Let’s Encrypt – Free SSL/TLS Certificates for Your Website

If you have a personal or small business website that you wish to secure via an SSL/TLS certificate, you can use Let’s Encrypt to do it for free.

It used to be when you needed web encryption for your website, you had to go to a certificate authority and pay for one. What is worse, the certificate would have to be renewed every so often. It depended upon how many years you paid for in advance.

If you opted not to renew your certificate, your web visitors would see a scary message telling them “Your connection to the website is not secure!”.

Technically the “your connection is not secure” message is incorrect. An expired certificate can still secure your connection to a server, assuming you have not enabled HSTS for your domain. It’s only that the web browser – and other software – will no longer “trust” the certificate because it has expired.

Some services give their users a user-friendly option to setup a Let’s Encrypt certificate for their website. However, for people like me with custom setups, we must use other less user-friendly solutions.

If you are interested, here is the “Getting Started” link:  https://letsencrypt.org/getting-started/

Posted in Computers, Internet and Servers, Security, Software

What Exactly Does “better” Mean, and Why You Should Always Give Context

I have noticed many times on the Internet, people will ask if A is better than B. However, they do not give any context of what they consider “better” to be.

Whenever someone asks me if A is better than B, I always ask them, “What exactly do you mean?”. This is so I can help them make an informed decision. Otherwise I am just guessing, and that will not be helpful to anyone.

Here is an example of someone asking if something is better without context.

A guy named Jeremy goes to a cellphone store and asks Greg the salesman, “Which phone is better to use?”.

Jeremy has not explained to Greg what his requirements are. He could be asking “Which phone is cheaper?”, “Which phone is the fastest?”, “Which phone has the most battery life?”, etc. You get the idea. His saying “better” does not give any context to Greg.

Now Greg proceeds to correctly ask Jeremy, “What are your specific requirements?”. Jeremy then responds saying he is looking for a phone that has a large screen and is not too slow. Now Greg has context – instead of just “better” – and he now can properly show Jeremy the phones that will meet his needs.

Now Jeremy leaves the store happy, since he was able to purchase the phone he wanted.

Something to keep in mind. When someone mentions “better”, that is just their opinion. It does not mean anything until you get their context, and even then, you still would have to agree with their reasons why A is better than B.

You can also have someone who does not care either way. In this case, “better” does not factor in for him.

In addition, you may have someone give their opinion that A is better than B. However, if there is ample, reliable evidence to prove that A is instead equal to B (e.g., scientific research done by two independent universities that came to the same conclusion using valid, reliable methods to test), then there is cause to not believe what the person said. It all comes down to using common sense.

Summary: It’s good practice to always add context when asking if A is “better” than B, otherwise you will have people misunderstand what you are asking and may (unintentionally) give you an answer that is not helpful.

Posted in Computers, General, Internet and Servers, Operating Systems, Security, Shopping, Society, Software

Several ‘no log’ VPN Providers Caught Keeping Logs

I have written before about being cautious concerning any VPN providers who claim they are not keeping logs.

Just this morning, I was sent an email concerning several VPN providers who had their data dumped onto the Internet, proving they had been keeping logs while claiming they do not keep logs.

This is more proof that you should never trust a “no logging” VPN service to not keep logs.

Now am I saying that using a paid VPN is useless? No, but you need to be careful which VPN service you are using. In my experience, very few are legitimate, and even the legitimate ones are probably logging enough data to eventually identify you.

VPN services are in it for the money and most will say anything (e.g., “no logs”) to make a quick buck. Not to mention they could be selling your user data on the side – a double-whammy.

Posted in Computers, Internet and Servers, Security, Software, VPN

Do You Really Need to Pay for Antivirus Software on Windows?

Quick Answer: No. Windows Defender offers decent protection while being free, conveniently updates via Windows Update, and is not a huge resource hog.

Long Answer:

Anti-virus software has been available for a long time. For years, people paid for virus protection via a subscription service.

Over the last 10 or so years, free anti-virus software such as Avast, Avira, Windows Defender, AVG, Malwarebytes (the free, non-premium version), etc. have taken a hold of the market. Now I have used all of the above-mentioned anti-viruses. They are all pretty good (AVG, for me, ran on the slow side), but my favorite of the bunch is Windows Defender.

Now I do not have fancy charts, data sheets, graphs, etc. to show the “awesomeness” of Windows Defender. What I can tell you is I am running it on several Windows boxes without any trouble or noticeable slowdown.

None of the boxes have had a successful virus intrusion – while running Windows Defender – for the past 3+ years. False positives for me are pretty much non-existent, and I do not have to think about updating Defender, since Windows Update takes care of that automatically.

Q: What advantage would a paid anti-virus software give me that a free one won’t?

A: Pretty much just support. No guarantee of getting support with free software, but with paid software they kind of have to give support, at least if they want to stay in business.

Everything else – including anti-virus definitions (updates) – are good with both paid and free software.

Q: Are there any open source anti-virus software out there for me to use?

A: The only one I would recommend is ClamAV. However, this is not a proper anti-virus solution for most people.

It has no real-time scanner, has a minimal amount of definitions (from my experience, will catch almost nothing out-of-the-box), and has no graphical user interface for you to use (yes, you will be manually editing a configuration file with a text editor), and it will catch several false positives if you are not careful.

This is not a user-friendly software solution. It is geared towards servers and server administrators to set it up properly.

Q: Do any of the mentioned anti-virus software have any back-doors, spyware code, etc. in them?

A: I really do not know, but I would never discount the possibility. The only solution that should not have any “spy” code in it would be ClamAV, but as mentioned before, ClamAV is very non user-friendly and will cause headaches to people who do not know what they are doing.

Unfortunately, all the good free anti-virus software is closed-source. I can understand this, because no company wants their trade-secrets exposed to the entire world. This would not be good for business!

Also – just a quick note – I personally would avoid the Kaspersky anti-virus software. They are based in Russia, and I would not trust any Russian software on my computer. I have nothing against the Russian people themselves, I just don’t trust their government not to spy on me. Just a thought.

Posted in Computers, Internet and Servers, Operating Systems, Security, Software