Slashdot Mirror
Windows Security and On-line Training Courses?
eggegick writes "My wife has taken a number of college courses over the last three years and many of the classes used on-line materials rather than books. The problem was these required IE along with Java, Active X and/or various plug-ins (the names of which escapes me), and occasionally I'd have to tweak our firewall to allow these apps to run. I don't think any of these training apps would work with Firefox. All of this made me cringe from a security point of view.
Myself, I use Firefox, No-Script, our external firewall and common sense when using the web. I have a very old Windows 2000 machine that I keep up to date. To my knowledge, I've never had a virus or malware problem.
Her computer is a relatively new XP machine, and at this point she feels her computer has something wrong. But now she prefers to use my old machine instead of hers since it seems to be more responsive. We plan to run the recovery disk on hers.
Assuming the college course work applications were part of the cause, what recommendations do any of you have for running this kind of software? Is there a VMware solution that would work — that is, have a Windows image that is used temporarily for the course work and then discarded at the end of the semester (and how do you create such an image, and what does it cost?)."
vmware is free, so is virtualbox and xen.
you would create the image yourself.
install a default XP machine and run IE on it.
They're using their grammar skills there.
Run her web browsing in a virtual machine.
Have her take her courses from a school with a clue.
If you want news from today, you have to come back tomorrow.
Make sure that the virtual disk size is big enough (at least a couple of gigs)
I review software for a living (in addition to doing other things) so I've been using virtualized Windows XP installations for awhile now. (I prefer Virtualbox, but you can do this with any utility)
A long time ago, I created a virtual hard disk image of a Windows XP installation, got it the way I like it, and then backed it up. (storing a few GB long-term is trivial these days) When the current disk image I'm using gets overly cluttered after a few weeks or months, I just get rid of it and load a fresh copy from my backup and start over.
You could probably benefit from the same system.
"It is a denial of justice not to stretch out a helping hand to the fallen; that is the common right of humanity."
on Linux, install XP or whatever, run all the updates and then make a backup copy of the VM.
My karma is not a Chameleon.
If you just want to use her computer for the semester then re-wipe, have you considered partitioning additional space? Use Partition Magic or something, clone the windows partition, relabel it to whatever with an operational space of 10gb or so, forget about firewall, antivirus etc, let the computer crash and burn, when it becomes intolerable, wipe partition and clone yourself a new one. VMWare would have a similar solution, but it won't be that responsive since you'd be actively RDP'ing the whole time.
Do at least try to read the summary.
Nerd rage is the funniest rage.
Why would this make you cringe from a security standpoint? Security is only a problem with nefarious things are intended. The act of allowing these specific ActiveX controls to run within the context of the training courses has no bearing on whether or not you are permitting other ActiveX controls to run. If the prompts annoy you, rather than simply completely turning off ActiveX security features, you should add this site to your list of Trusted Sites.
There's nothing inherently wrong with enabling IE, using IE, or using ActiveX. And within the context of this single site there's not likely to be a problem. After all, if they were using their software for malicious deeds you surely have legal rights on your side.
The courseware he's talking about is almost certainly Blackboard and up until very recently that was basically the only available product for this kind of stuff. Yep, it is a titanic piece of KAKA, but no matter how clueful a school is, they pretty much don't have a choice. WebCT was somewhat better, but Blackboard bought that a good while back and they don't put new customers on it.
In the last year or two there are some OSS apps that are at the point where they would be a better choice, but switching is also a titanic nightmare and thus the pain goes on...
"Malo periculosam, libertatem quam quietam servitutem." -- Jefferson
I have used vmware fusion and parallels. The upside of these two solutions is they work on my intel macs.
...and this is the worst askslashdot ever.
that is all.
This UID is 7651 digits too high to subjectively infer IQ from.
that your wife isn't taking a computer security class.
There's no -1 for "I don't get it."
It's available for XP and Vista (32 bit) free from Microsoft: http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
You can use the instructions here to install the same copy of windows into two different partitions on the same machine. I use this on my laptop; one image for everyday use, and one for logging in to my company's VPN (which requires specific software that I don't want to have running all the time).
First, windows is bad blah blah, viruses blah blah, linux and baby jesus save blah blah. Okay, now that we've eliminated 95% of the discussion ideas for this thread: user training is a freaking awesome idea! Seriously, how many of you have walked into jobs and been handed a strip of paper with your userid and password (set to 'password') and told to change it -- and that was the total extent of your training?
#fuckbeta #iamslashdot #dicemustdie
require you to turn off your firewall and pop-up blocker. Why they cannot write web software to work without needing pop-ups and can work with firewalls is beyond me.
Virtual PC 2007 is free. Use Pricewatch's operating system price search to find a version of Windows to run under it. Windows XP can be bought in OEM version for under $100.
Run all college web sites in a virtual machine.
Use Avast Home for Antivirus as it is free for home and non-profit use.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
(...) Windows SteadyState (...) It's available for XP and Vista (32 bit) free from Microsoft(...)
There's also a product that I love: Faronics Deep Freeze.
It takes an image of a system partition upon install and freeze it. Ie. Reload this partition image after every reboot. So you have a fresh computer every day.
Some tweaking necessary - partitionning your disk into a frozen for system, and a non-frozen partition for documents.
It's worth a try, me thinks.
Best thing you can do on XP is logon as a normal user (not admin, nor power user), and learn how to deal with the occasional problems caused by having insufficient privs. Aaron Margosis' (sp?) blog has some great tips.
VMWare Player is free, but doesn't make it easy to create VMs. Sunbarrow.com has lots of tips.
Virtual machines are a great way to run stuff where performance isn't critical. It's a useful sandbox that you can easily restore to a known state just by copy some files from your backups.
The solution is easy, though you may not like it. Install Vista (It has ASLR, heap protection, pointer protection, dep, integrity levels, and so on) and latest updates. Enable DEP for all processes and memory protection in IE advanced options (must run IE as admin first to change this setting.) Disable all the AcitveX and .NET stuff in the internet zone.
Enable Protected Mode for 'trusted zone.'
Add necessary, trusted sites to 'Trusted Zone' site list, that require an active-x/.net plug-in.
Leave auto-updates on.
Don't download anything unless you know for sure the trustworthyness of the people who made it.
Using just that, I have been using Vista for almost 2 years without a single Virus, trojan or Worm, or anything at all to speak of, and I surf everything, all day, including very shady sites. Vista pretty much takes care of the automated and drive-by download infections, teaching non-advanced users about web scams that only require a sucker user on the other hand is very difficult, I recently had to clean antivirus-360 from a friends computer because despite all the security (it was XP) she willingly clicked 'download' and 'install' and 'ok' when it said she needed the program on some website. lol.
"...I think the Microsoft hatred is a disease." - Linus Torvalds
surely windows is more proof that security is impossible when the resources of those trying to hack you are virtually infinite?
IE so many windows boxes; all vulnerabilities are likely to be found because any hacker/criminal/hobbyist will target the most common OS?
Last I checked there was no 100% secure OS. There were open source OS's that you can look at the sourcecode for when a vulnerability IS found, but there is no 100% secure OS. period.
if you want to teach security; teach better habits, its the ONLY way to even get close to security, NO OS will save you from being an idiot. So teach on ANY OS security; ESPECIALLY windows, because in windows you need to be aware of all the security risks.
god, I got sucked in by an anti Microsoft troll that wasn't even TRYING to be a troll :/
I use it for MS Visio, nothing else I run Linux in my laptop and 'if' I need MS Visio, I just run my Virtual machine, which does not have to fully boot up... =) it can easily wake up from saved state (takes like 5 seconds) ohh Sun thank you...
Virtualization is easy, but non-virtualization is even easier. There is a VMWare solution that will work: It's VMWare, and it works exactly like you think it does. The current price is listed on the VMWare website. I don't understand why this is a community-posed question, though, since you seem to have answered yourself in the question.
The free solution, on the other hand, is to just clean up the problems on the XP machine. If the other machines on the network continue to run trouble-free, just fix the one with trouble. You probably don't even need to recover or reinstall. Uninstall the ActiveX components, close the firewall back up, run anti-virus and anti-spyware apps (at least 3 different free ones) to remove anything that might have shown up, and if there are less than a handful of problems detected, you don't really need to reinstall. Run msconfig to check for extra crap at startup, and use HijackThis to check for any remaining browser toolbars, add-ons or other crap you don't want. Then make Firefox the default browser. Incidentally, there is a Firefox add-on available called IETabs which lets you run an IE-specific webpage from Firefox without starting IE and all its add-ons (it does use the base IE rendering engine tho).
If the machine hasn't had a fresh XP install in over a year, then it's time to reinstall anyway, and the sluggishness might have little to do with the extra ActiveX crap your wife had to use.
A cleanup might take you 2 hours. A reinstall could take longer, depending on how organized you and your wife have been about backing up data and how many programs you'll need to reinstall. VMWare works, but isn't free. These are the considerations to balance. Good Luck!
-=[You cannot consistently judge this statement to be true.]=-
http://etudes.org/
They use it at Foothill College Los Altos CA where where I am a somewhat permanent student
I have taken dozens of online classes and it seems to have worked well for a variety of classes and teaching styles
-I'm just sayin'
Take a look at VirtualBox, http://www.virtualbox.org/. It works well, its free, and it allows you to setup an sandbox within which you can allow insecure browsing.
Try these programs which work from a USB drive: http://portableapps.com/ http://www.pendriveapps.com/
Just get some sandboxing software (i.e. "sandboxie", which I've only heard good stuff about) and run internet explorer from within such a sandboxed environment.
Just like a VM it will keep IE (or anything spawned by IE) from messing with the rest of the system, but with the advantage that it is much more lightweight than a typical VM.
Load up Linux and Virtualbox. Then you can run any number of MS-Windows snapshots under it as needed. If you get infected, just revert to a previous snapshot and your problem is solved.... instantly.
Meanwhile, you have the opportunity to learn and experiment with a newer, more enjoyable, free, and open OS (and VM) instead of just being "stuck" with MS-Windows 2000. And it will be an OS that will likely not be compromised by virii, spyware, and malware.
Windows 2000 is out of support. That means, no patches for known issues. It's been out of support for a few years. Chances are your PC is pwned. The only way it could be worse is if you were running Win98.
Based on your other questions, you and your wife have much to learn. Start with VirtualBox and run a live linux distribution (no HD install) under a VM. Don't know how? http://justfuckinggoogleit.com/
I have a Toshiba Satellite A30 Laptop - about 5 years old.
I comes with a Toshibs OEM version of Windows.
You cannot install in on any kind of Virtual HDD I have tried them all.
It is tied to the Hardware or something.
Anything that lets Active X run, eg a Windows OS is an un-containable security risk. By that I mean that if you have a system that allows that stuff to run you have __NO__ security in that Logical Partition, and you have to be able to sacrifice the Image and start over.
... burn another DVD, turn on the 'tun' network to windows.
Lots of (a) disk space, (b) care and organization are necessary. As others have said use virtualizarion, preferably over a Linux kernel even if you never use linux per se as it makes the virtual LPARs easier to manage and has an effective firewall, even with iptables off, at startup for most distributions. I use OpenSuSE.
The game-script is choose a virtualization, lots, mostly free, try to avoud things like VmWare unless you really need its features, Install basic Linux eg Ubantu, install VM manager, install Windows (1) on a real HD partition and (2) for its virtual environment. Burn CD/DVD of the Windows setup, install extensions, courseware
You are now in roughly the position most large corporate Windows users establish, you have glass 'Ghostlike' images of you setup as it was before you entered the unsafe-sex world of Windows, and you can quickly step back to them.
Corporate speak "re Image your machine".
Dont forget it ifconfig the tun down before you let anything get at your image. The MTTP (Mean Time ti Pawned) is c
3 mins for an un-protected Win box on the internet.
Wife in question has administered lab machines before. So I left the Windows admin to her. B-)
For net access I put a third ethernet card in the Linux-based firewall machine and added rules:
- This new "red" net, like the "blue" net where the linux boxen live, was essentially restricted to talking to the firewall machine and outgoing TCP connections (plus very few specific other things.)
- "Red" and "blue" were treated, with respect to each other, as just as foreign as the wild-and-woolly Internet.
I know this doesn't answer questions about "How do you protect the Windows machine?". But there is plenty of stuff elsewhere about that. Plugging Microsoft's security holes is a multi-billion dollar industry. This was "How do you protect the rest of the machines in the house?". Giving Windows boxen their own LAN segment and walling it off from reduces the problem to the equivalent of a Windows box (or LAN of them) alone behind a NAT/Firewall machine. That's an already (sorta) solved problem.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
What a load of crap. Can you actually prove what you just stated? Here are some facts for you to digest.
Any operating system / browser environment is just as secure as the users allow it to be. You can run Firefox with NoScript all day long, but how many of us have seen web pages that state "You must have JavaScript enabled to view these pages." A more savvy user would simply decide to either not use that website, or find an alternate way of doing what they need to without lowering the security on their system. However, less informed users might simply decide to create either a permanent or temporary exception for that site without considering the consequences. The same is true with Active X controls. I don't install any I don't trust, and most of the time, even if an application I installed adds an Active X control, I manually go into IE and disable any ActiveX controls I don't trust.
Secondly, anyone who runs their applications, or OS as either root or administrator opens him or herself up to attack regardless of the platform. The fact that there are many more Windows based attacks is because of two reasons. 1) Windows is easy to use, and therefore easier to manipulate, and 2) Windows still owns the lion's share of the desktop market, therefore attacks will have a broader impact. It is foolhardy and ignorant to suggest that any platform is inherently more secure than another. Each has their vulnerabilities, and each will have inexperienced users making bad decisions.
Make your system a dual boot and install Ubuntu and Crossover Office, at which point you can click a button and install IE on it.
Ironically, I had to install IE to take an online Linux course.
But IE works great and it being that it isn't actually running on Windows, I've never had a moments trouble.
Also, in some cases you can stick with Firefox. There is an add-on to let you report back to the site that it is IE. I've found that a lot of sites that say they are IE only will actually work with Firefox...but this is kind of hit and miss.
And also, I have one Linux system with Win4Lin on it and running XP. That also works well, but native IE running in WINE actually works much smoother.
You know, Firewall or not, the latest Ubuntu is going to be way more secure than an old Windows 2000 machine. Use Linux on the Net and then boot to Windows when you need an old app.
Transporter_ii
Doctors destroy health, lawyers destroy justice, universities destroy knowledge, religion destroys spirituality
Some of the important features and capabilities of Win4VDI for Linux include:
* Re-hosting of Windows XP/2000 desktop sessions on Linux servers
* Centralized management and provisioning of users
* "Renewable" windows - just restart any corrupted session and the original master copy of Windows combines with your individual "Documents and Settings"
* Automatic local printing from the server to the local attached printer.
* Consistent user access to personal desktop environment from home, office and other network connected locations.
* Support for multiple remote display choices - Win4Lin client, NoMachine, LTSP, VNC, and X, for example
* Increased security and reliability by running on Linux servers
* Create end-to-end Linux environment with Windows as a guest rather than control point.
* Lock down Windows read, write and other operations with Linux permissions â" an administrator's dream!
* Provide standard application environments to users regardless of desktop hardware and operating system - Windows, UNIX, or Linux on the client, but standard application profile served from Linux server.
* Use as a way to wean your organization from those last few Windows applications by consolidating onto a server for as-needed concurrent use. De-commission Windows from a central location once suitable replacements are in production.
* Serve Windows apps to Windows users from a Linux server â" cheaper, more secure, and more reliable - with all the advantages of consolidation and central management
The price for Win4VDI for Linux is USD $125.00 per concurrent user. The minimum number of users that can be purchased is ten(10). Win4VDI for Linux is available in a specially priced 10-user package for $1000.
Doctors destroy health, lawyers destroy justice, universities destroy knowledge, religion destroys spirituality
Aww poor Windows shill...can't handle the truth?
Simply start by making a non-administrator account on XP and surf from that account. It will reduce the likelihood of getting a system-wide virus or worm to near zero. You still could end up with a bunch of crudware on that account if she clicks "yes" to questions about installing plug-ins and such. But you should be able to fix all that by just deleting that user and making a new non-administrator one.
http://lkml.org/lkml/2005/8/20/95
Make an account on the machine and give it guest access, make use of psexec from system internals to run IE as that user only. It will not have access to executing anything weird on the machine and it restricts the user down pretty far but should not have any problems with access to what it needs for the online classes and any other web surfing you might want to do.
Her computer is a relatively new XP machine, and this point she feels here computer has something wrong. But now she prefers to use my old machine instead of hers since it seems to be more responsive. We plan to run the recovery disk on hers. Assuming the college course work applications were part of the cause, what recommendations do any of you have when having to run this kind of software?
What the hell kind of "recommendations" is he looking for? If your school needs ActiveX plugins (I know, I know, the schools needs to get a clue, etc.), you use IE and run them. I guess we could recommend that he doesn't, but that kind of defeats the purpose. ActiveX isn't an automagic virus.
She feels her computer has something wrong? So what? What the hell does that have to do with his question? What the hell does "planning on running a recovery disk" have to do with his question? What the hell is his goddam question, anyway?
Plus, he's asking how to create a virtual machine in VMWare and how much it costs?!? Apparently this genius hasn't discovered www.google.com yet.
Easily the dumbest Ask Slashdot I've seen.
Why not set up a dual boot machine? You could install Linux on a separate partition and let GRUB handle the choice between which OS to boot to at startup. You could even set up two XP partitions, and use something like NeoSmart Technologies' Easy BCD as a boot manager. I use it in my Vista partition to allow me to boot to Linux when I want to, and it works pretty well, but you can also use it to choose between different Windows installations. That way, the partition with all of the suspect Active-X controls and such would be separated from the good Windows partition. The only problem with using Windows for both operating systems is that malware might "see" the other Windows partition and cause problems. Of course, it might also "see" a Linux partition, but unless it destroys data, it probably won't find anything useful to exploit there. Just my 2 cents, subject to inflation.
But if you use IE for anything but college classwork...Bang! Zoom! Straight to the third moon of Omicron Perseii Eight!
Sig this!
http://www.microsoft.com/Downloads/details.aspx?FamilyID=21eabb90-958f-4b64-b5f1-73d0a413c8ef&displaylang=en
The images expire intermittently.
If all one is using is IE with the standard plug-ins on any kind of real home network there isn't even really a need for a virus scanner. Let's be honest with ourselves; a router stops just about anything you don't invite onto your home machine. Anyone who uses that machine for a single purpose and isn't downloading crap and installing activex-everything runs about as much chance of getting a virus as getting hit with a meteorite.
This entire question is pointless. Have her take the fucking course and be done with it. From the sounds of it, you should ONLY be using a hardware firewall with inbound protection only. You are too naive and paranoid to waste your time approving every little program that wants to have access. You would save a lot more time if you educated her on not installing crap she doesn't need. (i.e. Weatherbug)
"When you see a unixer brainwashed beyond saving, kick him out of the door." - Xah Lee
You are not alone. Next week: "My 6th grader needs to write a history paper. What's the best 64-bit text editor to use?"
"When you see a unixer brainwashed beyond saving, kick him out of the door." - Xah Lee
There are things far worse than worrying about possible security threats from "courseware".
1. getting it to work in the first place can be a real big problem. A few years ago, a friend was taking online courses using WebCT. He was unable to get any of it to work. Instead, he commuted to campus and used the computers there.
2. IMO a lot of courseware is crapware. Somehow in the education market it is acceptable to subject students to software that would be higher quality if it was malware! Well, what did you expect? Look at how students are gouged on textbooks.
Yeah. First there was this talk of slashdot-ers having girlfriends, and now we have to help out somebody's wife. These guys have got to be kidding.
First off. Windows 2000? That you keep up to date? I haven't seen Windows 2000 updates since.... 2005. Security? WTF?
For the love of dog, use something like VirtualBox or VMWare. Now!
Second, as a techie who has returned to college I deal with this a lot. Firefox has been hit or miss. Sometimes, I have HAD TO use IE. It's a bitch, cause I use Ubuntu. Nothing sucks more then having to keep a dual boot system (I used previously) or a VM around just for that one class that requires that you submit files via IE.
That said, I have had professors are usually very understanding of using browsers other than IE. For instance my Macroeconomics professor posted my short go by for playing his videos which seemed to only play in IE. I don't know why but they only played in IE, and I forced them to play with Firefox, Greasemonkey and FlashFix.
Other than that, I have seen problems with Blackboard and Etudes. It's usually hit or miss. Depends on the professor. My best luck has been with Moodle. I haven't had one class that has been problematic on Moodle.
CAPS LOCK: ITS LIKE THE CRUISE CONTROL FOR AWESOME
My wife is also a graduate student taking online courses. When she found she could not access the lectures using Windows XP Pro (DRM problems per Firefox), I installed a dual boot system with Ubuntu on her computer, and then installed IE and Windows Media Player with Crossover Office. It works splendidly, and the Linux kernel isolates IE from malware. Of course, it is very easy to move screenshots, etc. from the Linux to the Windows partition.
You can even make the "My Computer" zone configurable - if you decide htm files that you load locally shouldn't be so trusted and running stuff like javascript (it kind of breaks some explorer stuff unless you are in classic mode).
See: http://support.microsoft.com/kb/555599
Or even add zones.
See:
http://www.geocities.com/uzipaz/eng/fifthzone.html
http://support.microsoft.com/kb/182569
However doing that might break NET 1.1
See: http://support.microsoft.com/kb/837214
IE's zone security is actually better than what Firefox has. With firefox you only get something like security zones if the plugin provides it, and then it typically only applies to that plugin.
YES. A thousand times yes. I did go buy myself a copy after that podcast (ep #172, here) and I don't know how I survived without it. It's entirely usable right out of the box but with a little configuring you can make it do just about anything you need, without the overhead of running a whole separate VM.
...'tis easier to blame than to improve.
Even worse than the great slug question of '99?
This thread has generated a lot of great responses, and you can pick and choose from a variety of good solutions. Here is another, the one that I have settled on as my preferred safety-backup-reinstall method: hard drive clones.
I use XP-SP2. My main machine has been running smooth as silk for 4 years. I have had rare problems, but when they have occurred, they have been of mixed causes - hard drive failure, a UPS failure which caused unbootable file system corruption, and even a trojan picked up right here on a Slashdot link a few months ago. No sweat for me though . . .
My backup solution depends on external hard drives which mirror my internal drives. I keep all data and apps (other than those that insist on installing under \ProgramFiles) on separate internal drives. That way, if C: gets corrupted, my other data is safe. My C: system drive has only the OS and ProgramFiles apps. This means that I can keep the system drive relatively small (120GB), meaning I can buy several mirror drives quite inexpensively.
I have several C: drive mirrors. I duplicate my main drive to these external backups 2 or 3 times a week. I duplicate just before any major system or application upgrade. I use an older version of Norton Ghost (v9) for this, which makes flawless duplicates while running in the background. (I also use Acronis to make point-in-time compressed images of the drive, which can be reloaded onto a hard drive if need be.)
The few times that I have had a disaster, I just pull out my latest mirror, swap it into the disk-0 position, and turn my machine back on - like nothing ever happened.
Consequently, this is also a great way to test installations or new software, or to create drives that you or your wife could use for your own purposes.
(See the comments above by diggitzz about cleaning up your dirty system before getting ready to make your first mirror image.)
Ever since settling on the system-drive-mirror solution for my OS safety backups, I have not had a moment's anxiety about losing a drive, testing new OSes, nor keeping my installation clean.
... 13 months ... without any kind of virus protection and have not had any kind of infection.
Excellent work, keep it up!
"Security is only a problem with nefarious things are intended. "
Wrong, wrong, wrong.
When you open a vector attack for a benevolent application, you are opening a new vector attack that can be abused.
In simple terms, opening access to a "good" application means that you have to do all kinds of reconfiguration to ensure your environment remains clean.
I share the pain of the original poster on this regard ...
IANAL but write like a drunk one.
I left my basement last century, you insensitive youngling cod.
IANAL but write like a drunk one.
As someone else mentioned previously, the Microsoft Application Compatibility Virtual PC VM image is free and it'll give you IE + XP SP3 in a VM, or there's a much bigger one that runs Vista if you prefer. Use it with Microsoft's free Virtual PC 2007 SP1 download to run the VM.
http://www.microsoft.com/Downloads/details.aspx?FamilyID=21eabb90-958f-4b64-b5f1-73d0a413c8ef&displaylang=en
Alternatively, run something like the Linux Mint 6 Live CD ISO image or an installed version from it [create a 6GB sized virtual hard disc if you want to 'install' it to there to facilitate having a persistent copy of patches / bookmarks / files et. al.] from a VirtualBox VM. Run firefox, Opera, or even the Google Chrome port someone did and see if any of those work for you when you relax / adjust their settings appropriately. There's even the way to run MS IE under LINUX's WINE windows program compatibility emulation subsystem, and that works pretty well if you really 'want' MSIE under LINUX [or in this case WINE under a LINUX VM under whatever your host OS is].
Still alternatively, get a cheap 1GB-8GB fast flash drive or external USB HDD or cheap 20 GB / whatever internal HD or whatever and use it to boot a totally distinct OS environment that just has the OS + browser dedicated for taking this coursework. You can even replace that whole image from a clean backup of itself after every use if you like. You can run a fully installed LINUX off of a 5-8GB partition or a fully installed Windows XP off of about a 15 GB sized partition [maybe with the page/swap file settings reduced] so it is no real big deal to keep a dedicated boot image + a full image backup of it around whether it is a VM based image or not.
Anyway if you want to get fancy you can even try to run something like VMWARE ESXI bare metal so you don't even need to be booted into the host OS to run a subsidiary VMWARE VM image containing your disposable guest virtual OS environment. Similar deal with SUN's semi-vaporware XVM or Microsoft's upcoming Hyper V core thing. YMMV on whether any of the "bare metal no host OS required" VM managers work with your hardware given their drivers et. al. though. I wouldn't bother except for extra credit in case you get lucky and it works.
It'd also be possible to use GPXE booted from a flash drive or PXE BIOS setup to network boot one PC from a network image served up by the other PC, so you could even have one PC be totally diskless and boot a perpetually clean image served/stored from the other PC if need be, but this adds complexity so I'd skip it unless you're highly motivated to try it.
Oh about networks / firewalls -- get a $8 or so USB connected 10/100 Mbit LAN dongle. Fry's has them on sale sometimes, as will generic brand hardware vendors perhaps like svc.com, directron.com, ewiz.com or similar. Then you'll have a second distinct USB ethernet connection on that PC. You can use VirtualBox or similar to "capture" that 2nd NIC and tell the host OS that is running the VM manager to IGNORE the 2nd [USB] NIC. Thus the NIC can show up in the VM and not be used by the host OS. Then you can plug that NIC physically or logically in as a DMZ port on your firewall and assign different firewall rules [or even have it bypass the firewall totally] just for its cable / its MAC address. Obviously you'll want to FULLY PATCH the VM guest OS via a FIREWALLED net connection FIRST before you plug the NIC into the less protected / unprotected DMZ / port forwarding setup.
Another option is getting a new PC just for this sort of thing. You can get an Intel ATOM based MiniITX motherboard *AND INCLUDED CPU* for $70-$90 or so. Add in $15-$20 of RAM, and some old free / $20 case + PSU and you've got a very low power consumption [but very slow performance] new PC that can be for a dedicated school computer or eventually can replace your old energy hog PC or whatever. They make goo
I use FREE VirtualBox for such purposes. Install your WinXP _only_once_ with minimal set of tools you need and just save virtual disk somewhere. It's size is less then 1G. Then every time you need to work in hostile environment, load copy of this disk in your VirtualBox and go without fear! If something bad happens you may just erase disk image and replace it with saved clean copy. It takes about minute or two. So you'll have "infinite" windows security without a dime to pay for additional licenses.
An oxymoron ?
VMWare Server or Player are both free. Create a VM for her to do her courses in.
I use Windows XP firewall, no antivirus, no anti-spyware, IE7, and Eudora, and to the best of my knowledge, have never had a malware problem. I just don't click on anything I'm not sure of. I don't download much, either, especially music - as in "never." Don't worry, be happy... the threats aren't all they're cracked up to be...
If you are not interested in a story, please don't comment on it.
You can do both and well not easy will secure IE from bad Active x controls. Use Group Policy and if it is Windows XP home downlaod the file or get the file from a windows xp Pro box. The file is gpedit.msc. Then if you l;ook in IE and manage Add-Ons and enable or disable so a list appears. Then right click the header and select to show class id. You will want to write down all the active x controls class ids and I know its a pain. Once you have them all written down then use group policy and enter them into either the computer config or the user config. I would suggest user config/admin templates/Windows components/Internet Explorer/Add-on managment and tell the computer to run the ones you have deifined. There problem solved from here on out. Yes updated active x class ids for maybe flash or java can be a pain but thats if your running those apps. If you mostly use FF then you should only be approving ones to finish your coursework. Then no matter what no bogus active x can run becasue it does not have permission to. Been doing this ever since XP came out and never had a bogus Active x control take over my machine.
I've been involved with online college since 1997 (as a student), through today as an associate professor at one of those really big online schools you all know. Only until a couple of years ago did the powers that be realize the more IEx, ActiveX and other proprietary requirements you impose on the student body, the FEWER students will pay for your courses. There is no excuse, given the open framework of basic .html, to use ANYTHING that won't work on ANY computer (within reason...no 20 year old cpus, please) that can get online.
Fortunately my university has scaled back the stupid IE7/Active X requirements and redeveloped the entire student log-in pages to work with Mac OSX, Firefox, etc. (not sure how well it works with Linux stuff though).
If your wife likes your set up or even wants a multi set up, you could set up your windows 2000 (if you have enough resources) to run as a server, that you connect terminal services, and access vmware of choice for your wife from her computer, then she uses the image on your 2000 machine as her access point to the internet, but her machine stays intact, and you still control everything from yours.
Just make sure her xp does not see her virtual xp to share files cuz your back to square one then...
otherwise, it is a great tool for that!
You can try http://www.sandboxie.com/
Windows Security and On-line Training Courses?
Chinese Democracy and On-line Training Courses?
Christian Science and On-line Training Courses?
Market Self-regulation and On-line Training Courses?
Safe DRM and On-line Training Courses?
Microsoft is letting you download virtual PC images of XP SP2, SP3 and Vista (presumably SP1) with IE6, IE7 and IE8 RC1 free of charge. It's called "Internet Explorer Application Compatibility VPC Image". They have a set expiry date, but at this time you should be able to download updated version. http://www.microsoft.com/Downloads/details.aspx?FamilyID=21eabb90-958f-4b64-b5f1-73d0a413c8ef&displaylang=en
To me that sounds that you have not even tried to use it with Firefox. If you are seriously concerned about running Windows or IE or whatever, you could have at least tried Firefox.
Don't fight for your country, if your country does not fight for you.
I know it doesn't help much with the current problem your having, but you might want to drop a line to the college in question and let them know about the existence of Moodle. An open source virtual learning environment. The school where I work use it both in school and at home after hours. By all accounts the teachers and kids love it (and works in Firefox too!).
Because of problems like this I prefer to study courses that use classic books rather than e-courses. I have tried many e-courses with lots of different systems (Blackboard which is the worst of all, and Moodle which is also bad) and I dislike them all, except one e-course provider that used no system at all and instead just provided their course material as e-text in simple HTML format using nothing else than p, h, em, strong, and img tags. I have found no other format than plain text or simple HTML that works better for studying on-screen.
Hi there,
I run my Windows Laptop with NT, 2000 and XP for more than a decade with no local firewalls or virus checkers (those are simply resources suckers).
I have Flash, Java and other plugins.
Never had any problem with viruses, and I apparently have good common sense to avoid the juice sites on the Internet or simply no interest in loading up my machine with all sorts of resource monsters.
But my machine gets slower and slower over time. My recommendation is re-install windows XP. It is even worth the money and order a replacement CD from MS and/or your hardware manufacturer, if (and only if) it is updated with the latest service packs. That saves you dozens of re-boots and many hours of watching the upgrades.
Best you re-format your disk too and re-install only what you really need, purging the gunk if virus or your garden variety resource monster gamlet, you just wanted to try out.
Good luck, and better use Linux. I never experienced such deterioration of performance on my Linux boxes. But then I don't use them as desktops much.
Good luck
Busy helping non technical users of OpenOffice.org - http://plan-b-for-openoffice.org/
I conclude that not only do you not know what you are talking about, but also that you are an idiot as well.
The point is not user stupidity, or scripts, __BUT__ what those scripts can actually do.
In any case your astroturfing here is pointless, all CIOs and Security Admins understand you crap all too well and are not interested in having their nets borked for 2-3 days every 3 months, and those that did not learn are no longer in post. Why M$ pay you to lurk and lie I do understand.
In well implemented Java, or JavaScript the executable is inside a carefully walled sand-box, except in IE. In IE the DOM constrints are not secure, another M$ extension, but Active X is completely untrammeled.
By the way all your comments about user credulity are true of UAC in Vista and Windows 7
If i had mod points I'd mod you down for using the pseudo-word 'boxen'.
If you want to read posts by hackers you have to put up with hacker jargon.
If you're revolted by it, what are you doing on Slashdot?
(This IS, by the way, part of the normal evolution of a language.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
You're not going to running IE on a non-updated system - you're going to have your Linux machine behind a firewall, and you're going to be running NAT or something more powerful between the Windows VM and the Linux machine, and you're going to update the Windows system and reboot it. Then you're going to install any applications and update them and reboot. And you're going to snapshot that OS partition, and have a separate OS partition for the data, and *then* you're going to start using IE and its little friends for classwork. And every few weeks you're going to boot the snapshot OS without the data partition and run Windows update, anti-virus updates, etc.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
The big reason to use VMware or its competitors here is to let Windows run in a safe protected environment, not exposed to the cold cruel world. Also, you can boot the Windows OS from a clean copy each time, so even if it gets infected you're not very exposed.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Running two copies at once on the hardware might be breaching your license, but you're not doing that here - you're running Linux on the base hardware, and if the VM counts as license-affecting hardware you're only running Windows on it, and if it doesn't count, you're only running one copy of Windows on the physical hardware, even if you're not running Windows the way Mr. Bill expects.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks