Brent's Place

Information for a Better Life

•  - 
• Tell Your Friends or Place a Pin on My Guestmap

Issues & Topics

  
   

Regain or Achieve Peak Mental Performance

Experience the NEWSTART Lifestyle

Watch Lifestyle Magazine

• 9/11 - Grief and Hope  -  More Words of Hope
• In Search of Relevance  -  In Search of God
• The Meaning of Life  -  Free Life Issues Courses
• A Logical Comparison of the 5 Great World Religions
• What are you worth?  -  How good to face God?
• Avoid Scams, Abandon Mediocrity, Rise to Success
• Safe, Reliable, Legitimate & Easy-to-Follow Resources for Real, Online Income
• Want to pay a toll to access certain web sites? Join the fight for Internet freedom before it's too late!
• Support & Community
• Important Success Topics
• Important Health Topics
• Important Digital Topics
• Important Spiritual Topics
• Uplifting Articles & Sites

Support & Community

• skip
• Want to do more than just live? Get more out of life? Need help with life's everyday issues?
• 
• LifeMag.info
• LIFEdevelopment.info
• Because there's more to life than one's self, status or material things.
• (for those dealing with real-life issues and who enjoy participating in stimulating discussions on issues and ideas, crave the thrill of geographic, mental and spiritual exploration and discovery and value local and global community, belonging and old and new friendships)
• Watch or listen to Lifestyle Magazine online for free.
• Watch, listen or read as host Dwight Nelson focuses on life issues such as bitterness, loss of faith, forgiveness and meaning and discusses life's big questions.
• Watch and / or listen to Celebrating Life in Recovery or Teen Pathways with Cheri Peters.
• Free Support for Life's Questions and Issues
• Words of Encouragement and Hope
• Suicide Hotlines and Answers to Frequently Asked Questions
• Crisis Hotlines and Depression Resources
• Help for Sex and Pornography Addiction
• Support Groups and Recovery Options

It's official. I'm loaded.
I'm the 800,687,111th richest person on earth!
Discover how rich you are at:

• About Kiva (not rated) and Grameen-Style Microcredit
• Make an Investment in the Working Poor at eBay's MicroPlace.com (not rated)
• Rated Microloan Charities
• Rated Mediloan Charities
• Moved by inspirational stories? Ready to go from caring to doing? Help the New Heroes change the world.
• Discover Ways to Make the World a Better Place
• Don't let your computer's idle time go to waste! Help find the cures for cancer and other diseases with your computer or SP3.
• Have you helped the victims of a natural disaster directly or through relief efforts this month? How you can help.
• How to Avoid Fraudulent E-Mails and Web Sites Asking for Donations

Important Health Topics

• skip
• The Right Way To Save A Life, Including Your Own, According to Dr. Heimlich and the Red Cross
• 10 Questions That Could Save Your Life: Make the Most of Your Time
• Ten Questions a Woman Should Ask Her Healthcare Provider
• Woman: Examine Yourself Regularly for Lumps
• Man: Examine Yourself Regularly for Lumps
• Can't find a cure for an illness or want to get healthy? Give a Lifestyle Center a chance.
• Unresolved emotional issues are dangerous to our health. The best way to bind your emotional wounds so the healing can begin.
• Poor oral health is also dangerous to our health. The risk factors of tooth decay and gum disease and how to treat or prevent them.
• Ingredients in our personal care products, cosmetics, foods, water, indoor air and building materials are also dangerous to our health. How to be a safe shopper.
• Our genes (DNA) are dangerous to our health too! How to Find Out if You'ved Inherited a Genetic Disease
• How to Live a Long, Happy, Healthy, Low-Stress Life
• Have chronic, searing, debilitating muscle pain? If caused by trigger points, you can relieve it yourself and avoid unnecessary surgery. Learn more.

Important Digital Topics

• skip
• The dangers at MySpace.com and what you need to do to keep your child safe there and at other Web hangouts.
• Too smart for the dangers at MySpace? Think again!
• Beware the CyberLover [Bot] That Steals Personal Data in Chat Rooms and Social Networks Through Social Engineering
• Security and Privacy Threats and the Solutions Most Are Unaware of or Still Ignoring
• Virtually Worry-Free Computing - Sufficiently Secure and Private Web Surfing
• Sold, recycled, donated and discarded computers, PDAs and cell phones can contain recoverable private data even after a delete, format or reset. How to securely erase your data.
• How to avoid becoming a victim of or recover from America's credit card debt crisis and recent fee deregulation.
• Thinking of buying Windows Vista or a Windows Vista PC? Before you do, seriously consider this first.
• Putting up with a noisy computer? Give your ears and nerves a break. Buy or build a quiet or silent computer.
• Webmaster: Stop Spam with These Free, Spam-Proof, Customizable PHP Scripts

Important Spiritual Topics

• skip
• What is the right thing to do? Explore ethics with Harvard professor Michael Sandel and his students.
• Deadly Viper Character Assassins: How to Live Life with Radical Integrity & Radical Grace (for Leaders...& Followers)
• Are popularity, accomplishment, recognition, respect, wealth, power, fame, even religion not cutting it? Have you tried all the world’s got to offer and in doing so come up empty and unsatisfied? Feel like there's nowhere to turn? How to make your life explode with relevance.
• Can you explain why you believe the way you do in a logical, intellectual way? Take a thoughtful, fascinating tour of the world's religions that will help you find or affirm your own perspective. Come with an Indian doctor as he goes on a thoughtful, fascinating, 20-year search for God.
• Was Jesus just a man who married Mary Magdalene? Has the church been hiding information from us for years about Jesus? Don't decide too quickly. Examine the evidence first.
• Think conclusive cases can't be made for the Bible and Jesus' claim to be the God/Man Messiah? You'd be surprised. The overwhelming mountain of factual, historical evidence is too compelling, too convincing to be ignored.
• Investigate the Reliability of the Bible
• Investigate the Case for Jesus as the God/Man Messiah
• Investigate the Case for a Creator
• Investigate Christianity As Jesus Lived It
• Does the Bible say God will torture bad people in hell for eternity? The Twisted Message About Hell Untangled
• Did Jesus come to bring peace or a sword and turn children against their parents?
• Explore Tough Questions About God, Religion and Christianity
• If you're angry at God or see Him in a negative way, discover the good news about God's character and gifts of peace, joy, meaning and eternal life.
• Examine false assumptions about the Christian life and why they make us so miserable and unhappy.
• Videos of What God Has Done for Others
• Audios of What God Has Done for Others
• Free Life-Changing Books & Magazines & Radio & TV Shows
• ''We are living in very interesting times. Too many people are confused about what the Bible says about the future, and a lot of that has to do with confusion about Israel.'' Learn more.
• Babylon is Rising: Do you know what's coming?
• Is there a supernatural war going on in the unseen world? Watch and / or Listen to ''Cosmic Conflict: The Origin of Evil''
• If an angel or a loved one who has died appears or speaks to you, don't automatically assume it's a good angel or your loved one. Here's why.
• Don't automatically assume the growing fascination with Harry Potter, witches, wicca and the occult is harmless either. Explore these controversial topics.
• Don't automatically assume that New Age / New Spirituality concepts and the alternative / holistic therapies and media influenced by them are harmless. Learn more.
• Don't automatically assume the entertainment industry is harmless. Listen to ''Escape From the Black Hole'' or get the DVD.

Uplifting Articles & Sites

Bible Study Guides

skip

Search:

Browse Bible Topics
Common Questions

Say Hello

• skip
• Place a Pin on My Guestmap (popup)
• Epileptics: Popup May Contain Flashing Ads
• How to Disable Your Popup Blocker
• (popup)
• Epileptics: Popup May Contain Flashing Ads
• How to Disable Your Popup Blocker
• If you're blind or visually-impaired, try the WebbIE browser.

Back to Navigation Links

skip

• Flags -
• Translators: Babel Fish,
• InterTran,
• ToggleText

• How to Have Your Life Explode with Relevance
• How to Face the Future Without Mystery or Fear
• Free Life-Changing Books, Magazines & Radio & TV Shows
• Bypass Data-Stealing Malware with Rapport's Secure Pipe
• Make a Wreckproof Space in Windows XP/Vista/7 - A Windows 7 Option
• Surgery for Stiffness/Pain May Be Unnecessary - How to Avoid It for Free
• Suffering from a Lack of Income is Definitely Unnecessary - Here's Why

Security and Privacy

skip

• Have kids or grandkids that surf the Internet? Learn how to keep them safe while online.
• How to Avoid Fraud
• How to Reduce Your Risk of Identity Theft

Introduction

skip

Still using...
...Windows 95, 98, Me, or XP Home?
...Windows 2000, XP MCE, XP Pro, Mac OS X or GNU/Linux as is?
...Internet Explorer?
...Outlook Express?
...a single, FAT16 or FAT32 hard drive partition?
...your default account?
...your wireless network as is?
...your cell phone or PDA as is?
...public computers and hotspots while unaware of the risks and how to prevent them?

Still think using a firewall, antivirus and antispyware software, maybe an alternative open source browser and e-mail program, and even keeping them and your operating system up-to-date, is all you need to do, to keep your computer secure and your private data private?

Or that using them constitutes basic security protection from online threats? (the folks that did the AOL/Cyber Security Alliance and AOL/NCSA online safety studies keep getting this one wrong.

By doing so, did you know you're making your private data available to strangers, and allowing crackers (mistakenly called hackers) and wardrivers to turn your computer into a ''zombie'' and use it and your wireless network, if you have and use one, to break into vital business and government computer systems? If this concerns you - it should, read on.

Six Reasons Why ''Basic'' Security Software (Antivirus / Antitrojan, Antispyware and a Firewall) Don't Provide Basic Security

skip

1. Zero Day/Zero Hour and Other Threats
2. An Unsecure Default User Account (in Windows and Mac OS)
3. An Unsecure Default Operating System Configuration
4. Windows' Executable Script Files
5. Unencrypted Private Data (Online Banking Passwords, Financial Data and E-Mail, IM and Wireless Communications)
6. Key and Screen Loggers

If you use the Windows operating system, know that it's very unsecure if used as is. And even if you use Mac OS or GNU/Linux (unless you use a secure distribution), it isn't sufficiently secure as is.

Computers will never be 100% secure, but if you want to make yours sufficiently secure, which will help make the Internet more secure in the process, I strongly recommend completing the following nine steps.

Testing for Vulnerabilities | skip

• WARNING: Vulnerability-testing software and services can't be trusted to find all of your computer, firewall and network's critical vulnerabilities. Nor can they be trusted to not collect and use the private data they find on your hard drive.
• "My personal experience is that I don't trust them to do a complete job, and I know that a lot of unknowing users on the Internet trust these online scanners to give them that "nice, warm, fuzzy feeling" about security. Big mistake, as complacency makes you drop your guard. Besides, who knows what sorts of data these scanners collect on the back end." - Jason
• Disclaimer: If in spite of this you still want to use the following vulnerability testers, you do so at your and your private data's own risk.
• Test your computer for vulnerabilities with these security scanners.
• Hide This Section

PLEASE Note: The following steps are hidden from sighted visitors and keyword searches with Javascript. If you prefer viewing them without having to click on the links to show them, or want to do a keyword search, or print this page, either disable Javascript in your browser, or view the steps without Javascript.

1. Operating System | skip
   • The Best Option - Use Windows, Mac OS or GNU/Linux on a Read-Only Live CD, DVD or USB Drive with Data on an Encrypted Removable Medium
   • Option 2 - Use a Virtual Operating System in a Secured Operating System | skip
     • Want a system that lets you try out software on your desktop or laptop computer and surf the Web without having to worry about it getting infected with malware, or about that malware stealing private data stored on your hard drive?
     • One that completely removes malware, if it does get infected, simply by rebooting or restarting? One that lets your kid(s) or a nonsavvy computer user change, delete or mess it up, only to make itself new again on reboot?
     • Or one that lets Windows and an alternative operating system coexist without having to install them on separate partitions or hard drives?
     • Then I invite you to keep an open mind to the possibilities of an old and proven security method, now much improved and more widely used.
     • The method of scanning your hard drive for malware after it has infected your system, which requires constant updates, has been made obsolete by the overwhelming and ever-increasing number and types of malware which have been created to exploit or take advantage of security holes or vulnerabilities in operating systems and software.
     • That method is now being replaced in more and more schools, libraries, kiosks and Internet cafes with one used for years by programmers that prevents malware from installing, running, or making changes to your real operating system by operating in a virtual operating system or ''virtual machine'' from a real one protected by a host intrusion detection and prevention system or systems (HIDS and HIPS).
       • Learn more about virtualization.
       • Learn more about HIDS and HIPS.
     • Note: You can run Darwin (a free version of Mac OS), BSD or GNU/Linux in a virtual OS from Windows. But since alternative operating systems are more stable and secure than Windows, I recommend doing the opposite: run Windows in a virtual OS from an alternative operating system.
     • How to Set Up a Sufficiently Secure Virtual Operating System skip
     • ATTENTION: If you want to avoid leaving private data entered for online purchases (usernames, passwords, names, phone numbers, addresses and credit card numbers) on your hard drive or removable medium after forgetting to reboot your virtual OS or securely erase the data, I strongly recommend doing the following two things: skip
       1. Encrypt the virtual operating system's (or virtual machine's) image with TrueCrypt (free) and for additional security, store it on a removable medium. skip
          • Warnings About Storing and Entering Encryption Keys and Accessing Encrypted Data
          • How to Encrypt a Virtual Machine with TrueCrypt (skip the part about creating a virtual machine image if you already have one or want to use one of the ones I've linked to later in this setup)
          • Other TrueCrypt Tutorials
       2. Complete step 7, including storing your private data on an encrypted USB key or token (a secure thumb drive) and your encryption keys and web account passwords in one of the following secure* login and form fillers that protect against key loggers and installing an antiscreenlogger. Then follow the steps below to set up and maintain a private and secure virtual OS.
       3. (* read the included warnings)
          • RoboForm2Go (formerly Pass2Go)
       4. If you have Mac OS, the Safari browser ''protects your personal information on shared or public Macs when surfing the Web. Go ahead and check your bank account and .Mac email at the library or shop for birthday presents on the family Mac.
       5. Using Safari's new Private Browsing feature, no information about where you visit on the Web, personal information you enter or pages you visit are saved or cached. It's as if you were never there.'' - Apple Computer, Inc.
       6. If you have a Mac, skip the first four steps.
          1. If you've been saving private data on your hard drive, especially in unencrypted form, or the previous owner did, if there was one, securely erase your whole hard drive. Otherwise, skip this step.
          2. If you prefer saving your private data on your hard drive instead of on removable media (not recommended), create separate partitions for your operating system and personal files (for Windows, create NTFS partitions - they're more secure than FAT16 or FAT32).
          3. Because a newly-installed Windows system can become infected and corrupted by malware within only a few minutes of going online, especially with a broadband connection because your IP number never changes, I strongly recommend downloading all of the following software you choose to use first and saving them on a removable medium, before installing Windows.
             • Make sure you include the lastest drivers for your hardware. (drivers are usually located in the support section of each company's web site - if not, check driverguide.com)
          4. Do a clean installation of Windows XP Pro, Windows Vista or an alternative operating system. (a virtual operating system won't work without a real, host operating system)
          5. Install all critical updates, or better yet harden or secure your operating system and then install all critical updates.
             • If you have a Mac, skip to step 10.
             • I recommend WindizUpdate for Windows users, instead of Microsoft's WindowsUpdate service, because unneeded updates can corrupt or disable Windows, and unlike WindowsUpdate, WindizUpdate only lists updates for software and services on your system.
          6. Install a two-way firewall.
          7. Virtualization software, combined with behavior and whitelist HIPS, antirootkit software and operating system updates, will help reduce your computer's vulnerability to threats to about 1 tenth of 1 percent*.
             • Because of that and a virtual machine's ability to return a system to its original, healthy state, it also makes antimalware software pretty much unnecessary. But if you still prefer being extra safe, install the following software, scan often and install updates when available. skip
             • Antivirus
             • Antitrojan
             • Antispyware
          8. Either install a HIPS with a whitelist, or better yet, combine it with a HIPS with a behavior blocker and a HIDS.
             • HIDS and HIPS Software
          9. To be safe, I recommend using the following antirootkit software as well to check for rootkits which may have bypassed your HIPS or HIDS program.
             • WARNING: Removing a rootkit may corrupt and disable your operating system, and destroy personal data in the process. I strongly recommend reformatting and reinstalling Windows instead, if you want to keep using Windows. Otherwise, you might want to consider taking this opportunity to switch to an alternative and more secure operating system.
          10. Install one of the following virtualization (CPU speed) or emulation (slow or very slow) software combinations: skip
              • WARNING: Installing software and working in your virtual OS for long periods of time without running a HIPS and / or HIDS could, if your virtual OS were infected, infect others' computers and you could lose private data to identity thieves, predators and others interested in your private data. I strongly recommend running a HIPS and a HIDS on either your host operating system, your virtual OS, or both.
              • Virtualization-Based Virtual Machines | skip
                • Parallels Desktop or Workstation (trialware) skip
                  • Run Windows, GNU/Linux or BSD on an Intel-based Mac with Parallels Desktop for Mac, a virtualization software program, or hypervisor, similar to the Virtual PC for Mac emulator, except that it runs at native, or CPU, speed.
                  • Or run them and / or Mac OS on a Windows or GNU/Linux PC with Parallels Workstation for Windows and GNU/Linux.
                  • Hide Workstation Public Beta
                  •  
                • VMware Player, Browser Appliance or Another Virtual Machine and a HIPS with a Whitelist (free, for Windows and GNU/Linux) skip
                  • Mike Healan, long time spyware / antispyware guru, in his newsletter said ''It is now my official position that using the [VMware Player and] Browser Appliance is the best and only way for Windows users to remain completely safe on the Internet.'' And in his Browser Appliance article (see below), he said ''it offers 99.9% protection from all spyware.''
                  • In ''The Best Way for Windows Users to Be Safe on the Internet'' Suzi Turner, spyware researcher and consultant, of SpywareWarrior.com, agreed with Mike: ''I previously blogged about the top 10 ways to stay free of spyware. It seems I left out two important tips, one being to use the VMware Player and Browser Appliance...''
                  • She said ''Mike has written a four part article on how to use the VMware Player and Browser Appliance, including how to share files between the virtual computer and the host machine, some recommended tweaks and how to install some additional software.''
                  • Ian ''Gizmo'' Richards, computer professional and author of Tech Support Alert, also feels it's the best option, and has written an article in his newsletter on ''How to Surf with Complete Security [with VMWare].''
                    • Safer Surfing Through Virtualization with VMware's Browser Appliance
                    • VMware and Parallels for Virtual Machines
                    • VMware Player and Browser Appliance (free for Windows and GNU/Linux)
                    • Other Virtual Machines to Use with VMware Player: Desktop Users | Advanced Desktop Users
                    • Catbird’s V-Security (the industry’s first and only comprehensive security solution for VMware)
                    • HIDS and HIPS Software
                    • Antirootkit Software
                  • Hide VMware Player
                  •  
                • Deep Freeze and Anti-Executable (formerly FreezeX) (commercial, for Windows, Mac OS and GNU/Linux) skip
                  • Deep Freeze for Windows
                  • Deep Freeze Mac
                  • Deep Freeze Linux
                  • Anti-Executable
                  • Deep Freeze Experiences
                  • Hide Deep Freeze
                  •  
                • VE^Lite skip
                  • VE^Lite - trialware - another VM
                • Pre-built GNU/Linux Virtual Machines (You're told to use the very slow QEMU emulator with the machines, what they call Free OS images, but I recommend using the VMware Player virtualization software instead, which is near CPU speed.)
                • Hide Virtualization-Based Virtual Machines
                •  
              • Emulation-Based ''Virtual'' Machines (Slow or Very Slow) skip
                • Windows CE Emulator and a HIPS with a Whitelist | skip
                  • Windows CE Emulator
                  • HIDS and HIPS Software
                  • Antirootkit Software
                  • Hide Windows CE Emulator
                  •  
                • Portable Privacy Machine | skip
                  • Portable Privacy Machine is a complete, virtual GNU/Linux machine that uses the QEMU emulator to run GNU/Linux either in a window or full-screen on a Windows system from a USB drive. It contains privacy-enabled open source (free) Internet applications.
                  • No installation is needed. Just plug the USB drive into any Windows or Linux computer, and click on the Virtual Privacy Machine icon and you're ready to go. When you're done, take your Internet applications, email, bookmarks, history, web cookies, download files with you in a persistent home directory on your USB drive.
                  • It runs on any rewriteable media (USB drives, Flash Memory cards, Secure Digital devices, iPods, etc.) This PR1 release runs on Windows and Linux. The final release version will also run on OS X. And it has Enigmail plugins for PGP email encryption.
                  • I recommend running Bastille, to harden or secure Portable Privacy Machine.
                  • Hide Portable Privacy Machine
                  •  
                • DSL Embedded with QEMU, KQEMU Accelerator and a HIPS with a Whitelist | skip
                  • WARNING: The following DSL Embedded page contains a 4-letter word you may find offensive. If you have a content filter, it may block the page unless you temporarily allow the word, which starts with a ''D.''
                  • DSL Embedded is a free GNU/Linux that you can run in Windows. It's based on the slow QEMU emulator, but by installing the KQEMU accelerator, it'll run near CPU speed.
                  • I recommend using a HIPS with a white list too, in Windows. And if it's possible - I don't know if it is - and you know how, you might want to also secure DSL Embedded with Bastille.
                  • Note: QEMU acceleration in Windows is currently in the experimental stage, takes several steps to install, and needs to be manually enabled every time you use DSL Embedded.
                    1. Install DSL Embedded.
                    2. Install the latest QemuInstall executable (exe) file.
                    3. Overwrite the qemu.exe file that's included in DSL Embedded, with the one that you've just installed. (You can now safely unistall Qemu 0.7.2, if you wish.)
                    4. Download the latest kqemu tar.gz file and extract it with one of these file archive compactors / extractors:
                       • WinZip (trialware)
                       • 7-zip (free)
                       • ALZip (free)
                    5. Right-click kqemu.inf and choose Install. (you only need two files: kqemu.inf and the driver - the others are only required if compiling from source)
                    6. Click Start, select Run and enter cmd (or click Start, select Programs, Accessories, then Command Prompt), to open the command prompt, then type net start kqemu. (Note: QEMU acceleration is disabled by default, so you'll have to do this step every time before using DSL Embedded.)
                    7. Double-click the dsl-windows.bat file in the dsl-embedded folder to start DSL Embedded.
                  • To see if QEMU acceleration is enabled or not:
                    1. Press CTRL+ALT+2 to open the QEMU monitor.
                    2. Type info kqemu.
                    3. Press CTRL+ALT+1 to get back to DSL Embedded.
                    • HIDS and HIPS Software
                    • Antirootkit Software
                  • You may also want to use Bastille, software that hardens or secures GNU/Linux.
                  • Hide DSL Embedded
                  •  
                • Hide Emulation-Based Virtual Machines
                •  
              • Finally, don't forget to:
          11. securely erase private data stored in the virtual OS every time before shutting down. Better yet, keep your private data from being stored on your hard drive by the virtual OS.
          12. Reboot or restart your virtual OS at least twice a day, and always before logging on to an online bank.
       7.  
       8. Hide Option 2
       9.  
   • Option 3 - Switch to An Alternative Operating System | skip
     • If...
       • Windows is crashing or freezing so much that it's giving you fits, making you want to pull your hair out, and you're ready for a change;
       • you don't want to have to spend money on an upgrade, or can't afford to buy one;
       • you want to save yourself a lot of money over the years that you'd be spending on great software, and like the idea of getting them for free instead;
       • you want to save yourself a lot of headaches and valuable time you'd be spending over the years continually ridding your system of invaders and working hard to prevent new threats;
       • you're tired of your system always slowing down due to bloat and fragmentation, and of having to keep optimizing it by frequently deleting or securely wiping or erasing temporary files and restore points and defragmenting your hard drive to get your system up to speed again, removing viruses and keeping your deleted private data from being recovered; or
       • you're just curious to see what the other popular operating systems are like,
     • ...switch to GNU/Linux, or maybe better yet, Mac OS X (the FreeBSD code it's based on has been carefully reviewed by 20 experts over the years, instead of just one with GNU/Linux) and follow the guidelines in step 5 to secure it.
     • If you're an experienced GNU/Linux or Unix user, switch to FreeBSD or NetBSD and secure it, or if you're really serious about security, switch to OpenBSD, considered by many security experts to be the most secure operating system, due to continuous and thorough security audits of its code. skip
       • Windows Alternatives You Should Consider
       • How to Switch to Windows-Free Computing
       • The Advantages of a Mac Over Windows Versions, Including Vista
       • Mac OS Leopard's Time Machine
       • The Advantage of an Intel-Based Mac Over a Windows PC: Dualbooting Windows and Mac OS
       • Switching from Windows to Mac, Part I
       • Switching from Windows to Mac, Part II
       • Windows Vista Opens Doors for GNU/Linux Desktops
       • Windows XP's Service Pack 2 Gives Reasons to Switch to GNU/Linux
       • GNU/Linux Equivalents of Software for Windows
       • Choosing An Upgrade Path From Windows 98 to GNU/Linux
       • What Good Is a Linux Client: Can you make the switch from Windows?
       • GNU/Linux Migration Starter Kit
       • Giving Microsoft the Boot (introduction) | skip
         • Part 1
         • Part 2
         • Part 3
         • Part 4
       • GNU/Linux Live CDs: Risk-Free Rebellion
       • Little "Live" Linuxes - The Coolest Things Since Sliced Bread (courtesy of the Wayback Machine)
       • The magic of live CDs: What are live CDs, and how do they work?
       • 10 Things To Do With A GNU/Linux Live CD
       • FrozenTech's List of GNU/Linux Live CDs and DVDs
       • Benefits, Limitations and Types of Live USBs
       • Live USBs
     • Some helpful BSD, Mac OS and GNU/Linux buying guides, and some easy-to-use desktop versions of GNU/Linux, some of them free!
     •  
     • Hide Option 3
     •  
   • Option 4 - Run Two or More Operating Systems | skip
     • Don't like Windows' security and privacy issues and would like to switch to a more secure operating system, but keep using Windows because there aren't any alternatives to your favorite Windows-based games or office software, or you don't like the ones that are available?
     • Let Windows and an alternative operating system coexist on your computer's hard drive(s) with one of the following options. Then use Windows to play your games and / or use your office software, and an alternative operating system when online (strongly recommended).
     • Ways to let two or more operating systems coexist on your computer: skip
       • Use Windows when offline and a GNU/Linux Live CD, DVD or USB when online.
       • Set up a virtual OS on a clean-installed and secured OS.
       • Set up a dual boot system by installing Windows and an alternative operating system on separate partitions or hard drives.
     •  
     • Hide Option 4
     •  
   • Option 5 - Get a More Secure Version of Windows | skip
     • DON'T use Windows 95, 98, Me or even XP Home. Use one of the following versions of Windows instead. They can be made sufficiently secure, but the other versions can't. And if that's not bad enough, Microsoft no longer provides security updates for Windows 98 and Me (95: since December 30, 2001 - 98 and Me: since July 11, 2006). Read the following articles to learn more.
       • Windows 2000 with Service Pack
       • Windows XP Professional
       • Windows XP Tablet PC Edition (XP Professional plus writable screen technology)
       • Windows XP Media Center Edition (XP Professional minus a few features - not XP Home - with personal / digital video recording features, known as PVR, DVR, etc.)
       • Windows Vista (the most secure version)
       • Symantec Highlights Windows Vista User Vulnerabilities
       • XP Home: Don't Go There
       • Home Networking in XP Home: Two Steps Back
     • Note: There's a catch for using Windows XP Pro and XP MCE (Media Center Edition). Upgrading to XP Pro will most likely require getting a year 2000 or newer computer, if you don't have one already.
     • And upgrading to the retail version of XP MCE requires buying a Media Center PC. It can't be bought separately. But if you don't need Microsoft's support or the XP MCE manual, and don't want to buy a new computer, you can buy the OEM version of XP MCE by itself.
     •  
     • Hide Option 5
     •  
   • A New Security Technology for Windows, GNU/Linux, Mac OS and BSD | skip
     • ATTENTION: Some CPUs (chips) now have a new security technology AMD calls NX (No eXecute) bit or Enhanced Virus Protection (EVP) and Intel calls Execute Disable Bit or XD Bit. It prevents viruses, trojans and worms that take advantage of buffer overflow from doing their malicious deeds and damaging your system.
     • CPUs That Have NX or XD Bit:
       • Intel Pentium 4 3X1, 3X6, 5X1, 5X6, 6XX (including 3.73GHz Extreme Edition), 8XX (all 3X1 to 8XX chips have 32-bit and 64-bit support through EM64T - Extended Memory 64-bit Technology), 3XXJ, 5XXJ and 7XXJ
       • Intel Pentium M 730, 740, 750, 760 and 770 (have 32-bit support)
       • Intel 64-bit Xeon (have 32-bit and 64-bit support through EM64T)
       • Intel Itanium and Itanium 2 (both have 32-bit - only efficient if it has IA-32 Execution Layer or IA32EL - and 64-bit support)
       • All Future Intel CPUs
       • AMD Athlon 64 and Athlon 64 FX (both have 32-bit and 64-bit support)
       • AMD Sempron for Socket 754 (have 32-bit support - BX chips also have 64-bit support - How to Identify 64-bit Sempron CPUs)
       • AMD Opteron Single-core (90 nm version) and Dual-core for Socket 939 / Socket 940 (both have 32-bit and 64-bit support)
       • All Future AMD CPUs
       • Transmeta Efficeon
     • The latest versions of Windows, GNU/Linux, Mac OS and BSD now have a security feature that supports NX bit. It's called either Data Execution Prevention (DEP) in Windows Vista and Windows XP with Service Pack 2 (SP2); No eXecute or NX in GNU/Linux, Mac OS and NetBSD; Exec Shield in Red Hat Linux; W^X in OpenBSD or PaX in GNU/Linux for chips that don't have NX bit).
     • For Windows Users: Unless you already have a computer with a CPU that has NX bit, if you want to take advantage of the protection that it provides, and be able to continue using your 32-bit Windows operating system and software, you'll need to either:
       1. upgrade your computer's CPU, or main chip, and BIOS if your computer's motherboard allows for it
       2. upgrade your motherboard and CPU if it doesn't, or
       3. buy a new computer that has a CPU with NX or XD bit.
     • WARNING: If you buy a computer with a chip other than one that has NX bit to support Vista's or SP2's DEP technology, you won't be protected from some of the most damaging viruses, trojans and worms that are aimed at Windows and its related software programs.
     • Here are some articles about the new technology and the chips that support it: skip
       • NX bit
       • PaX and GNU/Linux Distributions That Use It
       • EM64T
       • CPU-Based Security: The NX Bit
       • 'No Execute' Flag Waves Off Buffer Attacks
       • Windows XP Pro Data Protection Features
       • Data Protection The AMD Way
       • Intel Catches Up With Its 64-bit Competitors
     •  
     • Hide New Security Technology
     •  
   • Upgrading Windows | skip
     • If your computer's motherboard allows for one of the new chips that support SP2's DEP technology, or you already have one, here are some helpful Windows XP buying guides and resource sites:
     • Before installing Windows, check your computer's hardware and software for compatibility.
     • skip
       • Which Vista Is the Right Vista?
       • One In Two PCs Won't Run Vista's 3D Interface
       • What PC to Buy If You Are Planning On a Vista Upgrade
       • System Requirements and Information on Windows Vista Capable and Premium Ready PCs
       • Which XP edition is right for you?
       • Windows XP Upgrade Buying Guide (doesn't include XP MCE)
       • Home or Professional? Which One Is Media Center 2005?
       • PCMagazine's Review of Windows XP Professional x64 Edition
       • Paul Thurrott's Review of Windows XP Professional x64 Edition
       • CNet's Review of Windows Media Center 2005
       • The Green Button - The Premier Windows Media Center Community
       • Windows XP MCE vs. MythTV for GNU/Linux
       • TiVo versus XP MCE versus Cable Company
       • How to Build a Dual-Core Windows Media Center PC
       • How to Build Your Own Windows Media Center PC
       • Build Your Own Windows Vista System (written Sept. 13, '06)
       • Build a Windows Vista System Today! (written Jan. 20, '06)
     • If you can get your tech support from somewhere other than Microsoft, I recommend getting the full OEM version of Windows XP Professional with Service Pack 2 or the full OEM version of Windows XP Media Center 2005. If you're a student or teacher, look for the discounted academic version. (The Full version avoids the problems the Upgrade version can cause and the OEM CD is half the price of the retail CD - no manual or tech support from Microsoft.)
     • CAUTION: Read customers' reviews of the stores first, especially the complaints, before buying the CD.
     •  
     • Hide Upgrading Windows
     •  
   • Buying or Building a Windows Computer | skip
     • If your computer's motherboard doesn't allow for one of the new chips that support SP2's DEP technology, and you'd rather buy a new computer than a new motherboard and CPU, here are some helpful computer buying guides:
       • CNet's Desktop Buying Guide
       • CNet's Notebook / Laptop Buying Guide
       • Geek.com's Notebook / Laptop Buying Guide
       • Geek.com's PC Building Guide
       • Buy or build a quiet or silent computer.
     •  
     • Hide Buying or Building a Windows Computer
     •  
   • Alternative Operating Systems | skip
     • Contents:
       • BSD: Introduction and Support Resources
       • Mac OS: Introduction and Support Resources
       • GNU/Linux: Introduction and Support Resources
       • GNU/Linux Computers
       • GNU/Linux Compatibility Check
       • GNU/Linux Live CD Security Risks
       • Easy-to-Use GNU/Linux Distributions
     •  
     • ATTENTION: Once you've ordered or downloaded one of the following operating systems, see step 2, File System and Partitions, to learn how to prepare your hard drive for a single, dual or multi-boot system, in other words, a computer with one or more operating systems installed. Then follow steps 4 through 8 to keep your data sufficiently secure and private.
     •  
     • FreeBSD, NetBSD and OpenBSD (recommended for experienced GNU/Linux and Unix users only) skip
       • And what about BSD?
       • Want a Windows alternative? Try BSD
       • FreeBSD vs. GNU/Linux vs. Windows 2000 (outdated but still helpful)
       • FreeBSD for GNU/Linux Users
       • PCBSD.org
       • DesktopBSD.net
       • FreeBSD.org
       • NetBSD.org
       • OpenBSD.org
       • To learn about OpenBSD, get the book ''Absolute OpenBSD.''
       • BSD Support Forums
     •  
     • Mac OS (based on FreeBSD) skip
       • What's a Mac? And why switch to a Mac?
       • How to Switch from a PC to a Mac
       • MacMentor - Switching Made Easy
       • Check out Mac OS X's security features.
       • Mac OS X Basics
       • Mac OS X Secrets
       • MacOSXGuide.com
       • Understanding Mac OS X: In Depth
       • How to Maintain and Troubleshoot Mac OS X
       • A GNU/Linux Geek Embraces Mac OS X
       • A ''Welcome Kit'' for UNIX Users New to Mac OS X
       • Check out Darwin, the free version of Mac OS X.
       • Introduction to Darwin
     •  
     • GNU/Linux skip
       • What's GNU/Linux?
       • 10 Reasons to Switch to GNU/Linux
       • The Easy Way to Switch to Linux
       • Switch to Linux
       • GNU/Linux: Switching for Free
       • Five Mistakes GNU/Linux Neophytes Make
       • GNU/Linux Guides and Articles for Beginners
       • Michael Barnes' GNU/Linux Desktop Odyssey, 2004 (written in March '04, so a bit outdated)
       • Security: GNU/Linux Versus Windows
       • Windows vs GNU/Linux Security: The Real Facts
       • Security Showdown: GNU/Linux vs. Windows - The Great Debate Continues
       • Counterpoint: GNU/Linux vs. Windows Viruses - Which operating system is safer?
       • Introduction to GNU/Linux - A Hands on Guide
       • The Beginners GNU/Linux Guide
       • A Beginners Guide to GNU/Linux
       • How YOU Can Get Started With GNU/Linux
       • Tuxs, a Friendly Penguin to Help You Get Started with GNU/Linux
       • TUX - The First and Only Magazine for the New GNU/Linux User
       • GNU/Linux Newbie Administrator Guide
       • NewLinuxUser.com -
       • Support Resources for GNU/Linux Newbies
       • Linux User Groups List 1 | List 2 (check both lists! each list shows groups not found on the other list)
       • GNU/Linux Links for Beginners
     •  
     • Planning on buying a computer? Check these out: skip
       • Desktop and Notebook with GNU/Linux Pre-Installed
       • Laptops / Notebooks skip
         • $760+ Linspire Laptops (eLinuxstop)
         • LinuxCertified Laptops
         • $900+ Freespire OR Linspire Laptops (Gigastrand)
         • $900 Linspire Laptop (Sub500)
         • $1200 Linspire Laptop (Sub500)
       • Desktop PCs skip
         • Linspire Desktop and Laptop PCs in Several Countries
         • $75-$580 GNU/Linux or BSD Desktop PCs (Z-Tech)
         • $99-$189 Linspire Desktop PCs (Sub500 Fall/Winter Clearance)
         • $149 Vector Linux Desktop PC (MadTux)
         • $200 Freespire Desktop PC (Sears)
         • $200 gOS Desktop PC (TigerDirect)
         • $200 gOS Desktop PC (Walmart)
         • $299 Linspire Desktop PC (Sub500)
         • $315 Linspire Desktop PC (eLinuxstop)
         • $500+ Freespire and Linspire Desktop PCs (Gigastrand)
         • $509+ Ubuntu Desktop PCs (Dell)
         • Mini PCs skip
           • Shuttle
           • AOpen
           • Cappuccino PC
           • iBox Mini PCs
           • Emphase, SolidLogic and IEI Fanless Mini-ITX PCs
           • Hush Mini-ITX PCs (completely silent - Caution: usually only the AMD 64 CPUs have DEP, which, combined with Windows Vista or Service Pack 2 for Windows XP, provides protection from certain viruses, but some suppliers' Hush PCs may not have DEP)
             • Suppliers in Other Countries
       •  
       • Planning on keeping the computer you already have?
       • Before installing GNU/Linux, check your computer's hardware for compatibility.
       • Then check out the following easy-to-try out, install and use GNU/Linux distributions.
       •  
       • Question: What are the security risks with using a GNU/Linux live CD?
       • Answer: If a GNU/Linux Live CD is on a CD-R (not rewritable - write once, then read-only), malware (including spyware) and adware will be unable to install themselves on your system, making them unable to:
         1. steal your money, identity or other private data* or
         2. use your computer to send spam or break into other computer systems.
       • (*That's why some banks have given them to their customers to do their online banking with.)
       • Linux Live CDs Touted as the Solution to Online-banking Problems
       • Warning: A GNU/Linux Live CD on a read-only CD-R can't protect you from hardware key loggers, ''recording devices that could be physically installed on your computer's motherboard, inside its box or keyboard, or remote monitoring of your computer activity thru its radio-frequency emissions, such as 'Tempest' attacks.'' - Information on Knoppix-MiB Live CD
       • Here are some GNU/Linux Live CDs and distributions for USB drives and other removable media that keep your private data secure and private: skip
         • Anonym.OS Live CD (575 MB) - OpenBSD with Tor - has tools for anonymizing and encrypting connections.
           • A Review of Anonym.OS: Anonymity on a Disc
         • ELE Live CD - based on DSL - focused on privacy
         • Knoppix-MiB Live CD - This version of Knoppix allows you to store your personal files (home directory) on removable media, such as a ''USB FlashDrive'' or an IOMEGA ZIP disk in encrypted form with AES, currently the strongest encryption.
           • All the data written to your hard drive, including the swap file, is automatically encrypted using AES and a randomly generated session key. It includes the Postfix mail server software (SMTP MTA) and automatically encrypts the e-mail you send using TLS, provided your recipient's e-mail server is also able to use this protocol.
       • Note: ''Most [GNU/Linux Live CDs] have now refined methods of saving changes to a USB memory stick, or a hard disk partition, or a floppy disk, then at boot a command is passed to tell the computer where to find these saved settings.'' - Puppy Linux skip
         • Build Your Own Live CD (easy - for anyone)
         • Build Your Own Live CD That Includes AuFS (Another UnionFS) (AuFS allows a persistent Home directory to be stored on and automatically loaded from stationary or removable media)
         • UnionFS vs AuFS
         • Build Your Own Debian-based Live CD (technical - not for beginners / newbies)
         • Several Versions of Ubuntu, Kubuntu and Gnoppix Have a Live CD Persistence Feature
           • Ubuntu Live CD
           • Kubuntu Live CD
           • Gnoppix Live CD - based on Ubuntu
         • How To Save and Restore Configuration Files With MEPIS Traveller Disc - a unique application that allows users to save their home directory to a USB drive in Mepis (replaced by Desktop OnTheGo, for which there's no HowTo guide yet)
           • Desktop OnTheGo - an evolutionary application that allows users to save their home directory to a USB drive in MEPIS - features optional AES encryption to keep your files safe from prying eyes.
           • SimplyMEPIS and MEPISLite
         • How to Create a Persistent Home Directory with a Knoppix, Kanotix or Kanotix CPX-MINI Live CD | skip
           • Create Persistent Knoppix Settings
           • Burn Home: An Alternative to Persistent Home
           • I Have Your ''Ubiquitous Computer'' Right Here
           • Knoppix Live CD
           • Kanotix Live CD
           • Kanotix CPX-MINI (on Live CD or USB drive)
         • Puppy Linux on USB Flash Pen Drive
         • Puppy Linux Live CD Saves Your Settings On the CD If It's a CD-RW (automatically re-loads your saved settings on the next boot - WARNING: not nearly as safe as one on a read-only CD-R)
           • Puppy Linux Live CD
         • How To Save Your Settings With a PCLinuxOS Live CD
           • PCLinuxOS Live CD
         • OnebaseGo Live CD also allows you to save configuration settings to removable media.
           • OnebaseGo Live CD
         • How to Use Your USB Flash Drive as Persistent Home with MCNLive
           • MCNLive
         • Nest Your Home and Settings with dyne:bolic Live CD
           • dyne:bolic Live CD
         • How to Save Configuration Files to Removable Media with ADIOS - Red Hat's Fedora Core-based Live CD
           • ADIOS Live CD - based on Slackware Linux
         • STUX GNU/Linux Allows You to Manually or Automatically Save and Load Config to Persistent Home on Removable Media
           • STUX GNU/Linux Live CD - based on Slackware Linux
       •  
       • Here are the easiest GNU/Linux distributions (versions) to use, listed in descending order of included applications and helpful, useful configuration. skip
       •  
       • It's All About the Debians
       • skip
       • Why All but One of the Following Distributions are Based on Debian
       • Note: I believe SimplyMEPIS has the best configuration and selection of included software, but some think Linspire is the most user-friendly for new Linux users, while others think Kubuntu or SUSE is.
         • Freespire (now available! Linspire's official, free version with only open source software)
         • Try GNU/Linux for Free with Kubuntu (recommended for new Linux users - includes KDE interface - a broadband connection is recommended)
         • A Review of Kubuntu Gutsy
         • Buy a Kubuntu CD or DVD
         • A Review of Ubuntu
         • Make Your Own Install CD for Ubuntu (not recommended for new Linux users - includes GNOME interface - awarded best GNU/Linux distribution of 2005 by PC World and recently named best distro at the LinuxWorld Expo in London)
         • EasyUbuntu (install the most commonly requested apps, codecs, and tweaks not found in Ubuntu, all with a few clicks of your mouse)
         • Free Version of SUSE Linux
           • Buy the Free Version of SuSE on CD or DVD
           • Buy the Commercial Version of SUSE Linux
           • Why Choose SUSE Linux?
       •  
         • 1. SimplyMEPIS | skip
           • (a free distro based on Ubuntu, which is based on Debian - includes a firewall enabled by default)
             • The Best Free Desktop GNU/Linux...and how to make it better.
             • Ten Reasons For Trying SimplyMEPIS
             • Take a Video Tour of SimplyMEPIS (by Robin Miller, author of Point and Click Linux - requires QuickTime Player plugin)
             • MEPIS.org
             • MEPISLovers.org (support forum)
             • MEPISNightCrew.org
             • Note: ''MEPISLite is a lightweight version of SimplyMEPIS optimized for 'modest hardware.' To run gently on older machines, MEPISLite includes skinnier packages [software programs] and a number of tweaks to minimize 'disk thrashing.' It has been used successfully with as little as a 2 GB hard drive and a Pentium 2 processor with 128MB of RAM. MEPISLite preinstalls a full complement of software including KOffice, Kontact, and Firefox.'' - mepis.org
             • ATTENTION: Before installing GNU/Linux on a hard drive that has your data on it, make sure you back up your data first! And check your computer's hardware for compatibility.
             • If you need information about your hardware before installing GNU/Linux for the first time on a Windows PC, run Belarc Advisor (free) or Sandra Lite (free) and print out the results.
             • Note: To install SimplyMEPIS on your hard drive, boot up the SimplyMEPIS CD, enter root as both the username and the password, and log in. Then click on the Install SimplyMEPIS icon on your desktop.
               • MEPIS Installation Guide
               • MEPIS - Windows Dual Boot Installation Guide
               • MEPIS Help For Newbies
               • MEPISGuides.com
               • Buy a SimplyMEPIS CD
               • Get the book Point & Click Linux! (comes with a SimplyMEPIS CD)
               • If you have a broadband connection, download SimplyMEPIS or MEPISLite for free.
             •  
             • Hide the SimplyMEPIS Section
           •  
           • Note: The following GNU/Linux distributions require a membership to download software programs which you can download for free with SimplyMEPIS.
           • CAUTION: You can also download them for free with the following GNU/Linux distributions, but they probably won't work, since these distributions have tweaked the GNU/Linux distributions they and the software programs are based on (Debian and Corel Linux).
           •  
           • 2. Xandros | skip
             • (free and commercial distros based on Debian)
             • WARNING: 1)Xandros Open Circulation Edition does not come with a firewall installed. You may either download the Firestarter firewall from Xandros Networks (membership required, but the firewall is configured for Xandros) or download Firestarter or Guarddog for free. Then enable it. (These free firewalls may or may not work in Xandros). 2)The firewall in the Standard, Deluxe and Business editions may not be enabled by default. To enable it, open the Personal Firewall Wizard. It's in the Internet section of the programs menu.
               • Xandros 4: The Best Desktop Linux for Windows Users
               • Links to Xandros Site, Reviews, Screenshots, CDs and Downloads
               • Some Reviews of Xandros (Requires Disabling Javascript and Refreshing Page to View Articles)
               • Versora Progression Desktop (migrates your data from Windows to Xandros)
             • ATTENTION: Before installing GNU/Linux on a hard drive that has your data on it, make sure you back up your data first! And check your computer's hardware for compatibility.
             • If you need information about your hardware before installing GNU/Linux for the first time on a Windows PC, run Belarc Advisor (free) or Sandra Lite (free) and print out the results.
               • Xandros Getting Started Guide (Installation, Dual-Boot, Updates, etc.)
               • Buy the Xandros User Guide
               • If you have a Broadband connection and a DVD burner, download the free Xandros Open Circulation Edition (a.k.a. EeePC SDK). (usually released 4 months after commercial editions are released)
                 • Download BitTorrent
                 • Download Xandros Presto Linux 1 Torrent
                 • A Review of Xandros 3 OCE
                 • Download Latest Version of Xandros 4.5 OCE DVD ISO at SourceForge.net
                 • Download Older Version of Xandros 4.5 OCE DVD ISO at GeekConnection.org
                 • Buy a Xandros 3.02 OCE CD
             • Note: Members of Linux User Groups or LUGs get to use 45% discount coupons when buying Xandros. So if you aren't a member yet of your local LUG, now you have a good reason to join! Find a Linux User Group in your area. List 1 | List 2 (check both lists! each list shows groups not found on the other list)
             •  
             • Hide the Xandros Section
             •  
           • 3. Linspire (formerly LindowsOS) | skip
             • (a commercial distro based on Debian - includes a firewall enabled by default)
             • WARNING: In Linspire, going online in your default account is unsecure. See step 4 for instructions on how to create a (limited) user account in Linspire. skip
               • Freespire (now available! Linspire's official, free distro in two versions: Freespire (version number) has proprietary software - Freespire OSS Edition includes only open-source components.)
               • Linspire's CNR (Click 'N Run) Basic Software Service is Now Free
               • Top 10 Reasons to Make the Move to Linspire
               • Carmony Dispels Linspire GNU/Linux Myths
               • One Person's Opinion about LindowsOS / Linspire's Unsecure Default Account Problem
               • Watch a Flash demo of Linspire. (Flash Player Required)
               • Linspire Guide
               • Buy The No Nonsense Guide to Linspire
             • ATTENTION: Before installing GNU/Linux on a hard drive that has your data on it, make sure you back up your data first! And check your computer's hardware for compatibility.
             • If you need information about your hardware before installing GNU/Linux for the first time on a Windows PC, run Belarc Advisor (free) or Sandra Lite (free) and print out the results.
             •  
             • Want to check out Linspire without installing it on your hard drive? Get LinspireLive.
             • PLEASE Note: You can't install LinspireLive on your hard drive. It doesn't have an installer. However, if you know what you're doing, you can install software programs and save files on your hard drive. Aside from that, it's a fully functional operating system. skip
               • If you have a broadband connection, download LinspireLive for free with BitTorrent.
               • If you don't have a broadband connection, buy a LinspireLive CD.
               • Buy a Linspire OEM CD or DVD
               • Other Ways to Get a LinspireLive CD
             • (Keep in mind that you can't install LinspireLive on your hard drive.)
             •  
             • Want to install Linspire on your hard drive?
             • If you have a broadband connection, you can download Linspire for free or at a discount if you know the current coupon code. Linspire makes one available once in a while, but you can only find it on certain web sites. Do a search for ''linspire coupon code'' to find it.
             • (To get it for free or at a discount, enter the current coupon code, if there is one, and click Apply Coupon.)
             • If you don't have a broadband connection, buy the Linspire CD.
             • (To get it for free or at a discount, enter the current coupon code, if there is one, and click Apply Coupon. Note: The coupon is sometimes only valid with the single CD, not with the bundles.)
             • Linspire Installation Guide
             •  
             • Hide the Linspire / LindowsOS Section
             •  
           • 4. Mandriva One, PowerPack, Free and Flash | skip
             • (a commercial distro based on Caldera / Lycoris, Red Hat / Mandrakelinux and Conectiva)
             • Mandriva merged Lycoris Desktop/LX, Mandrakelinux and Conectiva Linux into Mandriva Linux Discovery (Discontinued), PowerPack and PowerPack+ (Discontinued).
             • Reviews of Mandriva Linux (Scroll Down)
             • Choosing the Mandriva Linux Edition That's Right for You
             • How to Start
             • Mandriva's Enterprise Distributions
             • ATTENTION: Before installing GNU/Linux on a hard drive that has your data on it, make sure you back up your data first! And check your computer's hardware for compatibility.
             • If you need information about your hardware before installing GNU/Linux for the first time on a Windows PC, run Belarc Advisor (free) or Sandra Lite (free) and print out the results.
               • Download Mandriva Linux One (a free distro on 1 CD - a broadband connection is recommended)
               • Download Mandriva Linux Free (a free distro on 4 CDs - a broadband connection is recommended)
               • Buy a Mandriva Linux CD or DVD
               • Buy Mandriva Linux Powerpack
               • Buy Mandriva Flash
             •  
             • Hide the Mandriva Section
           •  
           • Other GNU/Linux distributions can be downloaded or ordered at the following sites.
           • skip
             • HomeDistro.com - In Search of the Best GNU/Linux for the Home PC
             • DistroWatch.com - Put the Fun Back Into Computing
             • LinuxCD.org
           •  
           • Hide Alternative Operating Systems
       •  
       • Hide Step 1 - Operating System
       •  
   • File System and Partitions | skip
     • Creating partitions will make your files more secure, save space and minimize fragmenting, which, if you have an older, slower hard drive, will make your computer run faster. And if you have a newer, faster hard drive, even if you don't detect an improvement in speed, it will prolong its life. But what has really sold me on partitioning is that...
     • 1) ...when Windows gets corrupted and I have to reformat and clean install it, I now no longer lose the saved files and email I didn't back up, like I did before, more times than I care to count, because they're on another partition. (For some reason, every time I tried repairing Windows XP or reinstalling it on top of itself without formatting, it always got even more corrupted than before, forcing me to format it and start over.) And...
     • 2) ...it makes saving and restoring Windows' disk partition as an image possible, since at least two partitions are necessary to do it, and takes very little time now, whereas doing it on a single, large partition takes much longer.
     • Note: ''If you plan to capture and edit video, you should have a separate physical hard drive dedicated solely for that function.'' - Rad
     • WARNING: If you're not familiar with creating partitions, have a technician do it for you, or you may lose all your files. If you are familiar with creating partitions, remember to back up your files first, and check to make sure the backup works, before doing this step.
     •  
     • Preparing your hard drive for one operating system:
     • skip
     •  
     • For a Windows-only system:
     • skip
     • Rad recommends creating two or three NTFS hard drive partitions.
     • If you have a new computer or a new hard disk, Doc highly recommends creating them with FDISK because he says ''none, [including PartitionMagic] offer better compatibility,'' which means better stability for your operating system. ''Microsoft's FDISK is the closest thing there is to a partitioning standard.'' Once you've created the partitions with FDISK, load your Windows XP CD and format them with NTFS.
     • WARNING: If you've already installed software and saved files on your hard drive, be sure to create, and if necessary, resize them with PartitionMagic instead, because Fdisk erases all the data!
     • CAUTION: Converting from FAT or FAT32 to NTFS is not recommended. In fact, many say you should never convert an NTFS partition to FAT32. It's better to format with NTFS than convert to NTFS.
     • I have Windows XP Pro on the first partition, to make creating disk images faster; temporary Internet files and e-mail on the second partition (and the memory file's minimum and maximum size limits set to the same size), to minimize fragmentation; and my applications and documents on the third partition, to limit file corruption. (more on disk images later)
     • Recommended Partition Size:
     • Windows XP requires at least 1.5 Gigabytes (GB), and Microsoft recommends 2 GB for XP Home or Pro and 4 GB for MCE. Some experienced users recommend at least 5 GB for typical use and up to 10 GB if installing many small or medium-sized programs or several very large programs in Windows XP or MCE. Rad, of Radified.com, recommends at least 8 GB.
     • Partitioning Strategies and Guides: skip
       • Rad's Opinion About NTFS vs. FAT32
       • Doc's Opinion
       • Kadaitcha's Opinion
       • Cloudeight's Opinion
       • What is a Partition?
       • One Partition or Multiple Partitions?
       • Rad's Hard Drive Partitioning Strategies
       • Doc's FDISK Hard Drive Partitioning Guide
       • Black Viper's FDISK Hard Drive Partitioning Guide (courtesy of the Wayback Machine - Javascript must be enabled in your browser to navigate the site)
       • PC World's Step-By-Step Hard Drive Partitioning Guide
       • Microsoft's ''How to Create Separate Partitions for Security''
       • How To Repartition Your Drive In Windows XP with Acronis Disk Director or Norton PartitionMagic
     • Partitioners: skip
       • Acronis Disk Director
       • Norton Ghost 9.0 / PartitionMagic 8.0 Bundle
       • Norton Ghost 10.0 / PartitionMagic 8.0 Bundle
     • Once you've finished creating and formatting the partitions, do a clean installation of the full version, not the upgrade version, of Windows 2000 or XP Professional, for best performance.
     • Paul Thurrott's Windows XP Pro Clean Installation Guide
     • Then be sure to create a disk image of your operating system's partition with one of the following disk imagers, to save your Windows installation before it gets messed up for whatever reason, and save time restoring it after it gets messed up. (Restoring the disk image takes less time than reinstalling your operating system.) skip
       • How to Minimize the Size of Image Backups (includes deleting - I recommend securely erasing - unneeded files, moving or clearing - deleting - the page or paging file, pagefile.sys, and disabling hybernation mode, which removes the hiberfil.sys file)
       • Acronis True Image (PC Magazine Editor's Choice, Dec. 2004 - requires Windows - can back up FAT, FAT32, NTFS, ext2, ext3, ReiserFS and SWAP GNU/Linux partitions)
         • Try Acronis True Image
       • Symantec Norton Ghost 10.0 (Ghost requires Windows, but can back up ext2 and ext3 GNU/Linux partitions as well as Windows partitions) skip
         • Try Norton Ghost
         • Norton Ghost 14.0 / PartitionMagic 8.0 / Norton Internet Security 2008 Bundle
         • Norton Ghost 10.0 / PartitionMagic 8.0 Bundle
         • Rad's Guide to Norton Ghost
       • Free Disk Imagers
       • Ranish Partition Manager (free - has a disk imaging feature - requires Windows or apparently Unix / GNU/Linux)
     •  
     • For a GNU/Linux-only system:
     • skip
     • Security experts recommend creating separate partitions for swap (memory) and the /(root), /boot, /usr, /var, /tmp, and /home directories and assigning write restrictions to them, to reduce the threats of various attacks. I strongly recommend playing it safe and listening to the experts, just in case. You also might want to consider creating a partition for the /opt directory, if you'll be installing third party software that requires it.
     • But if you aren't concerned about security, you only need to create partitions for swap and root(usually referred to as /), although I recommend also creating one for home, so that when you upgrade the operating system, or it somehow gets corrupted, your documents will be left untouched.
     • Note: Just so you don't get confused, be aware that there are three types of root in GNU/Linux: 1)the root directory, 2)the root user or administrator account and 3)the root user's or administrator's home directory.
     • Note: Red Hat recommends only creating an /opt partition if you know for a fact that you will be installing third party software that requires it. Or to avoid the need for an /opt partition, as root(administrator or superuser), enter the following commands in the terminal to enable software meant to install under /opt to actually install under /usr/opt:
     • cd /
     • mkdir /usr/opt
     • ln -s /usr/opt /opt
     • skip
       • Basic GNU/Linux Security Practice (includes recommended partition sizes)
       • GNU/Linux Security Installation Issues
       • Partitions and Security
       • A Beginners Guide to GNU/Linux (including directories)
       • A Tour of GNU/Linux's Directories (for users and newbies)
     • Note: Both Rad and Doc recommend creating GNU/Linux partitions with PartitionMagic instead of the partitioning utilities the GNU/Linux distros come with. If one of the GNU/Linux distributions listed in step 1 is unable to detect the GNU/Linux partitions you created, delete them and create at least two FAT32 partitions.
     • These distros are meant for former Windows users, so some of them were designed to detect FAT32 partitions. Some of these distros detect other types of partitions, but some of them don't. Once the distro has detected the partitions, follow the steps in the installation to format the FAT32 partitions for GNU/Linux. skip
       • Linux Filesystems and Partitioning: A Primer
       • Getting Your Disk Drive Ready for GNU/Linux (for Newbies - ignore the page links - all 4 pages are on the same page)
       • Beginners GNU/Linux Guide: Partitioning your Hard Disk for GNU/Linux
       • GNU/Linux Beginners Guide
       • GNU/Linux for Beginners: A GNU/Linux Install Made Easy
       • A Short Guide to Partitioning a Hard Drive for a GNU/Linux System
       • The Road to Installation (for Newbies)
       • The Road to Installation II
       • GNU/Linux Partitioning HowTo (for newbies not concerned with partitioning for security)
       • GNU/Linux Partitioning HowTo (for those not concerned with partitioning for security)
       • Partitioning Hard Drive(s) for GNU/Linux
       • GNU/Linux Disk Partitioning Guide
       • NixPartitioning (includes recommended partition sizes)
       • Using FDISK
     •  
     • skip
       • MEPIS Installation Guide
       • Xandros Getting Started Guide (Installation, Dual-Boot, Updates, etc.)
       • Linspire Installation Guide
     •  
     • skip
       • The Beginner's GNU/Linux Guide
       • GNU/Linux Newbie Administrator Guide
       • Support Resources for GNU/Linux Newbies
       • GNU/Linux Installation Support Forum
     •  
     • After installing GNU/Linux, be sure to create a disk image of your operating system's partition or partitions with one of the following disk imagers, to save your GNU/Linux installation before it gets messed up for whatever reason, and save time restoring it after it gets messed up. (Restoring the disk image takes less time than reinstalling your operating system.)
     • skip
       • How to Minimize the Size of Image Backups (includes deleting - I recommend securely erasing - unneeded files, moving or clearing - deleting - the page or paging file, pagefile.sys, and disabling hybernation mode, which removes the hiberfil.sys file)
       • Acronis True Image (PC Magazine Editor's Choice, Dec. 2004 - requires Windows, but can back up ext2, ext3, ReiserFS and SWAP GNU/Linux partitions)
       • Norton Ghost 9.0 / PartitionMagic 8.0 Bundle (Ghost requires Windows, but can back up ext2 and ext3 GNU/Linux partitions)
       • Norton Ghost 10.0 / PartitionMagic 8.0 Bundle
       • Rad's Guide to Norton Ghost
       • Free Disk Imagers
       • Ranish Partition Manager (free - has a disk imaging feature - requires Windows or apparently Unix / GNU/Linux)
     •  
     • Preparing your hard drive for two or more operating systems:
     • skip
     • To learn how best to install Windows or GNU/Linux, read the previous two sections on preparing for a Windows-only or GNU/Linux-only system. Then check out the following additional information.
     • If you want to read and write files to a Mac OS X partition from Windows, get MacDrive.
     • If you want to read and write files to a partition from both Windows and GNU/Linux, create a FAT32 partition. Or if you have Windows XP and only want to read the files from GNU/Linux, create an NTFS partition.
     • If you deal with sensitive data, I also strongly recommend installing each operating system on its own hard drive, so you can encrypt the whole hard drive. It'll not only make erasing or wiping files more secure, but also keep your private data from being accessed if someone steals your hard drive. And besides, encrypting a partition instead is less secure.
     • But if you have nothing on your hard drive you need or wish to keep private with encryption, or are satisfied with encrypting a partition, read Rad's Hard Drive Partitioning Strategies or check out the following dual boot partitioning guides. skip
       • Resize a Partition for Free in Windows Vista
       • Dual Boot Mac OS X and Windows Vista or XP SP2 on an Intel-Based Mac with Boot Camp
       • Set XP as the Default OS in a Windows Vista Dual-Boot Setup
       • Six Dual-Booting Guides for XP, Vista and GNU/Linux
       • Best Practices for Partitioning a Hard Disk for Windows XP
       • Multibooting in Windows XP Made Easy
       • Microsoft's How To Create a Multiple-Boot System in Windows XP
       • Understanding MultiBooting and Booting Windows from an Extended Partition
       • Dual Booting Windows XP and Win9x Together In One Hard Disk
       • MEPIS - Windows Dual Boot Installation Guide
       • Xandros Dual Boot Installation Guide
       • Convert a Windows system to dual-boot GNU/Linux on a second drive
       • GNU/Linux Partitioning Guide (Solo, Dual Boot with Single Drive & Dual Boot with Multiple Drives)
       • Setting up a Dual Boot with Win XP and RedHat or Mandrake Linux using the GRUB Loader
       • Windows - GNU/Linux Dual Boot Basics (operating systems and data on separate hard drives)
       • A Step by Step Guide to Dual-booting GNU/Linux After Windows XP
       • Making Dual-Booting with GNU/Linux More Livable
     • Once you've finished creating and formatting the partitions, do a clean installation of the full version, not the upgrade version, of Windows 2000 or XP Professional, for best performance.
     • Paul Thurrott's Windows XP Pro Clean Installation Guide
     • Then be sure to create a disk image of your operating system partitions with one of the following disk imagers, to save your installations before they get messed up, and save time restoring them after they get messed up. (Restoring a disk image takes less time than reinstalling an operating system.) skip
       • How to Minimize the Size of Image Backups (includes deleting - I recommend securely erasing - unneeded files, moving or clearing - deleting - the page or paging file, pagefile.sys, and disabling hybernation mode, which removes the hiberfil.sys file)
       • Acronis True Image (PC Magazine Editor's Choice, Dec. 2004 - requires Windows - can back up FAT, FAT32, NTFS, ext2, ext3, ReiserFS and SWAP GNU/Linux partitions)
         • Try Acronis True Image
       • Try Norton Ghost
       • Norton Ghost 9.0 / PartitionMagic 8.0 Bundle (Ghost requires Windows, but can back up ext2 and ext3 GNU/Linux partitions as well as Windows partitions)
       • Norton Ghost 10.0 / PartitionMagic 8.0 Bundle
       • Rad's Guide to Norton Ghost
       • Free Disk Imagers
       • Ranish Partition Manager (free - has a disk imaging feature - requires Windows or apparently Unix / GNU/Linux)
     •  
     • Hide Step 2 - File System and Partitions
     •  
   • Security Upgrade and Updates | skip
     • If you use Windows XP, and wish to continue using it - for XP Home, in spite of its security risks, be SURE to install Service Pack 2 (SP2), because it's NOT just another bunch of bug fixes and security updates. It's a crucial upgrade that'll fundamentally change how Windows XP handles security issues. So don't put it off! Do it as soon as possible! But seriously consider this first:
     • XP SP2 Gives Reasons to Switch to GNU/Linux
     • WARNING: Some people have lost their files after SP2 messed up their computer, so be SURE to back up all your files first. Also, some people's computers have become slow or even unusable, so you may not be at all happy with SP2. But if you can get it to work, you'll have made your computer more secure.
     • Note: Unless you have Broadband/DSL Internet access, it'll take a LONG time to download Service Pack 2. But you don't have to worry anymore about losing the download, if you get disconnected from the Internet. You can resume downloading once you're connected again. However, if you don't want to deal with that, you may order a free SP2 CD instead.
     • CAUTION: If you install SP2 in Windows' normal mode, the one that loads when you start your computer, it may be unable to copy certain files, or it may cause other problems. If it does, install SP2 in Safe Mode. (Press the F5 key repeatedly when starting or restarting your computer to load Windows in Safe Mode. If dual-booting, select Windows from the boot menu first. Then press the F5 key.)
     • Learn about Windows XP Service Pack 2 (SP2) and how to install it.
     • Security Patches by Dialup Modem? Forget it!
     • I recommend WindizUpdate for Windows users, instead of Microsoft's WindowsUpdate service, because unneeded updates can corrupt or disable Windows, and unlike WindowsUpdate, WindizUpdate only lists updates for software and services on your system.
     • Hide Step 3 - Security Upgrade
     •  
   • User Account | skip
     • In most cases, whether you use Windows, Mac OS X, GNU/Linux or BSD, your default account unfortunately is your administrator or root user account, which has full access to your system. If you're concerned about security and privacy, you should never work or play offline, or especially go online, in your default account, except to install software or updates. You should use a limited-access user account for routine work instead.
     • In fact, making changes in the administrator account in Windows and in the superuser / root user account in UNIX-based operating systems such as Mac OS, BSD and GNU/Linux is always dangerous. You could corrupt your system or make it either unbootable or vulnerable to attack by an intruder. So when it's necessary to make changes, you always need to do so very carefully.
     • In Mac OS X, unlike Windows and GNU/Linux, there are three accounts. For security, the root user (Mac OS's equivalent of Windows' admin account) is disabled by default, so unless you enable it again (most users never have to - see my warning below the following links), there's no need to worry about making your system vulnerable to intruders through some mistake made while logged into your root account.
     • The default / admin account has some admin access, unfortunately, so even though it's limited, don't go online with your default / admin account. Use a normal / standard / staff user account instead.
     • In most GNU/Linux and BSD distributions, your default superuser / root user account unfortunately, like in Windows, is your admin account.

     So create a standard user in Windows 7 or Vista or a limited-access user account (LUA) in Windows XP and use it for every-day use, especially to go online with, instead of your default account.

     • Note: If you use Windows, be aware that it won't be a pain-free change. If you want to avoid the pain and hassle, upgrade to Windows 7 or switch to Mac OS X or an easy-to-use GNU/Linux distribution, then create a normal / standard / staff user account. Read the following articles to learn more. skip
       • Why the default account we're all used to using isn't safe for every day use.
       • Why You Shouldn't Run as Admin
       • Oh the Pain: Paul's First Week as a Limited User
       • How to Create a Limited User Account in Windows 2000 or XP
       • How to Create a Normal (limited) User Account in Mac OS X
       • How to Create a Normal User Account in LindowsOS / Linspire
     • More Information on Access / Privilege Control: skip
       • Unprotected Windows XP Hacked in 8 Seconds
       • Mac OS X Hacked in Less Than 30 Minutes
       • Security Problem: Arrogant, Self-assured Pros Don't Run as Normal User
       • The Challenge of Least Privilege
       • TechNet Webcast: Limited User Access: The Good, the Bad and the Ugly
       • Why Even ''Power User'' Isn't Acceptable
       • Is Windows Vista's user security elevation better than Mac OS X's?
       • Windows Vista Security and Protection
     • WARNING for MAC OS X Power Users: Enabling the root user account subjects your system to the typical dangers I mentioned are associated with using it. (In Unix-based systems, there is no undo command!)
     • If you must make root access changes, I strongly recommend using the sudo (substitute user do) command prefix instead to gain root access temporarily, but only after patching its buffer overflow security hole, if you use an older version of Mac OS than 10.04 (not Tiger - it's 10.4), and removing its unsecure 5-minute ''grace period'' first.
     • Otherwise, an intruder could gain full access to your system, in the former, if unpatched, and in the latter, if an attack is made during that grace period. Using sudo is safer than using su, but if you must use su (substitute user) to "su to root" so you can run several commands, ALWAYS use /bin/su instead, and ALWAYS with a dash or hyphen.
     • If you ever do want to make changes in your administrator (in Windows) or root user (in Mac OS, BSD or GNU/Linux) account, I strongly recommend always creating a disk image of your operating system's partition first. Then, read the following articles to learn how to make those changes safely and securely.
     • How to Control Access / Privilege Securely in Windows: skip
       1. Run LUA Buglight to identify the specific causes of LUA bugs you're dealing with.
       2. Try one of these fixes for LUA bugs, starting with the most-preferred (Make the Developers Fix It) to the next-to-least-preferred fix (Loosen Access Control Lists).
       3. If none of those fixes work or you're unable to apply them, and only then, apply the least-preferred fix (Run Just the One Problematic App with Elevated Privileges) with one of the following access / privilege control methods or utilities.
          • RunAs, RunAsAdmin, MakeMeAdmin and Other Access / Privilege Utilities for Windows
          • Authenti-Key: A RunAs-like Utility for Windows (trialware)
          • NTsu: A su-like Utility for Windows
          • sudoWn: A sudo-like Utility for Windows (free - safer than NTsu - requires .Net version 2.0 or newer)
          • SetSAFER: A Utility for Running Applications with Limited Access
          • Resources for Running As Non Admin in Windows (includes Aaron Margosis' nonadmin blog)
          • TechNet Webcast: Tips and Tricks to Running Windows with Least Privilege
          • Windows Vista User Account Control (UAC) (coming in January, 2007)
          • Blog on User Account Control in Windows Vista
          • 6 User Account Control (UAC) Policies in Windows Vista
          • Applying the Principle of Least Privilege to User Accounts on Windows XP
          • Windows XP's Microsoft Application Compatibility Toolkit (ACT)
          • search for dana - has links to least privileges in vista
     • How to Control Access / Privilege Securely in Mac OS X, BSD and GNU/Linux: skip
       • How to Perform Limited Admin Account Tasks Safely From a User Account in Mac OS X
       • How to Perform Root Account Tasks Safely From a User Account in Mac OS X
       • How to Recover Your Lost Root Password in Mac OS X
       • How to Perform Admin Tasks Safely From a User Account in GNU/Linux with su - (ALWAYS use /bin/su instead, and ALWAYS with a dash or hyphen)
     • To learn more about su and sudo, here are some more links: skip
       • The Importance of Setting the Correct Path with su
       • Definition of sudo
       • GNU/Linux / Unix Command: sudo
       • Advantages and Disadvantages of su and sudo
       • Eliminating Root with sudo
       • Decentralise GNU/Linux Security with sudo
       • Using sudo
       • sudo Setup Guide for GNU/Linux
       • Administrative Controls
       • sudo Information and Links
     •  
     • Hide Step 4 - User Account
     •  
   • Default Settings | skip
     • Windows XP's default settings were configured for ease of use and connectivity, not security, and Service Pack 2 only changes a few of those settings, unfortunately, so even with SP2 installed, Windows XP is still very unsecure and vulnerable to attack. Learn more about Windows XP's dangerous settings.
     • The default settings in GNU/Linux, Mac OS, FreeBSD and NetBSD aren't sufficiently secure either. To be sufficiently secure, you have several options. skip
       • One of the Two Best Options for Experienced Users: Switch to OpenBSD
       • The Other Best Option for Experienced Users and the Best Option for Beginners / Newbies: Use a Virtual OS in a Clean-installed and Secured OS
       • The Other Option for Windows Users: Secure or Harden Windows
       • The Other Option for GNU/Linux Users: Secure or Harden GNU/Linux
       • The Other Option for Mac OS or BSD Users: Secure or Harden Mac OS, FreeBSD or NetBSD
     • I have two options for you, for securing - also called hardening - Windows: one, to make it more secure, and another, to make it sufficiently secure. But first, before editing Windows' registry as instructed in a security guide, a word of warning...
     • WARNING: Carelessness and honest mistakes in editing the registry can mess up, if not completely disable, your system. So pay attention and back up the registry before editing it, and if your data is on the same partition as Windows (not recommended), back up your data too.
     • Ways to Back Up Windows' Registry: skip
       • Create an image of your hard drive with one of the following software (strongly recommended):
         • Norton Ghost (commercial) - Norton Ghost 9.0 / PartitionMagic 8.0 Bundle
         • Norton Ghost 10.0 / PartitionMagic 8.0 Bundle
         • Rad's Guide to Norton Ghost
         • Acronis True Image (commercial)
         • Free Disk Imagers
         • Ranish Partition Manager (free - has a disk imaging feature - requires Windows or apparently Unix / GNU/Linux)
       • Create a Restore Point (not recommended - it's not reliable)
       • Back Up and Restore Individual Registry Keys
       • Back Up and Restore the Registry with ERUNT (not recommended - it may not work properly after being restored)
       • Back Up and Restore the Registry with NTBACKUP (see note below)
     • Note: NTBACKUP is not installed by default in Windows XP Home Edition. If you want to continue using Windows XP Home even though it can't be made sufficiently secure (not recommended), install NTBACKUP using the instructions available at Q302894. If you don't have a Windows XP CD-ROM, get NTBACKUP.MSI.
     •  
     • Windows Security Options
     • WARNING: ''UAC (User Account Control in Windows 7 and Vista) does not stop you from malware. If Malware gets on your box and you are admin, you must assume that the malware will gain admin rights the second you ask for admin rights.'' - Mark Russinovich
     • Sophos Finds Windows 7 UAC Fails to Block 7 out of 10 Pieces of Malware
     • Confusion about Vista Features: What UAC Really Is
     • If you wish to keep using Windows, you have two options to secure it:
     • If you only have a mild case of paranoia (you probably should have more - what I call a healthy paranoia) and just want basic, practical security, you may follow the instructions in one or more of the security guides in option 1. But I strongly encourage you to choose option 2 instead, to preserve your privacy and help secure the Internet.
     • And if you have a laptop / notebook or handheld, follow one or more of these security guides as well: skip
       • Mobile Computing: Laptop Security, Part 1
         • Mobile Computing: Laptop Security, Part 2
       • Cell Phone and PDA Security Guides
     • Option 1: Basic Security skip
       • Tech Target's How to Secure Windows 7
       • Technically Easy's How to Secure Your Windows 7 System
       • Windows 7 Security Primer
       • TechSpot's Guide to Windows 2000 & XP Online Security & Privacy
       • Tweak Hound's Windows XP Security Guide
       • WindowsSecurity.com's Windows XP: Your Definitive Lockdown Guide
       • University of Minnesota's Securing a Personal Machine
       • University of Texas' Security Guides for Windows
       • About.com Security Guide's 5 Steps to Secure XP Home Edition
     •  
     • Option 2: Sufficient Security
     • Windows XP comes with software and services that not only most users don't need and will never use, but that unfortunately pose serious potential threats to your computer's security and your privacy. I highly recommend removing them from Windows.
     • XPlite and nLite, configuration utilities, give you the power to remove these threats, and even remove upgrades that go bad. Not only that, but they allow you to repair Windows as well. If a particular software or service gets corrupted, you can completely remove it, and then reinstall it, as uncorrupted as when Windows was first installed. Plus they greatly reduce both Windows' memory requirements and the space needed for it on your hard drive. And if that's not enough, they also make it run faster.
     • If you have a healthy paranoia and want your computer to be sufficiently secure, first remove Windows' security threats either after installing Windows with XPlite, or better yet, before installing Windows, with nLite*, then reconfigure the default settings of the remaining software and services for security with one of the following security guides. (*nLite allows you to create a Windows installation CD that doesn't include the unwanted programs but does include the service pack and updates.)
     • WARNING: I haven't used these programs yet, so I don't know if you may disable Windows by removing certain services or not, if you don't know what you're doing. If, like me, you're not sure, get advice from an expert. Most importantly, before using XPlite or nLite or making any changes to your default settings, at least back up your registry, so you can restore it if you have a problem after making a mistake.
     • Even better, in case restoring your registry backup doesn't fix the problem, which happened to me after trying out some free registry cleaners, make a disk image of your Windows partition first. (See the beginning of this step for registry backup and disk imaging software.)
     •  
     • Windows | skip
       • vLite (for Windows Vista)
       • Why One Person Doesn't Use Programs Like XPLite and nLite
       • XPlite
       • nLite
         • Complete Beginner's Guide to nLite
       • XP Antispy (a program that will save you time in reconfiguring Windows)
         • Learn More
       • Other Mini Programs
       • Other System Hardening Programs
       • UK Security Online's Security Guides
       • If your business has Windows 2000 and Windows XP computers connected in a network, check out the NSA's security guides.
       • NSA's Windows XP and Windows 2000 Security Guides
       • Stay informed of the latest Windows vulerability alerts at US-CERT.gov.
     •  
     • Mac OS X and BSD skip
       • 15 Easy Fixes for Mac Security Risks
       • Follow Princeton's steps to secure Mac OS X, including 10.4 (Tiger).
       • Or the NSA's Mac OS X Security Guide.
       • Then, enhance security and privacy in Mac OS X Tiger, if you have it.
       • And stay informed of the latest Mac OS vulnerability alerts at SecureMac.com.
       • To learn more, read the following guides:
       • How do I completely disable the Guest account on Leopard?
       • Macintosh Security Basics
       • A Security Primer for Mac OS X
       • Secure Mac - Lesson 1 | Lesson 2 | Lesson 3
       • Secure Computing: Best Practices for Macintosh OS X
       • Mission Lockdown - Get Smart With Security Tactics for Mac OS X
       • University of Texas' Mac OS X Security Guide
       • Peach Pit's ''Securing Mac OS X''
       • USC's ''Maintaining Mac OS X Security''
       • MacWrite's Ten-Part Mac OS X Security Guide
       • SANS' Mac OS 10.1.4 Security Analysis and Recommendations
       • SANS' Mac OS 10.0 Security Essentials
       • Mac Security Links
       • DD's Ultimate Guide to Mac OS Security (links)
       • FreeBSD Security Guide
     •  
     • GNU/Linux skip
       • Use one of these secure GNU/Linux distributions.
       • Use Bastille to secure GNU/Linux.
     • WARNING: Restricting everything might exclude you from certain services and programs, and from the Internet. If you make that mistake, use the undo / revert function to restore your original settings.
     • Or follow these guides to harden, or secure GNU/Linux (each one may include information the others don't, so you may want to read all of them): skip
       • Princeton's Basic GNU/Linux Security Guide
       • IBM.com's Guide
       • SecurityFocus's Guide
       • Net-Security's Guide
       • LinuxExposed's Guide
       • Securing Debian
       • More Hardening HowTos
     •  
     • Other GNU/Linux Security Guides: skip
       • GNU/Linux Security Overview
       • Security Quickstart HowTo
       • Security HowTo (up-to-date version)
       • GNU/Linux Firewalls
       • The GNU/Linux System Administrator's Guide
       • Basic GNU/Linux Security Practice
       • Unix / GNU/Linux Security Links
       • Stay informed of the latest GNU/Linux vulnerability alerts at LinuxSecurity.com.
     •  
     • Hide Step 5 - Default Settings
     •  
   • Hardware | skip
     • Router with a Firewall skip
       • Keep Your PC Hidden From the Bad Guys
       • What You Should Know About Firewalls
       • Why Broadband Users Need a Router and How to Configure it for Security
       • Computers Sharing a Connection Need Both Hardware and Software Firewalls
       • Firewall Debate: Hardware vs. Software
       • Wireless Networking Made Simpler
       • Wireless Network Buying Guide
       • Top Networking Devices
       • All About Routers
       • CNet's Router Reviews
       • Wireless G (802.11g) Routers with an RJ-11 Phone Line Port at Shopping.com
       • Wireless G (802.11g) Routers with an RJ-11 Phone Line Port with Stateful Packet Inspection (SPI) at Shopping.com
       • Wireless G (802.11g) Routers with Stateful Packet Inspection (SPI) and 2 x RJ-11 for VoIP (Voice over IP) at Epinions.com
     • Configuring a router for use with dial-up is tricky and difficult. If you use dial-up, I recommend getting one of the following wi-fi devices instead.
     • Note: These devices may slow down your connection considerably. Wireless Link by Nebo Wireless slowed mine from 52 Kbps to 36 Kbps.
       • Read ''Wi-Fi for the Rest of Us'' (going wireless with dial-up)
       • Wireless Link by Nebo Wireless (cheap)
       • WiFlyer by Always On Wireless (expensive, but easier for surfing wirelessly from several computers with only one dial-up connection)
     • But if you'd rather use a router with dial-up, look for DSL, ADSL or 1 x RJ-11.
     •  
     • The Best Data Security and Privacy Option: A GNU/Linux Live CD, DVD or USB with Software, Data and Encryption Key on a USB Key (Encrypted USB Drive) skip
       • GNU/Linux Live CDs, DVDs and USBs with Persistent Home
       • Warnings About Storing and Entering Encryption Keys and Accessing Encrypted Data
       • infoAnarchy's Lists of Encryption Software
       • TheFreeCountry's Lists of Free Encryption Software
       • 4 Steps to Securing Data on a Thumb Drive
       • Secure Encryption Key Managers and Fillers
       • How to Run TrueCrypt in Traveller Mode
       • BestCrypt Traveller (free - requires administrative privileges)
       • Software for a USB Drive
       • StealthSurfer II PrivacyStick (comes bundled with Firefox, ThunderBird, Anonymizer and RoboForm)
         • A Review of StealthSurfer
       • U3 Smart Drives (the discontinued U3 platform replaced by Microsoft's StartKey lets you run apps on any PC without leaving data on the host machine)
         • Note: U3-based products will be available until the second half of 2008, when SanDisk will roll out the new smart drives. For an alternative, try MojoPac.
         • Ceedo Personal (a commercial alternative to U3/Startkey)
         • Microsoft, SanDisk to Replace U3 Drives
         • U3 to U-Zero
         • Microsoft Preps StartKey: A 'Windows Companion' on a USB Stick (allows you to carry your Windows and Windows Live settings with you - also works on other flash-storage devices)
         • U3: Portable Programs on a USB Drive (this discontinued platform replaced by Microsoft's StartKey lets you run apps on any PC without leaving data on host machine)
         • U3 Newbie Guide
       • RoboForm2Go USB Key
       • MnemoSec Pro Ultra Secure USB (claimed to be ''The most secure USB Drive on the market place today.'')
       • Lock Down the Data on Your Portable Drives (encryption software for USB drives, these USB keys: Apricorn's Aegis Vault and Aegis Bio, SanDisk's Cruzer and La Cie's SAFE Mobile Hard Drive with Encryption; virtualization software and hardware-based encryption in laptop drives)
       • Portable Drives That Protect Your Data (CryptoBuddy's CryptoStick, Kanguru's Micro Drive AES and Bio Drive and SanDisk's Cruzer Profile Biometric)
       • New SanDisk USB Drives Protect Mobile Data
       • Corsair's Flash Padlock (auto-lock feature prevents unauthorized access or ''Brute Force'' attack)
         • A Review of Flash Padlock and Where to Buy It
       • Kingston Data Traveler Secure
         • A Review of Data Traveler Secure and Where to Buy It
       • Lexar JumpDrive Secure II Plus
         • A Review of JumpDrive Secure II and Where to Buy It
       • IronKey (bundles a copy of secured Tor-based FireFox and Password Manager)
         • A Review of IronKey
       • Store 'n' Go Corporate Secure USB Drive
         • A Review of Store 'n' Go Corporate Secure USB Drive
     •  
     • The Second Best Data Security and Privacy Option: A Seagate, Fujitsu or Hitachi Encrypted Hard Drive with Phoenix Failsafe and A Trusted Platform Module skip
     • Warnings About Storing and Entering Encryption Keys and Accessing Encrypted Data
     • The Seagate Momentus, Fujitsu MHZ2 CJ and Hitachi Travelstar laptop / notebook hard drives come with full, or whole, disk encryption (FDE) and support for Phoenix FailSafe and the Trusted Platform Module, a combination that allows you to protect or securely erase sensitive, confidential, private data.
     • These drives come with ''a disk erase feature that lets [you] quickly and securely wipe drives of sensitive data. Seagate claims this can happen in seconds regardless of the drive's capacity because there is no software initialisation required.'' - article at Techworld.com
     • And if your laptop / notebook or its hard drive gets stolen before you securely erase your sensitive data, that data will remain fully protected even when the hard drive is repurposed (installed on another computer).
       • Trusted Platform Module
       • Phoenix FailSafe (includes remote data retrieval, encryption and secure destruction and laptop disabling - takes photo if web cam is detected)
       • Seagate Introduces Full Disk Encryption for Laptops / Notebooks, an Industry First
       • Seagate Ships Super-Secure Hard Disk Drive
       • Technology Papers and Details of the Momentus 4200, 5400 and 7200 Hard Drives
       • Fujitsu's Full Disk Encryption HDD is Doubly Safe with Phoenix FailSafe
       • Hitachi Offers Encrypted Hard Drive
     • The alternative to these combinations is to encrypt your whole hard drive with full disk encryption software and save the key, or password, in a Trusted Platform Module.
     •  
     • The Third Best Data Security and Privacy Option: Encrypted Files or Folders and A Trusted Platform Module skip
     • Warnings About Storing and Entering Encryption Keys and Accessing Encrypted Data
     • The Trusted Platform Module allows you to send and receive secure e-mail, encrypt files and folders with EFS (not recommended!) and create an encrypted virtual drive, called a Personal Secure Drive (PSD).
     • According to HP.com, a Personal Secure Drive provides the following benefits:
       • ''Secure Electronic Mail. Share messages confidentially and be sure message integrity will be kept during transmission.''
       • ''Access to network resources. TPM can increase your reliability from the network platform. If a hacker's PC tries to access the network, even with the user credentials, permission will not be granted.''
       • ''Wireless Local Network (WLAN) security. TPM helps organizations to prevent non-authorized devices from accessing the corporate network. An exclusive root key identifies each client machine fit for TPM as a reliable platform on the network.''
       • ''Support for other manufacturer's applications such as RSA Secure ID. The combination of the software token functions with TPM provides a solid authentication without the additional cost and complexity associated with hardware token implementation.''
       • TPM - Trusted Platform Module (at TechWorld - every PC made should have a TPM by 2008 or 2009)
       • Trusted Platform Module (at Wikipedia)
       • Security: Trusted Platform Module (at PC Mag)
       • Staying In Control With Trusted Platform Modules (at Tom's Hardware)
       • Apple Uses TPM to Restrict Intel-based Mac OS to Mactels (or MacIntels - the new names for Intel-based Macs)
       • Let's see some ID, please. The end of anonymity on the Internet?
       • The Trusted Platform Module - Creating a Safe Public Space or a DRM Nightmare?
     •  
     • Hide Step 6 - Hardware
     •  
   • Software | skip
     • Once you've completed all of the steps in one of the security guides, I strongly recommend downloading, installing, and using the following free and commercial security software programs. If Mac OS and GNU/Linux equivalents aren't included for some of the following types of software, find and use good quality equivalents to keep your system sufficiently secure.
     • WARNING for Windows Users: These programs will NOT keep your computer sufficiently secure unless you've first done steps 1 and 2, and secured Windows - if you've chosen not to use a virtual OS in a clean-installed and secured OS when online - by completing steps 3, 4, 5 and 6, and they won't keep your sensitive data private unless you do step 7 to secure data you want to keep and complete these steps to erase sensitive data you don't want to keep.
       • Antimalware | skip
         • What's Malware?
         • Cell Phone and PDA Security Guides and Software
         •  
         • Security Suites skip
           • Symantec Norton 360 (PC Magazine Editor's Choice, March 2007 and CNET Editor's Choice, Feb. 2007)
           • ZoneAlarm Internet Security Suite 7 (CNET Editor's Choice, Jan. 2007 - includes a firewall, antivirus, spam filter, online and offline identity-theft protection, and other features)
             • Try ZoneAlarm Internet Security Suite
           • Compare These and Other Security Suites
           • Kaspersky Internet Security 6.0 (tied for best HIPS at FirewallLeakTester.com)
           • Ghost CryptoSuite (tied for best HIPS at FirewallLeakTester.com)
         •  
         • Firewall skip
         • skip
           • The Need for Outbound Protection and Frequent Firewall Checkup
           • Why Broadband Users Need a Router and How to Configure it for Security
           • Computers Sharing a Connection Need Both Hardware and Software Firewalls
           • What You Should Know About Firewalls
           • Firewall Debate: Hardware vs. Software
         •  
         • Test your firewall for leaks at: skip
           • AuditMyPC.com
           • McAfee's HackerWatch.org
           • SecuritySpace.com
         •  
         • Don't use Windows XP's firewall. Use a security suite or Jetico Personal Firewall instead. It's currently ranked #1 by FirewallLeakTester.com, ahead of ZoneAlarm, Norton Personal Firewall, and others. It has 2-way protection and a stealth feature. Windows XP's firewall has neither. Only one-way protection.
         • Jetico Personal Firewall (free - Highest rated firewall software program at FirewallLeakTester.com)
         • (full protection for your PC's communication ports - Make sure Jetico Personal Firewall always starts with Windows so it's always running when online, and download and install the update when alerted that one's available.)
         • If you're not concerned about dealing with every possible threat to your firewall, get ZoneAlarm. (award-winning firewall - free for noncommercial use)
         •  
         • Antivirus | skip
         • (finds these malware on your hard drive and removes them - NOD32 is currently the best antimalware program, according to Gizmo of TechSupportAlert.com - Check weekly for updates and scan your hard drive daily or weekly.)

         WARNING: Antivirus, antispyware and firewall software do not protect your system from zero day / zero hour attacks and other threats.

         I strongly recommend minimizing those threats with a Host Intrusion Detection and Prevention System (HIDS / HIPS).

         • Zero Day/Zero Hour and Other Threats
         • How good are free security programs? (improving performance through layering)
         • Is Security Software Becoming a Security Risk? Why A Security Expert Believes Using More Than One Antivirus Program Creates a Vulnerability
         • AntiVir (free)
         • Avast (free)
         • AVG (free)
         • Antivirus Plugins for BartPE or better yet Ultimate Boot CD for Windows: skip
           • FreeAV (AntiVir) Plugin
           • Avast Plugin
           • AVG 7 - 1 Plugin
           • AVG 7 - 2 Plugin
           • Other Antivirus Plugins for BartPE or better yet Ultimate Boot CD for Windows
         •  
         • Antitrojan | skip
         • ''Anti-virus products have become much better at detecting trojans. As a result of these developments I no longer recommend for most users the routine use of a separate anti-trojan program.'' - Ian ''Gizmo'' Richards
         • Note: Because today's antivirus software are being programmed to detect trojans, the demand for and sale of antitrojan scanners have gone down. As a result, TDS-3, once the best antitrojan scanner for experienced users, has been discontinued.
         • Gizmo's Old Reviews of Antitrojan Software
         • Tauscan plugin (for BartPE or better yet Ultimate Boot CD for Windows - capable of detecting and removing about 1000 trojan horses and variants)
         •  
         • Antirootkit skip
         • ''The term 'rootkit' originates from the Unix world. It refers to a set of tools that would hide any trace of an intruder yet maintain full, or "root," access [to the operating system].'' - CNet
         • ''A rootkit retains access to the system that has been previously compromised, and it hides itself from someone who is authorized to use the computer,'' said Jon Orbeton, a senior security analyst at security software maker Zone Labs.
         • ''Rootkits are malicious programs that are designed to be invisible, often replacing core operating system functionality with a version of the same functionality that provides remote attackers with a back door into compromised systems,'' says Al Huger, senior director of engineering at Symantec.
         • Huger also says that ''If we have seen an increase in [rootkit infections] it's not significant enough to warrant attention.'' - Rootkits: Not Real Threats?
         • Mikael Albrecht, product manager for F-Secure, sees it differently. ''It is...worth noting that the Windows rootkit scene is new and rapidly developing.''
           • eWEEK.com Security Center Editor Larry Seltzer's Opinion on the Rootkit Threat
           • The Strider GhostBuster Project: Microsoft's Rootkit Research
         • If you disagree, try to reveal and / or remove a stealthy rootkit with one of the following programs.
         • WARNING: Removing a rootkit may corrupt and disable your operating system, and destroy personal data in the process. I strongly recommend reformatting and reinstalling Windows instead, if you want to keep using Windows. Otherwise, switch to an alternative and more secure operating system.
           • Process Guard (a multi-award winning, cutting-edge malware guard - free and commercial editions - monitors and terminates malicious processes - DiamondCS claims it even stops rootkits from installing)
           • Privacy Expert Suite (PC Magazine Editor's Choice - antispyware, security and privacy suite - they claim its rootkit removal tool automatically detects rootkits and enables users to remove these programs)
           • PCSupportAdvisor Author Ian ''Gizmo'' Richards' Rootkit Detection and Removal
           • TechTarget's Detecting and Removing Rootkits in Windows
           • IceSword...The Best Rootkit Defender?
           • RootkitRevealer (free - finds registry and file system discrepancies that may indicate the presence of a rootkit - search the Web for removal instructions)
           • F-Secure BlackLight Rootkit Elimination Technology (free)
           • UnHackMe (commercial - finds and removes rootkits)
         •  
         • Host Intrusion Detection and Prevention System skip
         • The method of scanning your hard drive for malware after it has infected your system, which requires constant updates, has been made obsolete by the overwhelming and ever-increasing number and types of malware which have been created to exploit or take advantage of security holes or vulnerabilities in operating systems and software.
         • ''Host-based IPS (Intrusion Prevention System) technologies are spurring the evolution of attack protection through a simple premise: If you have to update signatures, you're already too late.'' - IT Architect in IPS Odyssey
         • That method is now being replaced in more and more schools, libraries and businesses with one that prevents malware from installing or running, or making changes to your real operating system by protecting it with intrusion detection and prevention software - the home / desktop versions are called HIDS (Host-based Intrusion Detection System) and HIPS (Host-based Intrusion Prevention System).
         • ''We're moving beyond the race to build and deploy antimalware signatures and implement hard to use 'behavioral' based solutions.'' - Mike Haro in Labrat Magazine's Adding HIPS to Your Security
         • ''Luxembourg-based SecureWave is touting this [HIPS with a whitelist] as a more logical approach [than HIPS with behavioral analysis and monitoring]. It makes more sense for an administrator to identify and allow what's good than keep up with and struggle to restrict what's bad,'' says Derek Bluestone, director of product management at SecureWave.'' skip
           • What is IDS / IPS software?
           • Why You Need A New-Generation Intrustion Protection System
           • New Generation of Anti-Spyware Targets Network Safety
           • Intrusion Prevention Systems
           • Intrusion Detection Systems
           • IPS Odyssey
           • An Overview of Personal Desktop / Host IPS
           • Behavior Blocking IPS: (Formerly) The Next Step in Anti-Virus Protection (now whitelisting IPS is)
           • Busting Common Myths About IPS
           • Reactive IDS and Proactive IPS Are Different and Separate Technologies That Complement Each Other
           • Desktop Defense: Take Back the Desktop
           • Different Classes of Security Software and Their Pros and Cons
         • WARNING: ''It is a simple fact that IDS products are not suited to beginners and naive users.'' - ''Intrusion detection software can only protect you if you know how to accurately interpret the warning messages thrown up by these programs. And interpreting these messages is not easy.''
         • ''...being warned is useless unless you have some idea how to respond to the warning. That's why neither Prevx nor WinPatrol [nor any other HIDS or HIPS with a behavior blocker] is suited to non-technical users. If you are a beginner you should seriously consider the $24.95 Plus version of WinPatrol which provides lots of guidance to help you make sense of any warning messages. As a bonus it offers better protection as well.'' - Gizmo (TechSupportAlert.com)
           • How to ensure that you give the right answers to those tricky security warning messages.
           • How good are free security programs? (improving performance through layering)
         • Malware authors are getting more clever by the minute. Keep malicious scripts from wreaking havoc on your computer and private information, by using a HIPS with at least a whitelist, if not also a behavior analyzer or monitor and blocker which uses either anomaly or misuse (a.k.a. signature) detection or both, and a HIDS (Host Intrusion Detection System) to complement the HIPS.
         • If you're not familiar with security software and haven't the slightest idea what words like behavior blocker, anomaly, misuse or signature mean in relation to a HIPS or HIDS, just stick with a HIPS with a whitelist or the PLUS version of WinPatrol, the HIDS that Gizmo recommends for beginners.
         • HIPS with a Whitelist: skip
           • Abtrusion Protector - free
           • CORE FORCE - free, includes a firewall
           • Anti-Executable (Standard and Enterprise Editions) - commercial, for Windows (order Standard edition from online store or download)
           • The following also have sandboxing / virtualization technology.
           • BufferZone (formerly AntiMalware) - free and commercial
           • Geswall - free
           • DefenseWall trialware
           • Sanctuary Application Control - commercial
             • Sanctuary Device Control - commercial
         • HIPS with a Behavior Blocker: skip
           • AntiHook - free
           • Process Guard (free and commercial - DiamondCS claims it stops rootkits from installing)
             • How to Run Process Guard with Administrator Rights in a Windows Limited User Account
           • ThreatFire (formerly Cyberhawk) (free - Cyberhawk was recommended by Gizmo at TechSupportAlert)
             • Free Cyberhawk Promises to Outwit Viruses and Spyware
           • Neoava (beta - recommended only for experts)
           • The following also have signature file detection.
           • WinPooch - free
           • Online Armor - trialware
           • Safe'n'Sec (trialware)
           • a-squared Anti-Malware Personal (trialware)
           • Prevx (commercial - recommended by Gizmo at TechSupportAlert for advanced users of Windows 2000 and XP)
             • Prevx Free Trial
         • Other HIPS Software
         • Free HIDS with Anomaly or Misuse / Signature Detection: skip
           • WinPatrol PLUS (commercial - best choice for beginners / newbies - has R.I.D.: Real-time Infiltration Detection)
           • WinPatrol (recommended by Gizmo at TechSupportAlert for earlier versions of Windows - Scotty the Windows Watch Dog sniffs out malware)
           • Prevx1 and Prevx1R (beta and commercial - beta recommended only for experts - recommended by Gizmo at TechSupportAlert for advanced users of Windows 2000 and XP)
           • System Safety Monitor
           • Strata Guard Free (based on Snort - stand-alone version requires a spare computer - VMware version doesn't)
         • Other HIDS Software
           • WehnTrust (free)
           • Another free option is to use one of the following two process viewers in combination with a process library.
             • Sysinternals' Process Explorer
             • ProcessLibrary.com's Process Scanner
             • ProcessLibrary.com (the latest information about spyware, adware, trojans, viruses, system processes and common applications).
             • Processes That Are Considered Top Security Risks
           • WinTasks (Standard and Professional) (commercial)
         •  
         • Script Blockers
         • Prevent the most common scripting types used in virus attacks, such as Visual Basic Scripting (.VBS), Java Script (.JS), etc. from running, with one of these mini programs. skip
           • Windows' Executable Script Files: Fighting Malicious Mobile Code in a Windows Environment
           • AnalogX Script Defender (can be configured to intercept new script extensions as needed)
           • ScripTrap
         •  
         • Hide the Firewall and Antimalware Section
       • History Eraser, Antiadware and Antispyware | skip
         • Want to keep your private information private while online? Read ALL of these articles to learn how.
         • Once you've read the privacy articles above, I recommend using the following software to keep your data private.
         •  
         • Secure Browsing / Surfing, Instant Messaging and E-mail Environment skip
         • If you want to try out new software and surf the Web safely and securely without fear of infection from malware and theft of private data stored on your hard drive, I strongly recommend running either your operating system and software or at least your browser(s), instant messenger(s), e-mail program and if you have it, Microsoft Word in what's called a sandbox.
         • Sandboxing and virtualization software, called a hypervisor or monitor, combined with a virtual operating system, called a ''virtual machine'' and a CPU that supports virtualization keep malware and malicious or inexperienced users from making changes to your real operating system by operating in a protected environment called a ''sandbox'' or ''virtual machine,'' and remove all malware and changes completely and delete* private data - sanbox software: manually or automatically and virtualization software: on reboot.
         • ''Emulation and instruction translation are valid solutions to problems that system virtualization can't address - namely, crossing architectural boundaries. But their performance, resource requirements, and feature limitations generally render them inadequate for day-to-day operation. One the other hand, virtualization is safe, adaptable, and getting faster. That's what you need.'' - Tom Yager in ''What virtualization is - and what it isn't'' at InfoWorld.com
         • *WARNING: Virtualization software saves private data to the hard drive unencrypted, and it does NOT securely erase them on reboot. You need to do that yourself.
         • WARNING: Virtualization requires special disk privileges, and unless you run a virtual machine on a CPU that supports virtualization - most CPUs or chips don't - there's a greater chance that malware could infect your real operating system and corrupt it or steal private data.
         • Chipmakers Intel and AMD are building virtualization support into their CPUs. skip
           • Security Through Virtualization: Creating The Only Safe Internet Experience
           • Experts Discuss the Pros and Cons of Virtualization
           • What Virtualization Is - and What It Isn't
           • Virtual PC Guy on Virtualization Versus Emulation
           • Dave at SysAdminBlog on Virtualization vs. Emulation
           • Virtualization
           • Virtual's New Reality
           • Information on Emulation at Wikipedia
           • Information on Virtual Machine at Wikipedia
           • Inside the Virtual Machine
           • The Privilege Problem
           • Getting Started with Virtual Machines
           • Virtualization Edges Toward PCs
           • New CPUs: Intel VT (Virtualization Technology) and AMD Pacifica (SVM Secure Virtual Machine)
           • Intel VT vs. AMD Pacifica
           • Intel VT and AMD V (Pacifica) and Software Utilizing Virtualization
           • Instant Gratification: Instant-On BIOS-Level Virtualization-Based Apps with Phoenix HyperCore Hypervisor
           • Microsoft built some virtualization features into Vista.
           • Microsoft will be delaying most of its NGSCB security plan, including some virtualization features.
           • Here Comes Microsoft's Hyper-V (Bundled with Windows Server 2008)
           • VMware Enters the Linux Kernel
           • Linux Kernel 2.6.21 Includes VMware VMI and KVM Para-Virtualization Support
           • Paravirtualization (and Its Disadvantages, Including Weaker Security) Explained
           • Xen Full Virtualization in Novell SUSE
           • Xen Full Virtualization Example in openSUSE
           • NComputing (a device that allows multiple users to share the resources of a single desktop computer - users plug a keyboard, mouse and monitor into the box, and get a virtualized desktop and apps delivered from the host machine)
         • Hypervisors (Virtualization Software) skip
           • VMware Player (free)
             • How to Surf with Complete Security [with VMWare]
             • How to Set Up a Windows, GNU/Linux or BSD Virtual OS in a Secured OS
           • Xen (free)
             • About Xen
           • VE^Lite (trialware)
           • Comparison of Virtual Machines
         • Sandbox Software skip
           • Sandboxie (free)
           • Virtual Sandbox (commercial)
         •  
         • Phishing Site Detector
         • A phishing site detection plugin for your browser helps you investigate a site as a way to significantly reduce, if not avoid, the chance of having your private data stolen by phishing scams.
         • If you use Internet Explorer, download and install a phishing site detector to help keep your web account passwords safe. If you use Firefox, make sure you use the lastest version and keep the built-in antiphishing feature enabled.
           • A Comparisons of Phishing Site Detectors
           • Netcraft Toolbar
             • A Review of Netcraft Toolbar
         •  
         • Username, Password and Form Manager
         • Save your usernames, passwords and contact and credit card information in one of these convenient and secure programs with automatic form entry. Your private data are saved in strongly encrypted files.
           • RoboForm (free - for Windows)
           • RoboForm2Go (formerly Pass2Go) (stores RoboForm passcards and other private data on an encrypted USB key or token, a secure thumb drive with AES - the strongest encryption available - pull out your USB key and no traces of RoboForm2Go are left on your computer)
             • GoodSync File Synchronizer (synchronizes RoboForm passcards or any other files between a computer and a USB key or between two computers - recommended for RoboForm2Go users)
           • Keychain (part of Mac OS X)
           • KWallet (part of KDE in GNU/Linux)
         •  
         • Secure Data Eraser / Wiper / Shredder
         • Believe it or not, Windows, Mac OS, BSD and GNU/Linux don't actually remove files and Internet tracks when you delete them or format your hard drive. Use one of the following data erasing programs to securely erase private and unwanted data from your hard drive and other digital media. skip
         • Note: The swap or page file, a large memory file, may contain sensitive private data. Set your privacy program to clear it at shutdown, if it has that feature. skip
         •  
           • How to Erase CD-RWs (rewritable CDs)
           • Make Sure Your Old Computer Tells No Tales
           • How to erase your hard drive before selling your computer or donating it to a charity.
           • Easy [and Secure] Ways to Recycle Old PCs and Cell Phones--Really!
         •  
         • If you use Windows and don't know much about computers, use one of these secure erasers.
         • If you're familiar with Windows' folder directory, and want to do a thorough cleanup for free, use Eraser.
         • Instructions for Using Eraser
         •  
           • Mac OS and BSD Erasers
           • GNU/Linux Erasers
         •  
         • Antispyware and Adware skip
         • If you use Windows, your hard drive most likely has spyware and adware on it. If you go online every day, use the following software every day to find and remove them.
         • Or if you don't want to deal with that, choose one of the following options. skip
           • Set up a virtual OS in a clean-installed and secured OS.
           • Switch to GNU/Linux, Mac OS or BSD.
           • Use Windows when offline and a GNU/Linux Live CD when online.
           • Set up a dual boot system and use Windows when offline and an alternative operating system when online.
         • skip
           • How good are free security programs? (improving performance through layering - for example, using Ad-Aware, Spybot and MWAS together)
           • Don't be fooled by rogue/suspect antispyware products and web sites.
           • Poor Defenders - Some antispyware companies use confusing ads.
         • Use Spy Sweeper (commercial - PC Magazine Editor's Choice, Oct. 2005) or, if removing all spyware and adware isn't a concern, Ad-Aware (free and commercial - has fallen behind, according to a Feb. 2005 PC Magazine article) to remove them.
         • Spy Sweeper and Ad-Aware Plugins for BartPE or better yet Ultimate Boot CD for Windows: skip
           • Spy Sweeper
           • Ad-Aware SE Personal 1
           • Ad-Aware SE Personal 2
           • Then use Spybot and Windows Defender (requires Internet Explorer, Windows Installer 3.1 or later and Windows validation to download and install, and DCOM and Windows Defender services to work) to remove web bugs and any spyware and adware that Ad-Aware may have missed. (Before using them each time, be sure to check for updates.) Or use one of these programs. (Read the privacy articles above to learn about spyware and web bugs.)
           • Antispyware Plugins for BartPE or better yet Ultimate Boot CD for Windows: skip
             • ParetoLogic XoftSpy (claimed to be the latest and most advanced spyware detection and removal software)
             • Spybot
             • Giant AntiSpyware 1
             • Giant AntiSpyware 2
             • Aranea Spywizard
           • After you've removed the spyware and adware from your hard drive with Spybot and AdAware, or one of the commercial programs, use SpywareBlaster | and SpywareGuard to minimize further pestware on your computer.
           • Before using them each time, be sure to check for updates. (They may not block all further spyware and adware, so scan your hard drive often with AdAware and Spybot just in case some get through.)
           • Or use this HOSTS file to keep spyware, adware and browser hijackers from installing when visiting unfamiliar web sites. Then lock the HOSTS file with SpyBot or WinPatrol, to keep the unruly pestware from changing it.
             Video Tutorial: Secure Your PC with the HOSTS File
           •  
           • Antihijacker skip
           • If your browser gets hijacked, or an unwanted startup item or button gets added, use CWShredder to remove the pest.
           • Or consider using HijackThis (free), but with caution, to remove stubborn browser hijackers. Don't worry. The folks at the site I've linked to will help you figure out what to remove and what to leave alone, so you don't disable your computer.
           • Anti-hijacking Plugins for BartPE or better yet Ultimate Boot CD for Windows:
             • CWShredder
             • A2 Hijackfree (same as HijackThis but more extensive)
           •  
           • Cookie Manager
           • Use an eraser / wiper / shredder to securely erase advertisers' tracking cookies from your hard drive. Then use a cookie manager to filter all further cookies, keeping the ones you need and blocking the ones you don't. (Read the privacy articles above to learn about cookies.)
             • CookieWall (a great little cookie manager - free)
             • Cookie Crusher (the best cookie manager - inexpensive)
           •  
           • More Security and Privacy Software skip
           • Pricelessware.org (free)
           • Wilders.org Security Advisors (free)
           • Security Config (commercial)
           • Firewall Guide (commercial)
           •  
           • Hide This Section
         • Sufficiently Secure Browsers | skip
           • Why You Shouldn't Use Internet Explorer
           • I strongly recommend not using Internet Explorer because it's still not sufficiently secure. skip
             • Internet Explorer 7 Is Still Not Safe Enough
             • You may use Internet Explorer if you like, but I don't recommend it. Here's why.
             • Here's a harmless but unnerving example of why.
             • If you aren't afraid of a few technical words, this page is very short and to the point.
             • Internet Explorer Is Too Dangerous to Keep Using
             • Internet Explorer Is Just Too Risky
             • CERT, a highly regarded, federally funded security research organization, recommends that Explorer users consider other browsers that are not affected by attacks on IE, such as Mozilla, Mozilla Firefox, Netscape and Opera.
             • Why Is Anyone Still Using Internet Explorer?
             • You're missing out on what is visually the best web surfing experience currently possible.
             • Use a better browser.
             • Browse Happy
             • Switch to Firefox
           •  
           • Sufficiently Secure Alternatives skip
           • Try a better, faster browser. If you want more than just a browser, try one of these free Internet application suites.
             • SeaMonkey (based on Mozilla Firefox and Mozilla Thunderbird - includes web browser, e-mail and newsgroup client, WYSIWYG web page composer / HTML editor and IRC chat client - for web developers, mozilla.org's DOM inspector and JavaScript debugger tools)
             • Mozilla Suite (no longer updated)
           •  
           • If you want to use the best and fastest browser, and aren't interested in the other programs included with a suite, download the award-winning Mozilla Firefox browser. skip
             • About Mozilla Firefox: skip
               • Firefox Still Tops IE for Browser Security
               • Guess which browser Microsoft's security chief uses?
               • Find out why people everywhere are switching to Firefox.
               • The world's best browser just got better.
               • Firefox Facts
               • Learn more about and download Mozilla Firefox.
             • Privacy and Security Extensions: skip
               • Privacy Extensions for Firefox
               • Finjan SecureBrowsing Extension for Firefox
               • NoScript Extension for Firefox (blocks Javascripts on a site-by-site basis)
               • Useful Firefox Security Extensions
               • More Useful Firefox Security Extensions
           •  
           • 
           •  
           • Other Sufficiently Secure Alternatives skip
             • Opera is another fast, secure browser for Windows, Mac OS X and other BSDs and GNU/Linux.
               • Opera Mobile and Mini
               • Portable Opera for a USB Key
               • Questions About Switching to Opera
             • Netscape Browser (based on Mozilla Firefox)
             • For an alternative to Mozilla Suite (no longer updated), Firefox and Opera, check out Camino, a browser recommended by c|Net over Safari, the default Mac OS X browser, for advanced security settings and privacy features.
             • NoTrax, a commercial browser for Windows from the makers of Eraser, won't save your browsing or surfing history.
           •  
           • Hide the Browser Section
         • Sufficiently Secure E-Mail Software Alternatives | skip
           • Use Thunderbird instead of Outlook Express.
           • Most viruses, worms and trojan horses are aimed at users of Outlook Express (and Internet Explorer - see above for more information). If you use Outlook Express and want to greatly lessen the probability of such attacks, consider switching to Mozilla Thunderbird, a more secure and easy-to-use alternative email program.
           • Hide the Email Section
         • Hide Step 7 - Software
     • Data | skip
       • More and more sensitive, private, personal data and money are being stolen or conned / defrauded out of people and businesses for personal or business gain through or from their desktop and laptop computers, cell phones, PDAs and other handheld devices and wireless keyboards and networks, and Google, search software and WHOIS aren't helping either.
       • Follow the steps in this section, as well as the others on this page, to secure and protect your private data.
       • I strongly recommend switching to safer software than Internet Explorer, Outlook or Outlook Express, and Microsoft Word. But if you want to keep using them even though they make your private data vulnerable, I recommend securely erasing data you don't need, and then securing these programs, to make your private data less vulnerable. skip
         1. Secure Your Device Ports: skip
            • Secure it Easy (commercial)
            • Sanctuary Device Control (commercial)
            • GuardianEdge Device Control
            • Pointsec Protector (Formerly Reflex Magnetics Disknet Pro) (includes removable media encryption)
            • Other Device Control Software
         2. Secure Your Cell Phone or PDA
         3. Secure Your Laptop Against Theft
         4. Securely Erase Private Data You Deleted or Haven't Deleted but No Longer Need
            • Crucial Steps You Need To Take Before Typical After-Work Erasing With a File Eraser / Wiper / Shredder
         5. Remove Your Entry from Google's Phonebook Directory
         6. For Webmasters who Own a Domain Name: Pay to have a proxy service keep your contact information private. Otherwise it will be publicly accessible through the WHOIS service.
            • If you registered a dot US domain name with your home phone number and address, I recommend cancelling it, switching to a non-dot-US domain name, and paying to have a domain proxy service keep your contact information private.
         7. For Mac OS Users: Enable Private Browsing in Safari
            • The Safari browser ''protects your personal information on shared or public Macs when surfing the Web. Go ahead and check your bank account and .Mac email at the library or shop for birthday presents on the family Mac.
            • Using Safari's new Private Browsing feature, no information about where you visit on the Web, personal information you enter or pages you visit are saved or cached. It's as if you were never there.'' - Apple Computer, Inc.
         8. Secure Internet Explorer
         9. Secure Opera
         10. For Windows Users: Secure Outlook or Outlook Express skip
             • Secure Outlook Express
             • Another Guide to Securing Outlook Express
             • Securing Outlook, Part One: Initial Configuration
             • Securing Outlook, Part Two: Many Choices to Make
             • Best Practices for Outlook Express
             • 4 Things Every Outlook User Should Know
         11. Keep Snoops from Maintaining Logs of Your Keyboard Input
         12. Secure Your Wireless Connection, If You Have One: skip
             • Simple Advice for Securing Your Home Wireless LAN
             • The Six Dumbest Ways to Secure a Wireless LAN
             • Securing Your Starbucks Experience
               • A Critique of Securing Your Starbucks Experience
             • Jiwire's Complete Guide to Wi-Fi Security
             • Securing your Wi-Fi Connection on the Road
             • Wireless is 'In': How to Use It Wisely
             • Using Wi-Fi Safely: Encryption and Other Tips
         13. Encrypt Your Private Data | skip
             • ''If you're not paranoid, maybe you should be. If you use a PC, unscrupulous types can intercept e-mail you send, and coworkers could be reading your documents. Encryption--the process of encoding data so that it requires a special key to be read--can protect your data from prying eyes. Once the domain of spies, encryption is fast becoming an advisable precaution for businesses and home users: It's your best tool for protecting your trade secrets and privacy.'' - PC World
             • Encryption is Not Enough: Four Warnings
             • WARNING: Storing your encryption key on an internal hard drive, even if encrypted, instead of on an encrypted removable medium leaves it vulnerable to theft.
             • WARNING: If a hardware or software password-capture utility or key logger is installed on your computer and you don't use secure* encryption key and web form fillers, or take the other security steps in this guide I strongly recommend taking, your private, encrypted data are vulnerable to viewing and theft.
             • *WARNING: If a screen logger is installed on your system and you use an encryption key filler that doesn't destroy your encryption keys after decrypting your data, those encryption keys and the private data they protect are vulnerable to theft.
             • *WARNING: If a screen logger is installed on your system, an otherwise secure web form filler / virtual keyboard does not protect your passwords, nor the private data they protect. They are vulnerable to theft.
             • If you're a business, government or spy with highly-valued data, your data is also vulnerable to theft by radio-frequency emissions such as ''Tempest'' attacks. But I'll let the experts tell you how to prevent or minimize that threat.
             • WARNING: If your computer or handheld is stolen after accessing encrypted data and before unmounting the encrypted volume, including when in Hybernation mode, your private data are available for viewing or theft.
             • WARNING: Accessing encrypted data on a computer that isn't one on which only you have an administrator account and keep sufficiently secure, leaves that data and your encryption key vulnerable to theft.
             • To minimize the chances of password-capture utilities and hardware and software key loggers stealing your encryption keys, passwords and web form data, I strongly recommend always using secure* encryption key and web form fillers and an antiscreenlogger.
             • A secure encryption key filler protects your encryption keys and the private data they protect by entering the keys for you securely and automatically, and destroying them after encrypting or decrypting your data.
             • A secure* web form filler protects your passwords and web form data by entering them for you securely and automatically, and storing them with strong encryption.
             • Secure Encryption Key Managers and Fillers skip
               • The Scramdisk Toolkit (free - includes Scramdicer, which protects Scramdisk, E4M: Encryption 4 The Masses and DriveCrypt containers)
               • CryptoMnemo for residents of Europe, North America, South Africa, Australia and New Zealand (commercial) skip
                 • CryptoMnemo for residents of Asia, Russia, Middle East, Central and South America and Africa, except South Africa (commercial)
                 • CryptoMnemo on a U3 Smart Drive (U3 will be replaced by StartKey the second half of 2008)
                 • About CryptoMnemo (commercial - secures an encrypted partition, hard drive or U3 Smart Drive with images, or pass-symbols, instead of passwords)
                 • Description of CryptoMnemo at EverythingUSB.com
                 • A 3-Minute Guide to CryptoMnemo
               • Krickit Encryption Key (commercial)
             • Secure* Password Managers and Web Form Fillers skip
             • *WARNING: If a screen logger is installed on your system, an otherwise secure web form filler / virtual keyboard does not protect your passwords, nor the private data they protect. They are vulnerable to theft.
             • An Antiscreenlogger
               • Mnemonic Guard (contact for availability)
                 • A 3-Minute Guide to Mnemonic Guard
                 • About Mnemonic Guard
               • RoboForm
               • RoboForm2Go (formerly Pass2Go) (portable version - stores personal form and login data on an encrypted USB key or token, a secure thumb drive)
             • GNU/Linux Encryption Guides skip
               • Ways to encrypt your data in GNU/Linux, BSD or Mac OS X.
               • Increase GNU/Linux security by encrypting /home.
               • Learn how to encrypt your hard drive in GNU/Linux. (some GNU/Linux experience required - based on Linux 2.4)
               • Another GNU/Linux Encryption HowTo
             • If you want to keep using Windows, I strongly recommend saving your files with the fourth option below.
             • Options
             • (from next to least secure to most secure)
               1. in encrypted folders (next to least secure)(Microsoft recommends never encrypting individual files (least secure), and encrypting the folders instead. However, you may consider making an exception when sending them to someone else. After sending it, securely erase the file, or encrypt the folder it's in.)
               2. on an encrypted partition (more secure)
               3. on an encrypted hard disk drive (even more secure, especially on laptops - see note below)
                  • WARNING: Using Windows' EFS (Encrypted File System) is not recommended, especially with Windows 2000. 1)If Windows gets corrupted or you reinstall it, you'll loose your data by loosing access to them. 2)It's not secure from physical access to your computer. 3)Someone with physical access can still see file names and alter folder settings. 4)Even if the EFS keys are exported, they remain on your hard drive. skip
                    • EFS Flaw in Windows 2000
                    • EFS Issues with Windows 2000
                    • The Encrypting File System in Windows 2000: How Secure is It?
                    • EFS Issues with Windows XP/2003
                    • Windows XP improves EFS data recovery but introduces a key flaw in EFS' new password reset disk feature.
                  • If in spite of those risks you want to use EFS, and have Windows 2000, XP Pro or Server 2003 and a floppy drive, I strongly recommend using EFS in Mode 3 (the most secure mode) for basic encryption and saving your startup key (also called the SysKey) on an encrypted removable medium. Here's how.
                  • Otherwise, use whole disk encryption software for safer, more secure encryption.
               4. on encrypted removable media, and your encryption key on a separate encrypted removable medium, and encrypting your whole hard disk drive (most secure, especially on laptops - see note below)
             • Note: ''Normally, after you power on a computer and it goes through its memory test, the boot loader will load the OS. When you install drive encryption software [and encrypt the whole hard disk drive], it modifies the boot loader to run instead of Windows on boot. The encryption software then authenticates the user, and, on success, loads Windows.'' - NetworkComputing.com
             • File Encryption Software skip
               • Encrypted USB Drives and Hard Drives
               • RoboForm2Go (formerly Pass2Go) (stores private data on an encrypted USB key or token, a secure thumb drive)
               • Security on a Stick: How to Be Anonymous Online with Portable Applications on a USB Key
               • Free Encrypted Email Services and Software
               • Yahoo's Directory of Encrypted Email Providers
               • Access Encrypted Data from Both Operating Systems in a Dual-Boot System with BestCrypt
               • Other Ways to Encrypt Your Data in Windows
             • Encrypting Your Whole Hard Disk Drive skip
             • Note: I strongly recommend encrypting your real operating system, as well as your data, with one of the software programs in this section.
             • As mentioned earlier: skip
               • The Best Data Security and Privacy Option: A GNU/Linux Live CD, DVD or USB with Software, Data and Encryption Key on a USB Key (Encrypted USB Drive)
               • The Second Best Data Security and Privacy Option: CompuSec Hardware-Based Encryption
               • The Third Best Data Security and Privacy Option: A Seagate Momentus Encrypted Hard Drive and A Trusted Platform Module
               • The Fourth Best Data Security and Privacy Option: Whole Hard Drive Software-Encrypted and A Trusted Platform Module
             • The alternative to these options is to encrypt your whole hard drive with full disk encryption software and save the key, or password, on an encrypted removable medium.
             • Warning: Encrypting a whole hard drive once in a while corrupts the data stored on it.
             • I strongly recommend creating an image of your hard drive with one of these disk imagers and saving it to a separate storage medium before installing any full disk encryption program.
               • When In Doubt, Encrypt the Whole Hard Drive
               • About Full Disk Encryption
               • Microsoft's Next-Generation Secure Computing Base (NGSCB) - Formerly Palladium
               • Design and Implementation of a Secure Linux Device Encryption Architecture
             • Encrypt your single or dual-boot system's whole hard disk drive or drives with one of the following software programs.
               • A Comparison of Disk Encryption Software
               • McAfee Endpoint Encryption (formerly SafeBoot Device Encryption, SafeBoot Content Encryption, and SafeBoot for Mobile) (commercial - for Windows - uses strong AES or RC5-1024 encryption)
                 • SafeBoot Leads the Pack in the Network Computing Review of 3 Full-Disk Encryption Suites (SafeBoot Device Encryption, PGP Whole Disk Encryption and Safenet Protectdrive)
                 • The Network Computing Review of 3 Full-Disk Encryption Suites
               • Windows Vista's BitLocker skip
                 • (only available in Enterprise and Ultimate editions - only encrypts the whole hard disk if it isn't partitioned - otherwise, only the operating system's partition, also called a volume or drive - usually C drive) skip
                 • Schneier's Take on Windows Vista's BitLocker Drive Encryption
                 • Secure Startup (now called BitLocker): Microsoft in Your Motherboard
                 • Secure Startup (now called BitLocker) - Full Volume Encryption
                 • BitLocker's Three Modes and Requirements (at Wikipedia)
                 • According to Microsoft, ''BitLocker has two TPM modes:''
                   • ''TPM-only. This is transparent to the user, and the user logon experience is unchanged. However, if the TPM is missing or changed, BitLocker will enter recovery mode, and you will need a recovery key or password to regain access to the data.''
                   • ''Startup key. The user will need a startup key to log on to the computer. A startup key can either be physical (USB flash drive with a machine-readable key written to it) or personal (a PIN set by the user).''
                 • Note: Both TPM modes require a Trusted Platform Module (version 1.2 or later) and a compatible BIOS.
                 • ''BitLocker also has a mode for non-TPM systems:''
                   • ''USB Flash Drive key. The user inserts a USB flash drive in the computer before turning it on. The key stored on the flash drive unlocks the computer.''
                   • Windows Vista Tip: Enable BitLocker with a USB drive
                 • If you choose to store sensitive, private data on your hard drive instead of on removable media, I strongly recommend using the Startup key TPM mode.
               • FREE CompuSec (for single and dual-boot Windows and GNU/Linux systems, removable media and VoIP) skip
                 • WARNING: The security file, which will be created when you install CompuSec, contains the encryption keys and saving it to your hard drive leaves them vulnerable to theft. I strongly recommend putting the security file on an encrypted removable medium.
                 • CompuSec e-Identity (encryption for Windows and GNU/Linux systems, removable media and VoIP - comes with an e-Identity security device, a smart card with USB reader or a USB token for 2-factor authentication before booting)
                 • CompuSec BIO (fingerprint scanner with built-in smart card reader for Windows and GNU/Linux systems)
                 • CompuSec HSM (hardware-based encryption for desktop PCs)
                 • CompuSec Mobile (hardware-based encryption for laptops)
               • TrueCrypt (free - for Windows, Mac OS X and GNU/Linux) skip
                 • OSXCrypt - Truecrypt for Mac OS X
                 • How to Run TrueCrypt in Traveller Mode
                 • TrueCrypt Beginner's Tutorial
                 • LifeHacker's TrueCrypt Tutorial
                 • Video: Intro To TrueCrypt (requires Flash Player)
                 • How to Encrypt a Virtual Machine with TrueCrypt
               • BestCrypt Volume Encryption (commercial - for Windows and GNU/Linux)
                 • BestCrypt Traveller (free - requires administrative privileges)
               • GoSecure's Secure Disk (commercial - for Windows 2000, XP and Vista - protects hard drives and flash disks - uses strong AES256 encryption)
                 • Compare Secure Disk with PGP Whole Disk Encryption, DriveCrypt Plus Pack and TrueCrypt
               • PGPdisk 6.02i (free - for Windows 95, 98 and Me and Mac OS - not compatible with Windows 2000 or XP - see note below for a compatible version) skip
                 • Note: ''While PGPdisk from PGP 7.1.1 Corporate Desktop (the last version released by NAI) [and later versions of PGP Whole Disk Encryption and PGP Desktop Professional, which includes Whole Disk Encryption, are] functional on Windows XP, PGPdisk from earlier NAI versions of PGP -- such as PGP 7.0.3 Personal Security, PGP 7.0.4 Desktop Security, PGP Corporate Desktop 7.1, or PGP 6.5.8 Desktop Security -- is not.''
                 • ''Imad's latest build of PGP 6.5.8ckt does include a Windows XP-compatible version of PGPdisk.'' (more about PGPckt - near bottom of page)
                 • ''If you're interested in creating and using...encrypted drives on Windows XP, you'll have to obtain a copy of the new [PGP Whole Disk Encryption or PGP Desktop Professional,] PGP 8.0 Desktop or Personal, the older PGP 7.1.1 Corporate Desktop, PGP 6.5.8ckt build 08 (or later), or one of the several third-party OTFE (on-the-fly-encryption) programs known to be Windows XP compatible, such as...DriveCrypt [Plus Pack].'' - SpywareWarrior.com in PGP Versions, Sources, & Alternatives
               • PGP Whole Disk Encryption (commercial - for Windows and Mac OS - for extra protection, get it with Aladdin eToken)
                 • PGP Whole Disk Encryption - Barely Acknowledged Intentional Backdoor
               • PGP Desktop Professional (commercial - includes Whole Disk Encryption - for Windows and Mac OS - for extra protection, get it with Aladdin eToken)
               • DriveCrypt Plus Pack (DCPP) (commercial - for Windows NT, 2000 and XP - uses strong AES encryption - allows secure hiding of an entire operating system inside the free space of another operating system)
               • WinMagic's SecureDoc (commercial - for Windows 2000, XP, 2003, Vista - uses strong AES encryption)
                 • WinMagic's SecureDoc Mobile Edition (for Window Mobile 5.0, Windows CE, Pocket PC 2005, 2003)
                 • WinMagic's SecureDoc: First Full-Disk Encryption Software To Fully Integrate With Infineon's TPM Chip
               • GuardianEdge Hard Disk Encryption
               • Pointsec PC (includes access control)
               • SafeGuard Easy (supports TPM)
               • SafeNet ProtectDrive
               • SECUDE's FinallySecure
               • SECUDE secure notebook
             • Storing The SysKey skip
             • ''There are three modes in which Syskey operates. In mode one, enabled on all [Windows 2000, XP Pro and] Server 2003 computers by default, a system key is generated by the computer randomly and an encrypted version of the key is stored locally. In this mode, you can still restart the computer normally.''
             • ''In mode 2, the system key is generated and stored in the same way as with mode 1, but an additional password, selected by the administrator, provides further protection. When you restart the computer, you must enter this system key password during startup. This additional password is not stored locally.''
             • ''Mode 3 is the most secure method of operation. [emphasis added] The computer-generated key is stored on a floppy disk instead of locally. You can't start the computer unless you have physical possession of the floppy disk, as it must be inserted in the disk drive when you are prompted during startup.'' - article ''Securing Server 2003 Domain Controllers'' by Deb Shinder at WindowsSecurity.com
             • I strongly recommend storing your SysKey with mode 3, especially if you have a laptop / notebook.
             • Note: ''Syskey mode 3 requires a floppy disk. No other type of removable media is supported for syskey storage [unfortunately].'' Windows Vista's BitLocker has a USB option. skip
               • Preview or Read ''Securing Windows Server 2003'' Online
               • Read a sample chapter from the book about Syskey
             • ATTENTION: ''Do not store the key on an ERD [Emergency Repair Disk]. To do so would be to provide two items needed to attack your system in one location. Do make copies of the disk. Without it you cannot boot your Windows NT system.'' - article ''Protecting the SAM with Syskey'' by Roberta Bragg at Informit.com skip
               • About Windows XP's Encryption File Service (EFS) and Private Certificates (carefully read this first)
               • Enabling the Startup Key (also called the SysKey - search the page for ''Enabling the Startup Key'')
               • How to Store the Startup Key on Your Hard Drive or a Floppy Disk
             • Hide the Encryption Section
         14. For more articles on how to protect your private data, visit Privacy Watch: Few things are more valuable than your personal data. PC World Senior Associate Editor Andrew Brandt shows you how to protect it.
       • Hide Step 8 - Data
     • Threats, Practices and Habits | skip
       • Knowledge is power, especially where security and privacy are concerned. If you want to keep yourself, your computer and your money safe and your sensitive data and identity safe and private, I strongly urge you to learn about the threats to your computer and your privacy and to develop safe computing practices and habits.
       • WARNING: If you choose not to use one of the following solutions, your computer, money and sensitive data will be vulnerable to zero-day / zero-hour attacks, the one threat from which antivirus and antispyware software doesn't protect them. skip
       • If you use Windows and you're not computer savvy or only need basic security, I strongly recommend that you drop your applications' rights or sandbox your applications to disarm most Net threats.
       • Better yet, there's little need to worry about the antimalware software some of the following articles recommend using if you use a virtual operating system in your current operating system when online.
       • If you're lazy or don't want or have time to deal with it, keep your computer[, money and data] safe with less hassle by using managed security.
       • If you're computer savvy and need sufficient security to disarm virtually all malware threats, I strongly recommend following my step-by-step security and privacy guides and installing a Host Intrusion Detection and Prevention System.
       • Today's Threats:
       • Phishing, Pharming, Warjacking, Bluejacking (also called Bluespamming), Bluebugging, Bluesniping and Bluesnarfing, WiPhishing, Evil Twin, Peeping Tom Worms and Trojans, SPIT (Spam Over Internet Telephony or VoIP), SPIM(Spam over Instant Messaging), Spam, Cookies, PIE (Persistent Identification Element), Browser Hijackers, Clipboard Hijackers, Web Bugs (also called Tracking Bugs, Web Beacons, Pixel Tags, or Clear GIFs), Malware (Viruses, Trojan Horses or Trojans, Worms, Rootkits and Spyware), Adware, Slurpware, Keystroke Loggers or Keyloggers...
       • ...and vulnerabilities created by Cell Phones, PDAs, Bluetooth and Bluechatting, Voice over Internet Protocol (VoIP), Wireless Keyboards, Instant Messengers, Peer-to-Peer (P2P) software, Blogs, Profiles, Personal Sites, etc.
       •  
       • Today's Security and Privacy Threats | skip
         • Spyware 101: Understanding The Biggest Internet Threat of 2005 | skip
           • Beware the CyberLover [Bot] That Steals Personal Data in Chat Rooms and Social Networks with Social Engineering
           • Don't be fooled by rogue / suspect antispyware products and web sites.
           • Poor Defenders - Some antispyware companies use confusing ads.
         • How to Blog Safely (About Work or Anything Else)
         • The Danger of Too Much File Sharing
         • Google Desktop Risks Your Privacy
         • Voice over Internet Protocol (VoIP) Presents Security Risks
           • SPIT (Spam Over Internet Telephony or VoIP)
         • Peeping Tom Worms and Trojans: Are others using your webcam to watch you without your permission?
         • USB Devices Can Crack Windows
         • Wireless Keyboards That Blab
         • PDA Security Still Dismal
         • How Secure Is Your Handheld?
         • Stalkers' New Weapon: SMS (Short text Messaging Service)
           • SMS and Cyber Bullying
           • Can Someone Read My SMS?
         • Let's Keep It Confidential: The smarter cell phones get, the easier it will be to attack them.
         • Bluetooth: Is it a Security Threat?
         • Bluespamming or Bluejacking Isn't Harmless Anymore
         • The Bluejacking, Bluesnarfing, Bluebugging Blues
         • Waking Up to Warjacking
         • Evil Twins / Wiphishing FAQ
         • WiPhishing and Evil Twin Threats
         • Phishing
           • No-Click Phishing Attack Affects All Browsers: Lock Your HOSTS File!
         • Pharming and SPIM (Spam over Instant Messaging): New Threats Plaguing the Internet
         • Mac, Windows Clipboards Poisoned by URL Attacks
         • Cookies, Bugs, Instant Messaging, Etc.
           • Instant Messaging Attacks
         • PIE (persistent identification element)
         • Threat Assessment: Beware These Internet Bad Guys
         • Securing Privacy: Hardware, Software, E-mail and Internet Issues
         • Rootkits: Invasion of the Windows Snatchers
         •  
         • Hide the Articles About Today's Threats
         •  
       • Other Articles About Today's Threats (optional for additional reading) | skip
         • Spyware and Adware skip
           • More Criminals Use Keystroke Loggers
           • SpywareGuide.com
           • SpywareInfo.com
           • SpywareData.com
           • UnwantedLinks.com
         • Scams / Fraud: skip
           • How to Avoid Internet Fraud - FBI
           • Scams and Fraud - WiredSafety
           • Fraud.org - The National Fraud Information Center / Internet Fraud Watch (U.S.)
           • Internet ScamBusters
           • Rip-off Report
           • Fraud Bureau
           • Fraud Watch Online
           • FraudWatch International
           • ScamWatch (Australia)
           • Quackwatch
         • More Information on Phishing, Pharming and Other Threats: skip
           • How to Blog More Safely in Countries That Discourage Free Speech
           • Man arrested for spying on 17-year-old girl via her webcam.
           • Does installing Macromedia Flash Player allow others to use my webcam to spy on me?
           • Bluejacking (wikipedia)
           • All About Phishing
           • Phishing (wikipedia.org)
           • Phishing (computerworld.com)
           • Phishing For Savvy Users
           • How to Avoid Phishing Scams
           • Script Injection Makes Phishing Harder to Catch
           • Phishing and Spam: The Web's Worst Security Problems
           • Phishing Scam Employs Legitimate Web Sites
           • Pharming (wikipedia.org)
           • Pharming Out-Scams Phishing
           • First Was Phishing for Dummies, Next Is Pharming for Savvy Users
           • Alarm Over Pharming Attacks: Identity Theft Made Even Easier
           • MasterCard, Others Plug Script Injection Leak
           • Slurpware: A New Twist on an ''Old'' Internet Security Threat
           •  
           • Hide the Other Articles About Today's Threats Section
           •  
       • How to Reduce Your Risk of Identity Theft | skip
         • Securely Erase Private Data
         • Grand Theft Identity
         • Protect Your Identity from Phishers and Other Online Thieves
         • Scam / Fraud Prevention and Reporting Resources
         • Identity Theft Detection and Reporting - CyberAngels (the ''In This Issue'' links are linked to the wrong sections)
         • 10 Ways to Stop Identity Theft Cold - MSN Money
         • 15 Must-know Tips for Protecting Your Identity - Bankrate
         • 21 Tips on How to Avoid Credit Card Fraud - ScamBusters
         • Steps You Can Take to Reduce Your Risk - Privacy Rights Clearinghouse
         • Tips on How to Reduce Your Chances - FightIdentityTheft.com
         • How to Protect Your Identity - ConsumerAction.gov
         • Deter, Detect and Defend Against Identity Theft - Federal Trade Commission
         • Identity Protection Resources - PayPal
         • IdentityTheft.org
         • IDTheftCenter.org
         • FightIdentityTheft.com
         •  
         • Hide The Identity Theft Section
         •  
       • Security Sites, Guidelines and Checklists | skip
         • Security Patches by Dialup Modem? Forget it!
         • A Home User's Security Checklist for Windows
         • TomCat's Protection Guidelines
         • Appropriate Use Of Computer Systems
         • Lockdown.co.uk - The Home Computer Security Centre
         • US-CERT
         • SurfSafely.com
         • StaySafeOnline.info
         • CyberAngels.org
         • Cyber-Bullying
         • Wilders.org Security Advisors
         • CastleCops
         • Ian ''Gizmo'' Richards' Best Computer Security Sites
         • More Security Sites
         • The SANS Top 20 Internet Security Vulnerabilities
         •  
         • Hide Security Sites, Guidelines and Checklists
       •  
       • Hide Step 9 - Threats, Practices and Habits

Check out these great, free and commercial software programs you'll wonder how you did without.

Back to Navigation Links

Get notified when this page changes.

If you like my web site, tell your friends and family about it. (A window will appear if Javascript is enabled in your browser, and if you temporarily disable your popup blocker, if you have one.)

powered by bravenet.com

Place a Pin on My Guestmap

Please read my disclaimer before visiting the following top sites.

Brent's Place at brentsplace.info

• Put online May 4, 2000 by Brent.
• Site Stats provided by StatCounter.
• Web space provided by BigBlueHost.com.
• A review of BigBlueHost.com.
• Free and very cheap web hosts and their reviews.
• I never had any problems with my former host, QualityHostOnline.com. I only changed hosts because they discontinued the very inexpensive package I had.
• A review of QualityHostOnline.com.
• HTML training provided by Maricopa College's Writing HTML tutorial. (free and online, but not compliant with current web standards)
  • How to Create a Web Page the Right Way
• Edited with EditPad Lite.

©2000-2006 All rights reserved.

Naturalist Template provided by Designs by Darren. Released under a Creative Commons License.
Image of Half Dome provided by PD Photo and STUDIO7DESIGNS in Nautica 2.2 Template
Basic CSS Menu provided by CSS Play.