changes to Windows.

It also doesn’t help any that Microsoft’s data formats can be used to hold active programming code. Microsoft Office formats are commonly used to transmit malware. Microsoft’s latest Office 2010 tries to deal with this by blocking all but read access to documents or ‘sandboxing’ them.. Since you can’t edit a sandboxed document, I’m sure that’s going to go over really well. Of course, what will actually happen is that users won’t use the sandbox utility, and they’ll just spread malware instead.

This data format ‘functionality’ and easy ‘application-to-file-to-application’ IPC is in Windows because it makes it simple for Windows programs to share data. That’s great in a stand-alone PC when you may want to have your PowerPoint chart automatically change to reflect the new information in an Excel spreadsheet. But, that same power is a permanent security hole in a PC that’s hooked up to the Internet.

Besides that, Windows, again harking back to its single-user, stand-alone ancestry all too often defaults to requiring the user to run as the all-powerful PC administrator. Microsoft has tried to rid Windows of this, with such attempts as UAC (user account control) in Vista. They’ve failed. Even in Windows 7, it’s still easy to bypass all of UAC’s security. Microsoft has claimed they fixed some of those bugs.

In addition, there are other problems like Windows 7’x XP mode, which bypasses all the improvements made in Vista and Windows 7. Again, it all comes down to all of Windows security improvements amounting to being just layer over another of security over its fatal single-user, non-networked genetics.

That’s why Linux and Mac OS X, which is based on BSD Unix at its heart, are fundamentally safer. Their design forefathers were multi-user, networked systems. From their very beginning, they were built to deal with a potentially hostile world. Windows wasn’t. It’s really that simple.

On top of all that is the reason that Windows apologists always give: Windows is more popular so it gets attacked more often. That’s true. But, so what? You’re still going to get hacked.

For you, as a user, running Windows means that your PC will be attacked on an almost daily basis. Hacked Web sites, spam carrying malware, it’s almost all meant for little old you and your Windows PC. Even with constant patching and added security programs, you’re always going to be in danger of having your PC hijacked.

In short, to return to the beginning, Windows security is now, always has been, and always will be, bad. If you want a secure computer, you’ll be better off trying with either a Linux desktop or a Mac. Like it or lump it, that’s just the way it is.

A version of this story first appeared in IT World.

August 25, 2009
by sjvn01
1 Comment

The affordable Mac

The conventional wisdom is that Macs are expensive. Microsoft ads make a big deal about how much more computer you can get for the money. Nonsense. Actually, you can get a perfectly good Mac for cheap: the Mac mini, which can do everything its bigger, more expensive brothers do for a lot less.

The bottom of the line Mac mini comes with a 2GHz Intel Core 2 Duo processor, a gigabyte of RAM, a 120GB hard drive, and NVIDIA GeForce 940DM graphics. The price? $599.

That may not sound like much of a machine, but that’s only because most of you have been using Windows. On Windows, this would make for a pathetic Vista or Windows 7 PC, or an okay Windows XP system. With Mac OS X Leopard, and the soon-to-arrive Snow Leopard, that’s more than enough hardware for a great computing experience.

That’s not just theory. I’ve been running a Mac mini with these stats for the last few months, and I like it a lot. While I prefer desktop Linux for most purposes, I’m a software pragmatist. I like programs that do their job and do them well. For what I want from a Mac, the mini is great.

To be precise, I use my mini for video transcoding work and to manage my video library. For video transcoding — converting videos from a variety of formats to MP4 for my Apple TV media extenders — I use the open-source program Handbrake 0.9.3. To decrypt DVDs so that Handbrake can move their video into my library, I use the open-source VLC Media Player.

Both these programs are also available on Linux and Windows, but I find that they work best and fastest on my Mac. There are dozens of other programs that claim they can move videos from DVDs and other files to a format that works for you. Most of them cost money and fail at the job. Others programs, like FFmpeg can do the job, but they require a lot of manual tweaking to do the job right. Handbrake and VLC on the Mac is really the best way to go. Trust me: I learned that the hard way.

Video transcoding is not easy work for a computer. Nonetheless, my little mini does a better job of it than does my desktop Linux and Windows 7 systems using the exact same programs and with faster processors and 2-6 gigabytes of RAM. I don’t know about you, but I impressed.

I also use that same mini to manage my approximately one terabyte video and half-terabyte music libraries. These, of course, aren’t on my mini. Instead they’re on my gigabit Ethernet network. With NAS (network attached storage) and USB external drives, I don’t find that it matters much anymore how much storage comes with a PC; you can always and easily add more.

For video and audio management, I’m using iTunes 8.2. Yes, it’s proprietary. Yes, it can be a pain at time. But, again, like the mini in general, it’s fast and it does this job better than any of its competitors does. And, yes, in particular, it does this job better too than iTunes does on a ‘faster’ Windows PC.

On top of that, there are the oft-hidden costs of Windows. For example, when you buy a Windows PC, you must buy security software with it. If you don’t, your Windows PC will be toast sooner rather than later.

Of course, if you shop smart, a Linux desktop is always your cheapest desktop choice. But if you have particular needs for video and audio as I do, then a Mac isn’t just your best choice: it’s your most affordable choice. Or, if you just a good, general purpose PC and you want Apple’s great belt-and-suspenders support, then the Mac mini is also for you.

A Windows PC only looks like the cheap choice. Your best choice, even for people on a tight budget, may very well be the Mac mini. Check it out. I think you’ll be glad you did.


A version of this story first appeared in ComputerWorld.

August 25, 2009
by sjvn01
1 Comment

Botnets must die

Today’s Internet report is Green in the European Union, Yellow in North America but still Red in the Pan-Pacific countries and Israel.

In the U.S., Facebook and Twitter are still under siege from the Windows-based Katrina Storm botnet. Google, however, reports that search delays are now down to an average of three seconds. Things have gone from bad to worse in Japan and Reunified Korea, though, as attacks from former North Korean cyberwarfare units using the Windows-based MyDoom VII botnet have locked down all financial and government Web sites. That’s still better than Israel, where, according to landline phone reports, attacks from the so-called Sons of Eichmann cyberterrorist group using the Windows botnet New Cyxymu have totally frozen the country’s Internet access.

Sound like science fiction? I wish it were. I think it’s a fair prediction of where we’re going if we don’t stop Windows-based botnet distributed denial-of-service attacks.


More >

August 24, 2009
by sjvn01
0 comments

The SCO zombie wins one

Oh the irony. Today, August 24th, a Federal Appeals Court ruled that while the walking dead SCO still owes Novell big bucks for selling Unix to Sun and Microsoft, the District Court overstepped its grounds in ruling that SCO had never bought Unix’s IP (intellectual property) rights in the first place. What’s funny about this is that it’s only after SCO is dead for all practical purposes, that it finally manage to win one.

This does not mean, as the few brain-dead SCO supporters would have it, that SCO owns Unix’s IP. It means that SCO might own them and they can take the matter to a jury trial. As the ruling itself states (PDF Link) “We recognize that Novell has powerful arguments to support its version of the transaction, and that, as the district court suggested, there may be reasons to discount the credibility, relevance, or persuasiveness of the extrinsic evidence that SCO presents.” But, since “the evidence presented on a dispositive issue is subject to conflicting, reasonable interpretations, summary judgment is improper. So, “We think SCO has presented sufficient evidence to create a triable fact as to whether at least some UNIX copyrights were required for it to exercise its rights under the agreement.”

So does, this mean that as CEO Darl McBride said in The Salt Lake Tribune that this is a “‘huge validation for SCO’ that will enable it to continue its lawsuit against IBM and a related suit against Novell.”?

Uh. No, not really.

More >

August 24, 2009
by sjvn01
0 comments

Pidgin 2.6.1: The best Linux IM client gets better

M (Instant Messaging) clients have become invisible. We use them all the time to ‘talk’ with co-workers, chat with friends, and ‘text’ with family members on their phone. That is, I do, anyway because my IM client Pidgin, works with every almost every IM client in creation and it makes chatting with anyone, anywhere mindlessly simple. And, with this newest version, limited voice and video support is built in as well.

Today, the VoIP (Voice over Internet Protocol) and video framework is rudimentary, but the promise is there. Today, you can only use voice and video over XMPP (Extensible Messaging and Presence Protocol), an open IM XML standard on Linux. However, what’s important is that the framework is there. Adding voice and video to other IM protocols won’t be easy, but the big first step had been taken now.

Pidgin already has the IM clients down pat-AIM, Google Talk, IRC. MSN, Sametime, etc. etc. That said, I found that this version has faster overall performance and fewer hiccups.

More >