Updated: Dec 28, 2011

## 1. Foreword: why you need to read this.

The target audience for this primer is the vast majority of computer users; namely, people who are mystified by computers, email, Windows, and the web, and who are concerned about computer viruses and malware and hackers. You are welcome to download it, edit it, and give it to your friends and family who are using (or wish to use) a high-speed connection to the internet.

This primer is that manual. It is intended to do four things:

1. Give you a broad overview of what the web and email are about.
2. Give you a model so that you can understand the different ways that web and email services are provided.
3. Give you some terminology so that you won't be confused by "experts" who only know how to configure Microsoft Windows.
4. Give a simple, safe, reliable, and minimal approach to obtaining web and email internet services.

Note item (3) above. If you hire someone to set up your computer, chances are they are going to do things that will cause you repeated trouble. To give you a preview of what follows, here is what they are likely to do:

• Plug your computer directly into the dsl or cable modem. This is very bad: you need a hardware firewall to be safe from automated programs that are continually trying to break into "always-connected" computers.
• Install software from your broadband provider that lets your computer talk directly to the modem. This is likely to prevent your computer from working with a hardware firewall, and you will need to uninstall it in order to use a router.
• Install a software firewall Again very bad. This will interfere with your connection to the internet, including your browser and any email clients you are using. Result: it will be very hard to get these programs to work.
• Have you use the Microsoft Internet Explorer browser with ActiveX scripting mostly enabled Again very bad. ActiveX allows web pages to download and run malicious programs on your computer. In addition, Microsoft has done little to improve Internet Explorer in the past 5 years, and it is now inferior to new, relatively safe ones like Firefox.
• Have you use Microsoft's Outlook Express email client. This will not be much fun. It is relatively difficult to use and generates large files associated with every email you send.

Why would an "expert" who has worked on Microsoft software upgrades make so many mistakes? Because they are following a prescription set up about 10 years ago, before broadband was widely used (except in large corporate intranets supported by hardware professionals), before hardware router/firewalls were cheap and easy to install, before high quality free browsers and email clients were available. They are living in the last century, in a world where the only things they think you need, besides an anti-virus utility, are the programs that come bundled with XP or Vista.

## 5. How do I set up my computer(s) for broadband?

1. Router. The little box sets up a private little internet for your computer. It automatically assigns addresses and handles the forwarding of data from your computer to the real internet, and v.v. It also allows any computers on your little internet, called a Local Area Network (LAN), to talk to each other.
2. Firewall. Because you are going to have an always-on connection, you must guard against hackers running programs to try to break into your computer. The little box will prevent this. To the outside world, absolutely nothing is visible behind this box.
3. Switch. It typically has 4 internet plugs, called "ports," to allow you to plug in up to 4 computers or network devices. The switch is what physically allows the data to go into any port and out of any other port.

This little box can be purchased for between $20 and$50, and we can call it, as you might imagine, a router/firewall/4-port switch. There are several good brands. Be sure you get one that has wireless ethernet connectivity to your computers (as well as wired connectivity from the 4 ports). From here on I'm going to call the little box a "router," but keep in mind that it has several important functions, of which being a router is just one.

When you get Cable or DSL internet, you will need a high-speed modem. If they are going to charge you a monthly rental, it's usually cheaper to buy it. The input to this modem is your telephone line or your cable, and the output from the modem is an internet cable, which you can attach directly to your computer. But don't do that! There are many reasons not to connect your computer directly to the modem, and you already know one: you need a firewall. So you are going to get a router (which might be supplied free by your ISP), and the output of the modem goes into the router. This router will then talk to your computers (and printers), either through a wired connection or, most commonly now, wirelessly. (FYI, the wired connections are made by a special internet cable has connector jacks that look like wide telephone jacks. They have 8 wires, of which only 4 are typically used.)

Here's another reason to use the router. When you get a DSL modem, you will be given some software to install on your PC. SBC calls it "Enternet-100". This software is required to let your computer talk directly to the outside internet, but only if you don't have a router. With the router, all those functions are automatically taken care of, and you must not install any software from your broadband ISP. Repeat: Do not install any software from your broadband internet service provider! This is good: life gets simpler.

If this is the first time you are turning on a computer, you will be asked a few questions by a "setup wizard", such as the name of the computer and the type of internet connection. For the latter, keep in mind that:

• You are connecting to the internet by a fast connection, not with a dial-up connection.
• Your local internet address (remember, those four-number-separated-by-dot things?) will be assigned automatically. You never need to know it.

The router itself will need to be configured to work with your ISP. They will do this for you when they install your internet service. The router will almost always be configured to assign a local IP address to each of your computers (or network devices) as they are turned on. This dynamic configuration is called "DHCP".

Another important advantage of using a router with firewall is that you don't need to put special firewall software on your computer. This is not just a matter of convenience. In fact, it is important to avoid using all firewall software on your computer. This software, which you can get from various sources, the most notorious being ZoneAlarm, interacts badly with your most important internet programs; namely, your browser, your email and your anti-virus software. Norton and McAfee will try to sell you firewall software for your computer. Avoid it. Not using any firewall software will make your computer much easier to use.

## 6. How do I avoid getting viruses and spyware?

If you have an Apple, you probably don't need to worry about viruses, because there are (relatively) few Apple computers and, more importantly, the Apple operating system is much more secure than Windows. This is particularly true for Apple's newer Unix operating system, OSX. Linux and other variants of Unix are, so far, safe from all the common viruses.

Likewise, spyware mostly affects Windows computers. It has no effect on Unix. With Windows, the likelihood of infection is higher for two reasons: (1) the Microsoft Internet Explorer has a utility called ActiveX (a way of downloading and running programs, with insufficient security), and (2) the actual malware is tailored to run on Windows. So the rest of this section is for people using Windows on PCs. If you're running Apple OSX or Linux, you can skip the rest of this secdtion, unless you want to find out how much "fun" you are missing by using a relatively secure computer.

If you have a PC running Windows, there are several things that you should do to keep your computer "healthy." The most important is to install Norton Anti-Virus, which costs about $30. Once installed, Norton will automatically update itself periodically when you are connected to the internet. It will do this for one year after you purchase it, and you should renew the "subscription" each year. Norton will catch and isolate nearly every virus that comes to you as a mail attachment. But just get anti-virus from Norton. By no means should you get McAfee's anti-virus software. McAfee is much more difficult to use than Norton, and it has been known to behave badly with other internet applications. If for some reason you insist on using IE, be sure to turn off Microsoft's ActiveX software on the Internet Explorer (IE) browser, including all ActiveX "scripting" options. You'll find the ability to do this under the "Control Panel" and "Security". ActiveX allows someone to run programs on your computer, and these programs can be attached to email or downloaded from web sites by your browser. It is very dangerous. If you turn it off, a very small number of web sites will not work properly, but this is a small price to pay for the safety you get in exchange. You should get in the habit of not opening email attachments about which you have any suspicions. Norton will catch most viruses, but it is best to stay alert. Viruses have become very sophisticated, and once they get in someone's computer, they will propagate by sending mail to everyone in that person's email contact list. Here's a simple calculation. I would guess that spyware has afflicted at least 30% of all PCs. In the US alone, that amounts to perhaps 100 million. If each infection causes$300 loss in productivity and cost to remove it, we're looking at a loss of $30 billion. The problem is enormous, and it is way past time for the federal government to prohit the dissemination of spyware. You should remember that nothing you do will keep you absolutely safe. Windows is so insecure, and there are so many people taking advantage of this, that new threats occur on a regular basis. Here's an example of a recent, serious problem. On December 29, 2005 it was reported that a security hole could result in arbitrary damage from a "wmf" type image that you receive by email or download from the web. A windows program automatically opens these images, which can contain programs that start running and literally take over your computer. Anti-virus software does not detect these trojan horses. It took Microsoft a week to put out a patch, which was a very short time by Microsoft standards, indicating the severity of the problem. The moral of this: keep your eyes open for reports of problems, don't open email attachments from sources you do not recognize, and let your computer download and install patches from Norton (anti-virus) and Microsoft, whenever they arrive. This is worth the risk, even though when Microsoft's Service Pack 2 was initially released, it was buggy and caused computers connected by local area networks to stop talking to each other. And finally, we come to perhaps the biggest danger on the internet: a set of human-engineered traps that no software can save you from. These traps are emails (and associated web pages) that encourage you to give up passwords and other personal information such as credit card numbers. It's called {\it phishing\/}. The crooks are ingenious. For example, they might send you an official looking email saying that someone has attempted to break into your account and it is necessary to change your password. You are to go to a web site (by clicking on a link that looks perfectly good on the email) and supply your credit card number, your old (current) password, and a new password. Don't do it! No reputable establishment will ever send you such an email. ## 7. What web browser should I use? OK. We've established that there are three programs you must have if you are to use the internet. The first is a web browser, the second is an email client (although you can also use the web browser to get email), and the third is Norton Anti-Virus. In this section we discuss the browser, and in the next, your email client program. As mentioned above, because of the security problems associated with the Microsoft IE browser, I recommend that the very first thing you do with IE is download Google Chrome, and then never use IE again. After the Chrome browser is downloaded, delete the IE shortcut icon so that you don't accidentally start it up. Check out the various functions available by clicking on the little wrench icon in the upper right corner. Security updates in the browser will be automatically downloaded to your computer, so you don't need to worry about keeping the version of Chrome up-to-date. ## 8. What email program should I use? There is one excellent option, one mediocre option, and a very bad option for email (Microsoft Outlook). The excellent option is the free email service, GMail, that uses your web browser. The mediocre option is the email program Thunderbird, which runs as a program on your computer. We consider Thunderbird first, then gmail. Thunderbird is a no-frills, lightweight open-source email program that comes from the same people (the Mozilla organization) that bring you the Firefox browser. Click here to get information and/or download Thunderbird. It comes with excellent anti-spam software and is easy to install. It has a utility to convert all your email addresses (the "address book") from your previous email client to Thunderbird. By far, the best option for email is to use your browser with GMail, a web email server from Google, rather than a local email client like Thunderbird on your computer. Google's GMail service gives you up to 7600 Megabytes of storage (as of 2/09) at no cost. Your email is stored on Google servers and accessible from any computer that has a connection to the internet. Every word is indexed, so that you can input some words (as you do with a search engine) and instantly get a list of every email that has those words. This is a very convenient way to find some particular email. GMail now has the ability to download your mail locally, so that you can read it offline (i.e., when you're not connected to the internet)! It also has many advantages over a client that runs on a specific machine and downloads the mail off the server (i.e., removing it from the server): • You don't need to worry about configuring an email program • Your mail can be retrieved using any computer, not just the one that you have put your email client on • You don't need to worry about losing your mail if your computer crashes, because Google replicates the data and guarantees that it is always available. • The user interface to GMail is very nice. It is easy to use and keeps track of the threads of "conversations" you have, automatically linking back-and-forth replies together. • The GMail spam filter is acknowledged as the best available. As a result, you get less spam, and the few emails you want to receive that are initially logged as "spam" can be retrieved, and, in the process, it teaches GMail that similar emails are not to be considered as spam. • If you get a GMail account, forwarding from your previous email account (i.e., from your ISP) is easy and silent. You don't even need to tell anyone that you have a new email address, unless you change ISPs. • And if people use your GMail address, when you do change ISPs nobody even needs to know, because you simply have your new ISP forward your email to GMail. Once you set up your gmail account, start playing with the email. The most important test is to send email to yourself and make sure that you receive it. You can also send yourself email with various attachments, such as jpeg images, html files, PDF files and plaintext files. What are these? • Jpeg images. Most of the photos people take are stored as jpeg files. Download one using your browser from some web page. When you click on an image with the right mouse button, a menu will pop up. Choose the "save image as ..." item, which allows you to make a copy of the image on your machine. • Html. As mentioned earlier, nearly all web pages are formatted using html (which stands for "hypertext markup language", the "hyper" part referring to the web of links between web pages all over the web -- yes it gets a bit redundant). You can download such a page in a similar way, by right-clicking on the page and choosing the "save page as..." item. • PDF. PDF is Adobe's standard page description format. The acroread program, which allows you to view such formatted documents, should come with your computer. If it doesn't, or if you have a version of acroread before 7.0, go to Adobe's acroread page and download the PDF reader, version 7.0. As with jpeg and html, find a PDF file and copy it to your computer. • Plaintext. Plain old unformatted text is becoming a rare beast these days, but you can email text files as long as you make sure that the file name has the extension ".txt" Attach each of these to a mail message, send it to yourself, and observe the way it appears when you receive it. Before Google introduced GMail, you could get only about 4 Megabytes of storage on a free web mail service. GMail offers nearly 2000 times as much free storage. How is this possible? When the GMail server sends mail to your browser, Google will also put small advertisements related to your mail on the page. These ads are low-impact, like the ads Google puts on its search pages. You may not have even noticed them, sitting on the right hand side of the page. When you click on an ad, Google gets money from the advertiser, and that helps pay for your GMail service. After Google introduced GMail in April, 2004, with 1 Gigabyte of free storage, other companies suddenly decided to offer 100 Megabytes or more on web-based email clients. So free web-based email has suddenly become much more practical as an email option. At this time, GMail has perhaps 300 million users worldwide. Suppose you already have email through an ISP. How much trouble is it to switch to using GMail? It turns out to be very simple. You get a GMail account, and then from GMail you tell your ISP to forward all email to your new GMail account. You also need to go to your ISP account (on the web) and turn off all spam filtering, so that the spam is also forwarded -- GMail can handle it better. Note that in this process, you do not need to send an email to all your contacts explaining that your email address has changed. You can do this if you want, but because your ISP will now silently forward all email to your GMail account, you receive everything. And you can set up GMail to give either your old ISP address as the "sender" or your new GMail address. To set up forwarding, in GMail you go to "Settings", then "Account", and then set up forwarding from another account (your old ISP account). You'll need the password to that account, your old email address, and the POP server name and port number. For example, suppose your ISP is sbcglobal. You could set it up this way:  Email address: janedoe@sbcglobal.net Username: janedoe@sbcglobal.net POP Server: pop.att.yahoo.com Port: 995 Label incoming messages: janedoe@sbcglobal.net (incoming to gmail) Also: Check the box: "Always use secure connection (SSL)" And you probably want to say: Always reply from default address (jane.doe@gmail.com)  That's all there is to it. And, finally, we have saved the worst email client option for last. The winner for the worst email option is: Microsoft's Outlook Express, that comes with Windows. This is difficult to use, clunky and heavy-weight, and produces large files in a format that is not easily exported should you decide you want to use a better email client. So the advice here is not even to start with Outlook. Think of it as overweight application Windows bloatware, that you would do best to avoid. ## 9. How can you really maximize safety? Here's a real-life case. A friend of mine is an author, and she uses her computer ("Computer 1") for her writing. She wants maximum safety: reliable backup in case of hardware failure, no spyware to compromise Windows, no break-in from the internet. The works. She also needs to use email and e-commerce, and is willing to get a second computer ("Computer 2") to perform that function. A consultant suggested that she completely isolate Computer 1, and burn CDs for backup and to transfer manuscripts to Computer 2. However, burning CDs is tricky and may be near the limit of my friend's ability to do it reliably. Fortunately, there a simpler and more reliable way to meet her needs. Connect both computers to the internet through a router (with firewall and 4-port switch), with the firewall settings as they come from the manufacturer: all incoming ports closed. (You can only receive packets from outside the firewall from a server to which you have first established a connection, such as a web server at Google or Amazon.) We have covered this earlier -- no hacker can break through such a firewall. To meet the other two requirements, my friend gets a GMail account and sets her home page on Computer 1 to http://www.gmail.com. When going through the firewall to the internet, Computer 1 only goes to this page. Using Firefox, of course. Then she uses her GMail account for exactly two functions: backup and communication with Computer 2. For backup, she attaches a chapter (or some other unit) to an email, and sends it to herself. The result is that the attachment is stored on Google's GMail server. This is a completely reliable method for backup, By contrast, if you burn a CD, it can get lost, destroyed, stolen, or be defective. Once the email has been sent, Computer 2 can retrieve it, and then send it through her ISP email account (e.g., sbcglobal) account to the outside world. The beauty of this method is that the GMail account is completely private. The only traffic to and from this account is hers. She can also use a second GMail account, as the connection from Computer 2 to the outside world. This second GMail account is "public," in that it is used to send and receive email to the outside world. Then, when she backs up a chapter, she does it by attaching the chapter to a GMail send message on Computer 1, and sends it to both of her GMail account addresses (the secret one, and the public one). Computer 2 then uses the public GMail account to forward the data to the outside world. Computer 1 is completely isolated from the internet, except for the secret GMail account. Why have these two accounts? If she used GMail to send directly from Computer 1 to the outside, people outside would find out about the secret GMail account (so it would no longer be "secret"), and they would send email back to it. Eventually viruses and other boolean pathogens may find their way to her secret GMail account. So the safest procedure is to completely quarantine the GMail account. With a secure (un-guessable) password, it would then have a level of security close to what can be achieved with physical isolation. Used in this way, Computer 1 will not even require anti-virus protection. Computer 2, which is really out there on the internet, should have Norton anti-virus. If she uses an ISP email account, it will certainly receive spam, perhaps in part because her ISP email address was sold to bad guys, or a computer somewhere that has her email address in an address book was turned into a spam-mailing zombie, or some other nasty scenario. But even if Computer 2 is disabled by spyware, Computer 1 remains completely safe, along with all the backups on the GMail server. ## 10. What about wireless in the home? Today, wireless networking in the home has become ubiquitous. All computers you get today are wireless. Many devices, such as printers, tablets and smart phones, have wireless internet connectivity. You can stream internet wirelessly to your HDTV using a$50 device. So it is important that your router is able to broadcast wirelessly. If your ISP brings you internet through cable or dish, they are likely to give you a wireless router by default. If not, ask for it. If your ISP is your phone company, your internet will come through DSL, and they may not provide a router. Wireless routers are not appreciably more expensive than routers that don't have it. All wireless routers also have wired connections, which can also be used.

Wireless has a limited range, so if your router is not "visible" everywhere in your house, you can get a wireless "repeater" or "range extender". You run an internet cable from your router to this repeater, and it talks to all devices within its range.

## 11. How about a concise summary?

Your goal is to have a problem-free setup using the best application software for the most important applications, and at the lowest cost. We've outlined how you can do this for the most generally useful and important applications (the web and email). Once you have a satisfactory computer, there are only three steps:

1. Get a high-speed (broadband) internet service, either DSL or Cable or Dish, which is "always on."
2. Get an inexpensive little wireless router (with firewall and 4-port switch), that will keep out hackers, save you from the misery of using software firewalls, handle all facets of your internet connection to your ISP so that you don't have to install any special software on your computers, and provide interconnectivity between computers and printers in your home or business.

And if you have a dialup ISP, removing it will save you half the cost of your broadband connection.

## 12. Glossary: what are all those TLAs and FLAs?

Glossary of TLAs and FLAs
• TLA. Three (or Two) Letter Acronym.
• FLA. Four (or Five) Letter Acronym.
• XP. Microsoft's old OS (operating system), Windows XP. It is nearly 10 years old now; don't use it.
• Vista. Microsoft's penultimate OS, released in 2007. A complete flop -- bloated and slow. People refused to use it, sticking with XP.
• Windows 7. Microsoft's newest OS. By far the best, relatively stable and easy to use. Still bloated, requiring 3 GB of RAM, and a bit slow, but much better than XP and Vista.
• ARPA. Advanced Projects Research Agency, a forward-looking organization funded by the Dept. of Defense, that was instrumental in laying the technical foundation for the internet. It was later renamed DARPA, to emphasize the military origin of the funding.
• IP. Internet Protocol. A low level description of how to route packets of data between machines on the internet. The IP address is a unique number for any machine that is connected to the internet.
• DNS. Domain Name Service. This is a program that is run by many machines on the intenet; it looks up IP addresses from domain names.
• FTP. File Transfer Protocol, by which two programs running on different machines allow you to move files from either one to the other.
• WWW. World Wide Web. The "web" of interlinked computers and data, that we use to "navigate", find information, and upload information for electronic commerce. The Web is one of the two killer apps enabled by the internet (the other being email).
• URL. Universal Resource Locator. A name given to some data on the web (a web page, a photograph, a music or video file, etc), that enables your web browser ("client") to tell the server that handles this data that you want it downloaded to you. The name should be unique. For example, this web page has the URL: http://www.leptonica.com/broadband.html. You can omit the "http://www." part, which is assumed by default.
• ISP. Internet Service Provider. The company that gives you access to the internet, and also provides you with email accounts. This used to be AOL, in the bad old days of dialup modems. Today, your ISP might be your telephone compnay (e.g., sbcglobal.net, providing DSL), your cable company (e.g., bresnan.com), a company that uses wireless microwave transmission (e.g., compunet.com), or if you have not yet upgraded to the 21st century, AOL or earthlink.
• DSL. Digital Subscriber Loop. Gives you digital data at about 1 Mbit/sec download and between 128 and 384 Kbit/sec upload), over your telephone line. Nobody every remembers what the initials "DSL" stand for.
• POP. Post Office Protocol. A protocol for handling your incoming email. The email is downloaded to your machine, and removed from the server, just like a letter that is delivered by the post office.
• IMAP. Internet Message Access Protocol. Another protocol for handling your incoming email. The email is downloaded to your email program, but a copy is saved on the server. Likewise, when you send email, a copy of your message is kept on the server. You can also store local copies, which can be useful for reading and composing messages when your are not on-line (i.e., not connected to your email servers).
• SMTP. Simple Mail Transfer Protocol. A protocol for handling your outgoing mail. This typically uses a different server than the one handling your incoming mail. Your ISP provides your email accounts and the servers that handle email. If you use an email program on your computer, such as Eudora, you need to know the names of both your POP and SMTP mail servers, so that Eudora knows where to look to receive email, and where to send email. Once your outgoing mail has been sent to the SMTP server, that server then sends it out onto the internet, where it is routed in several machine-to-machine hops to the recipient that you specified.
• LAN. Local Area Network. Your router will set up a LAN, assign addresses to all computers and other network devices that are attached to it, and transfer packets between the internet and the LAN. It will route data from the internet to the correct computer on the LAN, and it typically does this in an automatic fashion, using DHCP, so that you aren't aware of what local address is assigned.
• DHCP. Dynamic Host Configuration Protocol. One method that your router uses to assign local email addresses to your computer ("host").
• IE. Internet Explorer. Microsoft's bloated and relatively dangerous (security-wise) internet browser. It comes with your XP operating system, but you can download and use safer browsers, such as Firefox.
• JPEG. Joint Photographic Experts Group. You don't need to know that! It's a standard file format for compressing (usually color) images. Typical compression is about 15-20x over the size of the uncompressed image, which has 24 bits for each pixel (8 bits each of red, green, blue). Thus, the jpeg compressed image only stores about 1.5 bits of data for each color pixel. There is a new standard, called JPEG2000, which can use compression methods than standard jpeg (namely, wavelets instead of cosine transforms), but it is not yet in widespread use. It will give you the same picture quality with less than 1 bit of data for each set of red/green/blue pixels.

## 13. Appendix: why do you need enough random access memory?

You can see how much memory you have by clicking on "System" in the Control Panel. In 2000, a computer with 128 MB of memory could squeak along running Windows 98. When XP came out, you needed at least 512 MB, and preferably 2 GB. If you don't have enough memory, it will take forever to boot up, and you'll hear the disk drive wildly seeking data to read. What is going on?