5 Things You Need to Know Before Running Windows XP

With the completion of the "OnMac" contest in late March, Apple's release of Boot Camp on April 5, and the announcement of Parallel's Workstation (beta) one day later, the Mac world is abuzz with talk of dual-booting, virtualization, and the great potential of multi-OS Macs. (To be fair, there are some nay-sayers, although they aren't making as much noise as I anticipated.)

I think Apple's release of Boot Camp (see our review, Not Perfect Yet, but Boot Camp Works as Advertised) is one of the best marketing moves since "1000 songs in your pocket". Its brilliance lies in the fact that Apple is primarily a hardware company, and as much as we all love OS 9, OS X, and the Apple applications, we have to recognize that these exist essentially as elaborate sales pitches for Apple's hardware.

If you doubt this, consider the iPod: Originally a Mac OS-only product, it became clear that making a Windows-compatible iPod and porting iTunes to Windows would sell more hardware (iPods) than trying to attract people to Macs via iPod sales.

Macs are no longer the "malware-free" computer they once were.

Boot Camp represents a similar opportunity for selling Macs, but on an even larger scale. It also brings an ominous truth to the forefront of my mind: Macs are no longer the "malware-free" computer they once were. While OS X remains untouched by any substantial malware threat, anyone using any form of Windows on their Mac - including through Boot Camp - is vulnerable to malicious software ("malware") attack.

This struck me when I first read the headline announcing Boot Camp on CNET. In an ironic juxtaposition, three headlines down read: "Gates acknowledges that some malware renders Windows unrecoverable". It didn't take long to realize that this level of threat is so unfamiliar to longtime Mac users that they may not know how to protect themselves.

One statistic I read claims that the average new, just-out-of-the-box Dell would be infected with malware less than 20 minutes after being connected to the Internet. That could be just as true for your dual-boot Mac.

...most Windows malware issues are the result of overconfident, lax, or slow attention to protection.

The truth is, most Windows malware issues are the result of overconfident, lax, or slow attention to protection. Most of my computing friends are Windows users, and very few of them have any substantial problems with malware - because they all know how important taking protective measures is on that platform.

If you're planning or even thinking about a dual-boot or virtualization setup (or, if you're considering Microsoft's Virtual PC for a PowerPC Mac), you can live with similar levels of security and trouble-free computing. But your learning curve for dealing with malicious software just got a lot steeper.

To guide you up that learning curve, I recruited one of my friends to help with this article. Ashley Dusenbery is an IT specialist who works primarily with the Windows platform - but he's also a "Mac-friendly" guy, so he has a good appreciation for our beloved platform as well. Ashley will give us the specifics on the different areas of security we must give attention to.

Viruses

It all starts here, since this is the form of malware everyone is most familiar with. Viruses pose a genuine and frequent threat to the unprotected computer: They can be as harmless as simple pranks or as harmful as deleted files and directories. Viruses are self-propagating, so they can spread fairly quickly, and it's normal behavior for one to attach itself to outgoing emails or other files in order to spread to other computers.

One thing that longtime Mac users will have to get used to is the way we think about the Internet. Since Macs are almost completely virus/malware free at present, there must be a shift in thinking when using the Net: The Internet is a dangerous place. If the Internet were a gigantic swimming pool, the thought of jumping in and taking a dip would be repugnant to you. It's more than just a lone Baby Ruth at the bottom of pool; there is a heavy sheen of ichor that infuses the waters of the Internet.

When it comes to antivirus protection, we tend to believe that you get what you pay for. Here's how it works: You shell out $40 for the software and usually a year's subscription of regular virus definition updates - and an additional $40 a year to renew the update subscription. Old viruses are modified and new ones are released into the Internet ecosystem every day.

Antivirus software requires that you update the list of known virus threats almost daily to keep up with the bad guys. This is where virus definitions come in. Consumer virus protection software such as Symantec's Norton AntiVirus and McAfee AntiVirus offer reliable, prompt virus definition update service.

There are some free software tools available, and some folks we know are very big on them. Three fairly well-known options are Grisoft's AVG, AVAST, and AntiVir. Our experiences have been very limited with these products.

Adware & Spyware

Here's a concept everyone will appreciate: Do you love "popup" ads in your browser? What if you could have them all the time, in any application you use - or even when all applications are closed? That is the basic premise of adware: small advertising windows that show up all over the place, simultaneously annoying you and eating up your system resources.

Then there is spyware. Similar to adware, these are programs that run on your computer to watch how you compute - think, very elaborate "cookies" for your entire system. Some commercially produced spyware programs will report data on what software you use or what websites you visit. Others will record the keystrokes you enter into any program so that identity thieves can glean your credit card numbers and other personal information. Sounds encouraging, right?

Adware and spyware go hand in hand and are very tenacious and nasty programs that can not only threaten your privacy but can actually ruin your computer.

Almost everybody is familiar with the threat that viruses pose. In truth, viruses have been around since 1986, the virtual Stone Age of computing. Adware and spyware are much more recent threats and can be devastating to not just your computer, but to you as well. The real target of adware and spyware isn't your computer hardware, but you - your personal information, Web surfing habits, email addresses, credit card numbers, etc.

The good news is that it's pretty easy to keep yourself free from threats, and there are some very good free programs. We should also say that Both McAfee and Symantec offer products that come bundled with their antivirus programs for an additional cost. They work just fine, but really there is no reason in the world to spend money on adware/spyware protection.

The two most popular forms of free adware/spyware protection software are AdAware and Spybot Search and Destroy. Both offer regular program updates to account for the most current threats as well as immunization utilities to keep threats from recurring. We recommend that you scan and immunize your system once a week.

Microsoft also has a free adware/spyware utility for Windows XP called Windows Defender. It's still in beta testing, and it can be easily downloaded from the Microsoft website. The big benefit of Microsoft's utility is that it works in real-time, much like the active virus monitors in antivirus programs, which offers a proactive defense.

AdAware and Spybot, on the other hand, require you to perform the scans routinely. As former Defense Secretary William Perry (or was it former lineman William "the Refrigerator" Perry?) said, "the best defense is a good offense."

All these programs offer an automatic scheduling utility that make things easy for you. Make sure you have Windows running when the software is scheduled to run, or it won't run automatically at that time.

Other Threats

If you're running Windows in the field, make sure you have the Windows firewall turned on. If you're using a desktop Mac and are behind a good hardware firewall, you can keep the Windows software firewall off, as it may conflict with some applications.

It's also important to keep Windows up-to-date via the Windows Automatic Update utility or by visiting the Windows update site regularly. As new threats emerge, they often exploit weaknesses in the Windows Operating System. Microsoft often has to close those holes via patches to the Windows software.

Other Problems for New Windows Users

Boot Camp appears to set the default Windows partition size to 5 GB; in our opinion, that's a pretty small volume for all that it will need to do.

A standard Windows XP home or XP Professional installation will fit on the default Boot Camp drive. But Mac users need to be aware that Windows software typically requires substantially more drive space than its Mac counterpart.

On top of that, Windows relies heavily on a "Swap file" and a "virtual memory" system that both tax the available hard drive space. Basically, Windows sets aside a portion of the boot drive to use as RAM for running applications. The default amount of virtual memory is around 800 MB, which should still leave you plenty of room on the partition for an application or two - but not much more than that.

All of this leads to the need for a larger partition for an ideal multi-OS system. This is where some careful planning and forward thinking is essential. You need to know how many applications you plan on running. If you are only installing Windows for one application, say an office database or something, and you're certain that you won't be using it for much else, then the 5 GB partition is fine.

Depending on what applications you'll install and run under Windows, we recommend a partition size of 10-20 GB. Hard drive space is cheap, and it probably wouldn't hurt to go ahead and give yourself a little more room to maneuver and grow.

Who knows, you might actually like using Windows....

Further Reading

• Windows Security for Mac Users, Alan Zisman, Mac2Windows, 2006.04.18. Yes, you can run Windows XP on the new Intel-based Macs, but before you do, you should know the dangers inherent in having a Windows machine connected to the Net.