It is currently Fri Nov 15, 2019 3:02 am

Software Recommendations

If you have something technology-related to share and don't feel like cluttering up General Chat, post it here. Anything is fair game and anything highly technical is preferred.

Software Recommendations

Postby Zancarius » Thu Sep 10, 2015 11:16 pm

I'm going to post a link of some things that I like to use (when I use Windows), because I think it improves the overall experience. Everyone has their own opinions, of course, and not everyone will agree with mine. That's fine, and it's important to remember that many of my biases come from the environments I prefer. I won't be including tools like registry cleaners or the likes (I think those are mostly gimmicks), and I won't be covering more commonly known packages (like Firefox). Instead, I'll be sharing most of the things I install immediately on a fresh copy of Windows fall, and they fall into the category of utilities or helper tools.

Many of these are probably familiar to you. The goal isn't to beat a dead horse even deader--nay, the goal is to share software that some of you may never have heard of, have forgotten about, or simply never got around to using. I really do recommend most of the stuff here. I say most because not all of you are interested in software development in the slightest and probably have no need for some of these tools. (Though, being tangentially aware of them could improve your career if you recommend them to the right person.)

So here goes!

User Interface Enhancements

Classic Shell - Shell Extension (and start menu replacement)

First and foremost, there's Classic Shell. Classic Shell allows you to replace the Windows 8+ start screen (and Windows 10's weird start menu) with a more familiar incantation. If you're using Windows 10, be sure to get version 4.2.4 (or greater) as it fixes some Windows 10-specific issues.

Honestly, I find the Windows 8 start screen repulsive, and the Windows 10 start menu not much better. I'm a creature of habit, you see, and I like the old ways of doing things. I like to organize my start menu myself, thankyouverymuch, and so Classic Shell works best for me. Maybe you like the Windows 10 start menu improvements, but I'll be honest: I don't.

Use this with the large icons or small icons start button sets for that classic feelin'.

License: Freeware.

DisplayFusion - UI Enhancements, multi-monitor

Although Windows 10 now (finally!) provides multi-monitor task bars, they lack more advanced configuration options like the ability to remove the start menu from non-primary monitors. I prefer to use DisplayFusion. It has some quirks, but it's actively updated, and it supports a massive variety of things you can't really get anywhere else (you can even change the login wallpaper in Windows 7, though that's not much of a concern these days). It also fixes some of the less savory DWM behaviors that get under my skin.

License: Commercial, but the license generally travels with the user (not computer); the Steam version might not be the pro-personal license. There's a free version, but it's not very feature complete (and the pro edition is only $35).

Document and Office Tools

Foxit Reader - PDF Reader

I try to avoid Adobe products. They have a horrible security track record. Under Windows, I usually use Foxit Reader instead. As an added bonus, it also supports tabbed reading--and you know how I am about tabs. While its own security record isn't exactly pristine, it's arguably better than Adobe Reader. That's the price you pay when the format (PDF in this case) affords some pretty stupid behaviors, like the ability to embed executable application code.

License: Free to use; some versions require payment.

LibreOffice - Office Suite

LibreOffice is my go to choice for office software, and I've used OpenOffice.org in the past from which it was forked. This is useful if you're like me and you don't have to worry about document interchange with MS Office users much and just need something to draft a quick spreadsheet or document. If you do have to worry about MS Office compatibility, you may just have to fork over the dough to buy Office. Otherwise, this is the best alternative (and it doesn't have the ribbon toolbar).

License: Open Source (GPL I think).

Security Utilities

KeePass - Password Management

I use KeePass (version 2.x specifically) for storing my passwords. If you've never used a password manager before, you should. Why? Because 1) you'll never have to remember more than a couple of passwords, and 2) it is demonstrably more secure than relying on creating passwords you can remember. Yes, really. Computers are much better at remembering things than we are--i.e., use the tool as it was designed, don't fight with it.

Now, that said, there are tons of alternatives, including several managed ones that are either free or paid for. KeePass isn't even the most secure of them, and there have been unsubstantiated claims I've seen before regarding the weakness of its storage algorithm that may lend it well to being cracked. My answer to this is thus: If an adversary gains physical access to your machine, the security precautions you've taken really don't matter. I use KeePass because it can import password data from other sources (like PasswordSafe), and because there's a C/C++ fork I use in Linux, fittingly called KeePassX.

I can't recommend using a password manager enough. One of the biggest problems I regularly see often festers with two symptoms depending on the host: First, users regularly pick weak passwords (because they can remember them) which are easily broken, and second, there are still software developers (and software packages) that use weak ciphers for storing user passwords. This means that if your password is weak, it'll be even easier for potential hackers to discover what your password is (in plain text) using off-the-shelf hardware, some rainbow tables, or even a simple application that offloads hash discovery to a small cluster of GPUs. If you're not using at least 16-character passwords, your passwords are probably too weak to protect your assets, particularly if the sites you're visiting use MD5 or SHA1 for their hashing algorithms*. Granted, this isn't without its drawbacks: Many backwards sites (banking and ecommerce sites in particular; ironically, the ones that should have the greatest security) have extremely draconian rules and often have a surprisingly low threshold on the total number of characters that may comprise any given password.

If you're using a password manager, I recommend memorizing at least two passwords, and making them strong: The password for your safe (write it down), and the password for your primary email address. The reasoning for this is simple. First, you don't want to lose access to your safe (obvious, right?), and second, you don't want to lose access to your primary email address, because if something happens to your password safe, you must have a way to recover your lost passwords.

Everyone remembers things differently, and one of my favorite techniques for coming up with a high entropy, high strength password is to make up a lengthy, nonsense phrase that's easy to remember. Many of my passwords in this category are around 40-80 characters in length as a result, but because they're actually pass-phrases, they're much more memorable.

I should note that anything beyond about 72 or 76 characters is probably a waste. Hashing algorithms like bcrypt discard anything beyond that, and there's a certain point where you do hit diminishing returns. The idea though is that if the total corpus of characters you're selecting from is limited (alpha only, possibly with some punctuation), the only way to increase entropy is to increase length. But the idea is to come up with something lengthy that you can type in a few seconds and rolls off the tongue easily--leastwise, easier than, say, "4JzN8shAj0-&*". Leave that nonsense to the password manager!

* Common message board software like vBulletin up to and including vBulletin 4.x use MD5 to hash passwords. Not only is this a stupid practice, but it means that someone armed with a couple of GPUs could probably crack the lion's share of passwords on a modest sized (~2000+ person) forum in a month or less. Longer passwords make such efforts difficult (but not impossible), which is why having a lengthy, disposable password is probably the current "best practice."

License: Open source.

GPG4Win - GPG, well, for Windows

This one probably doesn't have many use cases unless you're a developer or have a reason to use (or verify) GPG signatures in email or similar (or anywhere else, really). GPG4Win provides a (clunky) interface to GNUPG for key management, signing, etc. I only ever use it with the Enigmail Thunderbird extension in Windows. The UI is simply way too clunky for anything else, and whatever signing/key management I need to do I tend to do in Linux. That said, if you're bound to Windows and need to do any of the above, this is probably your only option.

License: Open source.

PuTTY - SSH tools

No security section would be complete without PuTTY, the defacto standard open source SSH client for Windows. Don't just download PuTTY, though: Grab the whole package (installers are located at the end of the list). With key management like Pageant and its own key generator (PuTTYgen), you can do just about everything you want to with SSH--under Windows.

Be aware that PuTTY does not presently handle ecdsa or ed25519 key types, but they're in the works. Given the resent issues with DSA keys, if you're using PuTTY, RSA is probably your only bet (2048-bit keys or higher--but probably no higher than 4096 bits).

License: Open source.

Wireshark - Packet sniffing

I don't know if this really belongs under "security" per se, because it's mostly a tool you're only going to use when things aren't working over the network, and you have no easy way to find out why. Wireshark is kinda like a GUI stapled on top of tcpdump, and it lets you monitor your network traffic in real time, save or view packet dumps, and follow TCP streams to get to the root cause of a problem. I use it on occasion, and let me tell you, it's an invaluable tool when the browser developer tools just aren't working or there's something really strange going on under the hood.

Wireshark has improved enough in this day and age that it's now often used in conjunction with tcpdump, whereas before, most self-respecting sysadmins would never consider peeling themselves away from the terminal to look at something so trivial. It's just so much easier to inspect packets visually with a mouse (which is probably why command line spreadsheet editors aren't commonly seen outside the 1980s).

License: Open source.

System Utilities

CoreTemp64 - CPU temperature monitor

CoreTemp64 is a handy little gadget for monitoring your CPU temperatures. It does require some tweaking, though, and the tray feature no longer works consistently under Windows 10. Don't click on their download link; instead, use this one to download the utility, because the setup tool tries to install toolbars and some adware. The standalone .exe works just fine.

License: Freeware.

CPU-Z - CPU information utility

CPU-Z is pretty famous among the benchmarking crowd, if only for its ability to provide some proof of the platform under testing. That said, it's not highly useful for much more than examining the exact hardware in your system (specifically your motherboard, CPU, and memory). Then again, sometimes a year or two passes by and you can't remember (or simply don't know) what's in a given computer, and this little utility is a fantastic tool for shedding light on an otherwise mysterious black box--especially if you don't want to open it up.

License: Freeware.

GPU-Z - GPU information utility, temperature monitor, and more

GPU-Z is a semi-sort-of-maybe-clone of CPU-Z and allows you to monitor your GPU's temperature, collect information about the processor, memory, clock frequency and more. I highly recommend it for gamers, particularly if you've built a new system so you can monitor your graphics card temperatures, load averages, and fan speeds.

License: Freeware.

Rufus - USB image writer

Rufus is a pretty handy tool on those rare occasions when you find you need to write a bootable image to a USB stick. In fact, I just used it the other day to install a Windows 10 image on a machine that would not boot the EFI boot loader Microsoft's MediaCreatorToolkit produces. Usage is pretty simple: Download an ISO, open it in Rufus, write it to the USB stick, and you now have a bootable USB image!

Yes, there are other tools like UNetbootin, but I find some of them (like UNetbootin) to be unnecessarily complex. Rufus is about as simple as you can get.

License: Open source (GPLv3).

ImageUSB - USB image reader/writer

Along these lines, Rufus is good but it doesn't do everything. Sometimes you need to save the image on a USB stick, rather than write it, and in this case ImageUSB comes in pretty handy. Plug in your USB stick, pick the drive letter, and pick a path where you want to save the image (or write from), and you're good to go. It's essentially the same thing as dd if=/dev/<path_to_usb_stick> of=usbstick.img but with a GUI.

License: Freeware.

7-zip - Archive utility

WinZip, WinRAR, PKZIP. Holy cow, there's a ton of these out there, and most of them are overpriced shareware. Enter 7-zip, an open source tool (with its own LZMA-based format, .7z) that can read almost every major archive type out there from RARs to ZIPs to tarballs. Even newer formats like bzip2 and xz are supported, and it can open Windows CAB files. (Try opening an .exe installer/setup file in 7-zip one day, you might be surprised.)

License: Open source.

Miscellaneous Rubbish

f.lux - Uh... monitor-color-temperature-adjustment-program-that-might-help-sleepy-time?

I'll admit it. I don't even know if this works. It seems to, and maybe that's the placebo effect talking, but the science seems sound enough. f.lux shifts your monitor's color temperature down, making it "warmer" under the theory that predominantly blue ("cold") light negatively affects our circadian rhythms. There still isn't an awful lot of scientific consensus on the matter, but I have found that I can use the computer later in the night without it affecting my ability to get to sleep any more than normal. Does it work? Who knows. It seems like it.

Now, be aware that when you install f.lux, it may take a day or two to get used to the adjustment, because your monitor is going to look really yellow after the evening hours. Once the adjustment period is over, I've found that it feels more comfortable and much more natural than before, and stopping f.lux temporarily (changing the monitor back) almost hurts!

"Redshift" is a Linux clone, command line only, but works just as well.

License: Free to use.

Windows Sysinternals - The tools that should have come with Windows

Windows Sysinternals is a large repository of tools that have never quite been included in Windows. They're not especially useful to the average user, but if you're a power user or developer, you may occasionally have need for one (or more) of them. Out of the box, Windows lacks easy access for divining the nature of some of its system state (unless you know PowerShell), and Sysinternals includes utilities like Process Explorer (think task manager on steroids--it'll also show you what processes have which files open, which is handy if you're trying to unmount a USB drive) and TCPView for viewing active sockets and socket connections on your system in near real time.

There's a plethora of other utilities in the distribution, and I won't even bother trying to enumerate all of them here.

License: Free to use. Not free to repackage and distribute. (If you find a copy that's not on Microsoft's site, it's distributed against the licensing terms, and likely contains malware.)

WinSCP - Windows SCP client

Let's face it, the Windows command prompt is kind of anemic: It sucks. And personally, I find PowerShell to be overly verbose. Maybe I should learn it one of these days, but seeing 100+ CamelCaseCharacters on a command line feels like it's against my religion. Only heathens (or Java developers) participate in that sort of nonsense ritual to the point where they have to stuff it into the command line.

So, let's just ignore PuTTY's SCP client for a moment and assume we want something that works via a nice GUI. Well, WinSCP is probably the best bet. Yeah, I know, there's FileZilla, but as far as I can remember, it's FTP-only. You really shouldn't be using FTP anymore unless the server supports TLS or similar. If you do, you probably ought to forget about the SSH clients altogether and just stick with telnet. Sending sensitive data over plain text is so last century.

License: Open source.

Developer Tools

You knew this section was coming.

Sublime Text - Text editor

This is the text editor to end all text editors. I don't really care what anyone says--Sublime Text is a superior product. Period. Full stop. It's fast, it's easy to use, it's spartan. Configuration isn't done through layers and layers and layers of menu items buried deep under tons of drop down, drill downs, pants downs--you get the idea (hello, Eclipse!): It's done simply through JSON files. Granted, that might seem overly spartan for most people, but once you're used to Sublime's idiosyncrasies, you find that it's exceedingly easy to configure the editor exactly as you want it.

Also, Sublime lets you create multiple cursors. That's right, multiple cursors. You can edit multiple parts of the same file at the same time. It's great if you have a list of works, separated by commas, and want to put them each on their own lines or simply want to replace one word or string with another--and do so quickly without digging for the find/replace menu. I often use it to cut large, repetitive sections with a single keystroke.

Just be sure to research the keybindings. There are a few of them, and if you don't know them, you'll never get much use out of it. Also, Sublime can be extended with tons of plugins written in a Sublime-y embedded Python interpreter, and there's probably a syntax highlighter extension for nearly every language you can think of (yes, even including R).

License: Commercial. It's presently $70 USD, but you get all minor updates. Considering I use it every day, it's a steal at this price...

TortoiseSVN - SVN shell extensions for Windows

If you use Subversion and you use Windows, TortoiseSVN is a handy tool to have around since it integrates nicely with Windows Explorer via the right-click context menu. I don't use Subversion much anymore, and therefore don't find myself installing this after a clean install, but you might find it handy.

License: Open source.

TortoiseGit - Git shell extensions for Windows

Sure, Github has their own Git tool for Windows. I hate it, personally, but some people are all over it. I'm fond of TortoiseSVN (see above), but since I use Git so much these days, I find TortoiseGit to be a better alternative. Granted, I almost never find myself using Git via Windows Explorer since almost everything I do in Git is via the command line, but sometimes it's nice to have a GUI tool in a predominantly GUI-centric OS like Windows. It works really well if you have PuTTY installed (see above).

License: Open source.

VirtualBox - Virtualization utilities

Maybe this belongs in the "system utilities" category. I don't know, but I think it's more commonly used as a developer tool. Essentially, VirtualBox is a handy (and free) virtualization package similar to VMWare (but free...er). VMWare is often more performant, and there's a much, much, much more you can do with its enterprise editions, but let's face it: Unless you work for a large firm, you're probably not going to fork thousands and thousands of dollars over for a virtualization package that lets you do everything from cloud hosting to entire virtual network topographies, simulating multiple fail overs or the likes.

For the rest of us, VirtualBox is pretty handy. If you've used anything similar (Microsoft's VirtualPC?), you'll probably feel right at home. As a bonus, if you're never used other operating systems like Linux or FreeBSD, VirtualBox is a great way to get started. Just create a virtual machine, download an ISO, add the ISO to the virtual machine, and get to installing! I use it oftentimes to test software under other operating systems (or sometimes just to test those operating systems!).

Most cloud providers (Linode, Digital Ocean, Vultr) use some variation of KVM or similar, so you might not get the kind of performance you'd expect from a typical cloud provider under VirtualBox. That said, on modern hardware, it's plenty fast.

License: Mostly open source.

VisualStudio 2015 Community Edition - Developer Tools

I don't use VisualStudio often. That said, there are some really nice up-and-coming changes and improvements (including many that have already landed!) to C# and similar. Microsoft recently released their 2013 edition for free to open source developers, and Visual Studio 2015 is no different. Be aware that the link in this section is probably prone to breakage since Microsoft tends to change their site often. If so, just Google it.

The installer is more downloader than installer, but if you're interested in writing applications for Windows Phone or the Surface, it might be worth a shot. It's free, too. In fact, the current license for VS 2015 is free to use for open source developers, single developers, or very small teams (< 5 people) provided your annual revenue is under a certain amount. It may lack some of the bells and whistles of the full up paid editions, but in most cases you're not likely to need them (unless you're on a large team--in which case you're probably going to have access to the enterprise edition anyway).

License: See above.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male

Return to Technology Lounge

Who is online

Users browsing this forum: No registered users and 1 guest

cron