What Exactly Does “better” Mean, and Why You Should Always Give Context

I have noticed many times on the Internet, people will ask if A is better than B. However, they do not give any context of what they consider “better” to be.

Whenever someone asks me if A is better than B, I always ask them, “What exactly do you mean?”. This is so I can help them make an informed decision. Otherwise I am just guessing, and that will not be helpful to anyone.

Here is an example of someone asking if something is better without context.

A guy named Jeremy goes to a cellphone store and asks Greg the salesman, “Which phone is better to use?”.

Jeremy has not explained to Greg what his requirements are. He could be asking “Which phone is cheaper?”, “Which phone is the fastest?”, “Which phone has the most battery life?”, etc. You get the idea. His saying “better” does not give any context to Greg.

Now Greg proceeds to correctly ask Jeremy, “What are your specific requirements?”. Jeremy then responds saying he is looking for a phone that has a large screen and is not too slow. Now Greg has context – instead of just “better” – and he now can properly show Jeremy the phones that will meet his needs.

Now Jeremy leaves the store happy, since he was able to purchase the phone he wanted.

Something to keep in mind. When someone mentions “better”, that is just their opinion. It does not mean anything until you get their context, and even then, you still would have to agree with their reasons why A is better than B.

You can also have someone who does not care either way. In this case, “better” does not factor in for him.

It’s good practice to always add context, otherwise you will have people who will misunderstand what you are asking and may (unintentionally) give you an answer that is not helpful.

Posted in Computers, General, Internet and Servers, Operating Systems, Security, Shopping, Society, Software

Do You Really Need to Pay for Antivirus Software on Windows?

Quick Answer: No. Windows Defender offers decent protection while being free, conveniently updates via Windows Update, and is not a huge resource hog.

Long Answer:

Anti-virus software has been available for a long time. For years, people paid for virus protection via a subscription service.

Over the last 10 or so years, free anti-virus software such as Avast, Avira, Windows Defender, AVG, Malwarebytes (the free, non-premium version), etc. have taken a hold of the market. Now I have used all of the above-mentioned anti-viruses. They are all pretty good (AVG, for me, ran on the slow side), but my favorite of the bunch is Windows Defender.

Now I do not have fancy charts, data sheets, graphs, etc. to show the “awesomeness” of Windows Defender. What I can tell you is I am running it on several Windows boxes without any trouble or noticeable slowdown.

None of the boxes have had a successful virus intrusion – while running Windows Defender – for the past 3+ years. False positives for me are pretty much non-existent, and I do not have to think about updating Defender, since Windows Update takes care of that automatically.

Q: What advantage would a paid anti-virus software give me that a free one won’t?

A: Pretty much just support. No guarantee of getting support with free software, but with paid software they kind of have to give support, at least if they want to stay in business.

Everything else – including anti-virus definitions (updates) – are good with both paid and free software.

Q: Are there any open source anti-virus software out there for me to use?

A: The only one I would recommend is ClamAV. However, this is not a proper anti-virus solution for most people.

It has no real-time scanner, has a minimal amount of definitions (from my experience, will catch almost nothing out-of-the-box), and has no graphical user interface for you to use (yes, you will be manually editing a configuration file with a text editor), and it will catch several false positives if you are not careful.

This is not a user-friendly software solution. It is geared towards servers and server administrators to set it up properly.

Q: Do any of the mentioned anti-virus software have any back-doors, spyware code, etc. in them?

A: I really do not know, but I would never discount the possibility. The only solution that should not have any “spy” code in it would be ClamAV, but as mentioned before, ClamAV is very non user-friendly and will cause headaches to people who do not know what they are doing.

Unfortunately, all the good free anti-virus software is closed-source. I can understand this, because no company wants their trade-secrets exposed to the entire world. This would not be good for business!

Also – just a quick note – I personally would avoid the Kaspersky anti-virus software. They are based in Russia, and I would not trust any Russian software on my computer. I have nothing against the Russian people themselves, I just don’t trust their government not to spy on me. Just a thought.

Posted in Computers, Internet and Servers, Operating Systems, Security, Software

Should I Use Another DNS Server?

Should I switch my current DNS server?

If you are just a regular Internet user (not self-hosting anything), and you are currently using your ISP’s DNS server, I would switch to a 3rd party DNS service (e.g. Cloudflare).

However if you are self-hosting anything (e.g. email), then I would opt for running my own DNS resolver for reliability.

Here are my opinions on the three typical ways to get DNS.

ISP DNS Resolver:  usually OK performance / no privacy

  • Works out-of-the-box with your Internet service.
  • Since you are using servers they control, always assume your ISP is logging your DNS requests (no privacy).
  • Sometimes an ISP actually has worse DNS servers (slower, less secure) than a 3rd party DNS service.
  • Many years ago, I made use of my ISP’s DNS resolving services. They would occasionally go down – every few months. It made it look like the Internet was “down”, but it was just their DNS resolvers that were down.

Third-Party DNS Resolver (e.g. Cloudflare, OpenDNS):  good-to-excellent performance / potentially less private

  • 3rd party DNS server may be logging your DNS lookups, regardless of what their Privacy Policy says.
  • Can be faster than your ISP’s DNS resolvers. This is due to 3rd party DNS services having a very large network infrastructure. They can handle large amounts of traffic with ease.
  • Cloudflare does support DNS-over-TLS. However this is just encrypting your connection to Cloudflare. When Cloudflare retrieves the DNS records for you – assuming they do not have a cached copy – that connection of theirs is unencrypted. This means the DNS records Cloudflare gets for you can be manipulated by a 3rd party, outside of Cloudflare’s control.
  • Any server hosting a website using SNI (Server Name Identification) – without using the TLS 1.3 protocol – will give the domain name you are accessing in plain-text for anyone to see. This defeats the purpose of using an encrypted DNS service.
  • Can help get around DNS blacklists your ISP may have implemented.
  • Unless you are using a VPN service, your ISP will still have to route your connection to the website. This may give away where you are going on the Internet, even if your ISP cannot read your DNS queries.

Self-Hosted DNS Resolver (e.g. Unbound DNS):  OK-to-good performance / potentially more private

  • Useful if you want to have reliable lookups, since your are cutting out the middle-man handling your DNS requests.
  • If you are self-hosting web services (e.g. web and email), it is recommended to run your own DNS resolver. While not necessary, this will help prevent interruptions to your services.
  • While there is no worry about the DNS server keeping logs (you are running it, after all), there still is the possibility of your ISP and/or other entities sniffing your DNS lookups and keeping a log that way. This is because DNS is inherently insecure (not encrypted).
  • Unbound runs on FreeBSD, OpenBSD, NetBSD, MacOS, Linux and Microsoft Windows.
  • Unbound DNS does require some knowledge of DNS to be setup properly.

Summary Chart

Easiest out-of-the-box solution | best for people who just want things to workISP DNS servers
Best performance | good for people who want more performance than what their ISP provides3rd-party DNS (e.g. Cloudflare,
Best reliability & maybe a little more private | best for people who self-host web services (e.g. email)self-hosted solution (e.g. Unbound DNS software)

Posted in Computers, Internet and Servers, Operating Systems, Security

The Windows Command Prompt is not DOS

A while back, I read on a website that the Command Prompt on the NT-based versions of Windows are somehow from MS-DOS. This is a myth.

While the Command Prompt (cmd.exe) does copy the commands from the MS-DOS (command.com) command line, this does not make the Command Prompt in Windows NT in any way, shape, or form, related to MS-DOS.

For example, I could write a C#.Net console application that mimics Linux bash commands, but that would not make my application “bash”.  I am just mimicking the commands from bash. The same applies for the Command Prompt on the versions of Windows NT. The Command Prompt may use the same commands as the MS-DOS one, but that does not make it DOS.

Here is a bit of information some people may find interesting.

32-bit Windows NT operating systems (e.g. WinXP, WinVista) can run DOS programs due to having a built-in 16-bit “NT Virtual Dos Machine” otherwise known as NTVDM. This allows people to run DOS programs (even full-screen ones) without much problems.

However the 64-bit versions of Windows do not have NTVDM. For the 64-bit Windows operating systems, an emulator (e.g. DOSBox) is required to run DOS programs.

Posted in Computers, Operating Systems, Software