[S-99]

Over christmas i purchased windows vista home basic edition purely to mess around with because vista fascinates me with the much more refined features. I wanted to see if these features could be handy.

Tip one: Not really a tip, but driver hunting with vista was totally unnecessary. Then again my computer is very vista compatible given it's a laptop i bought over last summer. Dell only released vista 32 bit drivers and i was quite angered for the no support for 64 bit since i purchased 64 bit vista and had already sold my 32 bit vista that came with the laptop long ago. Vista automatically had my sound, nic, and wifi already to go after installation. Included in updates for vista was my chipset, video, and other drivers. Updates also made the volume up/down/mute, fast forward, rewind, play/pause, and stop buttons work also.

No driver hunting at all with vista. This made me very happy since dell only provided 32 bit vista drivers, but even more happy i didn't have to do any driver download whatsoever.

Tip two: Don't run as an administrator. Instead follow the linux philosophy of running in user space only. This is easy to do in vista when installing or just customizing after install. Do make an admin profile with a password. Do make a secondary profile that's not admin but "standard user" (equivalent of vista's standard user profile setting in xp is "restricted user") with a password (giving a profile a password also gives protection to the contents of your profile like my documents, desktop, my music, etc.). Do not use the admin profile, but the standard user profile only. Anything administrative that needs to happen...your friend "UAC" will pop up telling you what's going to be changed and give you a prompt to put in your admin password if you want the change to happen. Changes to happen is anything administrative like adding or removing programs, changing the registry, making system wide changes, or blocking and unblocking programs with windows firewall (windows firewall is significantly better in vista than xp, windows firewall also like UAC becomes useful when running in an environment with much less permissions).

Running in user space in vista makes previous annoyances like windows firewall and UAC becoming handy. It also really helps prevent the propogation of malware. Again, like linux users running in user space all the time and why most linux users if any don't use virus scanners. Not running 24/7 with admin privileges makes a very hostile environment for malware. Malware just wont be able to do anything because of the decreased permission set in user space (malware wont have the permissions to install itself, spread itself, or change system files).

Running in user space is great. It'll also keep your friends from modifying your computer or installing questionable apps freely. Running in user space makes maintaining a clean and fast running machine really easy and fast to do. And since it'll be your machine, you'll have admin privileges an admin password away.

Running in user space does not mean that to do anything with admin privileges requires logging out and logging in with the admin profile. Windows has been a multi-user operating system ever since xp was released. This means that vista and xp can temporarily and easily utilize an admin profile permissions set when something administrative must happen in a user profile with just a password prompt.

Vista is by far better at running in user space than xp is. They are similar, but to a point. UAC will pop up when anything administrative is trying to happen in vista. In xp anything administrative that must happen is usually limited to whatever you can shift+right click on to be able to bring up the runas prompt which is no where near as functional as UAC is (there's also many things you can't shift right click on in xp).

For example, to uninstall programs while in vista in user space, you can go ahead straight to the programs and features (add/remove programs equivalent) program in control panel, when you highlight a program to be uninstalled and hit the uninstall button, UAC will pop up with a password prompt. In xp user space to do the same thing you must shift+right click add/remove programs in control panel to bring up the runas prompt first and then enter the admin password and so on.

Vista running in user space is similar to xp running in user space, except that vista is much more convenient.

Tip two: If you have one...then disable the default admin profile in windows and replace it with your own admin profile with a different name other than "Administrator" and give it a password. I called the only admin profile on my computer called root, and gave it a password. Constantly if a computer wants to be hacked it's routinely going to be running windows with a default admin profile of some kind with no password. Hint, if you want to hack a computer over the net a good place to start would be some joe shmoe's computer running windows and seeing if you can login as "Administrator" with no password. Chances are you'll get lucky very fast.

This is how the famous hacker gary mckinnon hacked nasa and so on. All he did was run a script to see which computers nasa had admin accounts with no passwords. The only reason he got caught was because a worker for one of the computers he hacked...the worker saw the mouse pointer moving on it's own.

Tip three: People that shouldn't have admin privileges...don't give them any. Try activating the guest account on any OS you're using (ubuntu now has a default guest account, macosx always had one, so does xp and vista). You're friend wants to use your computer, let them go ahead, there's no reason you should restrict them unless they're not supposed to be on a computer at all. Like i said, it's as easy as activating the guest account (guest accounts are user space but with even more restrictions...in general what ever changes that has happened to guest account get wiped as soon as the guest account was logged out of). There's also more you can do, if your friend requires more than what a guest account offers, then just make him a standard user account.

Now whenever my friends want to use my computer they don't have to ask me. They also don't have access to my admin or user profiles (those are password protected and trying to access them outside of my windows profiles brings up a UAC password prompt) or the data kept within them.

Tip four: Get a good firewall and virus scanner. There are security holes in all OS'es that get patched all the time that hackers and malware writers take advantage of all the time. You can rely on windows firewall, it's a great port blocker/allower. But, you don't want to get caught without a good virus scanner (i recommend avast4home edition the most (it also offers a pre-boot scan mode) or antivir avira...avg doesn't have a very clear registration process so i don't recommend it because of this...all of these virus scanners are free). That's right, when running in user space it's still good to have a good firewall and antivirus solution. This also means to disable and replace windows defender (windows defender is slightly better than having no protection at all in windows) in xp and vista with avast4home or antivir avira.

Should you not like windows firewall and want something else. Then i recommend zonelabs zonealarm (it's very easy and comprehensive at creating an effective ACL (access control list)). There is also comodo antivirus, but i find this program more than what i asked for (it is a very comprehensive program also offering antivirus capabilities...comodo antivirus sucks, and comodo firewall is not as easy to get working compared to zonealarm).

Although in my situation running weeks on end with nothing but the protection of windows firewall and a standard user profile while keeping up with windows updates has yielded great results. Quite frankly idk if it's safe to not have a virus scanner while in user space, but being this is a windows operating system, i don't recommend it for the whole to be without a virus scanner regardless.

Windows is not an unsecure OS. It's got everything there to make it a secure OS. You just have to use that stuff and use it right. The major problem is that not many people aside from businesses and organizations use the stuff that was built into windows that makes it secure. In other words there's lots of stupid home users, and even stupid people in businesses and organizations that are use to doing nothing but using an admin profile 24/7 (this is one of the pertinent reasons why windows users are so vulnerable to malware...because they're running as an admin 24/7). The benefits of running in user space much outweigh the retarded convenience of mindlessly running as an admin 24/7. Also, running in user space is easy and as end users we have to do more than just relying on third party firewalls and virus scanners (relying on good third party virus scanners and firewalls while having password protected profiles and running in user space is a very secure environment).

[Herra Tohtori]

We no longer recommend the free version of the ZoneAlarm firewall. First, it is a very basic product compared to the commercial ZoneAlarm Pro version. The leak-test performance of the latest free version is extremely poor, whereas the Pro version is excellent. The download also includes the large commercial ZoneAlarm suite, so be careful not to install it. ZA free does have the advantage of working with Vista.

I concur with that page's recommendations with Sunbelt Kerio Personal Firewall if you want easy configuration with less prompts (although it's a bit of a nagware), and Comodo Personal Firewall if you want the most effective (probably) free firewall utility.

It appears that Comodo now offers an antivirus solution as well, but I would still recommend Avast! over it, mainly because of the boot-time check which is a real virus killer since it makes it impossible for virae to start any processes to hide themselves before the antivirus processes kick in.


By the way... have you already tried playing games that use DirectSound hardware acceleration?

[S-99]

I haven't played any games in vista except for the fear 2 demo. It ran fine and looked great on an 8400m gs (wasn't fast performance, but was a sustained and playable 20fps). Idk if the audio took any part in the slowness, i'll look into that next time. There's already workarounds for the non hardware accelerated directsound though.

I always load everyone up with zonealarm. It gets in there and is very easy to use. Zonealarm nags about a lot of things, but that's why everyone clicks the "remember this setting" checkbox and hits allow or deny. Comodo firewall is great, but like i said, it's a lot more than what i ask for. Comodo firewall has so much more stuff in there it will sometimes not work, work perfectly, and is not easy to configure. The comodo antivirus is sort of what i consider an uncalled for feature, since currently it sucks. Routinely i've had comodo not work for me in the past and last summer for recent times (most of the time it didn't like to cooperate properly with some pretty wierd setups people have wanted).

Something happened last winter. I gave my friend my old wireless router so he and his mom could surf the net at the same time on different computers, but his mom didn't like having her computer on the net 24/7 since that would leave her more vulnerable to viruses (she actually does put forward a fantastic amount of thought towards being on the internet even so much as teaching herself safe surfing habits). So i just turned off file and print sharing and ip capability for her nic in network connections in her xp install. Now to get internet she just had to double click the "connect to acs dsl" icon on her desktop which she was also used to doing. It was wierd as hell to do, but it separated my friends moms computer from the local network while at the same time being on it (just wasn't assigned an ip address from the router since i turned off ip support on her nic as well as file sharing). This scenario was great because it meant that my friends moms computer wasn't on the net 24/7 and that my friend had continual connectivity having the router initiate the connection process to acs dsl automatically and stay connected and frequently using the router for wireless lan connectivity for gaming with his friends when they came over. Simply put, comodo firewall didn't like this setup at all on his moms computer and actually kept her from using the internet, whereas zonealarm as i say it "doesn't care where the internet comes from". Zonealarm just knows when there is connectivity and from what and did work with his moms setup.

It's always funky scenarios like this that i have to administer or maintain that comodo doesn't always like to work in, no matter how much i configure comodo to work. I don't like too much the extra effort required for comodo when it does essentially the same thing as zonealarm...even in the same nagging sense. Comodo as far as i'm concerned works great on lans with 24/7 connectivity to the net that don't inquire funky setups like i described above.

This is the reason why i recommend zonealarm, it is effective, it always works, easy to configure, and is free (and it's also just a firewall). Avast4home is ridiculously awesome, very effective and great. The only reason i recommend antivir avira is if people don't want to go through the hassle of registering and reregistering of avast. Other than that antivir avira does an exceptional job at cleaning out a computer as well, but doesn't offer the more comprehensive and advanced feature of pre-boot scan. With the extra trouble of registration avast4home is a winner. AVG these days i'm just finding that it sucks. I had my dad install it, but me and him found the registration process unclear, after it was all said and done for avg on his computer, we weren't sure if it got registered at all, so we replaced it with avast for him which is very clear on whether you're registered or not.

I'll give kerio a run on my computer. The current problem of being a person who offers good software alternatives is that while zonealarm is great and all, zonelabs hasn't made a 64 bit version yet. I'm lucky that most client computers are 32bit still. If zonealarm does't fix it's situation any time soon, i'll have to find a better firewall that'll also supplement 64 bit users as well as 32 bit. Not much has come to providing the ease and power of zonealarm in other forms. Kerio looks promising, if i can install it if they have a 64 bit version. That's another reason why i bought 64 bit vista, helps me see what 64 bit computing for windows users is like. It's great, except for the lack of zonealarm.

[Herra Tohtori]

Well, as a matter of fact you can't use DirectSound hardware acceleration with Windows Vista, unless you have a Creative Audigy or X-Fi sound card of some kind and you have to use the Alchemy utility (which doesn't support all DirectSound games) in addition to the drivers for your sound card.

What this basically means is that there's no EAX support for games on Vista. And workaround requires the aforementioned specific conditions to be fulfilled. Otherwise you're boned.

That's because Microsoft decided to abandon DirectSound entirely, since the sound card drivers were supposedly causing a lot of crashes. Yes, that's right, programs written by sound card manufacturers were making Windows crash because DirectSound allowed them a bit too much access to kernel functions, so Microsoft decided that instead of making the driver coders fix their ****, we're gonna remove this feature altogether from Vista and onwards.

So as a consequence, all games that use DirectSound are now called "Legacy Games" by Microsoft...

Of course, drivers causing crashes kinda invokes the question, why did they WHQL sign those drivers in the first place? I thought WHQL was supposed to be Windows Hardware Quality Labs assurance for the drivers to work...

Sorry, not trying to make this thread into a flamewar about how much Vista sucks or doesn't. Just figured this information would be worth knowing for people who consider building a new gaming system with Vista as OS. If you're willing to get a Creative sound card, then you can have DirectSound, but not for all games, just for those that are supported by Alchemy. And even then there might be problems as it's essentially emulated DirectSound support. As a whole, this is actually a good thing since it forces more developement towards OpenAL, but the way Microsoft handled the matter pissed off pretty much everyone from sound hardware manufacturers to game developers, since they kinda let this information out rather late in the developement and as kind of a footnote, so a lot of games were being made for DirectSound when they could have been using OpenAL had they known Vista was not going to have hardware DirectSound support.

Vista does have some things going for it - security is better than on XP, and driver recovery has actually prevented a system crash on me for a while when the display driver stopped responding while playing IL-2 Sturmovik so as far as stability goes it is a bit better than XP (although the occasional driver hiccup could be because of Vista, since I never had that kind of problems with IL-2 on XP), and it does have DirectX 10 (although I think other, crossplatform API's should be developed instead) but the annoyances of DRM and lack of DirectSound support (as well as dropped features from some sound cards' drivers from Creative) are still making dual boot with XP a very viable option. Or simply using XP period. XP can be managed safely as well. Just takes a bit more effort.


Also, regarding disconnecting and connecting to network... I would probably have made shortcuts for ipconfig -release and ipconfig -renew and, if necessary, configured the router DHCP sservice to give the same IP to the MAC address of that particular NIC. That should pretty effectively cut a Windows PC out of network, non? Unless the File & Printer Sharing service uses some hidden protocol that doesn't need IP address for the PC. Don't know why Comodo would give problems with network being turned on and off, but the fact remains that ZoneAlarm's free version isn't apparently holding up in leak testing compared to Kerio and Comodo. Comodo hasn't given me any problems in a long time, and my sister hasn't complained about Kerio either, so I would vouch for either of these...

By the way, do you need 64-bit versions because 32-bit version doesn't run on 64-bit Vista, or you just don't want to run 32-bit version...?

[S-99]

Sucks with the directsound thing. Sort of reminds me of windows 7 and how it'll be able to run 3d accelerated games without a 3d accelerator...very crappily. Idk why they did this, it just reminds me of how the linux framebuffer driver works and has worked for years.

For the most part 64 bit windows is great at running 32 bit apps. Firefox 32 bit runs on 64 bit vista great, i'd prefer a 64 bit firefox for windows, but a 64 bit firefox hasn't been released for windows yet, currently 64 bit firefox is linux only. Some apps for 64 bit windows do require 64 bit executables, being that stuff like firewalls and so on. It may or may not be possible to run 32 bit zonealarm on 64 bit windows, but the zonealarm installer doesn't allow for it to be installed on 64 bit windows currently. There is software installer modifiers that let you do cool stuff like install media player 11 and ie7 on windows 2000 (xp is based off of windows 2000, the only thing that keeps new software like ie7 and so on from being installed on windows 2000 is because the installer said no to installing on windows 2000). Installer modifying software is often much more trouble than it's worth. In general if you have 4gb of ram or more or just a 64 bit capable processor, go ahead and buy 64 bit windows, it works great with 32 bit games and apps.

Regarding my friends lan situation and his mother's computer. I pulled a rather quick fix that worked out great although crude. I wanted to fully make sure that her computer was very separated. In actuality it pretty much is separated physically while still being connected to the lan since her machine isn't seen by the router nor does her computer have file sharing enabled. Her computer doesn't need to be assigned an ip address or have file sharing. Her computer is just like before in definition just to access the dsl modem with the only difference being connected to it through the router.

I know this isn't a flamewar and you weren't flaming me either and i hope i wasn't interpretted as flaming you either.

I just wanted to spread the good knowledge at how good it is to run windows while in user space since this really the only reason i bought vista to experiment with. I'm already getting a return on my money for purchasing vista. Vista and xp totally fly with good colors when using they're user profile offerings.

[Fury]

EAX doesn't work because its nothing more than hardware vendor locked set of DS3D extensions. OpenAL or any other implementation that does not rely on DirectX works. Most major titles support OpenAL these days, either out-of-the-box or support has been patched in afterwards. Better yet, OpenAL is open standard unlike EAX.

It is just my opinion, but good riddance. Creative sound cards were decent but their software was always crap. Now we have onboard HD audio chips which are good enough to make addon cards redundant for most people. Onboard audio has come a long way since the AC'97 days. And it's not like modern PC's have lack of CPU power, so there's plenty of audio processing power.

The only downside with onboard chips that most people would care about, is severe static other components can cause. For example, I had a video card that had a Zalman cooler blowing hot air to bottom of the case. The airflow caused noticeable static sometimes. Now that I have replaced the video card with one that has dual-slot cooler blowing the air outside the case, there's no static.

And finally, there has been some rumors spreading that DX11 might re-introduce hardware accelerated audio.