Really Cheap Websites

There are a number of websites that offer to build you a really inexpensive website if you're willing to do some of the work. Most of these have proprietary software behind them that let you build the website by selecting backgrounds, layouts, and fonts, entering your own text and images, and then activating them. As with anything, they have their good points and their bad points.

The good points are obvious -- low cost and a quick route to an active website.

The bad points are less obvious: The least obvious to most non-techies is that you're usually married to the company that runs the build-it-yourself website. Since it's built on proprietary software, you can't pick up your website and take it somewhere else as you can with a website built with traditional HTML. Well, actually, it can be done, but it can be fairly complex. In fact, you'll need a good website developer to help you. And since dotcom companies can go under without warning, we recommend preparing for that eventuality by downloading the entire site so that you have something for the web developer to work with if it becomes necessary. Remember to download a new copy any time you change the site.

The other major bad point is that your website is limited to what the building site supports. If you want a feature they don't support, you're out of luck unless you can convince them to add it to their features. There are a few situations where you can get around that -- e-commerce, for example, can often be done on an external site and made to look like it's part of the main site.

Doing Your Part to Keep the Internet Going

Once upon a time, keeping your version of Windows patched was strictly for your own benefit -- it would protect you against some viruses and it might make your system work a little better in certain situations. That time has passed. Keeping your system patched is now part of your responsibility as a user of the Internet. Why so? Consider this scenario: Someone discovers a vulnerability in the Windows operating system. They send out email with a virus that takes advantage of this vulnerability. Some percentage of naive users open the attachment and infect their system (because the number of Windows systems on the Internet is huge, even a small percentage is a large number). It causes no obvious problem on the infected machine, so nobody notices at first. What it has done, however, is transform that machine into a remote attacker just waiting for the right trigger signal.

When that signal arrives, all the infected systems attack at once. Usually the attack is aimed at bringing down a specific website -- thousands of systems send a request to that website, it is overwhelmed and soon crashes. But this attack does much more -- frequently, whole sections of the Internet will be slowed or even stopped by the sheer volume of the messages. Other sections of the Internet try to pick up the load and become overloaded, slowing the whole Internet to a crawl. For many users, the Internet becomes useless until the attack dies down and systems recover, which could take hours or even days.

In many, maybe even most, of these cases, the virus would not have been able to take control of a machine if it had been patched. And also in most cases the patch was available before the attack took place -- in one case the patch was available a couple of months before the attack. Unfortunately, many users don't bother to patch their systems, even though the patches are available free of charge from Microsoft's website, and can be installed quickly and easily using Windows Update.

Is it Microsoft's Fault?

Microsoft certainly could have designed Windows to be less vulnerable. Note that the operative words are "less vulnerable." An operating system is enormously complex, and there is no way to design one without some vulnerabilities. However, that doesn't change our responsibility as Windows users to keep it repaired. After all, if you buy a car that has repeated brake problems because of a poor design, you still fix the brakes when they fail, don't you? As consumers we should certainly insist that Microsoft make newer versions of Windows less vulnerable. But in the meantime, we have the responsibility to keep our current systems patched.

Is Linux Better?

Not necessarily better, but certainly not as attractive a target for virus writers. In the screwy world of virus writers, more havoc and publicity confers more status. So knocking out a small percentage of the Linux systems on the Internet wouldn't cause the havoc and publicity that knocking out the same percentage of Windows systems does. In case you're wondering, Linux has been found to have vulnerabilities and has needed patches. But with relatively few systems out in the world, nobody gets very excited about it when it happens, and nothing serious happens if a percentage of Linux users don't install the patch. If Linux begins to really challenge Windows' hold on the consumer market, our bet is that the script-kiddies of the world will take notice. They will find ways to attack it, and then Linux patches will be necessary.

There is an easy solution

To their credit, Microsoft does provide an easy way to download and install patches automatically as they become available. We can already hear some of you techies objecting that some of the patches have proven problematic and caused problems to some systems. We know that. But the number of problematic patches has been small and is frequently an interaction between the patch and certain system designs, so most users will never see one. And generally a patch can be removed if it turns out to cause a problem with a specific system. If you have Windows 2000 or Windows XP, Automatic Update is already installed (it's in the Control Panel) and only needs to be enabled.

So remember: Patching your operating system is no longer optional if you want to be a responsible user of the Internet. Yes, this goes for Linux systems owners too -- as the number of Linux systems grows, the impact of not patching them will grow accordingly.

Thanks for joining us this month. See you next month.