Willis recent post “Modern Piracy” is the inspiration for the title, along with math challenged pirate marketing team. This in-your-face sales pitch to renew my Avast Antivirus popped up today on my desktop, but the piracy is in the math:
Gosh, should I really renew with a company that can’t offer sales incentives rooted in simple math? That 3 year plan is a real winner (for them) compared to annual renewal.
I think I’ll revert to the free version or use Microsoft’s free AV solution. Arrrrrr!
I use Microsoft Security Essentials & it works fine & it’s free. MS has all the tools you need built into Windows. There is no need for any 3rd party software for security or clean my PC software. They are all scams you don’t need.
Anthony, you need to do the supermarket shopping – and pay attention. Out our way a case of beer (24 cans) is almost always at least 50 cents more than two 12-packs. Same with rice, where 2 one pound packages can be much less than the two pound packages.
But that 10 cents a day rate for two years at 365 days a year = … 73.00 dollars!
Oopsie. That doesn’t work either. 8<)
Connect to Avast’s website on a PC that hasn’t previously visited and they will offer you the full AV for just $19.99 instead of $39.99
You could probably erase Avast from your registry as well and get the same result, though I haven’t tried that. I guess I will be trying that once my paid for version expires. I am happy to pay $20 or even £20 per year for an AV solution, but definitely no more.
In the UK Avast offer the product for £19.99 instead of $19.99 Welcome to rip off Britain as we call it here. Everyone everywhere rips us off.
Or just use linux instead.
Download Linux Mint and you don’t need any of this crap…..
REPLY: Except that I have many Windows only applications that won’t run on Linux, so I’d be throwing out software – Anthony
MS essentials is fine for me – in fact, I have discarded using the free Trend Micro (?) AV software from my Virginmedia BB supplier as it’s too slow!
Or, AVGFree, which has caused fewer headaches for me. YMMV
@MrMethane – AVG has caused me a lot fewer headaches as well. However, since my business is advising clients, I run both (different machines) so I can advise them. AVAST does not like VISTA. But it works fine on Android OS and XP.
I’ll just stick with the Avast free and AVG Free. They are as good as any pay for,
In the UK, bank with Barclays & get 3 x licences for Kaspersky free of charge. [Suitable for PC & Mac]
Try Superantispyware or Malwarebytes anti-malware. Both have very good free versions and the paid versions are cheaper.
Wow MS Freeware anti-virus, the complete fail solution has just been marked as completely insuffient again by two independant research services, one of them monitoring AV suits over 22 months… Obviously you have never looked into AV Software performance at all, but because you are unhappy wie the pricing of your personal choice product you post this Fail advice to the general public.
REPLY: Links to back up your claims always helps
here’s one of mine: http://dottech.org/14151/windows-best-free-antivirus-antimalware-program-microsoft-security-essentials-vs-avira-vs-avast-vs-avg/
– Anthony
You’d think it’d be the other way around for 3ys
Bobby Davis says:
December 30, 2012 at 9:49 am
I use Microsoft Security Essentials & it works fine & it’s free. MS has all the tools you need built into Windows. There is no need for any 3rd party software for security or clean my PC software. They are all scams you don’t need.
==========================================================
The only anti virus that I use is the Microsoft Security Essentials that came with Vista. I almost hate relying soley on an MS product, but on the other hand, I don’t do the things that cause bad things to happen to my PCs.
Ten cents each, or two for a quarter.
Just to be contrary, you could consider that purchasing the 3-year subscription protects you against future price increases: You get to lock in an annual rate of $47/year. If Avast had plans to raise their rates to $99/year in 2015, you’d come out way ahead.
It works that way with mortgages and CDs: You pay more (or receive less) for a guaranteed price in the future.
Of course, Microsoft’s free Security Essentials is a far better solution. Or, spend $39 to upgrade to Windows 8, which includes its own internal anti-virus solution.
Stick with Avast Free and after a while they will re-offer it at $19.99
I used Avast free for several months and after a while I got a pop up offering me the full version for £19.99 (everyone rips off an Island nation), which met my target price and I paid for the full version. In Europe they offer it for €19.99 and in the US $19.99
Avast does have that boot time scanner which makes it better than anything else on the market.
Just stick with the free version till they re-offer it to you at $19.99
Stopped using Avast when it had too many false positives and several false negatives. in other words flagging up good files as bad whilst letting bad files run as it was saying they were good. Nowadays I just use Microsoft Security Essentials, after all who knows all the holes in their OS better than MS
Anthony,
Check with your ISP and see if they bundle a subscription to an anti virus package. I am on AT&T Uverse and McAfee is included with the service.
Avast free has worked very well for me on XP over several years. I tried the paid-for version of Avast Internet Security on my laptop (XP again) and it locked the machine. Uninstalled it and reverted to Avast free version and no problems since.
ohhh my just use kaspersky .. i buy last yrs at cut price normally £15 for 3pc’s and just update it .. works like a charm ..
Seriously, the Linux Mint suggestion was a good one.
I know you have some Windows only software. But, you can dual boot and you can even use the same data directories.
Use Linux for your web access and mail work.
Proprietary Windows software only under Windows – and there is even a chance it will run under WINE. I run plenty of things under WINE or DOSBOX.
Hmm, I have been very happy with Vipre, I have a single license for the whole family at a pretty decent price. It has never failed me thus far.
Anthony, you could always use Wine on Linux (although your mileage on that wil vary) or you could run Windows in a virtual box.
To you people on windows.
Get all your software here, the best, free and newest..
http://www.filehippo.com/
Boy, was the funny.!
I have been using the products from Comodo.com for several years. Basics is free and excellent anitvirus and firewall.
I normally shy away from Microsoft as much as I can but in this case, I recommend the MS Security Essentials. I have a very high end, dual processor, GPU computing workstation and for the past 17 months of modeling… nary a problem. Not bad for something free.
Now where’s that wood I need to go knock on.
I have had good luck with Spybot added to Microsoft Security Essentials.
Was a long-time AVG user, but a false-positive nuked my favorite game and caused no end of headaches, so I switched to Avast! My whole family uses the free version and we love it. So much so that I will probably try buying it for my new machine this year. So it turned out to be pretty effective try-before-you-buy advertising in my case. It’s easy to use and low profile. No virus problems in my house for nearly two years. I’m a big fan. Big enough fan that I actually want to give them my money. They’ve earned it.
I highly recommend the “geekstogo” website and rely on it for advice. They have some extremely skilled volunteers who have helped me with a malware infection before.
They currently recommend Microsoft’s free solution over Avast: http://www.geekstogo.com/forum/topic/38-free-antivirus-and-antispyware-software/
Microsoft Security Essentials is a recent addition to my layered approach to security.
XP pro sp3 behind router firewall.
http://www.microsoft.com/security/pc-security/mse.aspx
Here’s a list of some of what I’ve used to to keep me clean over the past ~ten years:
http://www.zonealarm.com/security/en-us/zonealarm-free-antivirus-firewall.htm
http://winhelp2002.mvps.org/hosts.htm
http://www.winpatrol.com/
http://www.safer-networking.org/
http://download.cnet.com/SpywareBlaster/3000-8022_4-10196637.html
Most importantly? Visit Windows Update frequently.
One thing I would never suggest is to club together with pals and buy one subscription between you. That would be a form of theft, and morally wrong. So DON’T DO IT.
Since I bought my first PC I’ve used Norton. (I don’t remember the exact year but it came loaded with Windows 95.) The last several years I’ve used Norton 360. It’s not free but I’ve never had an actual infection, just detections.
Dave says:
December 30, 2012 at 12:12 pm
I normally shy away from Microsoft as much as I can but in this case, I recommend the MS Security Essentials. I have a very high end, dual processor, GPU computing workstation and for the past 17 months of modeling… nary a problem. Not bad for something free.
Now where’s that wood I need to go knock on.
================================================================
Modeling!! I sure hope that wood isn’t a tree ring! 😎
Our DSL provider, with its middle tier package, provides ZoneAlarm. This isn’t the least cost way to go but it is Oh so easy (running Win-XP).
I do think it funny that folks price things like this so they end in .99. The cost in time and effort and mistakes must drag on the GDP of the nation. Here is a (possible) explanation:
http://www.straightdope.com/columns/read/720/why-do-prices-end-in-99
Antivirus pfeh! What a waste of processor cycles. It clogs up your machine
and makes it run like a 386. Use linux and you don’t need one of those.
It is better. It is free. Switch now while you still can. (Microsoft is about to
abuse UEFI and make machines sold with windows at retail unable to boot
anything else.)
“Gosh, should I really renew with a company that can’t offer sales incentives rooted in simple math? That 3 year plan is a real winner (for them) compared to annual renewal.”
You haven’t heard about Ben Bernanke’s newest inflation goal, then (and that’s only the targeted inflation he admits, not the real one.)
Gunga Din says: December 30, 2012 at 1:10 pm
Since I bought my first PC I’ve used Norton. (I don’t remember the exact year but it came loaded with Windows 95.) The last several years I’ve used Norton 360. It’s not free but I’ve never had an actual infection, just detections.
I’ve been using Norton for years. If you get the Newegg email ads, every so often they offer Norton for the same price as the Norton mail-in rebate, so essentially free. The IS and 360 versions also keep a list of currently infected web sites that will tell you before you go that a site is on their naughty list.
@John F. Hultquist says: December 30, 2012 at 2:22 pm
Actually, the reality is in human nature and advertising. THe reason is that the claim can be made of “less than”. $9.99 is less than $10. Add to that the fact that people often ignore the cents part, so 19.99 looks like $19 to the casual observer.
It is also why gas is X.XX 9/10ths of a cent. Back in the day when the practice started, the cost was 15 to 25 cents per gallon, so 20.9 cents/gallon looked better than 21 cents a gallon.
Make sure what you use gives complete coverage.
I use ESET but they need to shape up their user interface.
Kaspersky are a bunch of surly Russians, I fired them.
Pareto Logic closed my query for more info when I kept asking them to answer it.
You’re missing the significance. In market terms this would be hedging against inflation. The long-term rate they are quoting expects huge inflation after the 2014 election/full implementation of Obamacare.
IMHO, no Antivirus are better than any other so you might as well use a free one if you must use one at all. The real question is whether you must.
I get customer infected computers with every single Antivirus installed, so anecdotally I see no reason to trust one over the other though admittedly there are larger variables in play from customer to customer, like their particular browsing habits. However, since this has been true forever (each AV still gets infected) and no two people are exactly alike, I will conclude that no AV is that great. I do recommend folks stop with the brand loyalty nonsense (“Norton rulez!” or “McAfee is best!”) and if you insist on an AV package get one that causes the least damage to performance.
Keep in mind that they will literally change many important settings as a matter of course, altering ACL’s (file and registry permissions) in the name of security, preventing you yourself from accessing many things on your so-called personal computer. Their worst effect is gobbling up CPU time that will be missed when you need it and also their propensity to grab control of a newly inserted flashdrive or other media so that it may scan it first and silently remove what it considers threats.
Some of them disable the normal operating system firewall and install their own. If you like this fine, but I can’t fathom how any of these packages are trusted to do the right thing. They are at best a necessary evil, but personally I see them as a cure worse than the disease. But that’s just me, YMMV. There is also the potential problem of the placebo effect (climate hoax tie-in!) which generates the literal definition of a “false sense of security” to those that then proceed to continue with destructive behavior like clicking on popups that offer to speedup their computer or run attachments promising cute kittens or sure-thing dating.
In the Windows universe which has the lion’s share of attack vectors and most malware, the first line of defense is to be behind a NAT router, period. There is no excuse to ever plug the computer directly into a cable or DSL or FIOS modem because that will give you a static IP and it is just a matter of time before you are toast. If that describes you, stop what you are doing and go get a router, now. Then learn how to configure it and lock it down.
The other major ingredient for safety is to simply not use MS Internet Explorer as an everyday normal browser. No matter what anyone tells you this is where most of the attacks are directed. That means use an alternate web browser most of the time, Opera, Firefox, Chrome in my personal order of preference because many normal attack vectors are already not available ( ActiveX and registry based clues).
Firing up IE from time to time for the odd webpage or form might be necessary, but using it for day to day browsing is not a good idea. But if you are behind a well-configured router at least you have a fighting chance.
I use Norton 360.
It is a good thing to have a large company dedicated to security backing you up on Zero day. I have used others, but don’t anymore.
$29 bucks for 3 PC’s if you look for it, let alone other inexpensive options for mobile.
My apologies for any redundancy, I have not read back on this thread>
I would be interested in finding out about what apps are preventing a migration off of windows. There is almost nothing that I can not do on Linux box. I only bought this silly windows laptop, I’m currently using to post, for playing WoW. Though I have gotten WoW running under WINE, I find it convenient to have multiple boxes. Other then that, I am exclusively Linux, OpenIndiana, or BSD. I can help getting a Linux box up and running, and unless its really really unusual, find replacement apps or configure a win32 emulator(e.g. WINE) for those apps that perform activities not currently supported. This is actually one of the task I have to do periodically in my profession as Software Engineer ( my current title, I think is Linux Developer).
I have worked in and tangentially to the secure computing field. Currently, on windows, the MS product is indeed well respected by the professionals, thought the large and highly visible multinational that I work for uses a tweaked version of McAfee. But we are also behind some pretty sophisticated barriers.
It’s unfortunate that you are stuck with Windows-only software, though I understand, as particularly in vertical markets, like medicine or some scientific fields, it is still the norm. However, increasingly, there are platform-agnostic alternatives, Java-based, or Web-based. Remember that there are still no viruses ‘in the wild’ that infect Macs. I use Macs all the time, and for one specific Windows-only application that I must use, I run virtual Windows XP in Parallels on my iMac. If the virtual machine gets infected, I can just delete it and reinstall, but it doesn’t, because I don’t use it for any possibly problematic adventuring, i.e. Web browsing.
/Mr Lynn
Been using MSE for years now. Never had a virus problem on my or any of the pc’s I am responsible for (PC illiterate family types). Microsoft might be the devil, but MSE is a very good AV solution.
Long ago with Windows 95, I had McAfee but it gave running problems and needed registry modification to get rid of it. I switched to Norton but early this year it let through a Virus (never again will trust Symantec). I now have Avast free but also run free CCleaner and free Superantspyware. In addition I will delete any email for which I do not know the source. I also backup all files daily to an external hard disc with GoodSync (only takes one minute)
Microsoft and Anti-virus is a scam of a similar order to CAGW.
MS could have fixed their software over the last 9 years, since their “Trustworthy Computing” stunt, but they haven’t. And they won’t. They sell you Windows (William’s Intermittent, Non-Determinate, Over-Weight Software) with very little virus/malware prevention built-in, for a high price. They own Kaspersky Labs who will sell you virus/trojan/malware protection, for a high price. You pay twice. Mugs.
I’ve used Linux on the Internet, barefoot, with no firewall, anti-virus protection, no trojan or malware protection at all for over 16 years (18 actually) without a problem. I do a few things like update the kernel every now and then, libc too but it’s not a big deal. I run anti-intrusion software and monitor its log files carefully but so far, my machine hasn’t been penetrated. I do run IDS (Intrusion Detection Software). It’s interesting to watch what’s trying to get in.
Recently, my work has required using some non-Microsoft but Windows-based software for which there was no open-source equivalent and it woudn’t run under Wine. Bother. I had to use Windows. So I ran an installation of Windows, duly licensed by my employer, under Virtualbox on my Linux system.
Linux and VB run Windows so well it feels just like Windows running on the bare hardware. When Windows crashes, it only needs to be restarted as my machine is not cut off at the knees, and my other work doesn’t suffer. However, an alternative open source software program has appeared and I will be evaluating that soon to see if it can replace the one I’m presently using.
Apart from that, I’ve been a Microsoft-Free Zone for over 18 years. No licencing problems, no
virus problems, no malware problems, no trojan horse problems. I had a good laugh some years ago when a Linux user, missing out on all the virus/malware problems his friends were having, downloaded a bunch of the then worst Windows viruses and tried them out on his Linux box. Of course, they could not run.
I turn my Linux desktop on at work at the start of the year. I turn it off at the end of the year when I go home for the holiday period. Over that year, it’s never rebooted. The power doesn’t go off (aren’t No Break Inverters great?).
Sometime around 2007 +/- a bit, the Stanford University Honeypot Project ran a bit of research. They loaded operating systems straight out of the box onto computers, added some monitoring and remote logging software and connected those computers directly to Internet without any firewalling, nor any protective software of any sort. They found:
– Windows computers were broken into within 5 – 15 minutes. All breakins were done by scripts
run against the machine. (Any Windows)
– Linux machines lasted 2 – 3 months and were broken by hand (personal attention from a
cracker)
– FreeBSD machines were the same as Linux
– OS X machines were about the same as Linux
– OpenBSD was not cracked at all.
All except Windows and OS X are free software—no purchase price, no licence fees, and they are better than Windows. You might find this interesting:
http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx
You might find this lad informative:
http://www.aaxnet.com
Andrew hasn’t updated his site, over the last few years—he must be busy, but he tells it as it is.
You don’t need to install Linux on a machine. You can run a Live CD/DVD to get the feel of it
and see which distribution you like. Doing it this way, you have a lot of safety: should it be cracked (yeah, right!), you have a read-only filesystem holding the software. It can’t be polluted. You just shutdown and reboot and your friendly neighbourhood cracker has to start all over again. Linux can read and write the Windows file systems. Windows ignores the Linux ones so you have added safety there: your Linux files can’t be messed with.
So, Anthony: think about it. VirtualBox, QEmu, and other virtual machine programs mean you
can run Linux, and when you need Windows, it can be started and run as a supervisory application for your Windows programs on Linux. If you can find time ( Yeah, Right!) it would be worth a look …It took you a while to drop the CO2 is dangerous meme, it may take a while to break the Windows-Is-Necessary meme.
(This post made using a 64-bit version of the Opera web browser on a 64-bit version of Linux running on 64-bit hardware. 64-bit all the way is almost bulletproof. It’s 32-bit stuff which is routinely cracked. As Windows 7 is backwards compatible with all 32-bit Windows programs, it’s got 32-bit DLLs and so is eminently breakable.)
–
I have no understanding of people who pay for anti virus these days. There simply is no need. You just want a decent firewall and widows does that job adequately since version 7 and a frequently updated anti virus checker. MS security fits the bill but it does not hurt to add AVG free into the mix. I used to be a reseller for Norton products but as good as they are I can not, in good conscience, recommend any paid product. the extras that you pay for are tools that you don’t need and to be fair. they just do the routine housekeeping of your PC that you ought to be doing yourself.
I will however recommend the free Spybot search and destroy. Install that, let the resident malware tracker run at all times in the background then run the scan once a month and I’ll eat several hats if you have any major problems. There are no real virus’ today, it’s about trojans and bots.
Mr Lynn, sure people can use a mac, they can use an android tablet if all they need is the net. I can’t run more than 30% of the software that i absolutely require on a mac. i also can’t justify spending all that money on something less powerful than i need just because it is shiny.
Dave above describes his “high end dual processor machine” which makes me wonder where my water cooled 8 core, tri-sli GPU 16 GB 1600mhz ram fits on his scale. Am I off the chart or does ‘high end’ refer to 2005?
Anthony. you can run Windows in a virtual machine environment on Linux. It runs about as fast as thought it were running on the bare hardware. This will cover you for those apps for which there is no open source or Linux alternative. It also gives you the continuity you will need for your
work while working through the changes.
Running Linux from a bootable Live CD or DVD (say Linux Mint) means you won’t have to install it but you can still get a feel for it, without having to meddle with your Windows installation.
Virtual Box is good start for a virtual machine environment (not my favourite but it’s good enough, and it is easy to get up and running).
Others before me have offered to help with finding alternatives, perhaps you should consider taking them up on it.
You may find this interesting:
http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx
Microsoft owns Kaspersky Labs so they sell you Windows then sell you AV software to fix problems with Windows, taking two bites of your cherry! Running MS Windows is like the CAGW scam!
genes says:
December 30, 2012 at 10:15 am
Try Superantispyware or Malwarebytes anti-malware. Both have very good free versions and the paid versions are cheaper.
genes,
Malwarebytes is a GEM! I use paid-for versions on all my computers, because I am a pro journalist, thus the additional protection the paid versions offer is a must for me, but for privateers, the free version is perfectly fine and absolutely hassle-free.
And no, I don’t get paid by Malwarebytes for stating the above…
Preach it, sophocles!
Really, virtualize windows for anything you absolutely can’t replace with a linux version (a small list which shrinks regularly) and enjoy the lack of nonsense that comes from a proper OS. 😀
My proctored testing software won’t run in wine due to the way it is set up to attempt to monitor the system, as it expects to see windows, it just won’t see my system at all, so I just vbox a copy of XP and run it in there, amusing that it gives the proctor the ability to see what is happening in that little sandboxed OS while the only way they could see, say, the other monitor or the rest of the desktop even is if he asked me to use the webcam to show them… I suppose I could just fullscreen the Vbox, though it’s an interesting predicament as I don’t actually want to cheat since I am capable of passing on my own merits… plus I would want to get credit for getting around their system anyways.
Gotta chuckle about “high end dual processor” though, google “udroid mini pc”, I think you can get those for $89 with quad core smartphone chips now.
That’s certainly an Offer You Can Refuse, though as J Ferguson rightly notes, it’s far from being unique in that respect. (A hint for those who went through school using calculators – practice a bit of mental arithmetic, it will help you spot these ‘offers’ much more easily.)
I’m another Avast user, though only the free version, and I’m happy to say that it’s kept me trouble-free for several years with only one false positive (fortunately not mission critical). I went over to Avast after AVG started slowing my machine down too much and giving too many false positives a few years ago. I also use Spybot S&D, though probably the most immediate protection comes from being the other side of the NAT translation in the router. Malwarebytes is an excellent tool, too.
I also feel safer for having PeerBlock installed. It’s not that I have any interest in downloading the entire output of Hollywood (yeuch!), but I’ve noticed that even when you’re just p2p’ing the latest Ubuntu or whatever you still get half the media industry trying to connect to your machine to incriminate or intimidate you, both at the time and sometimes for hours or days afterwards. I do not consent to this, and it’s pleasing to watch the PeerBlock window as it blocks connections to and from them. Mine is currently blocking over 830 million IPs, some of which turn up even when just surfing, none of which has ever stopped me doing anything I wanted to.
The Linux (/Mac) advice is sound in security terms, but most of us have too much Windows software which has become essential and only ‘may’ work under Wine. C’mon ReactOS – a project to build an open-source Win32 environment. The prospect of running my preferred programs on an open system is beguiling.
I had a virus go straight through my AVG Pro which then disabled the anti-virus, firewall and Malwarebytes (which I run on demand) and prevented me from connecting up to any online scans or to use a datakey. I got rid of it using Malwarebytes “Chameleon” tool and then Microsoft Essentials. I’ve uninstalled AVG. If it let’s viruses through then I’m not paying for it.
I run a small ISP and use both Linux and WIndows servers. For fun when we brought up a new Linux box we watched the network monitors. It was probed from an Eastern Europe ip within a minute or two of coming on line. Very entertaining.
We were replacing the box because its predecessor, had been brought down by a particularly evil and malicious virus that had come through the usually innocuous statistics reporting page. It erased numerous directories, and had infected the OS to instantly spread itself through all the Linux boxes it could find as soon as it was booted. Very nasty.
Regardless of what you decide to use, keep in mind that the bad guys are always one step ahead of the good guys.
***
Blade says:
December 30, 2012 at 6:33 pm
IMHO, no Antivirus are better than any other so you might as well use a free one if you must use one at all. The real question is whether you must.
***
Glad you posted that first — network admins get mad (rightfully so for their particular situations), but some like me don’t need AVs running all the time (CPU-hog). I just manually run a free one on Win7 occasionally — never found anything except a file on the pre-installed HP junk-programs that was classed as a spy-bot.
I also use other layers like a downloadable, free, protective HOST file (it denies thousands of junk-sites) and Firefox plug-ins like tracker-blocking Ghostery and script-denying NO-Script.
Arrrrr! Keel-haul the scurvy scum!
All those Mac and LINUX proponents are sewing the seeds of their own destruction! If the market share of LINUX or MAC ever cracks the 30% level, it will finally be worthwhile for the hackers and crackers to write code to automatically break them. As it stands now, the risk/reward balance doesn’t make a good business model for the criminals so they don’t bother except out of curiosity or high value targets. It really isn’t that the machines are more secure (Macs are subject to a couple of java exploits but they are limited), it is that no one bothers to do the research since there are so few of them out there.
That said, I loaded Ubuntu on my son’s laptop since the original Windows Vista hard drive crashed and being a laptop from a company that doesn’t believe in sending OS disks I decided it was easier to just download Ubuntu for free.
***
Blade says:
December 30, 2012 at 6:33 pm
There is no excuse to ever plug the computer directly into a cable or DSL or FIOS modem because that will give you a static IP and it is just a matter of time before you are toast. If that describes you, stop what you are doing and go get a router, now. Then learn how to configure it and lock it down.
***
Can you elaborate alittle? I didn’t change any standard settings on my DSL router (it already has a dynamic IP) other than deny pinging from the outside.
Gene says:
> and had infected the OS to instantly spread itself through all the Linux boxes it could find as soon as it was booted.
It would be interesting to know of a mechanism whereby anything could be spread through linux boxes. You really need work hard to make that possible, as an owner, and certainly that would not be possible for an automated attack to achieve that, without co-operation from within.
The first true worm was Unix based (Linux is merely Unix on the Intel Platform). The writers of the malware count on ignorance to get their wares to propigate.
Phil, this is not the answer to my question about the mechanism. The one you are presumably referring to has been dead for a long time (30+ years, I believe). I read the other Gene as claiming that he had witnessed a recent worm in a linux system and wondered what that could be if true.
My home machine is brazenly insecure, by corporate security standards. It listens to smtp, imap+tls, http and ssh. The web port is served by a bunch of node programs that I wrote proxied by nginx. I know a highly motivated and competent hacker can break in, given enough time, but I don’t care. I am not a corporation and am not liable for any damage that may result from a break-in. And I know it is not likely happen during my lifetime.
But I would be much more concerned with the news that a machine like mine can be invaded by a self-replicating program. That’s why I am asking. I don’t believe it. From what I know about my machine, no amount of ignorance on my part would help an intruder. I would have to actively set things up for him and send an invitation. Setting things up that way is hard, as anybody who tried to write a cluster job dispatcher would tell you. That a worm-like behaviour could be observed in a naïve linux system is simply unbelievable.
@Gene, I realize that my answer did not address the issue raised by the other poster. I was merely pointing out that it is possible, not that I was aware of any current exploits.
Note that Spybot and Adaware (the product, not “adware”) are not anti-virus programs per se, though their makers probably offer AV products now. At one time Microsoft recommended running Spybot, Adaware, and an AV program. In the past Microsoft’s offerings have been incomplete and not fully available in all countries, even allied ones like Canada.
Beware of scammers using URLs similar to reputable products such as http://www.safer-networking.org which IIRC is one of Spybot’s web sites.
Suites may have anti-virus software plus email scanning for spam and malicious links (as in “phishing” attempts)f, firewall (AFAIK Windows’ firewall is only one direction, you want to know about outbound communications). Gets difficult to figure out what all is in a suite. Just noticed that ESET 4 claims to include anti-spyware function.
I like the concept of “heuristics”, which looks for suspicious patterns instead of just known threat patterns. I suppose that increases risk of false positives. Usually can be turned off.
Don’t forget your smartphone, now connected to the Internet. One product is http://www.eset.com/us/home/products/mobile-security/.
BTW, I fired Norton because they could not make their website work correctly for renewal of license.
And in the theft recovery field there is:
– http://www.absolute.com, makers of the Computrace/LoJack for Laptops tracing sofware (worthwhile, not guarantees)
– various software for Apple devices, that take a photo on remote command, or automatically if someone makes five failed attempts to unlock your iPhone.
In one case the photo showed unique tattoos on the “new user’s” body, besides the individual’s face. Police thought that was a great help, especially as the owner of the laptop manged to get much media publicity..
Yet another vouch for MSE (Microsoft Security Essentials).
If you are going to spend money on anything, get kaspersky.
If you are on Apple’s OS, don’t waste your time with anything.
If you are on linux, you probably know what you’re doing and don’t need this advice.
Source: my brother and his masters in computer security (works for HP currently).
Once a web page opens [banking etc] put this in your browser address bar to avoid “spoof” sites.
javascript:alert(“The real URL of this site is: ” + location.protocol + “//” + location.hostname + “/”)
http://i22.photobucket.com/albums/b331/kevster1346/javascripalert_zpsa58468ed.jpg
Works for Opera, IE and earlier versions of Firefox,
That is nonsense, all major AV programs offer roughly the same protection as malware information is widely shared in the AV community. Those so called tests are using incredibly rare zero-day attacks. You can fail any AV program by testing it against the right zero-day malware. Those same tests show Microsoft Security Essentials passing on known malware (which is all anyone is likely to see). You always have to balance protection vs. practicality. It is rather easy to lock your PC down to the point where it is so protected that it is useless to use every day but what is the point. There is no way to guarantee 100% protection but Microsoft Security Essentials offers excellent AV protection for free. Security Essentials also offers good performance, automatic updates, smooth integration in Windows and is easy to use. People who bad mouth Microsoft don’t seem to understand that Microsoft gains nothing but a bad reputation if their OS gets compromised, why do you think they are offering MSE for free to home users?
You can find tests showing MSE offers excellent protection,
http://www.virusbtn.com/vb100/archive/vendor?id=70
I have used or tested just about every major AV program at one time or another, including the well known free ones (Avast, AVG ect..) and none has ever been as trouble free as Microsoft Security Essentials.
I agree with Poptech. There was a time when the MS solution might not be such a good idea, but MS Security essentials is unobstrusive and fast, and hasn’t let me down in my office machines in testing.
AVAST is like popup balloon animals…always intruding on my desktop.
I don’t, they waste people’s time having them post unnecessarily logs and doing unnecessary steps to remove malware that just requires running the right scanner (usually Malwarebytes antimalware and a rootkit remover). They have a worthless training school where any non IT person can get “certified” to “help”. I wouldn’t ask a kindergarten teacher or a plumber to help with a computer problem but Geekstogo “certifies” them, lmao.
Malwarebytes is an excellent anti-malware scanner but the free version does not work in real time. I keep it installed to scan any really suspicious files that I download in addition to scanning them with MSE. I also use it to clean infected PCs in combination with Kasperky’s Anti-rootkit utility (TDSSKiller), http://support.kaspersky.com/5350.
If anyone has already paid for an AV program there is no reason to stop using it but I really do not see why any home user a Windows OS still pays for an AV program when MSE is free.
I love Microsoft’s free Security Essentials. With it, all the PC’s I’ve installed it on work faster than with Norton’s garbage and I uninstalled my Trend software even though I had time left on it. I also use Spybot to get rid of spyware… it is also free too.
I agree with most of this except the ones by far that I see that are infected have AV programs that have expired. So yes they had Norton or McAfee installed but it has not been updated for six months. This may be another reason to go with a free AV like MSE as most people are lazy.
Without question I recommend every Windows user has an AV installed but people still want the “best” or “perfect” protection – it doesn’t exist. For some odd reason people falsely believe that they are getting better protection because they paid for it, I have no idea why.
This is my biggest problem with pay AV programs as they are usually “suites” with a more cumbersome and intrusive firewall and other nonsense. MSE integrates seamlessly with the Windows firewall.
This is a ten year old Internet Myth pre-Windows XP SP2 which effectively neutered ActiveX based attacks. Each version of IE since has added more and more security features. This being said there is no reason you should be using anything but the latest version of IE for your OS (IE8 – Windows XP, IE9 – Windows Vista, 7 and IE10 – Windows 8). If you have the latest version of IE for your OS and all the latest Windows security updates it is highly unlikely IE is the source of the malware attack. With that being said Microsoft not supporting previous OSes with their very latest browser version is enough of a reason to consider another browser but security concerns should not be. I use Google Chrome for the speed and simplicity.
[Insert browser name] perfect security is a myth and you need to make sure yours is updated. Firefox for instance has had 963 vulnerabilities found since it has been released, http://web.nvd.nist.gov/view/vuln/search-results?query=firefox
This is pure conspiratorial nonsense. With each new version of Windows and service pack they keep ramping up security. For instance, Windows XP came with a built-in firewall for free, Microsoft released a free anti-malware program (later renamed Windows Defender) in 2004 and included it with Windows Vista and 7, Microsoft released Security Essentials in 2009 and included it in Windows 8. This is among the many other security improvements they implemented,
http://technet.microsoft.com/en-us/library/bb457059.aspx
http://technet.microsoft.com/en-us/library/cc507844.aspx
http://technet.microsoft.com/en-us/library/dd560691.aspx
Desktop OS Marketshare will make Microsoft Windows the primary target of attacks so long as they hold it.
You also seem to be confused as no Windows home user has to pay for security as MSE is free for XP, Vista and 7 users and 8 comes with it built in.
My last post went into the filter
30%? Linux cannot even crack 2% after 20 years!
http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10
The reason they cannot gain any market share is there has never been a dominant easy to use Distro with a corporation behind it, Red Hat was their best hope but it is now pay to play with Fedora effectively unsupported. Instead the community keeps fracturing itself into insignificance with new Distros forked from other Distros. I am incredibly skeptical and have had bad experiences relying on software let alone an OS supported by a “team” of users who can get burned out rather easily. The only Distros I would even consider are Fedora or Ubuntu. The Linux community cannot even standardize on a GUI. Yes, I have heard all the arguments why this is so great. So great that next to no one uses it. I really want to like Linux but the community just does not understand what the obvious problems are. Instead it takes other companies to make Linux work (Android).
I recommend not using Hosts files. Malware can easily modify the Hosts File at will, even if it is set to Read-only. It is impossible to “lock-down” a Hosts File unless you are running as a limited user which makes using it in this case irrelevant anyway. Various malware uses the Hosts File to redirect your Web Browser to other sites. They can also redirect Windows to use a Hosts File that has nothing to do with the one you keep updating. The Hosts file is an archaic part of networking setups that was originally meant to be used on a LAN and was the legacy way to look up Domain Names on the ARPANET. It tells a PC the fixed numeric address of the internal server(s) so the PC doesn’t have to go looking for them through all possible addresses. It can save time when “discovering” a LAN. I don’t consider 1970’s ARPANET technology useful against modern malware. When cleaning malware from a PC, it is much easier to check a clean Hosts File then one filled with thousands of lines of addresses.
Large Hosts Files cause Internet related slowdowns due to DNS Client Server Caching. This negatively effects your browsing speed. AntiSpyware Hosts File authors irresponsibly recommend disabling the DNS Client Service to solve this problem. This is not a solution. The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated. This effectively reduces Internet Performance for sites you have previously visited and puts an unnecessary load on your ISP’s DNS server.
No-script can render websites completely unusable, there are better plugins for browsers but I am not going to recommend them here.
@Poptech: I know the problems with LINUX, I cut my teeth on SUNOS and Solaris in my professional life (I used the old tape drive basic on a home built machine on my very first taste of computing) and always hoped they could expand out of the workstation market and into the consumer side. My post was a round about way of saying to people that the only reason their Macs (and other Unix distros – MacOS is just a GUI over a modified Unix core after all) aren’t plagued like the Microsoft boxes is it isn’t worth the hacker’s time to develop a complex and quiet worm or bot for at most 5% combined market share. Much more lucrative to hit the 90+% of the market on Windows. LINUX has plenty of holes to exploit, and most novice users don’t know how to lock down the most exploited features. Luckily the new LINUX releases like Ubuntu come in locked down mode by default now and you have to turn on services and ports to make things work. The first LINUX that I ever saw was wide open out of the box and scared the dickens out of me when I probed it in the shop. Any Tom, Dick or Harry could have owned that box from any terminal in the world, and most universities around the world were using something like it as their gateway server! The 80’s and early 90’s were the honey years for hackers, luckily they hadn’t thought of botting all those servers into one big attack machine…that had to wait for the early 2000s.
Poptech, wouldn’t that be more accurately phrased as “other companies are able to make their own forks and get them working more easily with Linux than if they tried to do it with proprietary OSes, with Android being the most obvious example”, Google uses Ubuntu in house (Goobuntu) and Android itself wouldn’t exist without the open source community.
As for a linux system getting zombied and infecting a network instantly… did you get a pop up asking “will you please give me full root privileges”, and then ignore the “oh dear, are you aware you’re trying to access root folders, this can damage your system, you shouldn’t do this” pop up?
Myself I think the file manager window turning bright red when you are in full superuser mode is annoying, but it sends a clear enough message that “you don’t need to poke around in here, and if you do you are giving up the safety you gain simply by not screwing things up in here”, doesn’t it?
Sure, if you have a bit of malware that loads onto linux systems and pops up a terminal asking “hey, can you type sudo su and enter your password then just kinda ignore everything else for me, pretty please?”, more power to ya if you can hook some of those exceptionally stupid fish.
As for noscript, you can put a button next to your address bar to “temporarily allow all” and get back however much utility you need, without the whole “cheeks in the wind” effect.
Even better: use Fedora or Ubuntu Linux and you have no problems. Plus you have an enormous repository of free software, built by the best in the business, just for the taking.
Now that would be a good intention at the start of the new year.
Happy New Year everyone.
***
Poptech says:
December 31, 2012 at 5:15 pm
beng says: I also use other layers like a downloadable, free, protective HOST file (it denies thousands of junk-sites) and Firefox plug-ins like tracker-blocking Ghostery and script-denying NO-Script.
Large Hosts Files cause Internet related slowdowns due to DNS Client Server Caching. This negatively effects your browsing speed.
***
Poptech, thanks for the info. I’ve no need for the Microsoft network — file/printer sharing is disabled. The site where the HOST file comes from gives a Windows registry hack to supposedly eliminate the slowdown (DNS cache set to 1, I think). I can’t detect any slowdown while browsing — sites are “contacted” immediately.
Sorry, poptech, the registry hack is to set the DNS parameters to: MaxCacheTtl=1 and MaxNegativeCacheTtl=0. The DNS server/cache is not disabled.
Lots of good advice & insides here. I am not a computer geek Anthony but I am combining Windows and Linux for years now. Windows for the programs “I can’t do without”, as much as possible off-line. Usually from an older PC with XP, I simply disconnect the LAN cable from my router. The bulk of my internet-traffick goes by Linux with no problem. Data is always available to all my systems by external storage formatted with the Fat32 file system.
DesertYote said @ December 30, 2012 at 7:41 pm
The Oxford English Dictionary, The Routledge Encyclopedia of Philosophy, Civilization V, Adobe InDesign, CorelDRAW!, my transparency scanner… Personally, I prefer multitasking on multiple computers, so I have Mac OSX, Windows 7 and Ubuntu running on different machines.
FWIW it’s decades since I was infected by a virus and that was from a floppy disk my son brought home from school. Only two out of the six machines I run have AV software running on them and that’s only because I am a belt & braces man. There’s no substitute for safe computing.
For them with a sense of humour:
http://sturmsoft.com/Writing/lunixshop.htm
Written when I couldn’t get any Linux distro to work on my then current hardware.
Setting MaxCacheTtl=1 means it will cache DNS queries for 1 second. So unless you are queering the exact same domain name every second, it is effectively disabled.
If you have a broadband connection you may not think you are noticing any slowdowns but what you are doing is unnecessarily increasing the load on your ISP’s DNS server for something that could have been done on your system (say resolving google.com). You are potentially slowing down DNS queries for yourself and others who use your ISP, the more people who do this, the worse it gets.
These custom Hosts file are effectively trying to catalog every “bad” site on the Internet you may visit which is absolutely impossible as these sites are very short lived and change faster then anyone can hope to keep up. These custom Hosts files can also block known good sites and are frequently hijacked by malware. You are just wasting your time.
Even with Apple’s limited desktop OS market share they are still being targeted, http://www.pcworld.com/article/253270/600_000_infected_macs_found_in_botnet.html
And plenty of security vulnerabilities (3,896) have been discovered in Linux, http://web.nvd.nist.gov/view/vuln/search-results?query=linux
@max, companies cannot fork proprietary OSes because of licensing restrictions and no access to the source code (I am sure you know that). My point was that the Linux “community” has failed to make Linux a success on the desktop and the only successes have been when a large corporation takes over, such as Google with Android.
As for Linux and “root privileges” this is another problem I have with the Linux community. Limited user accounts for home users have been available in Windows since XP (2001) and for businesses since NT. The problem has always been that there is no administrator for the average home user who wants something to just “work”. Microsoft understands this, the Linux community does not (see Linux desktop market share). Microsoft introduced UAC in Vista to bridge the gap between running as a limited user but still being able to install applications like an administrator. Unfortunately nothing can stop the average user from clicking past any warnings and typing in any password that are needed to get something to “work”. So you can only do so much, at the end of the day, you cannot protect people from themselves. This is another reason for the proliferation of phishing and other social engineering techniques to get people to install malware as Windows keeps becoming more and more secure. It is so bad with end users that if the AV is not set to auto-clean an infection you run the chance of people ignoring the warning when something is found.
Besides the extension crippling websites, I also don’t trust the author of NoScript, http://www.informationweek.com/security/application-security/noscript-developer-apologizes-for-meddli/217201461
I wish people stopped referring to the “market share” of linux. It is an oxymoronic expression. Linux is not part of the market and does not share it with anybody. Even if it were, pointing out its share would still be a fallacious argument because it relies on the idea that the market is somehow smart enough to figure out the best solutions. We know that is not so. The examples of successful choices made by free markets are less numerous than those of their failures, of which I can’t help but mention just one — the querty layout of the computer keyboard in English-speaking countries.
You see a billion people engage in a strenuous handicap race every day simply because more than a century ago one of the players on the market figured it would make his product look better if people could be prevented from using it the way they wanted. Never mind that the product that started it no longer exists; the race continues globally with no signs of ever coming to an end.
What never fails to boggle my mind is that its participants continue accept the rules despite the zero cost of rejection. The handicap they bear today has transcended from a real physical constraint (however insignificant) to a purely notional one more a quarter-century ago. Today, you no longer need to be handy with a brazing torch and acid flux to change your keyboard layout. You don’t need anything. I mean, not a single thing. Only a thought. Why don’t you?
Free market can be very dumb. Remember querty when you hear about the market share of linux. Instead of looking at meaningless numbers, look at what you can and cannot do with it.
@ Gene Selkov
You appear to be averting to the Dvorak keyboard layout. While you say it’s a simple thing to alter, that ignores the fact that the majority of keyboards in the English-speaking world are QWERTY. It’s all very well to alter one’s own personal keyboard layout to Dvorak (and I did it many years ago), but you come a cropper as soon as you need to use someone else’s PC. This has nothing to do with free markets and everything to do with inertia. The only notable study conducted to determine the effect of changing to Dvorak concluded that the costs of retraining would never be recouped. So it goes…
Linux is part of the operating system “market” which is simply, “a group of potential customers for one’s product.” Just because Linux is free does not mean it is not still part of the same market that Microsoft and Apple compete in for profit. You do not have to be for profit to be included in a certain market share. Use “usage share” if it makes you feel better, the argument is the same.
Markets actually do determine the best solutions for what people actually want. If people did not want Microsoft Windows, it would not exist. No one is forced to buy Microsoft Windows, everyone chooses to do so of their own free will. No one is stopping people from buying an Apple product or using Linux for “free”, but the question is why are they not? The reason is PC based products are more cost effective than Apple’s products even with the “expense” of Windows added in and Microsoft Windows is more user friendly to more people and more software and hardware compatible than Linux. These are the inescapable realities of the operating system market.
This is a meaningless statement because free market successes rival all other form of economic systems. Your personal preference for a keyboard layout is just that – your opinion and you should not confuse it with facts. Nothing is stopping you or anyone else from using a Dvorak Keyboard, http://www.rehabmart.com/product/dvorak-style-keyboard-24518.html. You can even use it in Windows, http://windows.microsoft.com/en-US/windows-vista/Change-your-keyboard-layout
The question is why is no one else using it? If it could truly be proven to be more efficient and it was not simply just an opinion then it would have been demonstrated in the keyboard market. Instead these arguments have been debunked for a long time now,
http://www.utdallas.edu/~liebowit/keys1.html
http://reason.com/archives/1996/06/01/typing-errors
> Linux is part of the operating system “market” which is simply, “a group of potential customers for one’s product.”
If such is your definition of the market, then count us out. Our potential for being any product’s customers is precisely zero. Not because we don’t want to pay, or can’t afford to pay, but for the simple reason that nobody in the world of commercial software can offer us the stuff we need. We make it.
> No one is forced to buy Microsoft Windows, everyone chooses to do so of their own free will.
This is grossly untrue. Most American public schools have adopted a windows-only policy in exchange for donations from Microsoft. I was around when it started in early 1990s; I saw, for example the New York School of Medicine accept a donation on the condition that they dispose of all non-Microsoft computer systems. I know people who left for better jobs because of that.
> Your personal preference for a keyboard layout is just that – your opinion and you should not confuse it with facts.
I don’t see any facts that could be confused with my opinion. The first fact comes from Sholes, who devised the qwerty layout with the stated aim of impairing the user. You don’t need to know more, but consider this: how many meaningful words can you type on the home row in qwerty? Five? Six? OK, maybe ten, for an extremely generous estimate.
And I’ll give you my opinion of the Dvorak layout: I opine that I can write more than 600 English words on a Dvorak keyboard without lifting a finger. Some people don’t have as many words in their entire vocabulary.
> I don’t know of any sysadmins that would allow their users to change their keyboard mapping. YMMV.
MMDV. I can’t recall the last time I had to deal with the notion of a “sysadmin”, thank you very much.
@Gene:
I would audit that school. I was working for Schools in the 90s as well when the SECOND school district in the nation (ours) was totally connected to the Internet through the local Cable infrastructure (for those curious, Modesto California was the first). We had a competitive bid, and Apple won it. 5 years later, Dell won it. Both times, Microsoft got a lot of business since the standards were Works in the elementary and Office in the secondary (which ran on both platforms). Regardless of the handouts, any type of exclusionary deal would have been rejected by the legal departments.
Phil, the practice I mentioned was not regular vendor bidding. You can stifle competition with donations only, even without any strings attached. Airlines do that, for example, when they sell tickets at a loss to chase competitors out of their favourite airports. Microsoft does that, too. They are wealthy enough to avoid competition by giving stuff away.
I have never paid enough attention to all that stuff to speak about it competently, but from whatever little I know, I don’t believe you can discuss Microsoft and free choice in the same context. I can just tell you about the last attempt on their part to promote their monopoly.
A bunch of the top management figures from Microsoft visited the University of Chicago in 2007 to discuss donations and “collaboration”. UofC is a private school, all right, but the tactic they use is the same everywhere, public or private: influence the policy-makers. On that occasion, the Microsoft emissaries were generally well-received, in part because some of them happened to be UofC alumni and had friends there. They approached my boss for a demo of the real-time virtual reality system that he used to teach anatomy and to develop new visualisation and interaction technologies in surgery. It was an Access Grid-based system, and its 3d renderer was running on a linux cluster that we bolted together. Having seen the demo, the visitors said, “That’s great”, and — I quote, literally — “What incentives can we offer you to start thinking about replacing all that with Microsoft software?”
That was the last thing I heard them say because my boss’s response was to politely show them the door. I wish they got the same treatment everywhere they go, because their philanthropy is getting out of hand. But it’s not my game. I know I can’t change it. I just want to point out that those few percentage points that Poptech and others refer to as market share or “potential customers” represent no potential at all. The hardware exists, no doubt, and you can sum the numbers and calculate “usage”, but the fact remains that the owners of that hardware are not in the game. It is not a share, it is a complement.
Usage numbers are meaningless as a proof of anything. When you sum up the numbers of people who “use” the global warming idea, versus those who oppose it, what does it tell you about the validity of the idea?
@Gene
I never use MS and free choice in the same context. And your statement about “influencing the decision makers” is a game they all play. I do not delude myself about that. I know Apple “bought” the technology director at the school system where I worked (think the head decision maker, I was the head engineer – I had to make it work). And it was not even subtle! (Stipends for consulting work that never got done).
Still, with all that, Apple still had to win the bid. And later Dell. So Microsoft is not winning the school battle. While they have a 90% share in the business world, 10 years ago, they only had a 50% share of the non-post graduate education market (I have not seen figures lately).
The reason Microsoft won is actually a lot simpler. They targeted the Business community. Figuring people would rather have the same machine at home as they did at the office. And they were right. And how did they win the business community? If you say IBM, you win again. They rode the IBM business contacts into the business world before dumping IBM in the mid 90s.
Poptech said @ January 1, 2013 at 8:45 pm
I don’t know of any sysadmins that would allow their users to change their keyboard mapping. YMMV.
In addition to the excellent comments you have made, it’s worth noting that Linux is only free if your time is worth nothing. I’d love to have a dollar for every hour I spent years ago trying to get Linux to see my Adaptec SCSI adapter, or Samba to share my Postscript printer. I contacted the dudes who wrote Samba and they suggested I use WinNT to share the printer as that’s what they were doing. Ya gotta laugh 🙂 I also wasted a lot of time beta testing Adobe FrameMaker for Linux.
So true.
You don’t understand, so long as Linux is an operating system it is by default in the “market”, you cannot just “opt out”. I am well aware of the OSS mentality but saying that there is not commercial software that does what OSS does it one of the most ridiculous statements I have ever read. If anything the open source community spends an excessive amount of time convincing people of open source alternatives to commercial products. Why are so many Linux proponents constantly recommending using it if they don’t want them to?
What are you talking about? Microsoft is not forcing any school to use Windows, they choose to. Students in the United States do not have to attend a public school, they can attend a private school or be home schooled. If someone did not want to attend a school because they used Windows they do not have to. Granted I am a proponent of school choice and want to remove the public school monopoly but that is a different argument. So tell me who is forced to use/buy Windows?
That is a myth, the QWERTY layout was designed to maximize speed by reducing typewriter jamming and since then the DVORAK keyboard has not been shown to be more efficient than QWERTY. I provided extensive debunking of these myths here,
Typing Errors (Reason, June 1, 1996)
The Fable of the Keys (PDF)
(Journal of Law and Economics, Volume 33, Number 1, pp. 1-25, April 1990)
– S. J. Liebowitz, Stephen E. Margolis
@Poptech: an impressive pile (and I read it with interest), but I remain unconvinced. That is all second-hand information, while I have first-hand experience and I understand the logic of the Dvorak layout, which is based on just three criteria: within-word travel distance, matching letter frequency to finger strength, and hand alternation. The qwerty layout uses the same criteria, but it applies them with an opposite sign: it maximises travel distance and stretch, it allocates the most frequent letters to the least able fingers, and it minimises alternation.
I was unable to learn proper typing with qwerty despite many years of use and countless hours of training. After months of daily exercises with Mavis Beacon, all I could achieve was about 35 words per minute and an abysmal 95% error rate (at any speed, no matter how slow). That was quite limiting because I worked as a proofreader for a database project, so needed to type a lot. I still type so much I have to go through a couple keyboards on any laptop I own.
Dvorak changed that. What convinced me to try it was just the explanation of its principles. I can report this result: it took me 4 hours of simple exercises to remember the layout and go back to productive work; in about 5 days, it became comfortable, and in 2 weeks I regained my original speed (the study you cite claimed 10 days: close enough, but I did not gun it; it was just work as usual). From then on, it was getting better by the day. Now, more than 15 years later, typing is so easy that I will often edit a line of text by killing it and typing it over instead of trying to salvage bits of it with the mouse or arrow keys. I hardly ever use my mouse for anything (clicking into google maps is a notable exception).
By the way, I am now two layouts away from qwerty. For the last 5 years or so, I have been using Programmer Dvorak — a layout optimised for coders, for whom easy punctuation and code structuring are more important than numbers.
My ears are shut to all news about how it is impossible to recoup the cost of retraining and how the evidence in favour of Dvorak is tainted. My own experience trumps that. You are welcome to call it an opinion; I don’t mind. In order to overturn it, you will need to explain to me for example, how it can be better for anybody to make awkward motions with the fingers of one hand to type a whole word while the other hand is idle.
We went far enough off-topic that I am not going to respond to other important stuff, such as OSS mentality you mentioned. Just remember that there are many able people out there who are not motivated by money or are negatively motivated by it. Most real scientists are like that. You can’t talk business to them and hope they will understand; their notion of success is vastly different.
These are pure economic fallacies. How is Microsoft avoiding competition from Linux by giving stuff away? Linux is free! Using your “logic” Microsoft would have to bankrupt itself to avoid competition from Linux, how does that make any sense? I don’t see anyone on the receiving end of lower prices due to competition complaining. The complaints always come from the company that cannot compete and if they are successful with legal or political action they simply force higher prices on consumers. How are consumers better off?
Predatory pricing is a long debunked economic fallacy,
Predatory Pricing (Video) (7min) (Thomas E. Woods, Ph.D. History)
The Myth of Predatory Pricing (Thomas J. DiLorenzo, Ph.D. Professor of Economics)
How is it not free choice? Microsoft cannot force you to buy their products they have to convince you to. Microsoft does not hold a 100% market or usage share of anything, therefore they do not have any sort of “Monopoly”.
This makes absolutely no sense. So you are saying the Linux community has no interest in having more users use the Linux operating system?
Of course you can use usage numbers to demonstrate the popularity of something. Linux is not popular as a desktop OS and the reasons are obvious to apparently everyone but the Linux community.
@Poptech: sorry for being a pest, but I noticed something you said that I first overlooked and can’t really let go without a retort:
> … the QWERTY layout was designed to maximize speed by reducing typewriter jamming …
That is a shameless spin. This statement is not technically incorrect, but the way it is worded conceals the truth about the motivation behind QWERTY. Let me rephrase it properly:
“The QWERTY layout was designed to salvage a faulty typewriter design by slowing down the typist and thus improving his overall speed by making jamming less likely.”
Note that the original design with the alphabetic arrangement of the keys existed for a while and the jamming problem only arose when many enough users got up to speed. Initially, nobody jammed the keys and the realisation that people can actually be faster than the machine came as a shock.
Another aspect of the story that the English-speaking people (or, rather, Latin-typing people) may not be aware of is that when Remington and Underwood finally improved the design and made it much less likely to jam under any layout (barring simultaneous key press events, for which there had never been any remedy), that improvement coincided with the spill-over of the typewriter business into other countries, where new national layouts were designed from scratch based on principles similar to Dvorak’s, but independently from him and predating his designs by a couple decades. For example the Cyrillic layout does not suffer from any of the shortcomings of QWERTY (awkward stretch, adverse finger allocation and lack of alternation). That simply tells me that QWERTY was already viewed as an abomination by the late adopters and they chose to do better.
@Poptech: I am now making sincere efforts to wind this discussion down, but I feel I haven’t related the full story when I mention Microsoft bribing schools to eliminate competition within them.
You say:
> These are pure economic fallacies. How is Microsoft avoiding competition from Linux by giving stuff away? Linux is free! Using your “logic” Microsoft would have to bankrupt itself to avoid competition from Linux, how does that make any sense?
Linux did not exist back then. We’re talking 1991-1992 here. In one instance I observed, the deal was that the school gets new IBM PCs with Windows 3.0 (if that’s what it was, can’t recall) on the condition that they dump their Sun and SGI workstations (I was one of the happy recipients of the refuse, even though the deal appeared criminal to me at the time). The economic incentive for Microsoft to do that, I reckon, was that the students of that school would be compelled to use Microsoft products, and the hope was that by the time they graduate, they would not even be aware of alternatives.
That said, they behave the same way today, in all situations where they regard Linux as a competition (who ever hears about Sun or SGI anymore?) When Microsoft gets intel on any massive (or otherwise spectacular) deployment of linux systems (UofC, Extremadura, Kerala, Munich, &c.), they go in and attempt to bribe the officials in charge of it (and sometimes succeed).
It is not predatory pricing; it is buying one person to dominate thousands.
That is another meaningless statement as review papers always include second-hand information, this does not make it incorrect. Both the article and peer-reviewed paper extensively refute all the claims made by Dvorak. Where is the scientific controlled study supporting Dvorak’s claims? Your “experience” is not a scientifically controlled study
How very unscientific of you. Of course it is an opinion! So with millions of businesses out there and after all these years no one could demonstrate the cost savings of using a Dvorak keyboard layout? Surely you jest?
This is all subjective. What word? There are a quarter of a million words in the English language alone. And in what language? Who decides that something is “awkward”?
This is a myth, no where can it be found that Sholes designed the layout to “slow down” typing speeds to prevent jamming. You keep repeating this with no evidence to support the accusation.
Another completely unsupported statement. QWERTY and it’s derivatives are the standard keyboard layout used worldwide,
http://matadornetwork.com/abroad/the-ultimate-guide-to-computer-keyboards-around-the-world/
This argument is made in the article and paper I provided that you claimed to have just read.
“There is further evidence of QWERTY’s viability in its survival throughout the world. As typing moved to countries outside the United States, any QWERTY momentum could have been only a minor influence, yet the basic configuration has been adopted with only minor variations in virtually all countries with similar alphabets.”
The only country that I could find that uses anything close to Dvorak is the Bulgarian Cyrillic layout. One country that is only using some “ideas” from the Dvorak layout is hardly evidence to support your argument.
Folks, I am completely withdrawing myself from the Microsoft vs. Linux argument because it is impossible to win and I have no stake in it, and it goes on and on elsewhere, for those who are interested. I joined a couple other commenters near the top of this thread who popped in “linux” simply because it’s a pain to see people struggle with stuff like viruses while they have an option that simply works without the need for extensive housekeeping. You’re saying, it’s not an option; all right; I don’t want to distract you from your struggles.
About the the Dvorak/QWERTY thing — I understand that making an experiment is unscientific, while putting endless spin on peer-reviewed literature is, so I won’t bother telling you about my own experiment anymore. But please kindly peer-review this visualisation of the differences between Dvorak and QWERTY (be sure to click on the icon at the bottom to see the second page):
http://agilecomplexificationinverter.blogspot.co.uk/2009/09/to-dvorak-or-not-to-dvorak.html
The stuff in black indicates what I referred to as awkward earlier. Please tell me how these amounts of awkward contribute to QWERTY’s market fitness. You certainly must have an opinion on that backed by sound science.
This is a ridiculous conspiracy theory. Using this logic, I should only have been aware of Apple and Macs because that is all the schools I attended had. How is it criminal to offer someone a deal with conditions? The incentive for Microsoft was definitely in marketing but their products still have to work. Do you think that if students use Microsoft products and they don’t work right that will make them want to go out and buy them? Microsoft can only convince people to use their products, they cannot force anyone to.
But they are not “dominating” anyone by making these deals, at best they are expanding their marketing. Anyone else can make the same deals. At the end of the day the consumer still chooses to buy a Microsoft product or not. I know companies that leverage considering to switch to Linux just to beat Microsoft down on pricing. Very few really are really considering it.
My last post went into the filter.
Gene Selkov said @ January 2, 2013 at 6:55 pm
Say what? Sun SPARCStations run Solaris and IIRC SGI high performance graphics workstations ran SGI’s proprietary Unix. Both companies appear to still operate in serverspace and I believe that SGI lost the initiative with high end graphics workstations to companies like ATI and Nvidia. I have fond memories of playing with a SGI Indigo machine these many years past. To the best of my knowledge, MS have never manufactured graphics workstations, or high performance graphics adapters. If anyone’s to blame for the demise of SPARC and MIPS based machines, it’s Intel!
Poptech said @ January 2, 2013 at 10:39 pm
And my son should only have been aware of Acorn RISC machines because that’s what all the schools here in Tasmania had. Are we having fun here, or what? 🙂
I’ll tell you what is fun: turning up to deliver a training called Desktop Publishing with Microsoft Word to twelve Education Dept employees in a lab containing 12 PCs. Two expected me to teach them how to DTP on their Acorns and one expected me to teach her QuarkXpress, an application not available in the Ed Dept computer lab. Three of the “happy sheets” handed in at the end of the training claimed I was a useless trainer. Hey, ya gotta laugh…
It was not completely clear if Gene was referring to Linux or Microsoft putting Sun and SGI out of business with that statement. Ironically Linux had more to do with putting both out of business by offering cheaper server solutions.
Oracle acquired Sun in 2010 – http://news.cnet.com/8301-30685_3-20000019-264.html
Rackable Systems acquired SGI in 2009 then just changed their name to SGI – http://www.infoworld.com/t/mergers-and-acquisitions/rackable-systems-becomes-sgi-closes-deal-076
You are not listening, absolutely nothing on Windows is “expensive”. There is no “expensive” housekeeping. Everything you need to clean (if necessary) and keep your system secure is completely free. MSE is free for home users, the Windows firewall is free and Windows security updates are free. The only software I have bought in 20 years has been my tax software. Literally everything else I have and use is all 100% free or open source. I can provide free software solutions using Windows for just about any home user.
Just claiming your personal experience is an “experiment” does not make it so, let alone a scientifically controlled one. I am not spinning the peer-reviewed literature but actually supporting my argument with it, you have failed to even present any.
It is your opinion that it is “awkward”. Why can you not identify when you are presenting a subjective argument?
Poptech, I cede this argument to you. I admit that stretching one’s fingers, making them travel the longest distance, making them curl under one’s palm, giving the palms as little rest as possible and arranging for the longest possible sequences to be typed without switching hands (while heavily favouring the left hand and the shortest, least able fingers) is not “awkward”. The preponderance of evidence shows it to be efficient and comfortable. Peer-reviewed science can’t be wrong.
I admit that my opinion (carelessly acquired from the con artist Dvorak without a controlled verification) that typing should involve the least motion and the least effort, while favouring the most natural positions of both hands was in error, and in the future I will spare you from hearing it.
Case closed.
Gene, if you are not even going to attempt to support your arguments with scientifically controlled studies what else can I say. I am not going to try and make the case for you.
Poptech, honestly, I have no idea what you mean by scientifically controlled studies. Should I clone myself a couple hundred times to form a Dvorak cohort and a QWERTY cohort and follow each for 10 years? I could do that, in theory, but don’t need to, because none of my clones will even be able to use the QWERTY layout other than by the hunt-and-peck method. What else?
I understand, the Gettysburg Address a few posts back didn’t qualify as an attempt, right?
One other thing I could do for you would be to show you a picture of one my keyboards, which is starting to get worn. It is in a more advanced stage of wear than this one:
http://en.wikipedia.org/wiki/File:Dvorak_usage_pattern.png
… but it the pattern is similar and it is telling enough for you to grasp what people do with Dvorak keyboards.
Here’s QWERTY:
http://i142.photobucket.com/albums/r96/jfallows/IMG_4285B.jpg
Those are real data staring at you, but you can also test any arbitrary text (more fun if it is your own) with a bunch of keyboard metrics here:
http://patorjk.com/keyboard-layout-analyzer/
Check out the heat maps (same information as in wear patterns).
I don’t understand the need for controlled studies (of what?) when there are straightforward metrics. You can measure things, instead of inferring them.
Gene, You have no idea what I mean by a scientifically controlled study as opposed to your anecdotes? Seriously?
That is just a picture of a keyboard with certain keys worn off, I have no idea how those keys got that way. The second is a website that can be programmed to get whatever results it wants. Neither is scientific evidence to show that Dvorak is faster than QWERTY.
I am well aware that things can be measured which is why I am asking for a study where they actually did controlled experiments to scientifically determine if Dvorak was faster or not.
My argument is the same, if the Dvorak keyboard layout was faster than QWERTY and worth the expensive of retraining costs for businesses than you could show this with scientifically controlled experiments and prove it.
So far what I have found is that it either was not or at best only marginally (2-4%) and thus did not justify the retraining costs. You have to keep in mind that there are other things to now also consider with keyboard layouts, such as common hot key combinations which are optimized for QWERTY layouts and the increased usage of non alphabetic keys (e.g. [ ] / \). I have found anecdotes of programmers complaining that the Dvorak layout made things worse.
Poptech, do I really need to tell you that comparing things to other things of known length is a scientifically controlled experiment? Get yourself a ruler and apply it to your keyboard. You won’t find the difference between Dvorak and QWERTY anywhere near 2-4%. It will be in the range of 30-50%.
You and I do a scientifically controlled experiment every time we choose to walk a shorter path when longer alternatives are available.
> You have to keep in mind that there are other things to now also consider with keyboard layouts, such as common hot key combinations which are optimized for QWERTY layouts …
Optimised by whom? Every time I need a shortcut I make one. Or are you saying that shortcuts are set in stone, or do I need to ask your friend Sysadmin for a permission to change them?
> … and the increased usage of non alphabetic keys (e.g. [ ] / \). I have found anecdotes of programmers complaining that the Dvorak layout made things worse.
I do not quite believe the things made worse anecdote, but the difficulty of using non-alphabetic characters in programming is solved by the Programmer Dvorak layout, which I use. Most people are happy with Simplified Dvorak, which is adequate for common prose. But because I code more than I write prose, I have retrained myself one more time — at a zero cost, mind you.
Note that some manufacturers provide a make-your-own-recovery-discs routine in the computer instead of providing you with a disc set. People should use it. Some of those manufacturers will also sell you a disc set. I do both.
As for popup messages, that is settable in ESET, but not for long enough duration to suit me – needs to be persistent so you don’t miss it when not at your desk. Years ago I got a Word macro virus from a committee document hosted on a NASA server, because McAfee was not actually working. McAfee gave a failure message during boot but even in those days you wouldn’t see it things scrolled by so fast. I only saw it because something just after it caused the boot to hang so the screen stopped scrolling. Avoided licensing from McAfee after that.
That was around the time when McAfee goofed and was scanning some things twice in real time, which slowed the computer down.
As for popup messages, that is settable in ESET, but not for long enough duration to suit me – needs to be persistent so you don’t miss it when not at your desk. Years ago I got a Word macro virus from a committee document hosted on a NASA server, because McAfee was not actually working. McAfee gave a failure message during boot but even in those days you wouldn’t see it things scrolled by so fast. I only saw it because something just after it caused the boot to hang so the screen stopped scrolling. Avoided licensing from McAfee after that.
That was around the time when McAfee goofed and was scanning some things twice in real time, which slowed the computer down.
Excellent point, Poptech – keep your malware data files up to date.
And check your settings to make sure you are covered to the extent you want. Kaspersky’s defaults were illogical a few years ago. ESET defaults to not running a batch scan, and has a choice between two levels of thoroughness. Still doesn’t allow batch scanning a different drive each night (Kaspersky was slightly better).
BTW, ESET v5 has tinkered-with UI, popup from Windows Tray is different, but main UI still poorly designed. (Had to stumble around to find where to protect settings with password, still have to figure out where the scheduler for batch scan is, in v4 it seemed context sensitive – only findable if something else had been accessed. A problem is that there are two main UIs – each a different line in the tray popup.) And it has basic functional defects – unstable UI and unstable retention of settings.
BTW, the advice from NSW police is four years old. Smartphones are going to multi-task operating systems.
Note he is not talking of an installed Linux o/s, but something on a CD-R disc that cannot be infected in use (if clean when recorded), he does not talk of storing what you view so you can look at it offline.
There are also USB/PCMCIA-PC Card-Express Card solutions to booting outside of the computer’s o/s load.
As for a “home pinpad”, that would not work unless it were part of something special as noted above – the problem is someone capturing your PIN, wireless being a concern. (I want to hear how clean boot off CD is secure over wireless – isn’t the browser running in the computer’s memory?)
What? There have been no scientifically controlled studies published in peer-reviewed journals showing Dvorak to be 30-50% faster (words per minute) than QWERTY. At best all you can find is a few showing a 2-4% increase and thus do not justify any retraining costs.
Shortcuts for just about every program have defaults set, which are optimized for QWERTY keyboards. Sure in some case you can change them but that can be a hell of a lot of work and IMO a waste of time.
You expect people to believe your anecdotes then refuse to accept others? I personally only believe scientifically controlled studies to which is faster.
Beware that thumb drives can be infected, including with software like the legitimate U3 product (which lets you run applications from the USB memory stick – U3 fools the o/s into thinking it is talking to a CD, in Windows XP a CD is given more permission). Vista and especially Windows 7 have some improvements including forcing AutoRun to “view files” instead of a directory something could autorun from. The article “Island Hopping: The Infectious Allure of Vendor Swag” (http://technet.microsoft.com/en-us/magazine/cc137730(TechNet.10).aspx) describes the risks.
It’s worse than the “sneakernet” risk of contamination from promiscuous floppy disks of years ago.
BTW, while I am displeased with ESET anti-malware software, I do note that v5 has a new feature – a popup that alerts me to a new device being connected, such as external HDD when I re-dock my laptop, or a USB stick I plug in.
“Poptech” et al, beware that keyboard spacing is not standard.
IBM/Lenovo Thinkpads boasted a standard keyboard on compact laptop comuters and I fell for it.
Turns out there is a mobile ISO standard, key spacing roughly 10% less than some desktop keyboards I considered standard.
Marketing weenies strike again! 🙂
Keith, I am very familiar with non-standard spacing on Laptop computers. We are just discussing keyboard layouts; QWERTY vs Dvorak.
You can set MSE to scan removable drives under the advanced settings, http://windows.microsoft.com/en-US/windows/getting-started-with-security-essentials
why don’t you use the Free version? it’s great! see CNET reviews at the downloads.