System providers: I don't know either System 76 or ZaReason. However, I
am quite familiar with the computer recycling non-profit the latter
notes as their genesis. It is legit. I've worked with it myself through
my Linux Users Group. Good people. The get surplus hardware, refurb as
needed, and set it up with Ubuntu. From the other folks who came
through, ZaReason would be enough of a contender for my $$ that I'm
going to check them out for a laptop my son is needing (I converted an
old HP/Compaq Presario laptop and it mostly works, but the power
management stuff is problematic, as it often is on laptops with Linux).
Thanks for the link, as I wasn't aware of them.
If you want to check your security (both now and when you've upgraded
and taken the security suggestions already made) I suggest you go to
www.grc.com and see how "clean" your online presence is. GRC is the
website of Gibson Research, the guy who wrote SpinRite, one of the
original (and probably still best) disk eval and repair programs. Steve
Gibson hacked someone off a couple years ago and they hit him with a
distributed-denial-of-service attack from a bot network (which he
recounts on the pages). He got very into security and has a lot of good
comments, as well as a set of programs to test your firewalling and show
you whether you're "showing" on the Web. By and large, you're external
IP is going to show; has to for anything to get to you. But that also
means someone can try to "get" to you. You just want to try to make
things as difficult as possible.
In Linux and other Unices, you have the option, if your machine is
exposed and you need to have the hardware remain secure at all costs, of
running your OS is what's called a "chroot jail," which basically
isolates the running OS from the hardware, effectively virtualizing it.
This is recommended, for example, for servers in the "DMZ" of a
business. I haven't done it and wouldn't presume to try to give
instructions. They are available in several places with a Google query
on "chroot jail howto"
The advantage of this is that, should your "friend" manage to compromise
your firewalls and even get something into your system, he can't
"escalate privilege" to a "root" account, where he would have access to
anything (and to change anything) on the system. The "chroot jail"
doesn't allow any root usage. Ubuntu, actually, is also slightly safer
in that regard, as it does not, by default, have a root account with a
password that can be compromised. It's not there, so it can't be
compromised. Rather, it runs by whitelisting "allowed" users who can use
the "sudo" (superuser do) command. That command is logged, so any usage
by someone unexpected can be tracked as to time and files involved.
Hope that's helpful.
And yes, as pointed out, you can use an antivirus--I have ClamAV, which
updates "behind the scenes" with new definitions (via an updater called
"Freshclam"). You can run it from a cron job or from the gui with
ClamTK.
Burning music CDs is pretty easy. I tend to download files done with
lossless codecs (primarily .flac, which is a free lossless codec--the
result is like a slightly compressed .wav file). I use Gnomebaker, which
is readily available for Gnome, though the newer version of Ubuntu
(8.04) will be changing to one called Brasero, which I've also used. K3B
for the KDE desktop is even fancier. They're all pretty straightforward
and will do the conversion of my .flac files to CDDA on-the-fly in the
first pass, while they're generating a disk image, which they then burn
to the CD/DVD. I've used Nero and a couple of others on Windows and
these are every bit as good for my purposes, except they'll copy DVDs
correctly, which I never managed under Windows (could have been the
drive on my new Dell laptop and not Windows, but who knows?).