Computer Setup Tips

This page is meant to be a collection of basic software (mostly free) that is important when setting up a new computer. Also, this includes a set of random tips that I use when setting things up. Eventually, I would also like to add a guide for how to turn off a lot of the junk that one doesn't need.

Table of Contents

  1. Basic Software
  2. Things to Keep Updated
  3. Securing Windows XP Remote Desktop
  4. Start Menu
  5. User Accounts and Permissions

Basic Software

Here are the common pieces of software I install when I setup a new computer

Things to Keep Updated

Annoyingly, there are several things the need to be regularly updated that don't get updated along with windows:
  • Adobe Flash: This one is very annoying because the best way I found to check the version you have is to visit a page with flash (e.g. and then right-click on a flash video and select "About Flash...". This will take you to the adobe flash page where you can then compare your version with the version on the system. As a gotcha, the other day I noticed the updating flash using IE downloaded and installed the Flash Player Active X plugin, but left flash inf FF and Chrome un-updated. I would just always update from FF or Chrome.

    You can also check the flash version by going to this direct link: About Flash...

    Another word of caution, don't install the Adobe Download Manager plugin, this is just crapware. Deny it the ability to install and download from the alternate link presented on the download page.

    Also, note that flash will check for updates on reboot, but there may be a long time between reboots and it won't do that if you have removed it as a startup program.

  • Adobe Reader: Adobe reader can be set to check for updates automatically or not. I usually set it to check manually. Periodically, I will open Adaobe Reader and go to Help->Check for updates... to get the latest updates. Recently, Adobe Reader has been the target of more malware so it is important to keep updated. You can try an alternative PDF reader as well if you want "security through noone using that software".
  • Firefox: Update through Help->Check for Updates...
  • Google Chrome: Click on the wrench, then About Google Chrome.... Then look at the bottom of the About Box for information on whether Chrome is up to date or not.

Secure Windows XP Remote Desktop

In Windows XP and earlier there is a potential man-in-the-middle attack possible with remote desktop. The problem is that remote desktop has no way to verify that the server you are connecting to is actually the one you meant to connect to...a malicious server or access point could intercept all remote desktop connection requests and impersonate the server, getting your credentials and being able to access the remote machine.

In Windows Vista, Windows 7, and Windows Server 2007+ they provide authentication via TLS. This is good, but if you are still using Windows XP you're out of luck. Fortunately, I found a tutorial online for connecting using remote desktop over an SSH tunnel.

This technique works well for me because I have SSH access to our school linux servers. Now, I know I have a secure connection to that server and am only insecure over the last leg from that server to my desktop machine. Since that last leg is on department-owned hardware the chance of a man-in-the-middle is very small. This site has instructions for doing this. If you have a server with SSH access, then you can just do the steps in "PuTTY and Remote Desktop".

Start Menu

Everyone raves about the search box in Windows 7. Well I already had a system for accessing my commonly used applications in Windows XP.

As a trick I place a "Tools" menu on the start menu. I use this as a place for shortcuts to the common applications I use. (E.g. to access Chrome I can type Ctrl+Esc->T->C)

I also like to keep the Start Menu organized. I have common directories for types of applications: Web, Communications, Security, Productivity, Programming, Games, etc.

User Accounts/Machines

On some computers it is a good idea to have two accounts. One account that is the administrator account and the other that just has user privelages. Use the locked-down user account when you want to surf the net. Use the administrator account when you want to get things done.

For even more security (and if you can afford it), then I would suggesting having two (or more) computers. One is your secure computer, use it to access bank accounts and stuff and one that you use to visit potentially insecure sites. Consider your insecure computer to be always compromised. Assume anything you type on the keyboard is in the hands of hackers, any thumb drive or memory card you put in has a worm on it. Proxy all files between the machines through an e-mail account (e.g. a dummy gmail account) and even then transfer mostly text and images (which are generally safe files).

This is overkill, but I would claim it is very effective since it eliminates most of the technical means of spreading viruses.