The Power of the (Virtual) Machine

One of the hot topics in the IT industry is virtualization. Basically what this is, is software that creates an environment — on an existing PC — into which you can install (and run) another operating system [OS]; in short, running a PC on top of your PC.. which gives you two PCs. This “on top of” machine is called a “virtual machine“.

Tip of the day: Get more out of your PC by using a virtual environment.
(I must take a moment to state that it is the power of the newer generations of PCs that allow us to take advantage of machine virtualization. VM “shares” resources (CPU, RAM) with the existing install… so if you’re barely clunking along as it is, forget about VMs and click here to read my article(s) on when it’s time for a new machine.)

How can this benefit you? One of the main advantages is when you are thinking about a dual-boot install, or would like to do away with an existing dual-boot set up — say, for security reasons. Instead of partitioning your hard drive, and using FAT32 to run (boot to) either Windows 98 or XP, format your drive in NTFS, install XP, and run 98 inside the virtual environment. (I am using Windows 98 as an example. You may want to run a Linux distro, and learn about Open Source. The fact is you can run any OS that you have a license for… except Vista.)
If you do this, and create a shared folder for the VM on XP, you will be able to switch back and forth between the two and share files with both OS’s.

Another advantage of using a VM is, it loads much like “mounting” a disk image. You can make multiple ‘snapshots’ of your VM, and load the one of your choosing. This is an absolutely fantastic method for dealing with security issues. I know several geeks who run an XP VM on their XP machine– they use the VM version for their daily surfing and usage, and as a “sandbox” for testing downloaded programs and patches/Updates. At the end of the day, they just close the VM, and when they open it again (unless they take a ‘snapshot’ and Save those changes to the VM) their pristine VM loads: no browsing history, no spyware, no trace of yesterday’s activity… just a brand-new XP machine.
By keeping a copy of the VM snapshot in another location, they always have a full system backup on hand. (And all my readers know about the importance of recovery backups!)

These are just two uses and applications for virtual machines (VMs). You may be able to think of others. You are not just limited to one VM, either — but each VM (unless it is an Open Source OS, like Linux) does require a valid Product Key/license. This is not a way to cheat.

Today’s free link(s): The most popular virtual machine software is put out by VMware. The free offerings are VMware Server (don’t worry about the use of the word “server”) and VMware Player (which is a web browsing sandbox). Not only is this a flexible (highly compatible with your particular hardware) program, but VMware offers several pre-configured Open Source ‘snapshots’, called “appliances”, that you can download and run without going through an OS install process.

Microsoft also offers free virtual machine software, that some people argue works better with Microsoft OS’s. From website: “Virtual PC 2007 is a powerful software virtualization solution that allows you to run multiple PC-based operating systems simultaneously on one workstation.”

Either way you decide, you are not making fundamental changes to your hard drive or currently installed operating system. This is just a program, like Excel or Word is a program. Simply uninstall it if you find you don’t like or need it.. but I doubt very much that you ever will– it’s just too useful and safe.

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

October 20, 2008 Posted by techpaul | advice, computers, converting to NTFS, dual boot, file system, how to, PC, performance, software, tech, Virtual Machine | dual boot, how to, installing, machine, machines, techpaul, using, virtualpc, vitual, vmserver, vmware | 4 Comments

Encryption: say no to data theft*

If your laptop is stolen, will the thief be able to read your vital statistics and personal info? They will if you haven’t used encryption. They’ll have your passwords as well. Do you keep any confidential business files on your computer — like some doctors and Veteran’s Affairs employees do?

As I mentioned in my series on the NTFS file system (click here), Windows has the ability to encrypt your stored data as well as controlling access from networked computers. Enabling encryption is easy, and acts invisibly to the user (you) — and by that I mean your files will look like they always do, but to an “unauthorized user” they will look like a garbled alphabet soup of nonsensical gibberish.

Tip of the day: Encrypt your My Documents folder for top-notch security. To encrypt files and/or folders in Windows you must be using the NTFS file system, which most of you will already have on your machines (use the link above to read how to check, and convert to NTFS if neccessary). There are a few different ways to use encryption; you can encrypt individual files; you can encrypt entire folders and, by default, their subfolders; and, you can encrypt your hard drive (of import for laptop owners). The process for the first two are the same, while the third requires a different method.

[Vista Users: Microsoft says, “EFS is not fully supported on Windows Vista Starter, Windows Vista Home Basic, and Windows Vista Home Premium.” Of course, what they mean by that is “NOT supported; and if you want it, spring for Ultimate Edition”. I recommend using the free TrueCrypt to encrypt your data.]

The simplest method to provide encryption to your personal data is to encrypt the My Documents folder, which I will use for purposes of demonstration — as I mentioned, doing so will encrypt all the files inside and also encrypt the contents of any subfolders. Start by right-clicking on the My Documents folder and selecting Properties…accessing the folder may be as simple as clicking the Start button or finding its icon on your desktop or you may have to click Start >My Computer >Local drive C:, depending on your settings and preferences.

When the My Documents folder’s Properties window opens, click on the “Advanced” button.

As you can see, my My Documents is set to “compressed”, but is not encrypted yet. Compression is another feature of NTFS that was very, very much sought-after in the days before giant hard drives (back then, we hadn’t heard of digital ID Theft) and is a method that uses an algorithm to shrink file sizes. You cannot, however, use encryption and compression at the same time, and today the value of the former far outweighs the latter. Fortunately, switching from one to the other requires no effort on your part, simply select “Encrypt contents to secure data” and the rest is automatic.
Now click “OK”, and then “Apply”. Whenever you encrypt a folder, you will be asked if you want to apply encryption to just that folder, or all the files and subfiles and folders; you want the latter, which is the default.
That’s it. You’re done. Your documents are now safe from “unauthorized” eyes.

That is true, unless the person trying to access your data has their hands on your machine and is able to ‘crack’ your User password (you have given your User Account a password, haven’t you?) which may be the case if your laptop is stolen. To prevent data loss in that type of a situation, you want to encrypt your whole startup process and password protect it…which in essence encrypts your whole hard drive. To do so, click Start >Run and then type in “syskey” (no quotes). Now click on the “Update” button.

Select the top radio button, “Password Startup” and enter a good, strong password. Then enter it again for confirmation. Be sure to write down your password and keep it in a safe place — should you ever forget it, it is not an easy task for even an experienced tech to get you back in to your machine.

A final thought: I think it only fair to tell you (what you may have already guessed/know) that a very knowledgable Evil Doer, if they have physical access to your machine, can often get around whatever security you have in place. The hacker expression is, “if I can touch it, I own it.” So please don’t be careless with your, or your company’s, vital data. Also, you may want to consider a more powerful, 3rd Party encryption tool like TrueCrypt.

Today’s free link: most of you already know that the World Wide Web is a wonderfully rich resource for researching information, but did you also know it is an excellent resource for digital images? Need a picture of the Golden Gate bridge to put into your child’s homework assignment? The place to start looking is Google Images.

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

September 23, 2008 Posted by techpaul | advice, computers, converting to NTFS, encrypting files, file system, how to, PC, security, software, storage, tech, Vista, Windows, XP | encrypting, Encryption, file, files, folders, ntfa, privacy, security, system | 1 Comment

Top 10 things you should do to your computer–updated

Today is “one of those days” and I simply have too much happening this morning to write an fresh article. So today I am reposting an article which aggregates the most important computer security steps into a single checklist…a “Top 10” list. Click on the blue links to get more instructions on the topic.

There are several things a PC owner should do to have a healthy computer and be safe(r) from online cyber criminals when they browse the Internet. Not surprisingly, I have covered these topics/items over the course of writing this six-days-a-week series of articles.
I have noticed (from my stats) that not too many folks are looking through past (archived) articles, nor are they using the Search tool to find this previously posted advice and help. So I thought I would put the more important ones into a single list — a “Top 10 List” — and provide direct links (blue text) to the articles which cover the How To steps of making these things happen… and provide you with a simple way to find out what you need to do, compared to what you’ve done already. In case you missed one, or two.

Tip of the day: Run down this list, and ask yourself, “have I done that?” to each one.

1) Install an antivirus, and keep it up-to-date (with the latest “definitions”).
To read my articles on malware, click here. To see a list of links to free antivirus programs, click here. To read my article on how to configure your antivirus for maximum protection, click here.

2) Install two anti-spyware apps, with one having “active” shielding.
To read all my articles which discuss spyware, click here. To see a list of links to free anti-spyware programs, click here.

3) Install a 3rd Party firewall OR turn on the Widows Firewall.
* If you have a home router or Wireless AP, make sure its firewall is enabled (NAT).

4) Enable Automatic Updates from Microsoft (and either set it to automatically install [for the non-geeky] or to prompt for install [for the hands-on type]) and set your programs to “automatically check for updates”.
And then actually click on the “Install” button when told there are updates available.. and please not tell them to “go away, you’re busy.”

5) Password protect your User Accounts.

6) Make a (monthly) system backup.. or at least a “files and settings” backup.. and store a copy — on two different types of media — someplace other than your hard drive.
To read all my articles on backups, click here.

7) Upgrade to IE 7 and/or an “alternative” Web browser (like Firefox, Opera, or Avant). Click here to read my articles on browsers and browsing.

8: Use strong (and complex) passwords. Everywhere. And change them every so often.

9) Rename the Administrator account.

10) Tell Windows to show file extensions.

* (Windows XP/older) Use the NTFS file system, and disable Simple File Sharing.

* (Laptops) Encrypt your hard drive.

There is more you can do to optimize your PC (of course) and the odds are good that I have told you the steps in a prior article, as I’ve written well over a 250 of them– so far, and I invite you type the word “optimize” into my Search box and see what comes up. Also, my Tag Cloud can help you find topics that can help– click on a word in the “cloud” and see the articles I have “tagged” as being relevant.
I hope this find-it-in-one-spot review has been helpful to you.

Today’s free link: By clicking the links above, you will see all the previously posted downloads, of which there are many. And also, there are links to more free links in no’s 1 and 2 above.

Copyright 2007-8 © Tech Paul. All rights reserved.

Share this post :

April 5, 2008 Posted by techpaul | advice, anti-spyware, antivirus, Backups, computers, converting to NTFS, encrypting files, how to, passwords, PC, privacy, security, tech, Vista, Windows, XP | hardening Windows, Internet safety, make Windows more secure, secure your PC, security checklist, steps for safer browsing | 3 Comments

Top ten things you should do to your PC

There are several things a PC owner should do to have a healthy computer and be safe(r) from online cyber criminals when they browse the Internet. Not surprisingly, I have covered these topics/items over the course of writing this six-days-a-week series of articles.
I have noticed (from my stats) that not too many folks are looking through past (archived) articles, nor are they using the Search tool to find this previously posted advice and help. So I thought I would put the more important ones into a single list — a “Top 10 List” — and provide direct links (blue text) to the articles which cover the How To steps of making these things happen… and provide you with a simple way to find out what you need to do, compared to what you’ve done already. In case you missed one, or two.

Tip of the day: Run down this list, and ask yourself, “have I done that?” to each one.

1) Install an antivirus, and keep it up-to-date (with the latest “definitions”).
To read my articles on malware, click here. To see a list of links to free antivirus programs, click here.

2) Install two anti-spyware apps, with one having “active” shielding.
To read all my articles which discuss spyware, click here. To see a list of links to free anti-spyware programs, click here.

3) Installed a 3rd Party firewall OR turn on the Widows Firewall.

4) Enable Automatic Updates from Microsoft (and either set it to automatically install [for the non-geeky] or to prompt for install [for the hands-on type]) and set your programs to “automatically check for updates”.
And then actually click on the “Install” button when told there are updates available.. and not tell them to go away, you’re busy.

5) Password protect your User Accounts.

6) Make a (monthly) system backup.. or at least a “files and settings” backup.. and store a copy — on two different types of media — someplace other than your hard drive.
To read all my articles on backups, click here.

7) Upgrade to IE 7 and/or an “alternative” Web browser (like Firefox, Opera, or Avant). Click here to read my articles on browsers and browsing.

8: Use strong (and complex) passwords. Everywhere. And change them every so often.

9) Rename the Administrator account.

10) Tell Windows to show file extensions.

* (Windows XP/older) Use the NTFS file system, and disable Simple File Sharing.

* (Laptops) Encrypt your hard drive.

There is more you can do to optimize your PC (of course) and the odds are good that I have told you the steps in a prior article, as I’ve written well over a 100 of them– so far, and I invite you type the word “optimize” into my Search box and see what comes up. Also, my Tag Cloud can help you find topics that can help– click on a word in the “cloud” and see the articles I have “tagged” as being relevant.
I hope this find-it-in-one-spot review has been helpful to you.

Today’s free link: By clicking the links above, you will see all the previously posted downloads, of which there are many. And also, there are links to more free links in no’s 1 and 2 above.

Copyright 2007 © Tech Paul. All rights reserved.

Share this post :

November 14, 2007 Posted by techpaul | advice, anti-spyware, antivirus, Backups, computers, converting to NTFS, file system, firewall, how to, passwords, PC, privacy, security, Simple File Sharing, tech, Windows | Leave a comment

NTFS security conclusion–file sharing and Permissions

You’ve just shared your My Music folder on your personal desktop, you try to open it from your laptop, and you see “Access Denied”. You are told to “contact the administrator.” Life just gets better and better.

So what do you do? Turn Simple File Sharing back on?

Tip of the day: Share what you want to share by understanding (and using) Permissions. In yesterday’s article I pointed out that Simple File Sharing “shares” (makes available) everything with everyone, and suggested to you that you should turn it off for better data security. I then showed you how to open a folder’s (or file’s) Properties and ‘share’ it manually, which allows you specific control over each ‘resource’ on your network. When everything goes as it should, that is all you need to do and you have easy access to your ‘shared’ files. Sometimes things don’t go as we think they should [surprise!] and the reason usually is we’ve bumped into built-in Windows folder permissions which are denying us as an “unauthorized user”. Let’s take another look at the Sharing tab of my My Music folder.

The options available here offer a clue as to what is happening: you can make your folders “private”, which as you may guess is very restrictive; you can “share” (as shown) which is somewhat restricted (it is essentially “read only”); or, you can open things up and also “allow change” (this adds the “write” permission). But to really do what most of us want to do with our ‘shares’ (full access and full control), Windows wants us to drag them into the Shared Documents folder — even though the poorly worded description doesn’t sound like that’s what will happen.
The My Documents folder (and all of its subfolders — such as My Music) is “private” (the most restricted) by default…and here is where the problems occurs. This can get real confusing, real quick!

Windows XP’s NTFS has 5 “levels” of permission settings that it assigns to folders. If you are the type who would like a detailed technical explaination, you can read the Microsoft Knowledge article here.

To resolve Access Denied errors, you can troubleshoot the permissions in the “parent” folders (those ‘above’ the file/folder you’re trying to share), or you can use the workaround. The workaround is simple — just create a new folder for sharing. Right-click on a blank area of your desktop and select “New” and then “folder”. Give the new folder a name like ‘Sharing’. Now right-click on it and select Sharing and Security, and click on the Sharing tab. Now place a check (select) in both the “share this folder” and “allow changes” checkboxes.

Because this new folder has not “inherited” any restrictions, you will be able to fully access any of its contents from your networked computers. Now you can use the Move to, or the Copy to, (or, drag-and-drop) tools to fill your new ‘share’ with those items you want to have available.

If you continue to have access troubles that these methods do not resolve, you can always turn Simple File Sharing back on, though I don’t recommend it, or consult a friendly tech support type–like myself (Aplus Computer Aid) for instance.

Today’s free link: If you haven’t already peeked into your neighbor’s backyard (from space) using Google Earth, or otherwise explored our planet with the wonder of satellite images yet, give yourself a treat and do so. Download the GE Viewer and then type in the name or address of the spot you want to see, and Google Earth will ‘fly’ you there. Very cool.

Copyright © 2007 Tech Paul. All rights reserved.

July 20, 2007 Posted by techpaul | advice, computers, converting to NTFS, file system, how to, network shares, networking, PC, permissions, security, Simple File Sharing, tech, Windows, XP | 1 Comment

Controlling your network, NTFS security part 3

Today I am going to conclude (I think) this series with an overview of using NTFS to establish greater security for your data on networked machines, and greater control over what is and what isn’t shared with others. A few simple adjustments will enhance your security whether you have a home network, or just a single computer connected to the Internet.
(Click here to read part 1, and here to read part 2)

Tip of the day: [for users of Windows 2000, XP Pro, XP Media Center Edition] Gain control by turning off Simple File Sharing and using NTFS permissions. I want to start out by demonstrating how to turn off the default method Windows uses to make files available to other devices (known as “Simple File Sharing”), which is a valid move to make even if your PC is not connected [“networked”] with any other machines at this time — because the “Internet” is one big network and if you use it, you’re connected. Simple File Sharing makes everything available to everyone.

Begin by opening any folder, My Documents, whatever, and look in the top menu bar, and select Tools. Now click on the bottom choice — “Folder Options”. Select the View tab.

Deselect (uncheck) the bottom option “Use simple file sharing (Recommended)”. I understand that word “recommended” might throw you, and make you hesitate. In reply, the answer is, times have changed. Today we must be more cautious. However, realize that you can reinstall Simple File Sharing simply by ‘checking’ it again at any time.

Those of you who do not have a small network at home are done for today — class is dismissed –but if you do have machines that share a printer and/or files, keep reading to learn how to re-establish communications.

First, decide what it is you wish to share, and then decide with whom, because NTFS allows for almost total control over the what/who/when/where and how of “resource” sharing on your network. I will use my My Music folder for my demonstration, but the same steps are applied to anything you wish to make available, whether it’s a device like a printer or DVD burner, or a single file.
Here is the familiar My Music folder’s icon. To begin “sharing” access, right-click on it and select “Sharing and Security” option. Click on the Sharing tab.

Place a check in the box labeled “Share this folder on the network” and either accept the “share name” (not the same as renaming) Windows gives it, or create your own name, and then click “Apply” and then “OK”.

Now the icon has changed to show that this folder is now being shared to other users and computers, and it will appear in the Network Neighborbood area of all the machines on your network. Go to another PC, open Network Neighborhood (or, “My Network Places”), double-click on it and it will look and function as if it were actually a part of that computer’s files. This allows you to play songs on one machine while they are actually stored on another (so you don’t have to have copies stored on each machine — wasting hard drive space).

I’m out of time, so tune in again tomorrow for a discussion on Permissions.

Today’s free link: Sorry folks, I’ve run out of time today.

Copyright © 2007 Tech Paul. All rights reserved.

July 19, 2007 Posted by techpaul | advice, computers, converting to NTFS, file system, how to, network shares, networking, PC, permissions, security, Simple File Sharing, tech, Windows, XP | 12 Comments

Encryption: say no to data theft, NTFS security part 2

If your laptop is stolen, will the thief be able to read your vital statistics and personal info? They will if you haven’t used encryption. They’ll have your passwords as well. Do you keep any confidential business files on your computer — like some doctors and Veteran’s Affairs employees do?

As I mentioned in yesterday’s article (if not visible below, click here), Windows has the ability to encrypt your stored data if you are using the NTFS file system, as well as controlling access from networked computers. Enabling encryption is easy, and acts invisibly to the user (you) — and by that I mean your files will look like they always do, but to an “unauthorized user” they will look like a garbled alphabet soup of nonsensical gibberish.

Tip of the day: Encrypt your My Documents folder for top-notch security. To encrypt files and/or folders in Windows you must be using the NTFS file system, which most of you will already have on your machines (use the link above to read how to check, and convert to NTFS if neccessary). There are a few different ways to use encryption; you can encrypt individual files; you can encrypt entire folders and, by default, their subfolders; and, you can encrypt your hard drive (of import for laptop owners). The process for the first two are the same, while the third requires a different method.

The simplest method to provide encryption to your personal data is to encrypt the My Documents folder, which I will use for purposes of demonstration — as I mentioned, doing so will encrypt all the files inside and also encrypt the contents of any subfolders. Start by right-clicking on the My Documents folder and selecting Properties…accessing the folder may be as simple as clicking the Start button or finding its icon on your desktop or you may have to click Start >My Computer >Local drive C:, depending on your settings and preferences. When the My Documents folder’s Properties window opens, click on the “Advanced” button.

As you can see, my My Documents is set to “compressed”, but is not encrypted yet. Compression is another feature of NTFS that was very, very much sought-after in the days before giant hard drives (back then, we hadn’t heard of digital ID Theft) and is a method that uses an algorithm to shrink file sizes. You cannot, however, use encryption and compression at the same time, and today the value of the former far outweighs the latter. Fortunately, switching from one to the other requires no effort on your part, simply select “Encrypt contents to secure data” and the rest is automatic. Now click “OK”, and then “Apply”. Whenever you encrypt a folder, you will be asked if you want to apply encryption to just that folder, or all the files and subfiles and folders; you want the latter, which is the default.
That’s it. You’re done. Your documents are now safe from “unauthorized” eyes.

That is true, unless the person trying to access your data has their hands on your machine and is able to ‘crack’ your User password (you have given your User Account a password, haven’t you?) which may be the case if your laptop is stolen. To prevent data loss in that type of a situation, you want to encrypt your whole startup process and password protect it…which in essence encrypts your whole hard drive. To do so, click Start >Run and then type in “syskey” (no quotes). Now click on the “Update” button.

Select the top radio button, “Password Startup” and enter a good, strong password. Then enter it again for confirmation. Be sure to write down your password and keep it in a safe place — should you ever forget it, it is not an easy task for even an experienced tech to get you back in to your machine.
Tomorrow, I’ll discuss NTFS network “permissions” which allow you control of your network.

A final thought: I think it only fair to tell you (what you may have already guessed/know) that a very knowledgable Evil Doer, if they have physical access to your machine, can often get around whatever security you have in place. The hacker expression is, “if I can touch it, I own it.” So please don’t be careless with your, or your company’s, vital data.

Today’s free link: most of you already know that the World Wide Web is a wonderfully rich resource for researching information, but did you also know it is an excellent resource for digital images? Need a picture of the Golden Gate bridge to put into your child’s homework assignment? The place to start looking is Google Images.

Copyright © 2007 Tech Paul. All rights reserved.

July 18, 2007 Posted by techpaul | advice, computers, converting to NTFS, encrypting files, file system, how to, PC, security, tech, Vista, Windows, XP | 4 Comments