My biggest gripe about Windows 7 is the impact User Account Control has on the command line. Unless you turn UAC completely off, every time you run something on the command line that Microsoft has deemed requiring your password – even if you’re in the local Administrators group – you get an Access Denied error.

Screw. This. Noise.

This is the “ZOMG!!! If you run things as root you’ll destroy the planet!” Linux model.  I don’t like it in Linux, and I definitely don’t like it here. Which mean, yes, when I’m working in Linux I log in as root. Why? One reason is that I want to be able to break things, software-wise.  I want to understand why something has broken, how to avoid breaking it again in the future, and how to fix it. Knowing these things makes me a better admin.

The SU/SUDO model doesn’t really stop admins from breaking things, it just gets in their way.  Ordinary users need the protection of SU/SUDO, not experienced administrators.  It also gets in the way of doing certain things on the command line.

Which brings me back to Windows 7.

Microsoft made UAC much, much better in 7 than it was in Vista.  Still, even on its lowest setting, it’s getting in my way.  For example, I have a batch file on my computer.  Been using it for years.  The name of the file is DC.bat and it contains a single line: “defrag c:”.  That’s it.  In Windows XP, any time I want to defrag the hard drive I hit Windows + R, type “dc” and hit the Enter key.  Boom, done.  UAC prevents me from doing this in Windows 7, along with a lot of other things on the command line.

Forgive me while I repeat myself: Screw. This. Noise.

I completely understand the need to lock things down on a company network to protect the network from users who don’t know how to not break things, but this is a standalone computer with a single user – me.  Also, to toot my own horn, I’m a freaking expert when it comes to Windows.  I, and people like me, don’t need to be hamstrung by UAC.

So, finally, I turned it off completely.  My computer is now in the undocumented “You’re damned right I’m an expert” mode.

The website Mashable.com reports this morning that there is a fake password reset e-mail for Facebook circulating. The e-mail comes with an attachment that, if executed, will install a virus on your computer. This is obviously something you don’t want to have happen.

I’d like to take this opportunity to explain the importance of considering context when you receive such an e-mail.

Let’s suppose you have a Facebook account. If you receive this e-mail but you not request that your Facebook password be reset, the likelihood is pretty great that the e-mail is fake and should be deleted. It’s a good idea to make sure you can still log into your Facebook account, so go ahead and do that. It should go without saying that you should NOT click on any links in his e-mail to get your Facebook account. You should have it separately bookmarked already.

If you don’t have a Facebook account, there is zero chance that the e-mail is genuine. Just delete it and be done with it.

Context also applies when you receive an error message of some kind. Many websites will display advertisements that look like Windows error messages. At best these ads want to sell you something, at worst clicking on them will install a virus. Either way, simply ignore these ads and you should be safe.

(This is one of my most popular posts. I updated it on August 25, 2011.)

There have been increasing incidents of spam being sent through direct messages (DMs) in Twitter.  Spam, in this particular case with Twitter, means messages that are not sent by individuals, but by bots (computer programs) either acting on behalf of a user or using a Twitter account that’s been hacked. There are a few things you can do to protect yourself from DM spam.

Avoiding DM Spam is Easy

Firstly, if you’re currently using auto-follow on Twitter, STOP. You can only receive DMs from people you follow.  If you auto-follow, you’re begging for DM spam.  Manually vet every person you follow on Twitter.  This will really help keep down the DM spam.  And really, Twitter is not about how many followers you have, it’s about who you follow and interact with.

Security First

Be very careful about which services you connect your Twitter account to.  These services can post on your behalf, so be very sure you know what each service will and won’t do.  You can check (and remove, if you want) which services your Twitter account is connected to by clicking here: https://twitter.com/settings/applications.  Mafia Wars and Disqus are two examples of services you can connect your Twitter account to.

Use a secure password.  Never use a simple password like ‘purple22’ or, worse, just ‘purple’ or any other word that can be found in the dictionary for any of your internet accounts.  Mix it up with capital letters and, even better, symbols like ~!@#%& and so on. I highly recommend this PC World article on using secure passwords.

When you receive a DM spam message, use Twitter’s ‘Report Spam’ feature.

How effective are these steps?  I’ll let you be the judge: I’ve been using Twitter since January 2009.  I am currently followed by over 1700 people.  I follow about 60% of them back, plus a lot more that don’t follow me.  I receive maybe one DM spam message per month.

Do you have any other tips to add? Drop me a comment.