Archive

Archive for the ‘Technology’ Category

Advantages and Security Considerations of Utilizing the IPv6 Protocol

December 14, 2010 Leave a comment

* The PDF version of this paper can be downloaded here.

Abstract

Internet Protocol version 6 has been available for nearly a decade, but many entities in the private sector have been hesitant to adopt this new technology. With the decreasing number of IPv4 addresses, however, the switch to the newer protocol will soon become a necessity. Luckily, IPv6 offers several features that not only improve performance and security, but also allow for a gradual transition from one protocol to the other. It is essential however, that Administrators and other support staff become familiar with the new protocol before adopting it within their network. Several advantages and dangers of this protocol are highlighted, in order for the reader to become more familiar with the variety of risks and advantages associated with its implementation. By providing IT staff with training, and developing a plan for the gradual migration to the new protocol, organizations can make this transition smoothly and without disruption.

Why Use IPv6?

IPv4 Available Address Space

Figure 1: ARIN, Percentage of available IPv4 addresses as of September 2010.

In response to the inevitable departure from IPv4, the latest Internet Protocol (IPv6), has been available in most major operating systems

and network devices for nearly a decade. Its design includes features that resolve many of our modern-day networking concerns without relying on stopgap technologies, such as Network Address Translation (NAT) and Private Network Addressing. The United States Federal Government has even gone so far as to issue a string of deadlines going from 200

8 to 2014 in an effort to migrate both their internal clients and external servers to the new protocol (Marsan, 2010b). Despite various technological advantages for migrating to the new protocol, a large  percentage of the private sector have displayed a reluctance to venture into the unfamiliar IPv6 waters. As time  passes, however, it will become increasingly advantageous for these companies to invest the time and training to safely and effectively implement this new technology on their networks. For these corporations and their clients, the incentives for transitioning to IPv6 include: increased address space, the ability to gradually migrate from IPv4, and the native incorporation of the IPSec Protocol Suite.

The Numbers Behind Version 6

Perhaps the most well known advantage to IPv6 is the increased number of addresses available for use. In IPv4, network addresses are 32 bits long, which results in 232 (approximately 4.3 billion) unique addresses to be used around the world. Despite the adoption of stopgap technologies like NAT routing, the increasing popularity of PCs and mobile network devices have resulted in these addresses to be depleted at an alarming rate. According to the American Registry for International Numbers (ARIN), 94.5% of all IPv4 addresses have been assigned as of September 3, 2010 (See Figure 1). Furthermore, it has been projected that the remaining 5.5% will be assigned as early as the end of this year (Marsan, 2010a). IPv6 on the other hand, uses an address of 128 bits (approximately 3.4×10^38), resulting in an address space sufficiently large to handle future networking needs for years to come.

Making the Transition Easy

Most businesses today have a significant amount of money and time invested in their IPv4 networks. Normally, it would be impossible for most to switch their entire network over to a new protocol without devoting massive amounts of resources to the project. Such a financial burden would be both detrimental to the business, and ultimately hamper the success of the new protocol in general. In order to avoid this situation, the designers of IPv6 were careful to implement several features that allow both IPv4 and IPv6 networks to interact with each other. Such changes allow organizations to gradually transition from one protocol to the other without incurring a large financial burden. This is accomplished through the use of IPv4 tunnels and running both IPv4 and IPv6 in tandem on a host.

In order to route IPv6 traffic across IPv4 networks, IPv6 utilizes what is known as an “IPv6-over-IPv4 Tunnel.” In this situation, an IPv6-enabled host will package a datagram in accordance with the specifications of the protocol and send it over the network. When the packet reaches a router connecting an IPv6 network to an IPv4 network, the entire packet is encapsulated in the data section of an IPv4 packet and forwarded along to the next stop. Finally, when another IPv6 network is reached, the IPv4 header is removed and the packet is sent to its final destination (Miller, 1998). If additional security is desired through the use of a VPN, the entire VPN package is packaged as shown in Figure 2. This ensures that at any stop of its journey, the packet will have the correct header for the network segment it is on.

IPv6-Over-IPv4 Tunneling Packet

Figure 2: Diagram of an IPv6 packet being tunneled through an IPv4 VPN.

While tunneling is used to ensure a packet can travel successfully from one part of a network to another, it is also important that all hosts are able to understand both IPv6 and IPv4 packets in order to communicate with each other. In response to this need, most modern-day operating systems configure IPv4 and IPv6 to run in “dual-stack mode” by default (Hogg, 2009). This allows for transparent communication between two hosts without user interaction, despite the IP version being used. From the view point of Network and Systems Administrators, this is a very convenient feature. Such a configuration does bring about security implications that will be discussed in the next section of this paper.

Security from the Start

One of the greatest advantages from the standpoint of security is the protection provided in IPv6 by the IPsec Protocol Suite. IPsec provides both authentication and confidentiality to IP communications through the combined use of an Authentication Header (which depends on SHA-1, MD5, or AES-XCBC hashing algorithm, combined with HMAC for added security), and an Encapsulating Security Payload (which uses AES, DES, or TrippleDES combined with CBC to encrypt the packet, see Figure 3 for more details) (Network Working Group, 2007b). Because IPsec works on the network layer, the protection it provides occurs transparently. This helps to remove some of the burden of securing IP connections from the user (Panko, 2004). While IPsec is also available for IPv4, it requires extra configuration to setup and use, whereas in IPv6 it is built directly into the protocol.

CBC Encryption

Figure 3: Wikipedia, Top: CBC encryption mode is performed by using an XOR on an IV and the planetext message. Each subsequent message is XORed with the previous encrypted packet. This not only ensures that each packet is unique and secure secure, but also that each packet depends on all subsequent packets to be able to decrypt the data. Bottom: Decryption occurs much the same way as encryption, but instead of the planetext, the cyphertext is used in the XOR to decrypt each packet.

Read more…

Fixing XP’s Registry from the Recovery Console Using System Restore Points

November 11, 2010 Leave a comment

I recently had a client’s Windows XP machine suffer a crash that corrupted its registry and prevented it from even booting into safe mode. After trying several different tricks to try to get it to boot, I came across an article at http://bit.ly/ccKMOe that really did the trick. I thought I’d summarize the steps I took to perform the fix:

  1. Boot into the Recovery Console using a Windows XP CD. If you prefer, you can use a Live CD like Knoppix or Ubuntu to access the computer’s hard drive.
  2. Backup the current SOFTWARE and SYSTEM registry hives. While this step isn’t technically required to restore the registry from an old system restore point, it is always a good idea to make a backup of system files that you are going to replace (just in case you have one of those “uh-oh” moments later and need to undo what you just did). To do this from the Recovery Console, type:
    cd \Windows\System32\Config
    ren software software.bak
    ren system system.bak
  3. Navigate to the directory where the system restore files are being kept. You can do this by typing: cd "\System Volume Information\_resto~1". The _resto~1 part of the line is a shortened name for a directory called _restore followed by a long GUID number. If this command doesn’t work, you will need to replace the _resto~1 with the full name of the directory (you can find out what the whole name is by using the dir command).
  4. In the _restore directory, there are a bunch of directories starting with RP. These are the different restore points saved on your system. Use the dir command to see the dates associated with these various restore points and cd into one with a date before the problem started occurring (ex. cd RP743).
  5. Inside the restore point directory, there is a folder titled snapshot. Type cd snapshot to change into that directory as well. In the snapshot directory, there are backup copies of the SOFTWARE and SYSTEM registry files that we need. Copy them into the Windows\System32\Config directory by typing:
    copy _REGISTRY_MACHINE_SOFTWARE \Windows\System32\Config\software
    copy _REGISTRY_MACHINE_SYSTEM \Windows\System32\Config\system
  6. Type exit to close the Recovery Console and restart your computer. If everything went right, you should be able to boot into Windows XP without any problems.

Disable the System Beep in Ubuntu Linux

November 5, 2010 Leave a comment
  • Materials Needed: A computer running Ubuntu Linux (may work with other distros)
  • Time: 5 minutes

There are three four simple ways to disable the system beep in Ubuntu. They are: Permanently for all users with a blacklisted module, Permanently for all users using inputrc, Permanently for a specific user, and Temporarily disable the beep. I will go over each of these three methods in this Wiki entry. If you are not sure which method you wish to use, I recommend permanently disabling the speaker for all users with a blacklisted module.

Permanently, for All Users (Blacklisted Module)

After initially writing this guide, I learned that Ubuntu allows you to use a text file in the /etc/modprobe.d/ directory to blacklist or enable modules as needed. I found this way to be the easiest and most robust way to turn off the system beep, and will be turned off from the moment your system boots up. To create a blacklisted module, simply open up a terminal (its under accessories in Ubuntu’s Applications menu) and type:

sudo echo blacklist pcspkr > /etc/modprobe.d/blacklist-pcspkr.conf

Here’s what this command does:

  • sudo: Use this command to perform a task as the Super User. This gives us permission to create a file in the modprobe.d directory. You will probably have to put in your password before it will execute the command. If you don’t have access to the sudo command, you’ll have to contact your system administrator.
  • echo: This command will print whatever follows it to the terminal screen (or as we’ll see in a moment, to a file).
  • blacklist pcspkr: This is the command that tells linux to blacklist (aka. do not load) the pcspkr module on startup. In other words, this will keep the system speaker from ever starting up, which means there is no way for Ubuntu to beep at you.
  • >: This symbol says to take the output of whatever command is on the left-hand side of it (in this case, our echo command) and write it to a file specified on the right-hand side of it (in this case /etc/modprobe.d/blacklist-pcspkr.conf).
  • /etc/modprobe.d/blacklist-pcspkr.conf: The file path where we will be storing our command to blacklist the pc speaker module.

With this one command, you will never have to deal with a system beep again. Some of you may be wondering if this will also turn off your speakers that you use to listen to sounds/music on your computer. The answer is no. They should continue working without any problems.

Permanently, for All Users (inputrc)

If you want to permanently disable the beep for all users on the system, you will need to edit the system’s inputrc file. To do this, open a terminal and type:

sudo nano /etc/inputrc

For those of you not familiar with bash commands, we’ll take a moment to explain what’s going on here:

  • sudo: This allows you to execute this command as a Super User. Since we are editing the system’s version of this file, we will need Super User privileges.
  • nano: This is a really simple command-line text editor. You can substitute this editor for any other text editor that you would prefer to use (I like Vim myself). If you don’t know about any other text editors, or if you have no idea what I’m talking about, you should probably stick to nano.
  • /etc/inputrc: This is the path to the file you are going to edit.

Once the editor opens your inputrc file, type the following command:

set bell-style visible

Again, we’ll go over this command:

  • set bell-style: This tells the system that we are going to change the way the system notifies us of an error. By default, it is set to beep at you.
  • visible: This tells the system what to do instead of beeping at you. Visible will cause the system to cause the window you are in to flash instead of beep. If you don’t want it to do anything, substitute the word none.

One should also note that in later versions of Ubuntu, this line of code is already in the file and is just commented out (made so it won’t run) by a # at the beginning of the line. Instead of typing the command, you can simply find the correct line and delete the # at the beginning.

Save the file (in nano, you push ctl-x, then enter y to indicate you want to save the changes) and restart your computer.

Permanently, for a Specific User

Follow the same steps for the “All Users” method as specified above, but instead of typing the command to edit the generic /etc/inputrc file as previously mentioned, edit/create the one in the user’s home directory. To do this, type:

nano ~/.inputrc

This file will override the generic file previously mentioned, but only for the user that is logged in when you edit the file, so you can have the default bell-style be set to one type, and your current user to another. Again, the rest of the steps are exactly the same as above.

Temporarily Disabled

If you only want to disable this temporarily (only when you go to the library for example), you can use this method. Open a terminal and type the following two commands:

xset b off
xset b 0 0 0

These two commands together will basically tell the system to turn off the bell, but it will be turn back on the next time you restart your computer.

Beginner's Guide to Removing Viruses

December 29, 2009 2 comments

We’ve all been there. Surfing online, minding our own business (or maybe not…), when you realize all too late that you clicked on the wrong link or popup. Bam! You’ve got a virus.*
If you’re lucky, your antivirus software (you are running up-to-date antivirus software on your computer, right?) will catch the mistake and eliminate the infection before it manages to take root on your system. All to often, however, the virus will manage to get in under the radar and wreak havoc before you’ve even realized its there. At this point, a simple scan of your antivirus software is often not enough to completely remove the infection. In this article, I’ve outlined several basic steps that can be taken to remove an infection.**

1. Prepare the Infected System

Before trying to remove a virus from your system, there are a few important things to do. First, avoid using your computer for any task where sensitive or private information will be used. It is not uncommon for some infections to steal passwords, financial information, or anything typed on your keyboard. If possible, you should disconnect your system from the Internet and not use it until you are certain that the infection is removed.
Second, it is important to know that the process of removing viruses from your system can be a very involved and time-consuming task, ranging from hours to a couple of days depending on how bad the infection is. Once you start the process of removing a virus, you should see it through to the end. Otherwise you run the risk of having the virus come back again.
Third, turn off System Restore (some viruses will use System Restore as a way to reinstall themselves after being removed) and clean out all temporary files (I recommend using CCleaner to do this, although Windows Cleanup can be used instead). In addition to helping with the removal of the virus infection, this will help speed up your virus scans.
Fourth, it is always a good idea to back up any important data before attempting to remove a virus. While these steps are fairly straight forward and shouldn’t result in any data loss or harm to your system, the only way to ensure your data is protected is by backing it up! Its tedious, I know, you should still do it. Also, don’t copy, run, or open any files from your backup without first scanning it with a working and up-to-date virus/adware/spyware scanner. After all, you don’t want to reinfect yourself or another clean system with the same virus.

2. Download Virus Removal Tools

The first rule of dealing with an infected system is to not trust any of the programs that are on that system. Therefore, you are going to need to download a few standard tools in order to deal with your virus problem. The first tool I would recommend is a good antivirus rescue live CD.*** The benefit of using a live CD is you can guarantee that your tools will be completely unaffected by the virus infection. There are several free live CD’s available for this purpose (a list with reviews can be found here). I would recommend using one or more of the following: Avira AntiVir Rescue System, BitDefender Rescue CD, and/or Dr. Web Live CD (it doesn’t hurt to use several different live CDs in succession to be thorough since different antivirus tools will sometimes detect and remove different viruses more efficiently). You will also want some other tools that are specifically designed for removing adware/spyware. I recommend using Malwarebytes, Spybot, and/or Ad-Aware (each has a free version available for home use). Be sure to run the update tool on each of the programs you’ve installed before using them.

3. Run the Live CD(s)

This seems fairly obvious, but at this point, go ahead and boot into a live CD and run the antivirus tools. Some live CDs allow you to update the virus definitions before running them (you will likely need a network connection via an Ethernet cable to perform the updates). Other live CDs will automatically have a set of fairly recent virus definitions already built in. After you’ve updated the virus definitions (if the option is available), start the virus scan and then go watch TV or read a book for a while because it will take some time (I’ve found that most virus scans take between 1 to 3 hours to run depending on the number of files on your system). Once its done, make sure to tell the CD to remove any infections it found and restart the computer with a different live CD if you are planning on running multiple scans. Rinse, lather, repeat! If there are any viruses found that the live CD is unable to remove, write down its name and do some research online (from another computer if possible). Sometimes antivirus companies, such as McAfee or Symantec, often have special tools and detailed instructions on removing some of the more difficult infections.

4. Start Windows in Safe Mode

Once you’ve finished running the live CDs that you’ve chosen to run, you’ll want to boot into Safe Mode in Windows to finish cleaning up the system. To do this, press the F8 key repeatedly while the computer is starting up. For detailed instructions on how to do this, click here. Once you’ve booted into Safe Mode log into an account (make sure the account has administrative privileges) and run a scan with each of your antivirus/antispyware programs (ie. Malwarebytes, Spybot, Ad-Aware, etc.) in turn. Again, these scans will take some time, but its the only way to make sure that your system is free of viruses. Have these tools clean/repair or quarantine any infections they find, and be sure to write down any infections that cannot be treated so you can do some specific research on how to remove those particularly stubborn infections. It also doesn’t hurt to run each scan again after you’ve cleaned off all the infections, just to ensure that none of them have re-spawned themselves after removing them.

5. Final Cleanup

After you’ve finished running your various scans and have achieved a clean bill of health, restart your computer and let it start up normally. Hopefully, your system should now be free of infections and as good as new. If everything seems fine and you don’t see any signs of the previous infection, go ahead and turn System Restore back on and (if you suspect that your current antivirus was compromised by the virus and no longer working properly), uninstall and then reinstall your antivirus software. Be sure that you update the antivirus and make sure that its working correctly. Finally, you can verify that all is well by running a free online scan of your computer from Panda or BitDefender.**** If everything checks out, your system is clean as a whistle and ready to go. If not, then you likely have a virus that will require some additional (and more invasive) steps to get it off of your system. If this is the case, you’ll probably need to seek additional help from someone with experience dealing with these kinds of infections.


* Since this article is meant to be a beginner’s guide, I will be using the term “virus” interchangeably with the term “malware.” While such a generalization is not technically accurate, I have done so in order to avoid confusing some of our less technical readers. Technically, a virus is defined as a malicious program capable of self replication (often without the permission of the user), while malware (which is short for “malicious software”) is a general term that includes a wide variety of infections (viruses, worms, trojans, rootkits, adware/spyware, etc.).

** While following these steps should not cause you to loose any of your data or cause problems with your system, you should know that attempting a virus removal is not completely without risk. You should always take precautions to back up your data in order to ensure that it isn’t lost. I am not responsible to any harm caused to your system or data by using this information. This article is for instructional purposes only and is not to be seen as a definitive guide to malware removal.

*** A live CD is a CD that you can boot into instead of your usual operating system (such as Windows). You can usually download an ISO file and burn it to a physical CD (the Avira CD actually has a program that you download and run to burn the CD for you). I would recommend downloading the file and burning the disk as close to when you plan on doing the virus removal so that it is the most recent version. Also, you may have to change your BIOS settings to allow you to boot into a live CD. If you don’t know how to do this, you can get more information here.

**** There are a lot of websites out there that claim to offer free malware removal tools but will actually further infect your system with viruses. Only trust tools from reputable sources, such as well-known antivirus companies (Norton, McAfee, Panda, BitDefender, etc.). If you don’t know whether a tool is legitimate or not, do some research before you act. Remember, the first rule of online security is to never trust anyone.

Using Open Source Code in Proprietary Software

December 3, 2009 Leave a comment

As mentioned by several others here, it really depends on the license. Some allow you to use their code in proprietary software without problems, some require you to at least include only the open source code that you used, and some require you to declare the entire program as open source. I personally love open source code, but it is important to understand that it often comes with strings attached to it.

While it may be tedious, there is no substitution for reading and understanding its license before you use the code. I can’t stress this enough! The license attached to open source code is a legally binding contract that’s main purpose is to grant you permission to use the code without violating the owner’s copyright. If you can’t meet the conditions specified in the license, then using that code is considered a copyright violation and can prevent you from distributing your software.

You also have to remember that if the code you are using has two or more licenses attached to it (or you are using code from different open source projects under different licenses), you have to make sure you can fulfill the requirements mentioned in ALL of those licenses to be able to distribute your program after using the open source code. This can get sometimes be difficult since there is a long list of open source licenses out there, each with their own terms and conditions.

The bottom line is that open source code is really cool and can be very useful to a software developer, but if you need code with no strings attached, your best option may be to write your own.

Note: This article is taken from an answer I gave in response to a question on the site called StackOverflow.com. To see the original posting and other peoples’ answers, click here.

Categories: Legal, Technology

Proposed Changes to Software Copyright Law (§ 117)

October 19, 2009 Leave a comment

Since the creation of section 117 by CONTU in 1978, computer software and the way it is used has been constantly evolving. Due to current legislation, licensing, and archival practices, portions of section 117 have become outdated and are in need of revision. In this proposal, I will seek to identify two of these outdated elements and suggest modifications in order to better address current and future computing practices.

The first necessary revision to section 117 would be in regards to the current requirement that a copyrighted program be deleted from all archives “in the event that continued possession of the computer program should cease to be rightful.” When CONTU wrote this portion of software copyright law, their concern was two-fold:

  1. CONTU wanted to ensure that an owner be able to use and protect their software from damage or loss without fear of breaking copyright, and

  2. when an owner ceases to rightfully possess a program, he or she cannot simply extract and use a copy of the program from a previously made archive in order to avoid violating copyright law.

While CONTU’s purpose for this requirement is sound, it does not match the current reality of computer archiving. Most archived copies made from computer systems involve copying a series of folders or even drives into one compressed file rather than making copies one program at a time. In order to remove a program that is no longer rightfully owned from a collection of archives, one would either need to individually extract, modify, and compress each archive containing the program, or destroy all infringing archives completely if they are stored on read-only material (such as a CD or DVD). This makes it difficult, if not completely impractical for the owner of a system to fully comply with current copyright law. In order to address this problem, I suggest the following changes*:

(2) that such new copy or adaptation is for archival purposes only and that all archival copies are destroyed in the event that continued possession of the computer program should cease to be rightful, any copy of the program made from an archive must be destroyed immediately without first being used or recopied.

This revision results in three changes to section 117 that maintains the spirit of the old law, while better complying with modern computing practices. First, this revision addresses the aforementioned problem of destroying copies of programs in archives by removing the unreasonable requirement completely. Second, it recognizes that when an archive is used to restore lost or damaged data, often either all missing files and programs in the archive are restored, or the entire contents of the archive are copied back onto the system. Since this process is necessary to restore lost or damaged data and often occurs automatically, it may inadvertently result in the copying of a program that is no longer rightfully owned onto a system, even though no copyright violation is intended. In order to both protect a person from an accidental violation and ensure archives cannot be used to subvert the aforementioned purpose of this subsection, the third change states that he or she is not violating section 117 if the copy is immediately destroyed before using or recopying it.

These revisions do not violate the purpose of software copyright since section 101 defines a computer program as “a set of statements or instructions to be used directly or indirectly in a computer in order to bring about a certain result.”** Since an archived copy of a program that is not rightfully owned is unable to be used until it has been extracted and copied onto a computer, its existence within the archive should not violate copyright law. Instead, the violation should occur when that program is extracted from the archive with the intent to use it. Thus the aforementioned changes to this subsection will cause section 117 to better reflect the realities of computer archiving, while ensuring that these archived copies cannot be used to circumvent software copyright.

The second part of section 117 that needs to be revised is the use of the term “owner” in this section. During the case MAI Systems Corp. v. Peak Computer, the Ninth Circuit Court of Appeals declared that licensees of a computer program “do not qualify as ‘owners’,” and are therefore “not eligible for protection under section 117.” Thus when congress changed the wording of section 117 to read “owner” in the place of “rightful possessor,” it inadvertently created a loophole where licensees of software are not guaranteed the same rights to run and archive their software. While such a case may be unlikely, the current wording of section 117 would allow the distributor of a license to claim a user is infringing copyright simply by running or archiving their licensed software. Since the majority of modern-day software is distributed under a license agreement, most software users currently receive little or no protection from such unreasonable claims.

The reason congress chose to use the term “owner” rather than “rightful possessor” as originally intended by CONTU is unclear, although some speculate that it was to prevent people from borrowing or renting software and leaving a copy on their system after returning it. Such a concern has been more recently addressed when congress passed the Computer Software Rental Amendments Act into law in 1990, which limited the “first sale” provision of section 109 in relation to software rentals. Because of this clarifying legislation, using the word “owner” in an attempt to prevent copyright circumvention through software rentals is no longer necessary.

Because the term “owner” does not contribute any additional protection to software licensees, nor does it prevent additional copyright infringement, the original term “rightful possessor” should replace the term “owner.” By using the term “rightful possessor,” licensees would be afforded the same rights of using and archiving their software as owners currently receive. In addition to granting licensees the same rights with respect to software use that owners enjoy, this new wording would not prevent restrictions regarding the distribution and use of software from being imposed through a license agreement. Since the distributor of a licensed software program generally intends for it to be used by the licensee anyway, this change of terminology will not result in any unreasonable limitations to what a license can contain.

By removing the requirement to destroy all archived copies of a program and shifting focus to deleting unauthorized copies after restoring an archive, the language of section 117 will better reflect the realities of modern archival methods. Furthermore, the former issues with using the term “owner” in conjunction with the licensing practices of most software distributors would be resolved with the re-adoption of the term “rightful possessor.” These two simple changes to section 117 will ensure that software copyright law will better reflect the realities of modern computer archiving and software use, while respecting the need for software distributors to impose additional restrictions via licensing.


*Original wording of section 117 is in black, new wording is in blue, words that have been removed have a line through them.

**Emphasis added.

Categories: Legal, Technology Tags: , ,

Top Free Apps for Your Computer

August 20, 2009 1 comment

There’s an old saying that “the best things in life are free.” Few people know that some of the best applications written for the PC (and the Mac) are available free of charge. I’ve put together a “short list” of programs that may be of interest to the average Windows user. If you use a different OS (such as Mac or Linux) these programs may or may not be available, but with a little research (i.e. “Googling”), you should be able to find some plausible alternatives. Also, if you intend to use any of these programs in an enterprise/work environment, be sure to first read the license information as some programs (mainly antivirus/malware applications) are only free for personal use.


Antivirus

I’ve put this at the top of the list because no Windows based PC should be without some form of updating virus protection. I say updating because those “free” trials of Norton, Symantec, or McAfee that came pre-installed on your computer usually expire after a month or two and then are next to useless until you purchase a license for about $40 a year. This is not to say that these programs aren’t effective at protecting your computer when they are receiving updates. What most people don’t know, however, is there are some free antiviruses available that are just as good, and they never expire. Below are the two antivirus apps I recommend for the average user. Just be sure to only have one antivirus on your computer at a time, since having multiple antivirus apps will cause all sorts of weird errors.

  • Avira: This antivirus is one of my favorites and is what I run on my Windows computers at home. It is fast, easy to use and has a very good detection rate with very few false positives. Its also very light weight, so it runs well on both old hardware and high-performance gaming rigs alike. The only downside I’ve found is the free version displays a popup ad every time it updates (about once a day). Simple Instructions to turn off the ads can be found at the wikiHow website, but be aware that doing so is probably a violation of Avira’s End-user license agreement. Does this mean that disabling the ads will cause men in dark suits to visit your house in black helicopters? Probably not, but if you want to play it safe, check out AVG as a good alternative. You can get Avira Antivirus free at http://www.free-av.com/.
  • AVG: As mentioned above, AVG is a great alternative to Avira. It uses a little more resources than Avira, but is also very dependable and easy to use. I often recommend it to people who don’t want to be bothered by ads, but also want dependable, free virus protection. In fact, up until I discovered Avira, this was my antivirus of choice. You can get AVG for free at http://free.avg.com/.

There are some additional antivirus apps out there (such as Avast! and ClamWin) that will also give you some free protection, but due to Avast!’s registration issues and ClamWin’s lack of features, they don’t quite make the cut.


Chat/Instant Messaging

I used to be a huge fan of Pidgin Instant Messenger because of its support for a wide variety of chat clients in one easy-to-use package. I found it to be perfect for people who used multiple chat clients, because they could just use one program rather than three or four to stay in touch with people…

Then along came Digsby. Digsby not only does what pidgin did by supporting multiple chat clients at the same time, but it also lets you receive email alerts and keep tabs on your social networks (such as Twitter, MySpace, and Facebook). And if that wasn’t enough, it does it while packaging it all into a stylish, customisable side-bar that can be minimised to a small set of icons in your right-hand part of the task bar. Simply put, Digsby is awesome! The only complaint I have is that it isn’t available yet for Mac and Linux (but they are working on it). You can download Digsby from http://www.digsby.com.


Web Browsers

Internet Explorer sucks. That’s all there is to it. It’s insecure, slow, and doesn’t always display websites correctly (mainly because Microsoft tends to make up a new set of standards for every version of IE it releases). To be fair, a lot of improvements have been made since it was first packaged with Windows. Changes have been made to fix it up, speed it up, and give it a new coat of paint. When you get right down to it though, these changes are like dressing up a turd; underneath that fancy top hat and coat tails, it still stinks. If you are currently using Internet Explorer to read this blog post, stop and download one of the following recommended web browsers right now.

  • Firefox: Most of you are probably not surprised this web browser is at the top of my list. Its secure, fast, reliable, and full of features. It also completely follows XHTML standards that have been created by the World Wide Web Consortium (of course, almost everyone except Microsoft does this). Simply put, this means that it will always display valid web pages correctly. If all this wasn’t enough, there is a plethora of free plugins available that will let you customise and add additional functionality to your web browser. You can get firefox at http://www.firefox.com.
  • Chrome: While this browser isn’t nearly as feature-rich as Firefox, it is by far one of the fasted web browsers around. This browser made by Google has an amazing startup time and can load web pages at a rate that will blow almost any competitor out of the water. Finally, its completely open source software, so anyone can contribute code to make Google Chrome better. You can download this cool, new browser from http://www.google.com/chrome.


Office Suite

What if I were to tell you that you could have the same functionality as Microsoft Office without the hefty price tag? Why pay over $100 for a decent word processor or spread sheet editor (or around $400 for the Microsoft Office Standard version) when you can use OpenOffice for free! OpenOffice has a word processor, spreadsheet program, database, slideshow, a math formula editor, and even a simple desktop publishing program. Finally, it can both save and open Microsoft Office file formats (including the new .docx format), and even create PDF documents with a push of a button. Get OpenOffice by going to http://www.openoffice.org.


Like I said before, this is just a “short list” of free and useful programs available for the PC (there’s a lot more than what I’ve just mentioned). Please feel free to comment on which free applications you enjoy, or even ask questions about other free alternatives to your favorite programs (The Gimp being a great alternative to Adobe Photoshop for example). Since the main way people find out about these free applications is usually by “word of mouth,” the more commentary, the better.