Monday, February 26, 2007

Sunday, February 25, 2007

Vista nits and quirks

First problem:

I multi-boot. XP for games, Vista for work.

Found out last night that the Windows XP and Vista versions of System Restore are very different. Not compatible. And mutually destructive. Good thing I take image snapshots of my system drives from time to time.

When you boot to XP, it thinks the Vista partitions system restore archives are corrupt, so it zaps them. When you boot to Vista, it thinks the same of XP's archives over on the other drive.

Will find a work-around and post - if it exists. For now I have turned off XP's system restore entirely, which leaves that OS somewhat exposed.

Second issue

Today I turned off the Aeroglass interface. Perhaps it's my older graphics card (an NVidia GeForce 7800 GS / AGP) on my older hardware, but the performance hit and the eye candy were simply getting in the way of actual work.

Pretty face, but nothing I can't do without in favor of faster response times.

.

Thursday, February 22, 2007

Vista review of most unusual flavor . . .

This has been copied around the web today, but I present to you the one and only original as written by .

"I wake. For a moment, I stare at the ceiling trying to remember something. Something important. Something important happened last night, but the details escape me. Something fascinating yet sinister, like touring the CIA offices. Something exotic yet somehow familiar, like putting hot sauce on meatloaf. I wonder if I have a hangover. I wonder why I am thinking about the CIA and meatloaf. I roll onto my side.

There is a strange woman in bed with me.

[. . .]

She gets out of bed and stretches, perfect curves sliding under silky lingerie and momentarily making me forget about breakfast, meatloaf, and whoever it was I was married to before last night. She seems to know this, and smiles at me again, but apparently she's serious about making breakfast. She turns and strides confidently from the room. As she does, I see for the first time the large Microsoft logo splayed across her back. My stomach lurches as I suddenly remember everything.

Windows Vista. I bought a new computer yesterday... and it came with Windows Vista."


Read the full review: "So Beautiful, so Disturbing."

Oddly, now that I've read this wickedly twisted impression of the newest operating system from Microsoft, I feel a strange compulsive attraction, nay, even a hint of geeky lust, as I gaze at my Aeroglass interface sprawled wantonly across my 22" flatscreen.

.

Vista musings

I attended a Microsoft sponsored partners event last week in Denver.

As you may imagine, Vista was the primary focus. I will be talking a lot about Vista over the next year - both the good and especially the ugly. Some things that stand out to me right now:

Bitlocker (that neat function that locks down - say - a laptops hard drive so if it's stolen no-one can extract your data) will ONLY be offered on the "Ultimate" and "Enterprise" Vista editions. Which pisses me off big time, since very few small businesses (my main market) are going to spring for the Enterprise pricing plans, and they don't want to run Ultimate on mid-range laptops. Why can't they offer it on a small business SKU?

They have all sorts of neat Domain Policy add-ons for Vista only, but the actual templates so that Windows Server 2003 can manage them are not yet available . . . classic mismatch in cross team scheduling.

In my opinion -- THE biggest attraction for business customers for Vista is not Vista itself. It's the imaging technology that's being used to deliver Vista combined with a newly announced toolkit called Business Desktop Deployment. The BDD toolkit is free and it's job is to manage Vista deployment planning and rollout across any organization. It can directly edit Vista install images. You can even add all the approved office applications, drivers, etc for your company to your install images. This is big.

In the old days, we had to install Windows on a sample machine, install drivers, run a special system "sysprep" procedure so that it would ask for registration info at first boot, create an image of the hard drive, then copy that image out. Any changes required more jury rigging involving re-installing the image, updating it as a live running instance, running sysprep again, and snapping a new image. All using a complex combination of native and third party tools and no small amount of special sauce.

Now we can update a base install file directly. We can add drivers. Add common applications like Office 2007, even third party apps. Once that's done the image is saved and can be directly deployed onto a new machine over the network as a fresh install, or burned to a DVD and installed.

.

Monday, February 19, 2007

Some days you just have to remember . . .








At least Mr. Gates is developing a good sense of self-deprecating humor.


Friday, February 16, 2007

Hackers targeting your home LAN router / firewall

This applies to any platform that runs Java, be it Mac, PC Windows or PC Linux. This also applies to any browser that supports Javascript, including all versions of IE, Firefox and Safari.

If you own or buy a Linksys, DLink or Netgear wired or wireless router/firewall box to allow you to share your broadband throughout your household, make sure you change the administrator password on that unit from the factory default. It doesn't matter if your router does not accept administrative connections from the outside - this attack comes from the inside of your network. (Most routers now ship with external admin access turned off, although you can turn it on if you need to get to your router remotely . . . but again, make sure you set a STRONG admin password if you turn that option on for any reason.)

A new exploit uses JavaScript and can access the routers settings from inside your network when you allow that script to run on your computer. The malicious code can be embedded within Javascript that you might want to trust, like - for example - a game applet. Simply surfing a compromised site and allowing Java to run in your browser is enough to get hacked. It may not trigger your browsers security settings, as it never attempts to access or change local files on your computer.

In the background, out of your sight, the script looks up your networks internal gateway address. It then attempts to logon to your routers admin panel using that IP. It can guess the password from one of about five typical login combinations that are widely used by almost all home router manufacturers as their factory setting. It takes advantage of the fact that many owners never change that password.

Once it has control, it changes the DNS settings on your router to point at a hackers "poisoned" DNS server. The idea is that when you browse to your bank (for example) using the correct URL or bookmark, the router looks at the compromised DNS server and sends you off to a phishing site that could look exactly like your banks login site. From there they capture your user ID, password, and of course your bank account.

Simply logging into your routers panel and changing the Admin password to your own unique password will stop this attack.



1) Open your network settings, and look at the Status of your LAN connection. In Windows click on the Support tab. (Not sure how to get this on a Mac, anyone that knows feel free to chime in.) You should see a gateway IP address listed.

2) Enter that IP address into the URL field in any web browser. That's the address for your routers administration panel.

3) You will see a request to login. Try these combinations (or refer to your routers owners manual):

User: (blank)
Password: password

User: (blank)
Password: admin

User: (blank)
Password: (blank)

User: admin
Password: password

User: admin
Password: admin

Once you log in successfully, you will see your routers control panel.

4) Refer to your owners manual, or surf the control panel (usually under Setup, or Password, or Administrative Settings) for the Administrators Password reset. Enter in the old password (factory default) in the first field, and your new password twice in the second and third fields, then save or apply your settings.

5) Close your browser, and re-open it to the same gateway IP address, and test the login with your new password. Do NOT check any box that offers the option to remember your password.

Voila, you will not be vulnerable to this particular attack.

Tuesday, February 13, 2007

Daylight Saving Time changes for 2007

The U.S. Energy Policy Act of 2005, passed by the U.S. Congress in July, 2005, extends Daylight Saving Time (DST) in the U.S. by approximately four weeks -- effective beginning 2007.

This year in the USA and Canada daylight savings begins three weeks early and extends one week later than historical periods. March 11, 2007 marks the new DST change date.

Previously DST started on:
First Sunday of April (04/01/07)

With the new law, DST will start on:
Second Sunday of March (03/11/07)

Previously DST ended on:
Last Sunday of October (10/28/07)

With the new law, DST will end on:
First Sunday of November 11/04/07


There are several computer software systems that track when the change to and from DST happens and that automatically change calendars and clocks for you. You should check to ensure that your systems are updated before March 11, 2007 to prevent issues with schedules, clock dependant functions or shared calendar meeting times.

Here is a partial list of the most common Microsoft programs that will require updates.

- Windows XP Home and Professional Service Pack 2 and Windows Server 2003:
Use http://update.microsoft.com/ and check for the DST update. This update may be installed automatically on February 13th depending on your computers settings.

- Outlook 2000, 2002 and 2003:
Download the update and read the directions for use at http://www.microsoft.com/downloads/details.aspx?FamilyID=e343a233-b9c8-4652-9dd8-ae0f1af62568&DisplayLang=en

- Windows Mobile (Including Outlook) patch:
http://www.microsoft.com/windowsmobile/daylightsaving/default.mspx

- Windows 2000 and older Microsoft OS's:
Unofficial patch/updater available at http://www.intelliadmin.com/blog/2007/01/unofficial-windows-2000-daylight.html

More information about the DST change and other Microsoft applications may be found at http://support.microsoft.com/gp/cp_dst.

( A big thank you to for DST info on Apple and Linux systems. )

- Linux:
For most Linux distributions, you can find background info and links at http://www.linux-watch.com/news/NS6300294422.html. For those of you with Gentoo, just an "emerge sys-libs/timezone-data" should do the trick.

- Apple:
Apple users should refer to http://docs.info.apple.com/article.html?artnum=305056 to find patches or instructions to fix the DST changes manually, depending on your OS version. You will also find links on that page containing special instructions to update your Java and WebObjects environments.

- Java:
Sun has posted DST instructions for Java at http://java.com/en/download/faq/dst.xml. In certain cases (but not all) you may wish to remove older versions of Java if you update to the latest and greatest. Directions for that process may be found at http://www.java.com/en/download/faq/5000070400.xml.

- Palm OS (PDA's):
Thanks to for the link.
For Palm PDA users, there's some patch info at http://www.palm.com/us/support/downloads/dst_palmos.html



Deadline for doing these updates is this coming Saturday, March 10th. If you miss the deadline, don't panic. You can still do the updates at any time, but your calendars and clocks may not show the correct time until you complete the task.

Edits
March 5, added link for Windows 2000 unofficial patch
March 7, added link for Windows Mobile patch
March 8, added links for Apple and Linux users




Feel more than welcome to link, copy, distribute, share or otherwise use this information. I don't care who get's credit, as long as people get the message.

Sunday, February 11, 2007

Heat wave

Break out the shorts and tank tops, we reached 48'F today . . . first time in 14 weeks. Still over 10 inches of old dirty icy snow on the ground though. Down from 44 inches.

Tuesday, February 6, 2007

Vista Upgrade edition "loophole" will remain -- for now.

I posted a workaround for re-installing or doing a clean install using Vista Upgrade Edition DVD's last week. That information was based in part on several blogs around the net that posted what I felt were incomplete instructions, which were rounded out based on my own testing and snooping into the matter.

Today news comes via vnunet.com that Microsoft is aware of the loophole, but does not - for now - intend to remove the ability. I can't tell you how relieved I am as an IT consultant. One of the services I provide includes emergency system restoration when a hard drive fails, or clean-up after a massive exploit/virus disaster.

For those looking to get Vista at a discount that don't want to upgrade from Windows XP or 2000 (and thus invalidate their registration keys for the older OS), the Upgrade Editions are NOT the best way to go. Shop one of the online retailers -- like NewEgg.com -- and buy the Vista OEM flavor of your choice (assuming you never intend to move the OS to a newer computer in the future) at a far steeper and legal discount than the Upgrade Edition.




Quoted from the article from vnunet.com regarding clean installs using the Upgrade Editions:

" 'People without a licensed copy of XP that use this workaround are violating the terms of use agreed to when they purchased the upgrade version of Windows Vista," a Microsoft spokesman told vnunet.com.

"As such, we believe only a very small percentage of people will take the time to implement this workaround, and we encourage all customers to follow our official guidelines for upgrading to Windows Vista.'

Microsoft added that it does not have any plans to disable the workaround at this time."


.

Sunday, February 4, 2007

Sunday night musing

Treat people as if they were
what they ought to be
and you help them to become
what they are capable of being.

- Johann Wolfgang von Goethe

Friday, February 2, 2007

Critical update for Raxco's PerfectDisk 8.x for Vista

In my inbox today:

Raxco is proud to announce that PerfectDisk 8 is the first and only defragmenter to be Certified for Windows Vista by Microsoft. PerfectDisk 8 Build 50 is now available for use on Windows Vista, as well as Windows XP Home/Professional, Windows Server 2003 and Windows 2000 Professional/Server.

During the PerfectDisk 8 Vista certification testing process, Raxco’s development team uncovered a bug within a component of Windows Vista that could potentially cause hard drive corruption. Raxco has already reported this bug to Microsoft and Microsoft is working to resolve the issue. Raxco has designed PerfectDisk 8 build 50 to specifically work around this issue.

How do I get PerfectDisk 8 Build 50?

- If you are running PerfectDisk 8 on Windows Vista, it is critical that you update to Build 50. You can do this by clicking on PerfectDisk and selecting Run as administrator and then click on Help and then select Check for Updates.

- For non-Vista versions of Windows, run PerfectDisk, click on Help and then select Check for Updates.

- To re-download a purchased PerfectDisk 8 installation, follow the instructions in the email receipt that you received when you purchased PerfectDisk.

Thursday, February 1, 2007

Clean install possible for upgrade editions of Vista after all

Edit: procedure updated to clarify certain key steps

Notes:

a) at no time during this install should you allow Vista to connect and download automatic install updates. Perform the updates AFTER you have completed the full installation procedure by visiting Microsoft's Update site.

b) don't begin installing any third party drivers or applications (except for network drivers - if your's are not already installed by Vista setup) until you have completed ALL steps below.

c) if you are trying to "cheat" and use this procedure on a second system, be aware that you will NOT be able to activate your "copy" since the first activation binds your Product Key to the hardware you used the first time around. This procedure is intended to be used to recover from a disaster such as hard drive failure or massive virus infection -- etc.




Now on to the steps:

1. Start with a freshly cleared hard drive - or a newly formatted partition for the new Vista install.

2. Boot with the Windows Vista Upgrade DVD.

3. Proceed with the installation.

4. Do not enter a Product Key when prompted. You will do that at a later step instead. Leave the fields empty and move along.

5. When prompted, select the Vista edition that you have. (Important, make sure it's the same version for which you have the paid key.)

6. Install Vista normally. It will enter into Evaluation Mode for 30 days.

7. Once the install is complete and you are at the desktop for the first time, restart the DVD-based Setup from within Windows Vista using the original Vista Upgrade DVD.

8. When asked whether you wish to perform an Upgrade or Custom (advanced) install, choose Custom (advanced) and perform a clean install of Vista onto the same partition you chose the first time around.

9. Enter your Product Key when prompted.

10. After the second setup run is complete, and when you are once again at the desktop, delete the "c:\windows.old" directory which contains files that will no longer be used from the first Vista installation.

11. Allow Vista to activate your freshly installed system online.

12. Force your first set of critical patches and updates from http://update.microsoft.com.

13. Install any other third party drivers and applications at this time as needed.

When you are finished, you should have a fully functional and activated copy of Vista running on your legal upgrade key.

At least, unless Microsoft "fixes" this workaround . . .