Home PC: How secure do you feel?

I recently helped my brother-in-law setup a new computer that he had purchased, just to make sure that he would not be plagued with the endless spyware and adware that most home users are afflicted with. The biggest issue being that most people run their personal machines as a member of the Administrators group. One thing that I noticed as I waded through all of the "utility" software on his machine was that there is a lot of JUNK on OEM machines!! I have only purchased 1 OEM machine in my lifetime, while building the rest of my machines or buying them used from University surplus sales, so I didn't realize how much crap they put on these things. I got the feeling from this situation that if the user feels safe because of the massive amount of software designed to make them safe on the machine that they must be safe -- or at least that's what the OEM would have you believe. After I cleaned all of the AOL, Norton trial, and Mcafee trial software off the machine, it booted twice as fast and ran much more smoothly. I also installed AVG Free edition for Anti-Virus and enabled the built in Windows Internet Connection Firewall. Now he will be able to use the full power of his machine and not get plagued by viruses and other malicious code.

Some things that are just smart to do with a Windows machine to maintain it -- in order of importance:

1. Do not use an Administrator account unless you are installing software or configuring your machine (this will save most people)

2. Use a firewall of some sorts

3. Enable automatic updates for Windows

4. Use anti-virus software

Gentoo Linux: Founder hired by Microsoft

Gentoo founder and former Chief Architect Daniel Robbins has accepted a job with Microsoft to help them understand Open Source software. Gentoo has been my Linux distribution of choice for the past year and a half and this comes as a huge suprise to me. I don't think that Gentoo will suffer because of this change but I do think that Daniel Robbins will suffer. I have so much respect for the Gentoo team that I cannot believe that the ideals of the founder would coincide with anything at Microsoft. I hope the best for Robbins and Gentoo.

(Announcement is on the front page of Gentoo site.)

VMWare: Seattle Conference

This morning I attended the VMWare conference in Seattle, WA. VMWare is an essential tool when analyzing malicious code. It's very easy to setup a [sandbox] network of 2-10 machines so that you don't damage any of your production machines -- and you have the option of freezing the virtual machine state so that you can restart any malware exam if you miss something. For the forensic examiners, you can mount a raw disk image in VMWare and start it as a virtual machine! If you plan on analyzing malicious code (virus', worms, trojans), this software is invaluable!!

The main point behind the VMWare conference was for developers and testers, but I found it useful to go along and get the free $200 license for VMWare 5.0.