Schreibnet Technologies LLC provides tech support that we say is great, but don't take our word for it!
I passed my first exam today and am now certified by Microsoft.
:-)
Monday, May 4, 2009
Sunday, April 26, 2009
A couple application highlights in Vista
Of the new applications in Vista, there are a couple of stand-outs.
First is Internet Explorer 7. The most significant leap in IE technology is implemented in Protected Mode and the Mandatory Integrity Control (MIC). MIC is a security feature of Vista that carries the concept of least priviledge over to applications and processes. When IE7 is run in Protected Mode, it is assigned the Integrity Access Level of “Low.” This protects the system and the registry from writes by malware you may have stumbled upon while surfing the `net.
This is a quantum leap in internet security from the practice of loging on as an Administrator and running your processes with that status.
The other application that I really enjoy is Windows Meeting Space. This is a great tool for collaboration, and you don’t have to break the budget to implement this in your workplace, since it’s included in Windows. Not only is it great for remote participation where you can’t physically get together, but it’s also great for when everyone is around the same conference table. In this scenario, you can all share documents, suggest changes, etc. It’s much better than having the meeting, emailing the file out the the participants afterward, and having a slew of revisions come back to you. You almost need another meeting to discuss everyone’s revisions. With meeting space this is avoidable. That should increase productivity.
First is Internet Explorer 7. The most significant leap in IE technology is implemented in Protected Mode and the Mandatory Integrity Control (MIC). MIC is a security feature of Vista that carries the concept of least priviledge over to applications and processes. When IE7 is run in Protected Mode, it is assigned the Integrity Access Level of “Low.” This protects the system and the registry from writes by malware you may have stumbled upon while surfing the `net.
This is a quantum leap in internet security from the practice of loging on as an Administrator and running your processes with that status.
The other application that I really enjoy is Windows Meeting Space. This is a great tool for collaboration, and you don’t have to break the budget to implement this in your workplace, since it’s included in Windows. Not only is it great for remote participation where you can’t physically get together, but it’s also great for when everyone is around the same conference table. In this scenario, you can all share documents, suggest changes, etc. It’s much better than having the meeting, emailing the file out the the participants afterward, and having a slew of revisions come back to you. You almost need another meeting to discuss everyone’s revisions. With meeting space this is avoidable. That should increase productivity.
Monday, April 20, 2009
Firewall and Security
In today’s world, firewalls and data center security are as necessary as locks on doors and windows. Without some device or software to handle security between your computer and the internet, the Sans Institute’s Internet Storm Center reports that the computer will be under the control of a malicious coder in less than 20 minutes. That was in 2004. You can be sure it’s at least that fast today.
Microsoft’s Windows Firewall has undergone extensive improvement since its implementation in Windows XP. The new version that comes with Windows Vista is infinitely more configurable. In addition to the rather nebulous “on” or “off” settings which you had in XP, you can now configure specific rules for programs, ports, or protocols and apply them to different network profiles.
Perhaps even more significant is the addition of outbound traffic controls in the Microsoft Windows Firewall. This is a giant leap forward for this utility and makes it a worthy security option for the home user, especially in view of it‘s partnering with Windows Defender.
In addition to the Microsoft Windows Firewall, for residential scale networking I like to be very familiar with and employ the hardware firewall included in many home networking routers and wireless access points. The two most common of these are the Linksys and D-Link products for home networking. These products often have a web-based configuration utility that allows you to set up specific port behavior and program exceptions, much like a more expensive product, in a way that is accessible to the home user.
Just as “least privilege” is the best practice for user objects, your network should be set up for least access. That is to say that you should only open the ports you absolutely need. An open port in your firewall is like an open window in a locked house. What? You say “but I require a password for remote desktop port 3389.” Ok, so that’s like a screen in the open window in a locked house. Every opening in the firewall is an additional venue for the malicious coder to get control of your computer and your personal information, so it’s best to keep them all closed. If you are a gamer or employ some other application that requires port forwarding or otherwise opened ports, consider closing them immediately after your session.
Once you have the firewall where you think you want it, it is important to test it to be sure. “Testing Proves Testing Works,” as they say. Security Metrics is one of several online sources for security testing. The Free Port Scan and Firewall Test page of their web site will determine your public IP Address and use that to scan your computer for open ports or possible vulnerabilities. It’s basically a self-inflicted port scan from the internet. This way you will know for sure what is open on your network. A tool like this should be used every time a change is made to the firewall configuration on any network.
Microsoft’s Windows Firewall has undergone extensive improvement since its implementation in Windows XP. The new version that comes with Windows Vista is infinitely more configurable. In addition to the rather nebulous “on” or “off” settings which you had in XP, you can now configure specific rules for programs, ports, or protocols and apply them to different network profiles.
Perhaps even more significant is the addition of outbound traffic controls in the Microsoft Windows Firewall. This is a giant leap forward for this utility and makes it a worthy security option for the home user, especially in view of it‘s partnering with Windows Defender.
In addition to the Microsoft Windows Firewall, for residential scale networking I like to be very familiar with and employ the hardware firewall included in many home networking routers and wireless access points. The two most common of these are the Linksys and D-Link products for home networking. These products often have a web-based configuration utility that allows you to set up specific port behavior and program exceptions, much like a more expensive product, in a way that is accessible to the home user.
Just as “least privilege” is the best practice for user objects, your network should be set up for least access. That is to say that you should only open the ports you absolutely need. An open port in your firewall is like an open window in a locked house. What? You say “but I require a password for remote desktop port 3389.” Ok, so that’s like a screen in the open window in a locked house. Every opening in the firewall is an additional venue for the malicious coder to get control of your computer and your personal information, so it’s best to keep them all closed. If you are a gamer or employ some other application that requires port forwarding or otherwise opened ports, consider closing them immediately after your session.
Once you have the firewall where you think you want it, it is important to test it to be sure. “Testing Proves Testing Works,” as they say. Security Metrics is one of several online sources for security testing. The Free Port Scan and Firewall Test page of their web site will determine your public IP Address and use that to scan your computer for open ports or possible vulnerabilities. It’s basically a self-inflicted port scan from the internet. This way you will know for sure what is open on your network. A tool like this should be used every time a change is made to the firewall configuration on any network.
Wednesday, April 8, 2009
Vista is Good. It's Time to Admit It.
Vista came out a while ago now. When it first came out, there were issues, and they were primarily related to drivers. Drivers are the responsibility of the hardware vendors, not the operating system programmers. Secondary issues came into play with legacy custom software applications.
Well, here we are in 2009. Vista service pack one has been out for some time now, and service pack two is about to be released. Hardware makers have gotten up to speed with the driver model. Users have had time to understand and implement "Compatibility Mode." Today, Windows Vista is a stable, widely compatible, excellent operating system. It's time to stop repeating the same thing we heard three years ago.
Join me. Drink the Kool-Aid.
I read comments on IT specific discussions on the Internet where people say things like "When XP stops working, I'm going to Mac!" That's irrational and silly. Sure, we're creatures of habit, we don't like change, but that sentiment is oxymoronic. I can't think of much bigger change than going from Windows to it's largest commercial competitor. It's kind of funny when you think about it.
The bottom line is this: Don't be afraid to embrace progress. Maybe not right away, but it's been a while now, and things improve and move forward. Vista is great. Windows 7 is fantastic.
Well, here we are in 2009. Vista service pack one has been out for some time now, and service pack two is about to be released. Hardware makers have gotten up to speed with the driver model. Users have had time to understand and implement "Compatibility Mode." Today, Windows Vista is a stable, widely compatible, excellent operating system. It's time to stop repeating the same thing we heard three years ago.
Join me. Drink the Kool-Aid.
I read comments on IT specific discussions on the Internet where people say things like "When XP stops working, I'm going to Mac!" That's irrational and silly. Sure, we're creatures of habit, we don't like change, but that sentiment is oxymoronic. I can't think of much bigger change than going from Windows to it's largest commercial competitor. It's kind of funny when you think about it.
The bottom line is this: Don't be afraid to embrace progress. Maybe not right away, but it's been a while now, and things improve and move forward. Vista is great. Windows 7 is fantastic.
Wednesday, April 1, 2009
NTFS Permissions
Here is a piece detailing my methodology in dealing with users and network file space. I use NTFS permissions, which is a file security schema implemented in the NTFS file system from Microsoft.
Some of the key rules of NTFS permissions: There are six standard rules for folders, five for files. These standard permissions control general aspects of file security. There are also 14 special permissions which allow a much more detailed control of access and security. Every permission can be explicitly allowed or denied, or they can be inherited from a parent object. Deny can also be implied by the absence of explicit or inherited allow permissions. Permissions are assigned via the presence of objects in an Access Control List(ACL), but permissions belong to the object to which they are assigned, not to the user or group in the ACL.
I use Shares, NTFS Permissions, and User Groups in concert to provide users ever-expanding rings of file access. I begin with the premise that users need, at a minimum, the following areas of file storage: First, they need a private space to keep their work that is in progress, confidential, or other things that are generally not to be shared with others. Second, users who work together need a file space that helps them to work together. Third, users who work together across departmental boundaries also need a shared space to help them get things done.
To accomplish my three levels of access, I create the following folder structure: In my data volume (which is created separate from my operating system volume) I will create a folder called “user data” or some similarly descriptive name that gives me a clue as to the content of that folder. This folder becomes the root of the user share structure. Next, inside the root folder I create a folder called Users. Inside Users I create a folder for every employee's user name. These folders inside Users are the private folders for the employees, also known as “Home Directory” or “Home Drive” and often assigned the drive letter H:(for “Home”). Usually they are shared as jdoe$. The trailing dollar sign makes it a hidden share, so that people poking around the file system will not see the folder if they are coming across the network and don't have access to a folder higher up in the tree. That completes the personal folder.
Next, back up in User Data, I'll create a folder called “Departments.” In that folder I'll create sub-folders like “Finance,” “Marketing,” “Development,” “Human Resources,” and so on. This will give the users in the same department a place to store files that they are sharing with departmental co-workers. I give the department's users full control inside their department shares so that they can create new folder structures inside that are helpful for them.
Next, returning again to User Data, I create a folder called “Public.” The public folder is available to all, and all users have full control. It is akin to the wild west of file systems, but it serves a valuable purpose in allowing users from different departments who may be working together on a project a collaborative space. Additionally, I can create sub folders in Public and block inheritance. This allows me to create, for example, a folder called “HR Info” in which the HR users have full control and all others have read only. HR can then deposit files like the employee handbook or benefits information in that folder and all users can read it. This saves me from having to create too many folders that get mapped as drives.
All employees are trained in the structure of the folder tree and the rights that they and others have throughout. It is made clear to them who can see what, where, and they are also assured that there is no such thing as “privacy” on corporate file servers or computers. We give you a “private” space, but it's always available to the system administrator at the command of the appropriate management staff. It may be called private, but nothing should be in there that would be against any company policy, civil law, or reasonable moral standard.
Once my folders are in place, I go on to create groups for every department. I place the appropriate users in each of the departmental groups, and then I set the NTFS permissions on the Department sub folders by group. The rights to Public are assigned to the “Everyone” group, and rights to the user folders are assigned per user.
At this point you may be saying to yourself “That's a lot of people with full control!” I agree, it is, and the concern over files being inadvertently or maliciously deleted is a legitimate one. For this reason I have implemented other file-security solutions so that I may recover any file in moments. It's the best of both worlds.
There are special circumstances that will occur. For example, let's say a share is desired for the department heads only. I would create a “Department Heads” folder in the Departments sub folder. I would then create a group and give access rights to that group, then finally add the heads to that group.
The way I provide access to the various shares is through a Visual Basic login script. The script uses variables to make it simple. When a user logs on, the script runs and finds the user name and all groups that the user belongs to. With this information it maps network drives on the workstation. H: is the private share, I: is the department share, J: is public, and special folders follow if the user is a member of other groups.
Here is a little graphic to illustrate the folder structure. Hopefully it comes through ok.
Some of the key rules of NTFS permissions: There are six standard rules for folders, five for files. These standard permissions control general aspects of file security. There are also 14 special permissions which allow a much more detailed control of access and security. Every permission can be explicitly allowed or denied, or they can be inherited from a parent object. Deny can also be implied by the absence of explicit or inherited allow permissions. Permissions are assigned via the presence of objects in an Access Control List(ACL), but permissions belong to the object to which they are assigned, not to the user or group in the ACL.
I use Shares, NTFS Permissions, and User Groups in concert to provide users ever-expanding rings of file access. I begin with the premise that users need, at a minimum, the following areas of file storage: First, they need a private space to keep their work that is in progress, confidential, or other things that are generally not to be shared with others. Second, users who work together need a file space that helps them to work together. Third, users who work together across departmental boundaries also need a shared space to help them get things done.
To accomplish my three levels of access, I create the following folder structure: In my data volume (which is created separate from my operating system volume) I will create a folder called “user data” or some similarly descriptive name that gives me a clue as to the content of that folder. This folder becomes the root of the user share structure. Next, inside the root folder I create a folder called Users. Inside Users I create a folder for every employee's user name. These folders inside Users are the private folders for the employees, also known as “Home Directory” or “Home Drive” and often assigned the drive letter H:(for “Home”). Usually they are shared as jdoe$. The trailing dollar sign makes it a hidden share, so that people poking around the file system will not see the folder if they are coming across the network and don't have access to a folder higher up in the tree. That completes the personal folder.
Next, back up in User Data, I'll create a folder called “Departments.” In that folder I'll create sub-folders like “Finance,” “Marketing,” “Development,” “Human Resources,” and so on. This will give the users in the same department a place to store files that they are sharing with departmental co-workers. I give the department's users full control inside their department shares so that they can create new folder structures inside that are helpful for them.
Next, returning again to User Data, I create a folder called “Public.” The public folder is available to all, and all users have full control. It is akin to the wild west of file systems, but it serves a valuable purpose in allowing users from different departments who may be working together on a project a collaborative space. Additionally, I can create sub folders in Public and block inheritance. This allows me to create, for example, a folder called “HR Info” in which the HR users have full control and all others have read only. HR can then deposit files like the employee handbook or benefits information in that folder and all users can read it. This saves me from having to create too many folders that get mapped as drives.
All employees are trained in the structure of the folder tree and the rights that they and others have throughout. It is made clear to them who can see what, where, and they are also assured that there is no such thing as “privacy” on corporate file servers or computers. We give you a “private” space, but it's always available to the system administrator at the command of the appropriate management staff. It may be called private, but nothing should be in there that would be against any company policy, civil law, or reasonable moral standard.
Once my folders are in place, I go on to create groups for every department. I place the appropriate users in each of the departmental groups, and then I set the NTFS permissions on the Department sub folders by group. The rights to Public are assigned to the “Everyone” group, and rights to the user folders are assigned per user.
At this point you may be saying to yourself “That's a lot of people with full control!” I agree, it is, and the concern over files being inadvertently or maliciously deleted is a legitimate one. For this reason I have implemented other file-security solutions so that I may recover any file in moments. It's the best of both worlds.
There are special circumstances that will occur. For example, let's say a share is desired for the department heads only. I would create a “Department Heads” folder in the Departments sub folder. I would then create a group and give access rights to that group, then finally add the heads to that group.
The way I provide access to the various shares is through a Visual Basic login script. The script uses variables to make it simple. When a user logs on, the script runs and finds the user name and all groups that the user belongs to. With this information it maps network drives on the workstation. H: is the private share, I: is the department share, J: is public, and special folders follow if the user is a member of other groups.
Here is a little graphic to illustrate the folder structure. Hopefully it comes through ok.
D:
|--->User Data - (not shared, no permissions)
|
|------->Users - (not shared, no permission)
| |-------->jdoe$ - (hidden share, permissions only for Jane Doe)
| |-------->tjones$ - (hidden share, permissions only for Tom Jones)
|
|------->Departments - (not shared, no permissions)
| |-------->Finance - (shared, permissions for the Finance group)
| |-------->Marketing - (shared, permissions for the Marketing group)
|
|------->Public - (shared, permissions for the Everyone group)
Wednesday, March 25, 2009
April Fools!
April 1 is the day for pranks and practical jokes. There is, however, a plot afoot that may or may not be quite a bit more troublesome than your average April Fool!
The latest version of a worm out there called Conficker or Downadup, is sceduled to do something on 4/1/2009. What it's going to do is anyone's guess. It could be harmless, or not.
Conficker is a very complex and sophisticated worm. It's latest version (C) has stealth capabilities, and it disables Windows Update and the Windows Security Center as part of its behavior.
There are ways to beat this bad-boy. First, many antivirus manufacturers say they can still detect it, so make sure your A/V is up to date and do a scan of your entire system. Maybe try it in safe mode.
Also, the way Conficker knows what to do is by "calling home" to several algorithmically determined web servers. Since the web addresses are generated by the same algorithm, the professionals in the IT world have identified all of them from the A and B versions. These bad DNS names can then be blocked at the DNS level. (DNS is like the phone book of the Internet. It's where your computer looks up the numerical address for a human-friendly computer name.). OpenDNS.com is a DNS provider that will block Conficker's known destinations, so configuring your computer to use this free DNS service is a great step in defeating the worm.
Of course, it wouldn't be a bad idea to backup your personal files and documents, etc. Put them on removable media like a Flash drive or USB hard drive, and put it somewhere safe.
Start doing backups regularly if you don't already, and do it before the first.
Links:
PC Magazine article
CNN Story
Wikipedia Article
The latest version of a worm out there called Conficker or Downadup, is sceduled to do something on 4/1/2009. What it's going to do is anyone's guess. It could be harmless, or not.
Conficker is a very complex and sophisticated worm. It's latest version (C) has stealth capabilities, and it disables Windows Update and the Windows Security Center as part of its behavior.
There are ways to beat this bad-boy. First, many antivirus manufacturers say they can still detect it, so make sure your A/V is up to date and do a scan of your entire system. Maybe try it in safe mode.Also, the way Conficker knows what to do is by "calling home" to several algorithmically determined web servers. Since the web addresses are generated by the same algorithm, the professionals in the IT world have identified all of them from the A and B versions. These bad DNS names can then be blocked at the DNS level. (DNS is like the phone book of the Internet. It's where your computer looks up the numerical address for a human-friendly computer name.). OpenDNS.com is a DNS provider that will block Conficker's known destinations, so configuring your computer to use this free DNS service is a great step in defeating the worm.
Of course, it wouldn't be a bad idea to backup your personal files and documents, etc. Put them on removable media like a Flash drive or USB hard drive, and put it somewhere safe.
Start doing backups regularly if you don't already, and do it before the first.
Links:
PC Magazine article
CNN Story
Wikipedia Article
Wednesday, March 18, 2009
A Couple Vista Features
A couple of features stand out in my mind as great things in Windows Vista.
First is Windows Defender. While technically not a Vista-only feature since Microsoft has released versions for XP and Server 2003, it made it’s debut on Vista, and is included as a part of Vista. The versions for XP and Server 2003 are available as a free download.
Why Defender? Well, in the immortal words of Tony the Tiger, it’s great! Having this kind of security embedded into the OS is a good thing. The average user does not usually know when they are infecting themselves with some malicious software (malware). Sure, they’ve heard the term, but they probably aren’t savvy to the little tip-offs they encounter that should be warning signals. Instead, they end up clicking something that invites malware in to their PC. With Windows Defender, the OS will detect it and stop it, on the fly.
Windows Defender is peer-driven. That means that a large community of users is constantly contributing in some way to keep it up to date. The more eyes you have on a problem, the better equipped you are to solve it, so having users from every walk of life contributing their experiences to the project ensures comprehensive coverage.
For advanced users there is a “Software Explorer” in the Tools menu that allows you to view details about the software running on your system grouped by various categories. From the Software Explorer you can disable or enable programs, end processes and remove software.
Cnet called Defender "perhaps the best free antispyware application we looked at this year" when they reviewed it in December of 2007. It’s one of several great tools you should have in your anti-spyware/malware arsenal.
The other feature I really like about Vista is ReadyBoost. RAM is the component in a PC that most directly affects Windows performance. With ReadyBoost, the non-technical user can essentially dramatically expand the available RAM in their PC without taking covers off and messing with memory modules. All they need to do is pick up a cheap USB flash drive or an SD card and insert it into the computer. In the properties of the device there is a tab for ReadyBoost. Click the “Use this” option and you’re on your way to a perceptible improvement in system performance. You can never have too much RAM!
These two features are just a part of what makes Windows Vista a worthy operating system. The continuance of these feature into Windows 7 will make that OS even more truly impressive.
First is Windows Defender. While technically not a Vista-only feature since Microsoft has released versions for XP and Server 2003, it made it’s debut on Vista, and is included as a part of Vista. The versions for XP and Server 2003 are available as a free download.
Why Defender? Well, in the immortal words of Tony the Tiger, it’s great! Having this kind of security embedded into the OS is a good thing. The average user does not usually know when they are infecting themselves with some malicious software (malware). Sure, they’ve heard the term, but they probably aren’t savvy to the little tip-offs they encounter that should be warning signals. Instead, they end up clicking something that invites malware in to their PC. With Windows Defender, the OS will detect it and stop it, on the fly.
Windows Defender is peer-driven. That means that a large community of users is constantly contributing in some way to keep it up to date. The more eyes you have on a problem, the better equipped you are to solve it, so having users from every walk of life contributing their experiences to the project ensures comprehensive coverage.
For advanced users there is a “Software Explorer” in the Tools menu that allows you to view details about the software running on your system grouped by various categories. From the Software Explorer you can disable or enable programs, end processes and remove software.
Cnet called Defender "perhaps the best free antispyware application we looked at this year" when they reviewed it in December of 2007. It’s one of several great tools you should have in your anti-spyware/malware arsenal.
The other feature I really like about Vista is ReadyBoost. RAM is the component in a PC that most directly affects Windows performance. With ReadyBoost, the non-technical user can essentially dramatically expand the available RAM in their PC without taking covers off and messing with memory modules. All they need to do is pick up a cheap USB flash drive or an SD card and insert it into the computer. In the properties of the device there is a tab for ReadyBoost. Click the “Use this” option and you’re on your way to a perceptible improvement in system performance. You can never have too much RAM!
These two features are just a part of what makes Windows Vista a worthy operating system. The continuance of these feature into Windows 7 will make that OS even more truly impressive.
Friday, March 13, 2009
Debunking the Hype/Myth
Remember the PC vs. Mac commercial that had Mac say "Hi PC" and a third guy in a Secret Service suit said to PC "Mac issued a greeting; accept or reject?" It went on and on, every step of the dialogue filtered through the security thug.
It was a funny commercial, and it made a lot of sense if you were frustrated by that feature of windows.
But if you understand what's going on in Vista with that pop-up message, you might have more appreciation for it.
The Usser Account Control feature is what is responsible for those messages. When you start functions that could change your system, you are asked by the UAC if you are sure you want to do this.
A natural response is to get frustrated and huff "I clicked it! Of course I want to continue."
But everyone knows about "malware," right? It is the term to refer to malicious software written to take advantage of you and your system. And of course Spyware, which reports on your activities without your knowledge, and then there are viruses, trojan horses, etc.
Well these nefarious programs don't pop up a nice splash screen when they start with a title and a short description. You never see the "Welcome to the I LOVE YOU Trojan" screen. They just start up and run as quietly as possible, stealing your passwords, mailing screenshots of your bank account info back to the hacker who wrote it, taking part in Denial of Service attacks against other machines.
Enter the UAC. If one of these programs starts up and tries to do it's thing in Vista, the UAC will stop *everything* and ask you "Hey, this program is trying to run and change some of your system settings. Do you really want to allow that?"
Oh...that's what that's for. Doesn't seem like such a bad thing then, eh?
Yeah, it was marketing genius playing upon the ignorance of the common man. But once you understand, it looks a little different.
It was a funny commercial, and it made a lot of sense if you were frustrated by that feature of windows.
But if you understand what's going on in Vista with that pop-up message, you might have more appreciation for it.
The Usser Account Control feature is what is responsible for those messages. When you start functions that could change your system, you are asked by the UAC if you are sure you want to do this.
A natural response is to get frustrated and huff "I clicked it! Of course I want to continue."
But everyone knows about "malware," right? It is the term to refer to malicious software written to take advantage of you and your system. And of course Spyware, which reports on your activities without your knowledge, and then there are viruses, trojan horses, etc.
Well these nefarious programs don't pop up a nice splash screen when they start with a title and a short description. You never see the "Welcome to the I LOVE YOU Trojan" screen. They just start up and run as quietly as possible, stealing your passwords, mailing screenshots of your bank account info back to the hacker who wrote it, taking part in Denial of Service attacks against other machines.
Enter the UAC. If one of these programs starts up and tries to do it's thing in Vista, the UAC will stop *everything* and ask you "Hey, this program is trying to run and change some of your system settings. Do you really want to allow that?"
Oh...that's what that's for. Doesn't seem like such a bad thing then, eh?
Yeah, it was marketing genius playing upon the ignorance of the common man. But once you understand, it looks a little different.
Tuesday, March 3, 2009
File Sharing
There are different kinds of file sharing. One is where computers on the same network agree to allow each other access to certain publicized resources via domain or workgroup membership and trust.
Another kind of file sharing is what's commonly known as Peer to Peer File Sharing. First made popular by Napster, there are many variations on the theme, including Limewire, Kazaa, and others.
In the news lately, sensitive documentation of the President's helicopter was found on a computer in Iran. Whooops! It happened because the computer that originally held the documents also ran peer-to-peer file sharing software.
It just goes to show you how dangerous this kind of thing is. If you are not extremely careful about how you set it up and run it, you are opening your computer up to anyone. This could have devastating effects on your personal and business life.
I hate this type of software. I never run it at home, and strive to eradicate all traces of it on any network that is my responsibility.
I also refuse to run "legitimate" versions like NBC's new HD program downloader NBC Direct. If you read the terms, you will see that it is a peer-to-peer program. You aren't downloading from NBC, you are downloading from other users who have the software. Then when you have your copy, others download from you. Without authentication, without access controls.
So be careful. You don't want your classified documents in the wrong hands.
Another kind of file sharing is what's commonly known as Peer to Peer File Sharing. First made popular by Napster, there are many variations on the theme, including Limewire, Kazaa, and others.
In the news lately, sensitive documentation of the President's helicopter was found on a computer in Iran. Whooops! It happened because the computer that originally held the documents also ran peer-to-peer file sharing software.
It just goes to show you how dangerous this kind of thing is. If you are not extremely careful about how you set it up and run it, you are opening your computer up to anyone. This could have devastating effects on your personal and business life.
I hate this type of software. I never run it at home, and strive to eradicate all traces of it on any network that is my responsibility.
I also refuse to run "legitimate" versions like NBC's new HD program downloader NBC Direct. If you read the terms, you will see that it is a peer-to-peer program. You aren't downloading from NBC, you are downloading from other users who have the software. Then when you have your copy, others download from you. Without authentication, without access controls.
So be careful. You don't want your classified documents in the wrong hands.
Saturday, February 14, 2009
For Your Eyes Only!
Do you have any data on your computer that is private? Any social security numbers? Tax returns? Medical histories? Customer accounts? Credit Card numbers? Sales pitches? New product details?
Anything sensitive? Anything that could risk your identity if compromised? Anything that could cost your business or your customers if compromised.
That's a pretty wide swath of data, and chances are good that yes, there is some "classified" data on your PC.
Does it need to be protected? That's a good question. For laptop users the answer is easy: Yes. Your machine is light and portable and is frequently out and about, and could be picked up and carried off without much trouble. Then someone else has all your data. Whether or not you use a login ID and password is meaningless. That is not data protection. Neither are the password options in MS Office to "protect" files.
What if you use a desktop computer that you don't take on the subway with you? I suppose it depends on personal comfort levels, how many other people can physically access that computer, who those people are, if the computer is on a network/the Internet, etc. There are a lot of considerations, but I lean towards Yes in all cases. Better safe than sorry, and all that.
So how can you protect your sensitive data?
Encryption. It's easy and free.
En-what?
Encryption. It takes the contents of your files and jumbles them up using complicated mathematical algorithms. The best kind of encryption requires complex keys in addition to passwords to provide nearly unbeatable protection. I say "nearly unbeatable" because I don't know what kind of power the Gov't has these days, but for "normal" folk it would take a hundred years to break good encryption using the best computing equipment commercially available.
So how can you do it? There are options available. You can encrypt files, containers of files, or the entire hard disk.
For those laptop folks, I suggest encrypting the entire hard disk. This way if your laptop "walks off," it takes more than just putting the disk in another machine to read it. Your machine can only be useful if the disk is formatted and the existing data erased. It doesn't make your machine less prone to theft, but it does protect the data.
If you don't want or don't think you need to encrypt the entire hard drive, you can encrypt individual files, or create "containers" on the disk, the contents of which are encrypted. I prefer the container because all I need to remember is the one password to open the container, and not one password for each file.
My top two for encryption are Cypherix LE, and Truecrypt.
With Cypherix, you create a "vault" on the drive or USB memory stick, etc. This vault is mounted like a disk drive and you now have on the fly drag-and-drop encryption. Just take that file, drag it to your vault, and drop it in there. As soon as you unload the vault, it is as good as gone. Cypherix also allows you to create encrypted emails in a simple manner. Basically an encrypted self-extracting file is created and attached to the email. No one can read the contents without the password. There is a 25Mb size restriction on your vault, so if you have a lot of data, you may need to make multiple vaults on your media.
Truecrypt is a much more complex, much more comprehensive product. It offers the same container-style operation of cypherix, but will also do complete hard disk encryption, hidden volumes, and even hidden operating systems. Just reading the documentation is fascinating...ok, maybe just for nerdy types. If you are a laptop user or desire an offering with more options, Truecrypt may be the one to look at.
And lastly...do not go through the trouble of encrypting your data and then write the password down somewhere. That defeats the whole purpose. As a computer professional for 18 years, when I arrive to support a user and I hit a password challenge and the user is not there, the first thing I do is look under the keyboard. Then I read the sticky-notes on the monitor, then the ones on the vertical surfaces of the desk. I find a lot of passwords that way.
As always, feel free to leave comments and questions, or contact me at scott at schreibnet dot com for advice and/or help with encryption and any other issues.
Friday, February 13, 2009
Thinking About a New PC?
Hold Off!
The little IT Birdies are chirping. The scuttlebut is that starting on or around June 1, if you buy a new PC with Windows Vista, you will be entitled to a free upgrade to Windows 7. This will be in effect until January 31, 2010, according to rumor.
So if you can, hold off until this announcement is made official. You'll get free "Upgrade Assurance."
The little IT Birdies are chirping. The scuttlebut is that starting on or around June 1, if you buy a new PC with Windows Vista, you will be entitled to a free upgrade to Windows 7. This will be in effect until January 31, 2010, according to rumor.
So if you can, hold off until this announcement is made official. You'll get free "Upgrade Assurance."
Monday, February 9, 2009
Schreibnet Technology LLC Provides Continuity Solution
Schreibnet Technology LLC has provided a custom programming solution to Christ Lutheran Church in Cleveland to assure the church's administration of data continuity in case of disaster.
The church uses a common membership management program that is feature rich in many areas, but the data backup function is quite plain. You are only allowed to backup the database to the root directory on locally attached devices. Leaving the default choice of C:\ as the backup destination is problematic, as we've discussed in a prior post. If something were to happen to that drive, the data and the backup would be lost. If something were to happen to the office, the data and the backup would be lost. There's not a lot of options for the church secretary to ensure the data is safe, and frankly, the secretary shouldn't have to worry about these things.
Enter Schreibnet Technology LLC. We wrote a small program that creates a backup of the church's membership database files and sends them off site via the Internet for safe keeping. Now there is a complete backup and data retention structure in place. Weekly backups are retained for a month, the end-of-month backup is retained for a year, and an annual backup will be retained for three years at Schreibnet's climate-controlled data center.
Schreibnet Technology LLC is a company that provides hardware and software installation, troubleshooting, custom software solutions, and many other IT services for home users and small businesses/organizations with IT needs. We can serve you in person in Northeast Ohio, or remotely via the Internet. Contact us via email to scott at schreibnet dot com.
The church uses a common membership management program that is feature rich in many areas, but the data backup function is quite plain. You are only allowed to backup the database to the root directory on locally attached devices. Leaving the default choice of C:\ as the backup destination is problematic, as we've discussed in a prior post. If something were to happen to that drive, the data and the backup would be lost. If something were to happen to the office, the data and the backup would be lost. There's not a lot of options for the church secretary to ensure the data is safe, and frankly, the secretary shouldn't have to worry about these things.
Enter Schreibnet Technology LLC. We wrote a small program that creates a backup of the church's membership database files and sends them off site via the Internet for safe keeping. Now there is a complete backup and data retention structure in place. Weekly backups are retained for a month, the end-of-month backup is retained for a year, and an annual backup will be retained for three years at Schreibnet's climate-controlled data center.
Schreibnet Technology LLC is a company that provides hardware and software installation, troubleshooting, custom software solutions, and many other IT services for home users and small businesses/organizations with IT needs. We can serve you in person in Northeast Ohio, or remotely via the Internet. Contact us via email to scott at schreibnet dot com.
Friday, February 6, 2009
Windows 7 Flavors Announced
When XP came out, Microsoft began offering different "flavors" of the OS. There are Home, Professional, and Media Center editions. When Vista came out, this was made more complex and confusing to the end user. You have Home Basic, Home Premium, Business, and Ultimate. You couldn't just upgrade from Home Basic to Business either. It required a complete re-install.
My question is "When I buy Vista, can't I just have Vista? Why is it possible for me to buy functionally limited software?"
Well...my question doesn't get an answer, but the choices are slimmed down into categories and a structure that make more sense. When Windows 7 hits the shelves you will be able to select from Home Premium, Professional, and Ultimate/Enterprise editions.
The editions are incremental. Home is Windows 7 with the new interface, media center, etc. Windows 7 Professional is everything that Home Premium is plus advanced abilities like joining a domain and some other stuff handy for business. Ultimate/Enterprise edition is everything that Pro is plus all the language packs, bitlocker drive encryption, and you can boot it from a Virtual Hard Disk file. High-end stuff.
The upgrade process from one edition to the next is vastly simplified: Buy the key, enter it, and the new features are unlocked.
So there's another optimistic bit of info as we look forward to the end of XP and the rise of '7.' My beta machine is still humming right along. I'm using it to develop a web application, and it's still performing very well.
Thanks for reading. Next topic is going to be encryption!
My question is "When I buy Vista, can't I just have Vista? Why is it possible for me to buy functionally limited software?"
Well...my question doesn't get an answer, but the choices are slimmed down into categories and a structure that make more sense. When Windows 7 hits the shelves you will be able to select from Home Premium, Professional, and Ultimate/Enterprise editions.
The editions are incremental. Home is Windows 7 with the new interface, media center, etc. Windows 7 Professional is everything that Home Premium is plus advanced abilities like joining a domain and some other stuff handy for business. Ultimate/Enterprise edition is everything that Pro is plus all the language packs, bitlocker drive encryption, and you can boot it from a Virtual Hard Disk file. High-end stuff.
The upgrade process from one edition to the next is vastly simplified: Buy the key, enter it, and the new features are unlocked.
So there's another optimistic bit of info as we look forward to the end of XP and the rise of '7.' My beta machine is still humming right along. I'm using it to develop a web application, and it's still performing very well.
Thanks for reading. Next topic is going to be encryption!
Monday, February 2, 2009
Backups
Backups. You know you should do them. But for some reason, a lot of people don't.
Think about your home PC. Think about all those pictures, tax documents, works of prose, customized settings, and all the stuff you have put on it. How much time would it take to get back all of your photographs? Impossible, right? What about that 2005 tax return when Uncle Sam is asking for "clarification?"
Now, if you are a business owner, your data has actual cash value. How long can you do business without the data on your system(s)? What would happen if you suddenly lost all your customer data?
The point is that there are many reasons to perform regular backups and no reason not to.
Backups are not hard to do, they no longer require sophisticated and expensive hardware, and they are good insurance. I'm going to discuss a couple different methods for accomplishing this very important task in the world of computers.
Going back to Genesis
In the beginning your disk was formless and void, and some nice person formatted it and put useful software on it.
Most importantly, for all computer users, is to retain your source CD's. Most new PC's have shipped with a "System Restore" CD for the last several years. This CD contains the operating system and all other software that was installed on your PC when you ordered it from the factory. There may be other accompanying disks such as driver disks, application CD's, etc. If you have a drawer or box where you keep all your computer disks, do not keep these disks in that box!
Keep these source CD's separate from the disks you paw through every day. Keep them in their original cases or sleeves, and put them away for a rainy day. If you have a safe with your important papers, put them in there. The point being that you want to avoid handling, scratching, and/or losing them altogether. These are going to be a vital part of your parachute, so keep them safe.
Home Backups
Now, for the home user, backing up your PC can seem daunting. It brings to mind images of expensive tape drives and specialized software. I'm here to tell you the good news; those days are past.
Windows XP, Vista, and 7 all include a backup utility. In XP, it's in Start, All Programs, Accessories, System Tools. The backup program starts in a Wizard mode and will walk you through the process. You can choose to have it back up your documents and settings, every users documents and settings, all information on the computer, and there is a "let me choose" option for us high-controllers out there.
If you have your source disks that came with the machine and any software you purchased and installed, then all you need to back up is your documents and settings (and those of other users if it's a shared machine with multiple user IDs). As long as you have kept your important files inside the hierarchy of "My Documents" and/or your desktop, this form of backup will get those files and back them up. If you've taken to saving your files in special folders you created like C:\Letters, C:\Finances, then you are going to need to choose the "Let me choose" option and select those folders individually.
Next you will have to tell the utility where to save your backup and what to call it. Backups should be stored on external hard drives or CD's/DVD's. Imagine a disk crash event and the feeling you get the moment you realize that your backup file was on the disk that just started smoking and threw that shower of sparks.
Ungood.
Using removable media allows you first of all, to have your data in a separate place from where the fault occurs that causes you to need it. It also allows for an easy "grab-n-go" in the event of some kind of disaster that requires you to evacuate.
I recommend a USB 2.0 external hard drive that is at least as big as your internal disk. Data transfer is fast, you won't run out of space, there's no messing with swapping out optical media every time it gets full, and you can unplug it when the backup is complete and store it with your source disks and important papers.
If you have followed this advice and find yourself needing to recreate your computer, all you have to do is boot from your "System Restore" disks and let them put all the programs and the operating system back on the new drive. Next, start the backup utility and select "restore files" and put all your documents back, and voila, good as new (and probably running faster!).
Vista (and Windows 7) users click The button previously known as Start, All Programs, Maintenance, Backup and Restore. Once it starts, click "Change Settings" to begin. This version of the utility is a little nicer. It allows scheduling a regularly recurring backup, and also has options for a system recovery disk and a disk image backup.
Speaking of images...
Disk images are the next step in data protection. Where a regular file backup requires you to install the operating system and software (and backup program if you made your backup with a third-party product) before you restore your files, a disk image creates a snapshot of the entire disk in its current condition. Basically an exact duplicate of the drive, in a file. Sure, it's a BIG file...but if you have a disk as big as, or bigger than your internal drive, it's not a problem.
Programs that create image backups often have an option to create a system recovery disk, like the above mentioned Vista/7 version of Microsoft's backup utility. The recovery disk allows you to boot from it and restore your image directly to a blank disk. Eject the CD and restart the computer and you wouldn't know the difference.
The trade-off between an image backup and a file backup is speed. Obviously the image takes considerably longer. In exchange for that headache, you get convenience of a one-stop deal. If you can schedule the backup to occur overnights, the image may be the way to go.
One important note on Imaging. A disk image can not be restored onto a hard disk in a computer with different hardware. It will only work on the same machine it was taken from because of drivers and hardware specifications, so don't make an image and then try to restore it to a different PC.
Business Backups
If your business runs on one computer with simple records kept in the My Documents folder, you can use one of the above methods to backup your data.
Most businesses don't run that simply though. At the least there is usually something like Quickbooks or Microsoft Office Accounting, or some other way of managing accounts. Complexity only grows from there. Larger outfits run databases and web applications and employ multiple machines to accomplish all their daily tasks.
In this kind of environment it is impossible to get everything covered, so you have to set priorities. #1 will no doubt be your accounting and customer relationship applications, #2, any other vital business apps, and #3, the desktop computers.
Starting at the bottom of the list, a good practice is to set up your environment to be as homogeneous as possible. Workstations should all be the same model computer with the same internal hardware. That way you can install the operating system and all the applications, then take a baseline image, and if any one of them crashes, you can restore all of them from the one image.
Moving up to business applications, often this comes down to a case-by-case evaluation. Business systems should be backed daily, at least backing up the changed data every day, and getting a full backup of everything at least once a week.
Business systems should also be backed up to multiple removable media devices that can be removed from the premises. Media should be rotated through the week and taken off site to ensure data safety in case of a building disaster. You can pay for a service to come and pick up your backups, or you can take them home with you. It all depends on your comfort level and budget, but you should keep them off site. Don't leave them in your car though.
For any business environments with centralized servers providing applications, a tape device is probably going to be the way to go. Tapes are very portable and dependable. They stand up well to the greatly increased handling that they will endure as a business backup device. They are also fast and can hold a lot of data, as tape drive technology has made advances right along all other technology.
Although I have really only scratched the surface of this deep topic, I hope this is helpful information for you. I hope you decide to start backing up your important data. It would be a shame to lose those vacation pictures...but it might provide a good excuse to go back!
Schreibnet Technology LLC can help you implement a backup strategy that works for you or your small business. Feel free to leave comments with questions you may have, or contact me via email to scott at schreibnet dot com.
Think about your home PC. Think about all those pictures, tax documents, works of prose, customized settings, and all the stuff you have put on it. How much time would it take to get back all of your photographs? Impossible, right? What about that 2005 tax return when Uncle Sam is asking for "clarification?"
Now, if you are a business owner, your data has actual cash value. How long can you do business without the data on your system(s)? What would happen if you suddenly lost all your customer data?
The point is that there are many reasons to perform regular backups and no reason not to.
Backups are not hard to do, they no longer require sophisticated and expensive hardware, and they are good insurance. I'm going to discuss a couple different methods for accomplishing this very important task in the world of computers.
Going back to Genesis
In the beginning your disk was formless and void, and some nice person formatted it and put useful software on it.
Most importantly, for all computer users, is to retain your source CD's. Most new PC's have shipped with a "System Restore" CD for the last several years. This CD contains the operating system and all other software that was installed on your PC when you ordered it from the factory. There may be other accompanying disks such as driver disks, application CD's, etc. If you have a drawer or box where you keep all your computer disks, do not keep these disks in that box!
Keep these source CD's separate from the disks you paw through every day. Keep them in their original cases or sleeves, and put them away for a rainy day. If you have a safe with your important papers, put them in there. The point being that you want to avoid handling, scratching, and/or losing them altogether. These are going to be a vital part of your parachute, so keep them safe.
Home Backups
Now, for the home user, backing up your PC can seem daunting. It brings to mind images of expensive tape drives and specialized software. I'm here to tell you the good news; those days are past.
Windows XP, Vista, and 7 all include a backup utility. In XP, it's in Start, All Programs, Accessories, System Tools. The backup program starts in a Wizard mode and will walk you through the process. You can choose to have it back up your documents and settings, every users documents and settings, all information on the computer, and there is a "let me choose" option for us high-controllers out there.
If you have your source disks that came with the machine and any software you purchased and installed, then all you need to back up is your documents and settings (and those of other users if it's a shared machine with multiple user IDs). As long as you have kept your important files inside the hierarchy of "My Documents" and/or your desktop, this form of backup will get those files and back them up. If you've taken to saving your files in special folders you created like C:\Letters, C:\Finances, then you are going to need to choose the "Let me choose" option and select those folders individually.
Next you will have to tell the utility where to save your backup and what to call it. Backups should be stored on external hard drives or CD's/DVD's. Imagine a disk crash event and the feeling you get the moment you realize that your backup file was on the disk that just started smoking and threw that shower of sparks.
Ungood.
Using removable media allows you first of all, to have your data in a separate place from where the fault occurs that causes you to need it. It also allows for an easy "grab-n-go" in the event of some kind of disaster that requires you to evacuate.
I recommend a USB 2.0 external hard drive that is at least as big as your internal disk. Data transfer is fast, you won't run out of space, there's no messing with swapping out optical media every time it gets full, and you can unplug it when the backup is complete and store it with your source disks and important papers.
If you have followed this advice and find yourself needing to recreate your computer, all you have to do is boot from your "System Restore" disks and let them put all the programs and the operating system back on the new drive. Next, start the backup utility and select "restore files" and put all your documents back, and voila, good as new (and probably running faster!).
Vista (and Windows 7) users click The button previously known as Start, All Programs, Maintenance, Backup and Restore. Once it starts, click "Change Settings" to begin. This version of the utility is a little nicer. It allows scheduling a regularly recurring backup, and also has options for a system recovery disk and a disk image backup.
Speaking of images...
Disk images are the next step in data protection. Where a regular file backup requires you to install the operating system and software (and backup program if you made your backup with a third-party product) before you restore your files, a disk image creates a snapshot of the entire disk in its current condition. Basically an exact duplicate of the drive, in a file. Sure, it's a BIG file...but if you have a disk as big as, or bigger than your internal drive, it's not a problem.
Programs that create image backups often have an option to create a system recovery disk, like the above mentioned Vista/7 version of Microsoft's backup utility. The recovery disk allows you to boot from it and restore your image directly to a blank disk. Eject the CD and restart the computer and you wouldn't know the difference.
The trade-off between an image backup and a file backup is speed. Obviously the image takes considerably longer. In exchange for that headache, you get convenience of a one-stop deal. If you can schedule the backup to occur overnights, the image may be the way to go.
One important note on Imaging. A disk image can not be restored onto a hard disk in a computer with different hardware. It will only work on the same machine it was taken from because of drivers and hardware specifications, so don't make an image and then try to restore it to a different PC.
Business Backups
If your business runs on one computer with simple records kept in the My Documents folder, you can use one of the above methods to backup your data.
Most businesses don't run that simply though. At the least there is usually something like Quickbooks or Microsoft Office Accounting, or some other way of managing accounts. Complexity only grows from there. Larger outfits run databases and web applications and employ multiple machines to accomplish all their daily tasks.
In this kind of environment it is impossible to get everything covered, so you have to set priorities. #1 will no doubt be your accounting and customer relationship applications, #2, any other vital business apps, and #3, the desktop computers.
Starting at the bottom of the list, a good practice is to set up your environment to be as homogeneous as possible. Workstations should all be the same model computer with the same internal hardware. That way you can install the operating system and all the applications, then take a baseline image, and if any one of them crashes, you can restore all of them from the one image.
Moving up to business applications, often this comes down to a case-by-case evaluation. Business systems should be backed daily, at least backing up the changed data every day, and getting a full backup of everything at least once a week.
Business systems should also be backed up to multiple removable media devices that can be removed from the premises. Media should be rotated through the week and taken off site to ensure data safety in case of a building disaster. You can pay for a service to come and pick up your backups, or you can take them home with you. It all depends on your comfort level and budget, but you should keep them off site. Don't leave them in your car though.
For any business environments with centralized servers providing applications, a tape device is probably going to be the way to go. Tapes are very portable and dependable. They stand up well to the greatly increased handling that they will endure as a business backup device. They are also fast and can hold a lot of data, as tape drive technology has made advances right along all other technology.
Although I have really only scratched the surface of this deep topic, I hope this is helpful information for you. I hope you decide to start backing up your important data. It would be a shame to lose those vacation pictures...but it might provide a good excuse to go back!
Schreibnet Technology LLC can help you implement a backup strategy that works for you or your small business. Feel free to leave comments with questions you may have, or contact me via email to scott at schreibnet dot com.
Friday, January 30, 2009
Inauguration: Windows 7 Beta
Welcome to the inaugural post to the Schreibnet Technology, LLC blog.
Schreibnet Technology LLC is a business registered in the State of Ohio providing Information Technology services to individuals, businesses, and non-profits in the Northeast Ohio area. We are a family business with top customer service and professionalism as our #1 priorities. For more information, please look at our web page.
Now that the introduction is done, let's have something useful!
Well...maybe, maybe not. I am going to review the beta of Windows 7, the next generation of Microsoft's infamous operating system. I don't know how useful it will be since you can't buy it or get it on your new PC's yet, but perhaps it will be helpful for when that day comes.
The Name...
The PC vs. Mac commercials used to be funny, but they have gotten absurd. In particular, the recent one making a big fuss about the name of the OS. Gee, they're not going to call the next version "Vista" like they did with the old one! That sounds shady!! Not!
Particularly ironic is that it comes from a company that gives us OSX. What was before that? OS9, and its predecessor OS8...I think you see where I'm going.
To try to make hay from the name Windows 7 is a stretch; an indicator that the premise has "jumped the shark." Moving On.
Installation
Installation is straightforward. If you've installed Windows XP from DVD, you've seen it before. The difference is that Windows 7 installs quite a bit faster than a clean install of XP SP2.
There is the usual partition manager in the beginning, which allows you to determine how much disk you want to allocate to Windows. Once that's done you send it on its way and it completes pretty quickly.
Hardware detection went better than expected. I installed it on an HP/Compaq dc5700 small form factor business desktop.
Even before they merged, HP and Compaq computers were a hassle to work with. They are tightly packed with proprietary hardware, and generally unfriendly. The parts have to be replaced with genuine HP or Compaq parts or they probably won't work. That's been my experience with them, and so I expected that without a CD full of drivers from HP written specifically for Windows 7, I might have a nice door-stop on my hands.
I was wrong. Windows 7 installed perfectly and detected all the hardware without a hitch, including network and sound card. Setting up the sound card on this model of PC is a feat I can not duplicate with Windows XP SP3! Impressive.
The only thing it has failed to detect and install automatically is an older D-Link USB wireless network adapter. For that I had to download the driver from the manufacturer. The only one they had was for XP and Windows 2000. I expected failure here...but it worked. Another pleasant surprise.
This is beta software. That means it's not ready for prime time, and the programmers expect to get lots of feedback about all the bugs. This is why I expected it not to do so well with the hardware.
Boot up
One of the biggest complaints with windows is boot-up time. After a system has been running a while, it seems like you can hit the power button, go make a sandwich, eat it, step out for a smoke, grab a soda (or a pop, or a coke) and return to the computer just in time to log in. Windows 7 is supposed to be a lot better on boot time, with sub-minute boot time advertised.
I compared the Windows 7 install against my home workstation (a Dell). My XP machine at home is a 3.4gigahertz pentium 4 with 1 gigabyte of ram and 250gig mirrored hard drive. The HP has dual 1.8gigahertz CPU's, 1.5 gig of ram, and a 75 gig hard drive. Doing CPU tests, the HP outperforms my desktop soundly.
Boot time on my desktop is 41.54 seconds to login, 40.41 seconds to desktop after that. Total time: 1:21.95.
Windows 7 got to the log-in screen in 41.56 seconds, and reached the desktop 33.21 seconds after that, for a total boot time of 1:14.77. That surprised me. I thought it would be much quicker, but its not bad at all. This makes me think that Windows 7 would boot much slower on my desktop, but it's not really a good comparison. I'll have to dig up another dc5700 that still has XP on it and time that one.
At any rate, it's still pretty quick. 40 seconds to the login screen makes it seem pretty nice for the average user. Where people will run into trouble is when they start loading all the junk that loads at start up and set their instant messaging, email, sidebar gadgets, and other programs to start when they log on. That will take that time from logon to desktop up, up, and awaaayyyy.
Interface
So what's it look like? Not bad. Here's a screenshot:
Looks like Vista.
This is with a theme applied. The monitor I'm using is a wacky wide screen, that's why it looks long.
The calendar page and guages on the right side are the "Sidebar Gadgets." This is a place for info at your fingertips and there are a whole host of gee-gaws and doo-dads you can download and place here, from the mundane like calendars and clocks, to the rotating picture gallery, to news, stock tickers, games, weather, and all manner of other things if you're into that sort of thing. Some of them are pretty neat, but you can clutter up the desktop pretty quickly. Unlike Vista, where your gadgets were confined to the "sidebar," in Windows 7 you can plop them anywhere on the desktop, which means you can have more! Just remember, each one consumes a little cpu and ram.
The task bar is configurable, much like XP. You can put it on the top, sides, or bottom of the screen. The round Windows logo is the new Start button. the first three icons are akin to the "Quick Start" menu in XP. The icons on the task bar can be large or small icons. The screenshot has them set to large. One of my favorite new features is that when you hover the mouse pointer over the icons on the bar, you will see a small preview of what that window contains. Here, let me show you:
If you have more than one instance of a program running, you will get two previews. If you move your mouse up to one of the preview windows, all other windows on the screen will dim and the one you are hovering on will be shown in its position on the screen. Which brings me to this point: the fluidity and richness of features of the graphics is really nice. Another example is this: if you have a window that is maximized and you don't want it maximized any longer, but you don't want to minimize it, in XP you had to restore it, then move it to where you wanted it on the screen. In Windows 7 you just grab the title bar and start dragging. The window instantly reverts to its smaller size and goes wherever you drag it.
Applications
Does it work? I mean, can you do work with it? Yes you can. I have installed open office.org 3.0, firefox 3.0, visual web developer and SQL server. I've had Open Office open with a document, a spreadsheet, and a database, while SQL Server Management Studio backed up a database and VWD was open working on a web application while streaming music from the internet. I haven't had any problems with stability, the system hasn't locked, the applications haven't frozen or crashed on me. It has been an entirely pleasant experience. I must say I expected worse.
Summary and Conclusion
I think Windows 7 will be a winner. It's stable, robust, and aesthetically pleasing and configurable. There's a lot of "under-the-hood" stuff that makes it not vista. It's a full step forward this time, and I admit to liking it. So when that day comes and you must decide, I think you can say with confidence "Yeah, gimme Windows 7." If this is a beta, the consumer release should be outstanding.
Thanks for joining me. I will use this blog to talk tech. Some will be for users, some will be geared more toward professionals, but my intent is to post relevant and useful tips and information to make your life with computers a little better. I take requests also, so feel free to comment or email with questions or topic suggestions.
See you next time!
Schreibnet Technology LLC is a business registered in the State of Ohio providing Information Technology services to individuals, businesses, and non-profits in the Northeast Ohio area. We are a family business with top customer service and professionalism as our #1 priorities. For more information, please look at our web page.
Now that the introduction is done, let's have something useful!
Well...maybe, maybe not. I am going to review the beta of Windows 7, the next generation of Microsoft's infamous operating system. I don't know how useful it will be since you can't buy it or get it on your new PC's yet, but perhaps it will be helpful for when that day comes.
The Name...
The PC vs. Mac commercials used to be funny, but they have gotten absurd. In particular, the recent one making a big fuss about the name of the OS. Gee, they're not going to call the next version "Vista" like they did with the old one! That sounds shady!! Not!
Particularly ironic is that it comes from a company that gives us OSX. What was before that? OS9, and its predecessor OS8...I think you see where I'm going.
To try to make hay from the name Windows 7 is a stretch; an indicator that the premise has "jumped the shark." Moving On.
Installation
Installation is straightforward. If you've installed Windows XP from DVD, you've seen it before. The difference is that Windows 7 installs quite a bit faster than a clean install of XP SP2.
There is the usual partition manager in the beginning, which allows you to determine how much disk you want to allocate to Windows. Once that's done you send it on its way and it completes pretty quickly.
Hardware detection went better than expected. I installed it on an HP/Compaq dc5700 small form factor business desktop.
Even before they merged, HP and Compaq computers were a hassle to work with. They are tightly packed with proprietary hardware, and generally unfriendly. The parts have to be replaced with genuine HP or Compaq parts or they probably won't work. That's been my experience with them, and so I expected that without a CD full of drivers from HP written specifically for Windows 7, I might have a nice door-stop on my hands.
I was wrong. Windows 7 installed perfectly and detected all the hardware without a hitch, including network and sound card. Setting up the sound card on this model of PC is a feat I can not duplicate with Windows XP SP3! Impressive.
The only thing it has failed to detect and install automatically is an older D-Link USB wireless network adapter. For that I had to download the driver from the manufacturer. The only one they had was for XP and Windows 2000. I expected failure here...but it worked. Another pleasant surprise.
This is beta software. That means it's not ready for prime time, and the programmers expect to get lots of feedback about all the bugs. This is why I expected it not to do so well with the hardware.
Boot up
One of the biggest complaints with windows is boot-up time. After a system has been running a while, it seems like you can hit the power button, go make a sandwich, eat it, step out for a smoke, grab a soda (or a pop, or a coke) and return to the computer just in time to log in. Windows 7 is supposed to be a lot better on boot time, with sub-minute boot time advertised.
I compared the Windows 7 install against my home workstation (a Dell). My XP machine at home is a 3.4gigahertz pentium 4 with 1 gigabyte of ram and 250gig mirrored hard drive. The HP has dual 1.8gigahertz CPU's, 1.5 gig of ram, and a 75 gig hard drive. Doing CPU tests, the HP outperforms my desktop soundly.
Boot time on my desktop is 41.54 seconds to login, 40.41 seconds to desktop after that. Total time: 1:21.95.
Windows 7 got to the log-in screen in 41.56 seconds, and reached the desktop 33.21 seconds after that, for a total boot time of 1:14.77. That surprised me. I thought it would be much quicker, but its not bad at all. This makes me think that Windows 7 would boot much slower on my desktop, but it's not really a good comparison. I'll have to dig up another dc5700 that still has XP on it and time that one.
At any rate, it's still pretty quick. 40 seconds to the login screen makes it seem pretty nice for the average user. Where people will run into trouble is when they start loading all the junk that loads at start up and set their instant messaging, email, sidebar gadgets, and other programs to start when they log on. That will take that time from logon to desktop up, up, and awaaayyyy.
Interface
So what's it look like? Not bad. Here's a screenshot:
Looks like Vista.
This is with a theme applied. The monitor I'm using is a wacky wide screen, that's why it looks long.
The calendar page and guages on the right side are the "Sidebar Gadgets." This is a place for info at your fingertips and there are a whole host of gee-gaws and doo-dads you can download and place here, from the mundane like calendars and clocks, to the rotating picture gallery, to news, stock tickers, games, weather, and all manner of other things if you're into that sort of thing. Some of them are pretty neat, but you can clutter up the desktop pretty quickly. Unlike Vista, where your gadgets were confined to the "sidebar," in Windows 7 you can plop them anywhere on the desktop, which means you can have more! Just remember, each one consumes a little cpu and ram.
The task bar is configurable, much like XP. You can put it on the top, sides, or bottom of the screen. The round Windows logo is the new Start button. the first three icons are akin to the "Quick Start" menu in XP. The icons on the task bar can be large or small icons. The screenshot has them set to large. One of my favorite new features is that when you hover the mouse pointer over the icons on the bar, you will see a small preview of what that window contains. Here, let me show you:
If you have more than one instance of a program running, you will get two previews. If you move your mouse up to one of the preview windows, all other windows on the screen will dim and the one you are hovering on will be shown in its position on the screen. Which brings me to this point: the fluidity and richness of features of the graphics is really nice. Another example is this: if you have a window that is maximized and you don't want it maximized any longer, but you don't want to minimize it, in XP you had to restore it, then move it to where you wanted it on the screen. In Windows 7 you just grab the title bar and start dragging. The window instantly reverts to its smaller size and goes wherever you drag it.
Applications
Does it work? I mean, can you do work with it? Yes you can. I have installed open office.org 3.0, firefox 3.0, visual web developer and SQL server. I've had Open Office open with a document, a spreadsheet, and a database, while SQL Server Management Studio backed up a database and VWD was open working on a web application while streaming music from the internet. I haven't had any problems with stability, the system hasn't locked, the applications haven't frozen or crashed on me. It has been an entirely pleasant experience. I must say I expected worse.
Summary and Conclusion
I think Windows 7 will be a winner. It's stable, robust, and aesthetically pleasing and configurable. There's a lot of "under-the-hood" stuff that makes it not vista. It's a full step forward this time, and I admit to liking it. So when that day comes and you must decide, I think you can say with confidence "Yeah, gimme Windows 7." If this is a beta, the consumer release should be outstanding.
Thanks for joining me. I will use this blog to talk tech. Some will be for users, some will be geared more toward professionals, but my intent is to post relevant and useful tips and information to make your life with computers a little better. I take requests also, so feel free to comment or email with questions or topic suggestions.
See you next time!
Subscribe to:
Posts (Atom)