Category: Tech

Posted on
by

Last month I finally got around to installing antivirus software on the one Windows computer we have at home. While I’ve found Norton Anti-Virus has worked well on my system at work, I ended up choosing McAfee Internet Security Suite for two reasons: (1) unlike Symantec, they don’t use a product activation scheme, and (2) since McAfee bought Deersoft, purchasing a McAfee-related anti-spam product should help fund SpamAssassin development.

Big mistake.

Since installing McAfee, this computer has crashed at least once each time I’ve turned it on (usually with a McAfee dialog box visible). The privacy service adds another login prompt, whether you want it or not. It tends to pop up dialogs when you’re in the middle of, say, running ScanDisk to make sure the system survived the crash McAfee caused five minutes earlier. And, ridiculously, the software and virus definition update runs through Internet Explorer.

By this I don’t mean that it expects you to go to the website and download an installer. That would be inconvenient, but acceptable (since you could choose what web browser to use). No, it pops up a “Check for updates” dialog box which then opens Internet Explorer, goes through a set of redirects until it opens a pop-up that looks like a download manager (but is clearly done using HTML), and then downloads and installs the update.

Now forget any issues you might have with buggy rendering, feature parity, monopoly abuse, antitrust, etc. Just look at IE’s track record on security.

Why would you want a security system to rely on something so notoriously insecure?

Symantec has its own update program that calls out, checks for updates, downloads them and installs. You can run it manually, or you can set it to grab and install virus updates automatically. Nowhere in this whole process does Internet Explorer come into the picture – or if it does, it’s hidden away where the power user won’t see it and say “What the hell do they think they’re doing?”

Posted on
by

Cliches aside, it appears that as a result of the trademark suit by Microsoft, Lindows is now going by the name Lin—s (LinDash) in parts of Europe.

Lindows — or Lin—s if you prefer — is a company that has been selling an ultra-user-friendly version of Linux. Criticized by many for lax security (they’ve chosen many of the same convenience vs. security trade-offs that have made Microsoft products so vulnerable) and for odd business practices [archive.org], they’ve nonetheless managed to get Linux into new places — like on cheap Internet-ready computers sold in Wal-mart, or pre-installed on Seagate hard drives. For all their baiting (face it, picking a name like Lindows is just asking for trouble, like opening a burger restaurant called McDowells), dumbing-down the software to the point of making it dangerous, and (in some people’s views) “tainting” the Linux philosophy with — gasp! — money — they’ve at least come up with new distribution models and gotten some form of Linux out there where “consumers” — the average Joe who just wants a computer and doesn’t care what the OS is, as long as it lets him use the web, email, and a word processor — can see it.

All that said, I’d never actually buy, use, or recommend their product. If I wanted a very-user-friendly Linux, I’d probably end up with Lycoris, or maybe Xandros.

For myself, I’m happy with Fedora Core — though I may take a serious look at the upcoming double-digit Mandrake release and the latest version of SuSE. I’ve tried out earlier versions (mostly of Mandrake), but I just kept coming back to Red Hat.

Posted on
by

While looking for more ideas related to my earlier post on fighting link rot, I came across some interesting articles:

Web Sites that Heal [archive.org] considers some of the causes of linkrot, including: changing CMS systems (which I’ve dealt with here twice), poor structure (starting small and simple, but finding that as the site grows, the old design doesn’t work anymore), lack of testing, and plain apathy. More interesting are some of the reasons it becomes a problem, in particular the difficulty in setting up redirections and informing other sites that you’ve moved. That’s something else I can relate to: My site hasn’t been on the UCI Arts server in four years, yet despite a massive attempt to get people to update their links, Altavista still shows 82 pages linking to my site’s old location. Something I think the article leaves out is the number of sites – particularly people who set up a free Geocities account back in the dot-com era – that just aren’t maintained anymore. The pages are there, but they’re six years out of date – and so are the links.

The article then proceeds to suggest an automated server-to-server system that will detect incoming links to a moved page, then contact the referring site, report the new location, and instruct it to update the link with no human intervention whatsoever. A great idea, though it will require people like me to drop the edit-locally-and-upload model of development.

“Web Sites That Heal” referred to a Jakob Nielsen column on Linkrot. Nielsen’s advice is frequently useful, though not always applicable [archive.org]. Sadly, his recent columns have tended toward rehashing old ones or applying to ever more specialized niches, but sometimes his advice is spot-on. In this case, the article from six years ago still applies to today’s web: run a link validator on your site from time to time, and keep old URLs on your own site active (whether with actual content or with a redirect). The comments on this article are worth reading as well.

Lastly, I found a remark on Consequences of Linkrot [archive.org] as applied to weblogs. Most of the post is actually an excerpt from Idle Words, where the original author notes that the classic blog post – a single line linking to something of interest, or a series of the same – is particularly susceptible to linkrot. Without the original material, there’s nothing (or next to nothing) left. And it happens fast: The Web isn’t that old, and blogging is even younger, yet information is disappearing rapidly enough that you really have to wonder how much of what exists today will still be around – in any form – ten years from now. One of the key lessons DeLong takes from this article: it’s “critically important not just to link but to quote–and to quote extensively.”

The lesson is clear: The site you link to today may not be there tomorrow, and you may not have the time (or inclination) to go chasing it down. Quote it, summarize it, add context, write lots of commentary, whatever. Make sure what you post can stand on its own… just in case it has to.

Posted on
by

On an ideal Web, pages would stay put and links would never change. Of course, anyone who has been on the Internet long enough knows just how far away this ideal is. Commercial sites go out of business, personal sites move from school to school to ISP to ISP, news articles get moved into archives or deleted, and so on.

There are two sides to fighting link rot. The first is to design your own site with URLs that make sense, that you won’t find yourself changing a few months or years down the road. If you have to move something, use a redirect code so that people and spiders will automatically reach the new location.

The other side to the fight is periodically checking all the links on your site to make sure they still go where you expect.

So how do you handle online journals? Obviously they’re websites, so from that standpoint you should at least try to keep the links current. But on the blogging side, there are problems with this, in particular the school of thought that you should never revise a blog entry (also discussed in Weblog Ethics). Continue reading

Posted on
by

Anyone whose email address is posted on a web site probably doesn’t bother to identify who sent them viruses anymore. With faked return addresses and the high probability that your only connection to the sender is the fact that they visited your web page sometime in the last month, there really isn’t much point.

Every once in a while, you’ll see something weird.

Today I received what looked like a classic credit-card theft scam: a notice supposedly from PayPal claiming that my account would be canceled unless I re-entered all my credit card information into the linked web page. Right. Normally I just report it to PayPal and delete it, but this one had an attachment instead of a link, and that attachment had been defanged. With a name like www.paypal.com.scr, it was pretty obviously a virus. Continue reading

ยปAll pages site-wide with this tag