Thursday, January 13, 2011

PCs, Macs, and Data Loss: Be Religious About Your Backups, Not Your Platform

I've been getting some push-back from Mac users feeling superior about my last post regarding Java and malware on Windows. I see no reason to ignite another dogmatic conflict at a time when the President is asking the nation to keep our discourse civil.

I will say that in my practice I've found that the vast majority of actual data loss comes not from malware attacks, but the simple and preventable lack of backups. Macs and PCs are both heir to the same silicon ills - dead hard disks, user error, and plain bad luck. You can save yourself from 99% of computer problems by being religious about your backups, not your platform.

Every version of Windows since NT and Mac OS since 10.5 has included an excellent and free backup utility, NTBackup for Windows up to and including XP, Windows Backup and Restore Center for Vista and Windows 7, and Time Machine for Mac OS. Older versions of Mac OS can use a free version of Shirt Pocket Software's wonderful SuperDuper, although the full version is well worth the $30 to be able to automate it. With USB hard drives under $80 for a terabyte, you simply have no excuse to be unprotected.

Do something now, before your data disappears and your hard disk's magnets join the Elephant's Graveyard on my refrigerator.

Wednesday, January 12, 2011

Change in my best practices re PCs and Java

I've made a change in what I feel are best practices regarding Java on Windows-based computers.

For those of you who don’t know – Java Runtime is installed on many PCs as delivered from the manufacturer, and installed by me sometimes if not. It’s used by some websites and applications to add rich interactive functionality. In the past, I’ve felt it was an important part of being ready for the web, like Adobe Flash and Reader.

Now we’re facing a new wave of malware that takes advantage of security problems with Java. I removed it from two computers yesterday, and my sources tell me that problems with Java are the most common pathway for bad programs (fake antivirus, etc.) to get on machines. As this is happening, Java itself has become much less necessary for the vast majority of users as other ways to get that functionality are baked into HTML5 or Flash/Silverlight.

So I am recommending that users uninstall the Java Runtime from their PCs unless they have specific requirements for it – i.e. a website that needs it, or a local program that uses it. The benefit of having it is now outweighed by the attack surface it creates. Removing it is simple.

Close all open programs, go to the control panel, select Add/Remove Programs (Windows XP) or Programs and Features (Vista/7).
Java may be listed as Java 6 , J2SE Runtime, Java Runtime Environment, etc. with various version numbers, and there may be multiple versions installed. Remove all of them.
The uninstaller may ask for a reboot at the end of uninstallation. If you are uninstalling multiple versions, it’s safe to say no to the reboot until the last one is done, then reboot.

If you use a specific website or application that uses Java (you will see Java load with its coffee cup symbol when you do), then it’s alright to leave the most current version (as of this writing, Java 6 Update 23) installed. If you don’t have that version, uninstall all Java Runtimes as above, reboot, and go to to get it.

I hope this is helpful, and that you will be able to disseminate this information as needed. Please let me know if you need further clarification on any of this.