Sunday, July 23, 2006

PC Setup (part 2)

As I return to "Installing my PC" fresh from a relaxing night of sleep, I realize I have to connect to the internet and really-fast download any security updates from Microsoft, install them, and reboot my PC. And hope that I'm not attacked in the interrim.

Why am I so worried about being attacked by viruses? Because. Because I've seen how swarms of people can become unproductive for (at best) an afternoon... or sometimes days... while a company's IT department scrambles to block the virus propagation, and ultimately irradicate it.

The problem is: I don't have an IT department. It's me. If my machine goes haywire, I'm the guy who has to fix it. (Or, I suppose: call somebody to come over and fix it... which has to be even more costly in time and money).


So: I start by customizing the user accounts on my computer. I change the name of the administrator (all-powerful) account, and give it a password. I create a user-account (without administrative privileges!) and give this account a password too. Then, I visit the security settings on the machine. I turn on Windows firewall, and enable Windows updates.

My machine shipped with Norton Antivirus software installed. I contemplate running it... wait: it's already running! And: it's asking me if it can circumvent (or trump!) the Windows firewall... I think about this for a moment, and decide that long-term, I won't be running Norton antivirus... so I'm not going to enable it now.

The whole antivirus industry bothers me a bit. The industry makes money by first scaring people into believing that their computer will become a boat-anchor within minutes of being connected to the internet... unless you purchase (and install) their software. Norton is currently owned by Symantec. Here's an article reporting that Symantec says that (Microsoft Windows XP successor) "Vista" will be less stable than Windows XP. That would seem to be ok if it weren't for the notion that Symantec profits by convincing people that Windows is insecure. And maybe it is. I just don't like hearing about it from the company with $4.1 billion/yr (2005) in sales.

Ok: I'm ready. I connect to the Internet. To be fair, I should let you know that I have a hardware firewall/router between my PC and my DSL modem. That should block an enormous amount of stuff from spontaneously annoying any services running on my PC.

I've already downloaded and installed Mozilla Firefox as my preferred browser. I'm not going to (in general) use MS Internet Explorer 6 to browse the web... for a couple of reasons. One reason is, simply, that MSIE doesn't do such a good job at conforming to HTML standards. That is, it doesn't faithfully follow the "instructions" of HTML... and so I'd rather use a browser that works harder at this. A second reason is that I wholeheartedly oppose a "feature" that MSIE supports: the ability to download arbitrary "ActiveX" code and execute it in the browser. I particularly don't want this done without my consent (which I would never give... except to run MS Windows Update).

Microsoft requires the use of ActiveX plugins when you run Windows Update... which means that you must use MSIE to run Windows Update. Other browsers don't support ActiveX plugins (partially because they are 100% MS Windows-centric). So: while you're downloading and installing patches, Microsoft can take full control over your machine. There's really no reason to require this: one could implement Windows Update without requiring the use of MSIE.

And: for a similar reason, I never intend to run MS Outlook. I'll likely run Mozilla Thunderbird instead. Numerous viruses have been written to exploit Outlook's ability to run certain attachments without first asking the user for confirmation. And then, these attachments can programmatically access the user's addressbook, and send copies of themselves to other users. One might pause for a second and ask why Outlook needs to provide scripting commands powerful enough to do this damage... or why anybody would choose to use (and pay for) Outlook when there are other, better, safer, alternatives (such as Thunderbird).

Ok: so I connect to the Internet. And run Windows Update right away. There are already 37 patches available for my machine, which I download and install.

Now I'm getting close to being able to start some real work...

My next project... is to repartition my disk and install Linux...


Continue reading "PC Setup (part 2)"

PC setup is difficult...


I finally did it. I bought a brand-new PC (as in "a computer that runs MS Windows") yesterday. Surprisingly, it is my first. Not the first Windows PC I've worked on... by a long shot. Just the first PC that I ever purchased and configured for myself. I've been a software professional for more than 20 years. But at work, all of the Windows machines came pre-configured from the IT department. At home, over the past 20 years, I've owned different types of Apple computers (and even a few Sun computers!).

Have you seen the Apple commercials recently? They're pretty humorous... the one that got my attention recently shows the "PC guy" stuck in his box, lamenting about how he will have to uninstall software and drivers that came pre-installed that he doesn't want, and then spend time installing security patches and updating drivers... all before doing anything productive. The Apple guy just gets out of his box and goes off to make use of the computer... to create music, edit photos, create movies... whatever.

Watch the video: it's fun.

As an Apple owner, I chuckled when watching this... but: surely it couldn't really be that bad, right? Surely this was some exaggeration for effect, right? It's advertising... intended to create fear... *right*?

Well, my first impressions indicate otherwise.

My PC (from HP - they seemed to have the best performance * capacity per dollar during my search) was very professionally packaged in a single box - PC, keyboard, mouse, documentation-kit. I had purchased a nice monitor already, and intended to use that (actually to share it via a KVM switch) with my Mac.

So: I opened it up, and plugged it in; plugged in it's keyboard and mouse. Right away I had a "problem"...

The keyboard and mouse that came with this current-generation (it's July 2006) PC had "PS2 connectors". (My Apple keyboard and mouse are USB). Think about that: there are these two dedicated "PS2" connectors on the back of this PC that serve no other function than to connect a keyboard and mouse to them. Now think about the timeframe: the PS2 keyboard connector was introduced by IBM on the "Personal System 2" series computers back in 1987. That's almost 20 years ago. Apple has been using USB keyboards and mice since 1998 - that's 8 years ago. So: back to my problem. I have a Microsoft USB wireless mouse (yes Microsoft) that I have used on my Apple for quite some time... and that I had used at work for some time (on a Windows XP computer). Surely, I could just plug this nicer mouse into my brand-new PC and things would work fine, right? Wrong. During the initial configuration, (setting the country, timezone, etc.) the system failed to recognize the mouse... I had to use an old PS2 mouse -- and restart the computer to recognize it -- before I could complete this initial configuration.

Step 2. I have been careful to not connect the computer to the Internet (via my home DSL network) yet. I have been warned that the average time it takes for an unprotected PC to be hacked after connecting to the internet is under 40 minutes... (and that was a year ago). So I look to make sure I can re-install the software my machine shipped with... in case something bad happens.

A frenzied look through the packing box shows that I didn't get any CD's or DVD's in my box! Is something wrong? Did they forget to send me "system restore" media? I decide to act cool-headed and read the gray HP "PC Troubleshooting and Maintenance Guide". Mind you, this is not the glossy, colorful "My HP Pavilion PC" guide that looks so much more inviting. No, it's an 8.5" x 11" black-and-white "manual"... that eventually, on page 18, explains how to make System Recovery Media.

There are warnings indicating that you can only make 1 set of media... you can only do this one time! I wonder if I should fully configure my machine... get it "just right" before making the recovery media or not. If something goes wrong in the interrim... my recovery media will be bad. And: in order to get things running "properly", I'll have to connect to the internet... so: it's possible I will have contracted a virus before I create my recovery disks. Rats. I decide that I should create recovery disks that are as close as possible to what I got "out of the box".

Maybe I don't understand this system recovery thing correctly. Reading elsewhere appears to indicate that HP/Microsoft has created a separate restoral directory (or partition?). I can't risk it. The maintenance guide advises creating restoral media... so I start doing this. I am further advised that the media I create will only work on this one computer... (hm... I wonder if it's encrypted with some unique number it finds in the processor...)

I start the restoral media creator program... which advises me that I'll need either 3 DVD-R's or 18 CD-R's to complete the process (!! wow). I opt for DVD's. My new system shipped with a fancy LightScribe all-format DVD/CD reader/writer. And it's surely faster at writing DVD-R's than my 2x unit on my older Apple... It asks me to insert a DVD-R... ok. I start to time the write process... first it has to think about what to write (I don't time that), then: the write starts... it looks like it completes in about 5-7 minutes... great. I should be done with this pretty soon. Wait: it starts to verify the disk... and takes 25 minutes (!!!) to complete this task. Wow. I'm sure it's important to verify (since, after all, I can only create this media once) but 25 minutes!?? Something just doesn't make sense here.

The whole process takes me ONE AND A HALF HOURS to complete.

My Apple MacOS X computers shipped with system restore dvd's... and separate installation CDs for certain 3rd party software. At this point, that would easily be worth $150.

Time for bed: connecting to the internet will have to wait for morning.

Continue reading "PC setup is difficult..."