Sunday, February 9, 2014

So, 2012 and 2013 went by without an update.

Time flies when you're having fun, and when life is happening all around you.

Biggest event, hands down, in the past two plus years is the loss of my father, Linus Strelecki, who passed away on June 27th of 2013. He had been in declining health for about two years, and as his live-in caregiver there were many things to be done that distracted me from the world of blogging. He spent several stints in the hospital during that time, most recently at the beginning of June, 2013. I think that last visit was something like seventeen days, and we moved him from there to a very comfortable hospice in north Atlanta.

I think when we knew that hospice was in the plan, we all felt that we were seeing Dad in the final stage of his long and productive life. Sister Susan came down from Iowa and stayed with him in the hospital, sleeping in his room and waiting on him around the clock. She basically dropped everything she was doing to come be with Dad and to take care of him and talk with him and do whatever she could to make that time more comfortable for him. To say she went above and beyond would be a terrible understatement.

Susan did what none of the rest of us could do - assist Dad in the twilight of his life to taste great food, drink wonderful beverages, and have his only daughter by his side 24/7 to talk, reminisce, and be able to enjoy those last days. She was wildly successful, and we all owe her a large debt of gratitude for what she did. Thank you, Susie!

Meanwhile, Mom has had her own health decline, as she slows down in her early eighties. As Dad did, she has her own regimen of prescriptive medications that one doctor or another feels she must have to improve the quality of her life. I do for her what I did for Dad, and take her to her appointments, get her meds refilled, help with the shopping, and now, in Dad's absence, much of the cooking and cleaning in addition to a full-time job. I have no regrets or upsets about my availability for her at this stage in my life. I figure that Mom and Dad were there for me at the beginning of my life, and I will be with them at the finish of theirs.

I am blessed to be able to give back to my parents my time and effort, when they can most use it. It's kind of wonderful how everything has turned out. I mean, when I came to live with them in 2002, it was because I needed the help. The IT business was devastated with the tragedy of 9/11/2001, as were many other industries, and if it weren't for their generosity and graciousness, I'd probably be out on the street somewhere. They brought me in, gave me a wonderful place to live, and life went on for all of us.

A few years later, Dad crashed his car one morning on the way to work, and we discovered that he'd suffered a blockage in the arteries in his neck. One side was over seventy percent occluded, which is not a good thing. We got him into surgery to clean out those pipes and he recovered quickly and was back to normal, all except for driving. I assumed driving duties, and was happy to do so. We'd go for drives to see the beautiful environs of Atlanta, get some fresh air, do grocery shopping and other errands. In a lot of ways, Mom and I still think of Dad sitting in the back seat as we drive places, calling back to him as if to ask "What are ya doing, Pop?"

Next month I'll celebrate the beginning of my fourth year working with some of the greatest people I've ever had the privilege to know. The Smith family is an extended group that has been my boss, mentor, educator and friend, and to say that they have been a major force in my life would be another gross understatement. A compatriot I've known for almost twenty years from "the Comsell days" has reminded me of how an intelligent mind and wonderfully wry sense of humour can absolutely make the workdays a learning and satisfying experience I would not want to be without. I love all these folks dearly and am so lucky to have met them, been enriched by them, and to have accompanied them on their own life journeys. My mind boggles if I think about it very long.

My Mom asked me if I was happy, and I'm sure I mumbled something indiscriminate and nebulous, because she can ask me those important questions when I least expect them and are ill prepared to give them the thought and care they deserve. Well, I've thought about it and I am prepared to say YES, I am happy. Knowing that I've made it this far, past my sixtieth year, with reasonably good health (albeit overweight) and attitude makes me happy. I choose to dwell on that because it's the best thing for me and everyone around me.

So yeah, I've been away from the blog for awhile, but life happens when you don't expect it. I hope to be here more often, but in the meantime, go tell someone you love how you feel. Do it today and don't wait. There will be no better time than now to share your feelings, and you never know what could happen tomorrow. You will never regret that action.

Thanks for stopping by. See y'all again soon.

Sunday, November 13, 2011

Reflections on Windows

I've been using Windows since about 1988, so that gives me about 23 years of experience. I began, as many others did, using a runtime version of Windows to power an application like PageMaker, Ventura Publisher, Excel or Word. I started using the full version sometime around Windows/286 or /386, versions optimized for then-leading edge CPUs. I know that Windows 3.0 was a mainstay for me, as were 3.1 and the wonderful 3.11 version for Workgroups. I remember attending promotional events at movie theaters in 1995 to obtain beta copies of Windows 95 and thinking that the world had changed, even if just a little bit.

My friend Jimmy Hooker once called Windows a "clown suit for DOS", and in the beginning it was a DOS app that was started by typing WIN at a C:\> prompt. In those days, others were developing DOS-compatible operating systems (chief being DR-DOS) that could run the fledgling Windows, so I'm sure that was motivation for Microsoft to glue together the OS and the GUI to create Windows 95. If you had that, you didn't need any other version of DOS (or Windows), and your computer booted up to a graphical desktop with start button, taskbar and clickable icons to run programs.

Simpler to install, run and repair, even if it did come on fourteen floppy diskettes.

Windows 98 was a refinement, and 98SE was the DOS/Windows perfected. I had a better time, explored more new frontiers, learned about networking and got more work done with 98SE than any prior DOS-based version. Keep in mind I had been using it for seven years already. 98SE was THAT good.

Millennium Edition was a strange animal, thought by many to have little if any reason for existence. It tried to hide its DOS underpinnings and made troubleshooting more challenging. I suppose in many ways it was pointing the way to what the future was to bring.

Windows NT started life in 1993 as version 3.1, because the current DOS version was at that stage, but it was built upon a sturdier base, an all new OS that was not based or derived from DOS. Some very talented folks came to Redmond and built this foundation that we still use today. They called it NT for New Technology, and it shared an arena with IBM's OS/2 (which had been co-developed by Microsoft). At that time I was writing training courseware for OS/2 and had the opportunity to run it every day, see it up close and personal, and I came to respect the divergence and stability it brought to a world of mostly DOS-based alternatives.

OS/2 was a wonderful product, but Microsoft marketed the heck out of Windows 3.0, 3.1, and Windows 95, and so OS/2 languished as hardware technologies continued to advance rapidly and device drivers were created for Windows first, and maybe OS/2 later. Many enterprises were built on the stability of OS/2 (like banks) and are still using it today. But Windows continued its metamorphosis from DOS to NT, and we got Windows 2000, a spectacularly capable platform for business and power user, alike. I loved Win2K, and I gained a whole new appreciation for the stability and speed that was promised in NT 3.1.

All of this leads to the release of what is still the longest-lived version of Windows in all its history - Windows XP.

During testing, I heard comments calling XP the Fisher-Price OS and other less-than-repeatable names, but it brought the stability of the business Windows to the mainstream user/consumer, and there would be no looking back. XP was so popular, that it's successor, Vista, was roundly criticized for slower performance, inconvenient security, compatibility and UI reorganization. My first thought was "Where is everything?" and in retrospect I see Vista as the departure that Microsoft needed to make to get Windows ready for the challenges that lay ahead.

Security issues have plagued the platform since its early days, mainly due to its DOS-based heritage. But the brilliant idea to make users operate at something less than administrative power was a turning point, just as activating the firewall in XP with a late service pack. Another plus for Vista was the User Account Control, or UAC, that alerted less-than administrative users when something was being installed or needed to change something within the system. UAC would have been a much better idea had it been designed into the foundation of the OS, and not grafted on as a service.

Windows 7 saw the same type refinements that XP had over 2000. It was a better version of Vista, and I originally liked to refer to it as Vista Second Edition. I continued to use XP and its 64-bit incarnation as my primary OS platforms until the first service pack for Windows 7 was offered.

I figured that with all those initial patches and security fixes baked into Win7 SP1, I could hit the ground running with a fully up-to-date Windows and take that new baby out for a REAL spin.

I had to relearn the interface, as many of the most easily discoverable features had changed locations and names, just as I had seen in my first encounters with Vista. But I persevered, learned as I went, and realized that the process of learning a new OS could actually be fun again, something I had not experienced in years. Windows 7 used an image based install method, as did Vista, very different from the XP and prior generations, which used a file based process. My tools and approaches that I had spent years honing and perfecting were no longer usable, and again I thought that this was not the way I wanted to go.

But I was wrong.

Even with the greater complexity of the installation customization process, even with the fact that my toolset would change almost completely, and even with the realization that this was a whole new world of Windows, I finally came to know that it was better, it was more capable, and it was, indeed, the way I wanted to go.

I have met some highly gifted and talented people online in the years I have been technically active. Some of them have shined lights for me on this new mysterious animal called Windows 7, and showed me that it does work, it can be better, and has the potential to take me and those who use it to the next level. I would say that without their insight and motivation, this would be a much different experience, working in the new Windows world.

And in September 2011, when the Developer Preview of Windows 8 was released, I did not hesitate (as I had for many years) to jump in with both feet and check it out on a daily, production basis. Yes, I had been having power management challenges in Win7 (bluescreen crashes after idle periods), and maybe that pushed me forward. I can say that my Windows 8 experience has been nothing short of wonderful. I am looking ahead once more to what the next generation of Windows can do for me, as well as what new methods and processes I can create to bring my decades of technical expertise to the next level. For myself, and those I support in the technical universe.

Thanks for reading. See you next time.

Friday, August 27, 2010

Why is the Internet So Dangerous?

The short answer is that typical Windows-based PCs use Internet Explorer as the default web browser and run all applications with the rights of the Administrator, with complete and uncontrolled access to every aspect of the machine and all things connected to it. That includes private data, personal files, and anything else stored on the hard drive or reachable by local area network. And the Internet is a global network that reaches places beyond the purview of our government and without the protections of our laws, where criminals run wild and are free to pillage unsuspecting people in an environment very much like our own 19th century American Wild West.

The long answer is, well, LONGER.

If you purchase a personal computer today, at retail, online, or through any other channel, you typically get an "IBM-compatible" system running Microsoft Windows Seven, Internet Explorer as the web browser, Windows Mail as the default email client, and a built-in firewall that you would think would protect your computer like the word firewall implies. Seven also features a security addon called User Account Control (UAC) that provides interactive prompts and dialog boxes to inform the user that some program or process needs to make some change or install itself on the system. The UAC is what the Apple TV ads parodied by constantly and mindlessly asking the PC over and over whether to "Cancel or Allow" something that was happening on the computer.

In a perfect world, the typical user would be literate enough to understand the manner in which a modern PC goes about its business, but the fact is that even we "experts" are hard pressed to keep up with the rapidly changing environments embraced by the industry. Not only has computer hardware continued to evolve and change, but to an arguably greater degree it's the software, operating systems, applications, and utilities, which have morphed well beyond their relatively simple beginnings to become larger, more sophisticated, and more challenging to install, configure, maintain, debug and update.

THe Windows of 1992 shipped on a half dozen floppy diskettes, totaling less than about 10MB of storage space. Windows Vista shipped fifteen years later on a 4400 MB DVD. That's a BIG difference and a great example of the point I'm making here.

I was there for Windows 3.1 and the much improved Windows for Workgroups 3.11. I installed them on top of DOS, I edited and modified CONFIG.SYS and AUTOEXEC.BAT files to change the environmental parameters those versions of Windows would use while running on the PC of that day. It wasn't simple to do then, and while there are no text-editable system boot files on the Windows Seven systems of today, it's STILL NOT EASY. In fact, it's arguably much more difficult to tweak and tune a modern system to make it work faster and more reliably, mainly due to the sheer size of today's ubiquitous Windows operating system, installed on almost nine of every ten computers sold in the world.

We ask today's PCs to do much more than we did of the systems from 1992. We have faster processors, bigger memory models, higher capacity storage systems that come in more varieties than Baskin Robbins has ice cream. We have networks that span the whole of civilization and interconnect people and businesses that might otherwise never come into contact with each other. We have software that simulates alternate realities with immersive graphics and sound in so many channels we have to invent new terms to describe them. We have more people using more computers more often to do more things than ever before in the history of mankind.

The sheer scope of this technology is so gargantuan, its growth so uncontrolled and unregulated, that seamier elements have found ways - many ways, at that - to subvert the design and intended utilization of these wonderfully powerful inventions we call personal computers, which, unfortunately, have little in the way of security and protective mechanisms to shield us from this onslaught of viruses, Trojan Horses, worms, bogus websites, phishing and pharming methods, ID theft, child pornography, terrorist propaganda, and all the other types of malicious software whose sole purpose is to steal, plunder, rape and destroy the very fabric of our society.

Yeah, it's THAT important. But there's more. A LOT more.....

Nothing of which I've written here is unknown or unfamiliar with the people or corporate conglomerates who founded and operate our technology industries, manage and promote our internetworks, develop and market our software, or produce and distribute the media which entertains and educates us all via radio, TV, video and print channels. Some are more keenly aware of these failures but for reasons motivated by financial gain they make conscious decisions to ignore the effects and continue with business as usual, to the detriment and harm of all consumers, everywhere.

It's not a good thing. But maybe we should ask ourselves a much different question than "Why is the Internet So Dangerous", maybe we should ask "Why are we so vulnerable and unprepared for all the crap going on around us?"

The short answer to THAT question is related to what I've said previously - it's a big world, a far reaching technology, ever-changing in range and ability, with little opportunity for "regular folk" to assimilate sufficient understanding of the nuances that might come back to bite them in the butt. Hardware and software and networks and technology in general has gotten TOO BIG for the layperson to ever be able to grasp, either in whole or in part. I know this because as a technology professional in the business since 1975, I can't even hope to keep up with all the different directions and implementations presented and promoted on a daily basis. IT'S TOO MUCH FOR ANYONE TO FULLY UNDERSTAND, let alone try to communicate to others.

What I hope to be able to do, and let's face it - it's a BIG THING - to help find one or more ways to make it easier to teach technology consumers ("users") not just about the sizzle, since the marketeers of Wall Street have seen to that in their own convoluted and confounding ways, but about the steak, the REAL meat of what's important. I want the user to understand the ramifications of choosing steak over the alternatives, of eating the steak, how the steak gets made and delivered to them for consumption. Why Chicken may be better than Steak, if I can exercise a creative tangent in this thought.

Some things in life are just NATURALLY SIMPLE, even though they may employ sophisticated technologies. I'm thinking of a toaster in the kitchen. You put a slice or more of bread into it and slide a lever to make it go. That is simple. And while toasters of the past employed controls for the amount of time the bread was subject to those heated coils, and it would be easy to turn it up so high you'd burn the toast, today's technology uses an automatic monitoring system that toasts your bread to some median level and then presents it for your enjoyment. No smoke, no alarms, no runs, no hits, no errors.

And before you accuse me of comparing toasters and PCs, or apples and oranges, let me say that comparing these things is not what I'm trying to do here. It's my intention to relate the simplicity and ubiquity of a device that does something with automatic precision and user protection, taking much of the choice, for lack of a better term, out of the equation. If our PCs worked more like toasters, the user wouldn't have to deal with slowdowns, infections, corruptions, crashes, bluescreens and freeze-ups, data thefts and criminal trespassing the way they do in the Real World. Yes I know the comparison is imperfect, but so am I, and that's what you get.

So - what IS the answer, really?

It starts with user education, training and awareness, and encompasses marketplace transparency, regulatory control, manufacturing checks and balances, distribution protection, vendor accountability, international standardization, easier access to technical support, and less expensive and more efficient onsite repairs when things do go wrong. Hey - it's a START, anyway. What would YOU do? I'm all ears on this one.

The term CHANGE is being bounced around a lot this political season, and there seem to be a number of definitions of the word, sometimes so many I think the word change itself is changing too much to get a firm grip on it. Here's the deal - what we've got now doesn't work, and it hasn't worked for years, and it's going to get a LOT worse unless we pull back now and take stock of what's important for the greater good, and begin traveling a path that has some sense and sensibility to it, and not just in things technological. OK, there. I said it.

I wasn't a regular, practiced creative or journalistic writer before creating this blog, but I can see how getting words on paper, or a website page, can make me feel better and tell my readers something they might not have read elsewhere. Feel free to enlighten me if you're so inclined. I am appreciative of thoughtful, reasoned, and informed contributions. Have at it, Pilgrim.

Thanks for reading today!

Saturday, June 19, 2010

Ways to Secure and Optimize Microsoft Windows Computers

Windows has a long history of security problems, performance issues and exploitable weaknesses, due to its design and implementation. Many of these issues can be mitigated, controlled or eliminated by performing these actions:

1. Build new systems with all updates and security fixes built-in. This is called a monolithic "bare metal" clean install, whereby all updates and service packs are slipstreamed into the initial installation media so that when setup has completed, the system is totally up-to-date and does NOT need to visit Windows/Microsoft Update website to download any additional patches. Also, the default services (background processes running) are reconfigured to turn OFF any and all that are unnecessary or that provide attack vectors to hackers. Service trimming also results in systems that run faster and more reliably, and that have less capability to be infected or compromised. These systems are inherently more secure and reliable than vendor purchased or store-bought (retail) PCs, as they have been updated, reconfigured and secured PRIOR to ever being connected to any network, especially the Internet.

1A. This same process can be applied to EXISTING PCs by preserving all data, reformatting the hard drives and reinstalling Windows and required applications. The backed-up data is restored and the system operates more securely, more reliably and significantly faster than before.

2. On existing systems, it is imperative that they have all updates, security patches and hotfixes installed as soon as possible. Providing the system is not already infected or compromised, these updates will further harden the system and protect it from intrusion. Windows Update and Microsoft Update are the two main sources on the Web to analyze systems and download required patches, though there are other sources from both Microsoft as well as third trusted parties.

2A. Existing systems should be examined to determine whether any running services should be terminated or deactivated. Services are set to one of three levels - automatic, manual, and disabled. Sometimes it's advisable to alter the state of a service from automatic to manual, so instead of starting up at every boot, it runs only when needed by the system. Disabling a service will prevent it from ever running, and is an excellent method to secure and protect a Windows system.

3. Performance can be significantly enhanced with regular filesystem maintenance, like deletion of temporary files and internet caches, defragmentation of hard drives to better organize and collect files, registry examination, optimization and repair, prefetch folder cleanup and reorganization, temporary folder and premium swapfile placement, virtual memory settings, and more. These changes can result in systems that boot faster, shut down faster, and operate more smoothly and with fewer errors (BSODs, lockups, spontaneous restarts, and the like).

4. Security software MUST be employed as additional layers of protection for Windows PCs. Even fully patched and up-to-date systems are still prone to user errors and drive-by malware installations.

4A. Foremost is anti-virus running in real-time, available to scan all user and filesystem activity and scan for infections or dangerous programs. This is especially important on systems that have access to the web, and doubly important for all PCs running Internet Explorer as the default browser.

4B. Some kind of anti-spyware that can do real-time checks of the system to prevent the installation of rogue software that can subvert all other protective measures (like fake anti-virus or security apps that look just like the real things). If bad software gets on a system, it's Game Over, so we MUST prevent this at all times. User training will only go so far, and the system must be able to defend itself at all times, even at the expense of performance.

4C. Some kind of software firewall will control both unsolicited inbound connection attempts as well as suspicious outbound connections. This can also be controlled by using an expanded, read-only hosts file or a freeware program like Peerblock which will prevent the system from connecting to IP addresses known to be dangerous or problematic.

5. Regular (non real-time) scans for these items will provide another layer of security, so that if somehow, some way real-time protections are ineffective or faulty, the daily or weekly scans will expose anything that might have gotten into the system. There are many very capable applications like Spybot and Malwarebytes AntiMalware that can cleanup (as well as protect) a Windows box, and other tools like Viper and Norman can cleanse systems already infected by booting from a clean boot disk (CD or DVD) and scanning the entire hard drive.

6. A real-time network segment monitoring system, not connected to the internet, can be a great tool that observes all local network activity, examines firewall entries, and sounds alerts via email or IM in the event of a suspicious data transfer or LAN action. This monitor runs inside the firewall on the LAN, analyzing and logging all activity. Even if something is found later, having evaded all the above defenses (like sabotage or employee hacking), a log will be maintained that can be used to trace and identify the nature of any unauthorized activities or actions.

7. There is the notion that Linux PCs are less prone to security problems than Windows systems, and this is largely correct. The idea, however, that Linux systems are immune or impervious to viruses, malware, phishing or penetration is a myth, as ALL systems are inherently insecure and imperfect. By using Linux at the workstation, we avoid client-side, user issues like ActiveX and Internet Explorer security holes, HTML integration into the operating system (Outlook Express and Outlook are affected by HTML exploits), and the general attraction of Windows as an exploitable target due to its dominant installed base (as well as other evil motivations).

7A. Linux operates on a more secure level by making users sign in at boot time, and run as a user, NOT administrator, and requesting a password for any action that would change the system or affect its security or stability. Windows Vista and Windows Seven have added a User Access Control, but this is easily circumventable by malware, and can be (and often is) deactivated entirely by users who tire of the constant request to verify whether what they are doing is indeed what they really want to be doing.

7B. Linux at the server can save considerable amounts of money, and while it may be more challenging to setup and administer, the initial licensing cost savings can be a significant offset. The savings in vulnerability likely outweighs the purchase savings by avoiding completely the inherent weaknesses present in the Windows platform. For example, prior to Vista and Seven, Windows users operated as full administrators by default, having complete and total control over everything on their systems, a capability shared by all programs (good and bad) installed on those systems.

This is only one approach to securing and optimizing Windows systems. Because of their pervasiveness in the world of technology, and due to the ever changing nature of the threats and their sources, we must reevaluate and retest our methods and processes continually to have any chance of remaining safe and secure in our computing. Be vigilant, stay aware, presume problems and have a multi-layered remediation plan available with properly trained people and capable, updated tools ready to be used anytime they are needed.

This is my method, my approach, and my perspective. Your mileage may vary (YMMV).

Thanks for reading. See you again next time.

Wednesday, May 26, 2010

Ubuntu 10.04 Rocks the House

WOW.

Ubuntu 10.04 is one awesome operating system.

I took the leap of faith necessary and installed with WUBI, so I now have a painless, dual-booting system with XP SP3 and Ubuntu 10.04 LTS. I had already downloaded the ISO file back on release day (April 29th) and burned it to CD, and WUBI didn't even ask me whether I wanted to install from it - it just did it, and I like that a LOT.

This box works in the back room, with a wireless USB adapter for networking, and those drivers were installed without issue, automagically, as part of the install. The Windows boot menu has a new entry, so I can boot Ubuntu anytime I feel like it. I thought about virtualization, having used VirtualBox a lot in the Windows world, but I had not used WUBI in a long while and wanted to see how it was working. The answer is Pretty Darned Well.

My previous system setups with Ubuntu never quite got the hang of the proprietary nVidia video drivers. For any of several reasons, I was always unsuccessful in getting them installed and working properly. That changed with 10.04. I never saw the level of eye candy I see now, with zooming windows and wavy windows - the kinda stuff we got a lot more of in Windows Vista and Windows 7. I still think the UI is a place for interesting stuff, but too much can be a real distraction, especially when you are unaccustomed to it.

Like all good experimenters, I tried the LiveCD route first, and it worked well enough to convince me a real live WUBI install would work well enough to be usable. So far, it's working well enough for me to write this entry in a text editor, and upload it to my Blogger account. I'd say that was a positive endorsement, but this install is still very young. A few shutdowns, restarts and productive, working time will tell the bigger picture.

This new Ubuntu is a Long Term Support edition - that's what the LTS in the name stands for - and will be supported for three years on the desktop and five years for the server edition. I am hoping for a strong start followed by NO SURPRISES, a stable system that allows me to get actual work done, and the opportunity to explore this wonderful free OS that appears to have so much potential and promise.

I had saved my Firefox profile from the Windows side and copied it to the Ubuntu environment so I have all my bookmarks, login IDs and passwords, and everything I need to use the browser just as I do with XP. A simple Google search revealed the location to put the files, and once copied, Firefox started in the same spot on the screen, showing me the same home page and quicklinks, and I was off the races, baby! Everything works just like it used to, including the buttons on my mouse, and that means it's easier to move ahead.

(Remind me to expound sometime on why application profiles are so damn cool....)

Download speeds are just a hair faster than XP, but that's preliminary and will be tested often and thoroughly for a more complete report later. It's looking good so far.

The desktop is working perfectly with this widescreen monitor (1920 x 1080), and those nVidia drivers really kicked the video performance up a few notches. I've already done my first system update, and everything installed without a hitch and so I imagine I am running a fully up-to-date Ubuntu system as I type this.

This box also hosted a very recent install of Windows 7 Professional, and that worked well but remains too different for me to invest the time to relearn, as I continue supporting users with XP and older versions and can see that continuing for quite some time. I will likely virtualize a Win7 install so I can look at it up close from time to time, but as for making it my primary platform, I don't see that happening anytime soon.

OK, because this Linux chapter is just getting underway, I won't bore you with idle chatter or boasts of recent technical accomplishments (can you say Windows rescue disk on USB flashdrive?). There is never a boring time at the Strelecki Labs, and I hope to keep you abreast of what's happening with these blog entries. For now, I will return to my new universe and continue the journey. Live long and prosper!

Thanks for reading. See you next time.

Monday, March 29, 2010

Clean Install, 2010 Edition

Why is the Clean Install important to you and your computers?

Is your desktop or laptop PC suffering slowdowns, freeze-ups, spyware or virus infections, frequent popups, Trojan Horse compromises to your personal data, system crashes or bluescreens of death (BSOD)?

PCs are not usually updated with the latest service packs, security patches and upgrades. They MAY have an anti-virus program running, but few are protected by software firewalls, browser protections, script blockers, anti-spyware, system cleanup, or any kind of general malware protection, let alone automated backup and recovery. That's a fact of life, unfortunately. And the bad people who distribute malicious software ("malware") know this and bank on it - with YOUR money.

PCs typically have a variety of applications installed and uninstalled, hardware and software configuration changes made, updates added, patches and security fixes applied, device drivers installed and then abandoned for other, newer devices, all kinds of stuff connected (like music players and PDAs), stuff disconnected, and in general see lots of things come and go in their life as a tool for business, an outlet for creative expression, playthings and game players, and all the other functions we do with our computers. Bottom line: we get these machines into a pretty tattered state as we use them, and they tend to slow down and misbehave more and more as time passes.

A typical unsecured, non-updated, unpatched retail computer, or one that's seen active duty in the trenches of technology, WILL slow down, crash, freeze, bluescreen, become compromised/infected at some point in time. Hey, the Web is a jungle, where outlaws operate uncontained and unrestrained, and you gotta be secure and protected against the tidal wave of crap that is everywhere out there.

That's where I can help.

I will wipe the hard drive with a full and complete reformat, install a SECURED and FULLY UPDATED copy of Windows that has been tweaked and tuned to minimize its vulnerabilities and maximize its performance along with updated device drivers. Then I'll innoculate the PC to protect it from malware, install safer web applications like Firefox and Thunderbird, defrag the drive and spend some time testing everything. Then take a snapshot of the finished installation and save it to CD/DVD so it can be restored quickly and easily should the same thing happen again. Live and learn.

I've setup new laptops that bootup in around twenty seconds, and late-model desktop systems that are ready to go in about thirty. I can't guarantee these numbers for older hardware, but I can tell you that a clean, secure, optimized installation of Windows, along with a balanced set of security software, can and will make your computer run better, faster, longer and more reliably than it ever has before. Really.

There are MANY performance optimizations that can be made to a typical retail PC that will make it work better, and I know LOTS of them. I've been using many of them personally and professionally for years, and I know the ones that really DO work, and those that don't.

I've been doing custom installs on PCs for over twenty years, and secured, high performance Windows setups for most of that time. I KNOW how to make your old hardware run better and faster and more reliably, because I don't install all that crapware that slows you down and hogs hard drive space, and I will install the latest updates and service packs, all secured and tweaked to run at blazing speed. I'll download all the latest drivers so your hardware works as well as possible, and test networking, video and sound to be certain I did it right.

I AM NOT A MAGICIAN. I cannot make bad hardware mysteriously work again. There will be times you might NEED some hardware upgrades/repairs to make your system operate at peak performance. If your computer has only 256 MB RAM, that will limit you - a LOT. 512 MB is a better place to start, and 1-3 GB RAM truly makes the PC work better, faster, longer. For XP I like to recommend 1 GB as a minimum, and 2 GB as a minimum for Vista and Windows Seven. More is always better, best determined by your workload and the type of programs you use.

Hard drives control how fast you can go - usually the larger the drive, the faster it works. 7200 RPM drives work much better than 5400 RPM or 4200 RPM drives, and of course, newer drives work better than older ones. The new solid-state drives (SSDs) have no mechanical moving parts, and are a great way to make your computer boot faster, run faster and cooler. Older systems will need a SATA interface upgrade, but most newer systems are ready to be upgraded to SSD.

If you don't need any hardware upgrades or repairs, I'll do your Bare Metal Clean Install of Windows for $199. Here's the deal: You bring the system unit to me (no mouse, monitor, keyboard or printer - just the CPU or laptop and power brick), along with a $100 deposit, then give me about five working days to get it all done, tested, and a customized restore disk created. When you pick it up. pay me the balance due. If you need it sooner, I can turn it around in two working days for just $249, or in one working day for only $299. Working days mean weekdays, Monday through Friday.

If you are REALLY rushed and need it THE SAME DAY, I'll usually do the work BY APPOINTMENT on a first come, first served basis. You'll make full payment in advance, and you'll need to have the system to me by 11AM at the latest to get it back by 7PM that same day. We'll need to talk about several things, so email me ASAP with your contact information. If I need to do this work at your location, we can do that, too.

Here's what YOU have to do: backup any and all data you want to keep. My Bare Metal Clean Install process will absolutely, positively destroy every last bit of data on the hard drive, both good and bad. This includes documents, downloads, pictures and music, as well as viruses, spyware, Trojans and all the other bad stuff. If I have to back up your data it will cost you AT LEAST $200 extra and probably more because everything will be scanned for malware and cleaned, saved to DVDs and then restored back to your newly repartitioned, reformatted, clean-like-a-baby's-behind hard drive. If you have an external USB hard drive, I'll use that to store your backup data.

I'll also need any CDs/disks that came with your computer, if available. You will need a valid Windows Product Key/ID sticker, usually located somewhere on the exterior of your computer system unit. This is five sets of five characters and is proof of your ownership of an OEM Windows license, and can be Media Center, Home or Professional edition, among others. If you have no license, I'll charge you between $90-$140 at current mail-order prices for an OEM copy to install. This includes upgrades from XP or Vista to Windows Seven. I would prefer using your license, and I want everybody to be happy knowing I'm doing this legally and above-board. Any additional application software or drivers will be installed by you, as well as drivers for your peripherals (printers, scanners, cameras, and the like). I can do it for you, and I'll give you a reasonable estimate upon request.

I've done these custom setups for many years with HUNDREDS of systems, and they ALL WORKED BETTER. No useless crapware, all the latest Windows updates, service packs and security patches, latest device drivers, antivirus, anti-spyware, firewall and other system security software, safer browser and email clients, hard drive defragmentation, boot-time optimization, BIOS tweaking, cooling fan cleaning, and a general physical inspection are what you NEED to get the most from your technology investment. I've been doing that long enough to GET IT RIGHT THE FIRST TIME. Every system is different, with its own set of requirements. I bring a lengthy experience and knowledge to every computer, including yours.

Bare Metal Clean Installs are just the tip of the iceberg.

I can also help you with: data conversions, backups, recoveries, network design, setup and security, user training and documentation, Internet connectivity, general information research, technical writing, digital media creation and management (audio, video, photos, etc.), spyware and virus cleanup, direct marketing with mail merge, website setup and maintenance, domain registration, remote PC access, printer and peripheral setup, and much more.

I work often with Ubuntu Linux and have found it makes a GREAT platform for typical computer work, like browsing the web, sending and receiving email, downloading video and audio files, creating and printing office documents, watching YouTube online videos, playing MP3 files, making Skype calls, using instant messaging (IM) and LOTS MORE.

I will be YOUR personal technology consultant, and help you OR YOUR BUSINESS move up to the next level of productivity. More choice makes for better solutions. How can I help you Make It Go today?

I'm located in Roswell, GA. You can use the email address below to contact me.

I've been doing this for DECADES, I have a very capable and powerful toolkit, I know what I'm doing, and I'll help you get back up and running the right way. The BETTER way.

THANK YOU for reading and Good Luck in all your computer and technology endeavors.

MARK STRELECKI, ACP
Computing and Programming Since 1975

markworks@strelecki.com

Wednesday, December 30, 2009

Change Isn't Always the Best Way to Make IT Go

I WANT to get to know Windows 7. I want to make the break from XP to "the latest and greatest". I want to be "up to date" with the latest version. I've got the hardware, and the experience. But something seems to nag the crud outta me.....

Where is everything? Why does it all look SO different? And why is it so darned PRETTY, with translucent window borders and retooled taskbar, but still suffers the slings and arrows of an insecure architectural foundation?

Maybe my foray into this brave new Windows 7 world is gonna be WAY more trouble than I ever imagined....

Okay, so I used the wonderful vLite program to create a customized install of Windows 7. Yes, I understand vLite was made for Vista, but I've seen lots of write-ups and blogs that told me it was compatible with 7. Truth is, 7 shares a very close and common heritage with Vista. It would have been more honest for the marketeers at Microsoft to call it Vista Second Edition, but that's beside the point.

My first steps into the Windows 7 UI, as they were with Vista, continually remind me that everything has changed, the old ways of doing things no longer apply, and the notion of "discoverability" is non-existent. Since I started using Windows in the version 2 days, including Windows/286 and Windows/386, the user interface has remained similar enough between versions that it was no big deal to figure out where to go and what to do when I wanted to do something. Anything. Even the change from Program Manager to Start button was easily assimilated and I moved on and got my work done.

And I was happy. I was able to help others figure it all out, too. I was the technical Go-To Guy at work, at home and among my friends and clients. And I still am, except for Vista and Windows 7. And before you tell me that I haven't spent enough time learning the new ways, let me remind you that a century after the automobile was invented, the steering wheel, gas pedal and brake remain in the same place, doing the same things in the same manner they always did. And drivers can move between vehicles seamlessly and without issue. The same could be said about other utilitarian items in our lives. It makes upgrading easy, a no-brainer. No (re)training and (re)orientation necessary.

The same could easily have been the case for Windows, but because they COULD change it, they did, and the path of experience and utility was torn asunder with a new twenty lane superhighway built in its wake.

So. What's an old dog, longtime user to do in this brave new world? How does the expert take what he or she already knows and make that work in the new paradigm? I thought it would be to simply dive in, get wet all over and start doing stuff the "new" way, but that's the major rub to all this. I can't do things the way I used to do them, the way I learned to do them over twenty-plus years, the way all those books in the office, that cost me so much money, tell me to do them. Heck, just buy some new ones and start from scratch. Right?

No freakin' way. Homie don't play dat.

You know, "back in the old days," WordPerfect was the King of the word processing hill, and when Word came along it offered an optional user interface that mimicked WordPerfect, as well as a help system for WP users. Each time I look at Vista/W7, I ask myself Why didn't Microsoft provide a similar facility to make the transition easier for users of prior versions? These days, a simple collection of Flash videos would do the trick, no need for an extended help system or emulated UI. But let there be no mistake - ANYTHING would have been better than what we got, which was left to figure it out for ourselves.

I am happy that I tried this test install of Windows 7 Ultimate on a secondary system, because if I had gone and set it up on the main production system, I'd be pulling my (remaining) hair out, yelling and screaming, and reaching for that nLited XP Pro X64 install disc and going back to the future.

SOME BACKGROUND

vLite was created by Dino Nuhagic ("Nuhi") as a way to customize Vista install media similar to his very popular nLite for XP. Since I have used nLite (or WinLite) for a few years, I got the knack of what I could change, getting help along the way from tech giants like Charles M. Sparks, AKA Black Viper (www.blkviper.com) and forums like RyanVM.net, DriverPacks and Digital Life, among others. vLite creates a customized install DVD with MY settings and MY configuration, based on the research of the aforementioned Sparks and Company, so I can get Windows MY WAY from the moment Setup is complete.

The great thing about WinLite is its ability to integrate updates, patches and fixes, as well as an entire universe of updated drivers (thank you Wim Leers and distinguished crew at DriverPacks.net) and configuration tweaks to make a version of Windows that is current, faster, safer, and more reliable than anything you can buy at retail or online.

OEMs have NO CLUE how to setup Windows to be resistant to malware (Firefox and extensions are your friends) or viruses (Internet Explorer is an invitation to disaster). They seem to want to flood the new computers with trialware and demoware and what I call SHOVELware that consumes hard drive space and CPU cycles, not to mention adding prodigious amounts of "attack surface" to the system. For what? A few dollars more?

Way to go, guys. NOT.

Nuhagic, Sparks, Leers and the rest have freely given us the tools we need to generate the better way to install Windows, and by freely I mean that these technologies are provided AT NO COST and are free to download, install and use. Sure, like any sufficiently developed technology they will command some degree of technical prowess and understanding. In the Information Age, the search engines are your ticket to finding and leveraging the knowledge trails blazed by others, and then recounted and digested for those enterprising souls who take the initiative to learn new stuff. While I prefer to use Google, I see that Bing from Microsoft is an admirable and dependable second opinion when trying to find relevant information quickly.

By using these customization tools, in concert with applications that are safer (Firefox, Thunderbird, Open Office, Pidgin, ImgBurn, Skype, Foxit Reader, NotePad++, VNC, Hamachi and more), I can create a workspace universe that conforms to MY WAY (no highway option), and lets me get my work done and be creative and branch out to new stuff without limitation, confusion, or restriction. There's a lot to be said about doing things "the old fashioned way" but that's just my opinion and I could be wrong.

But I doubt it.

THE ROAD AHEAD

If I'm going to learn an entirely new user interface (UI), and a new organization for the computer, it would behoove me to investigate further the challenger and "underdog" that is Ubuntu Linux. Yes, I know that it will be WAY different than XP and 2000 and Millennium and 98 and 95 and NT and 3.1.... But Ubuntu is free from licensing restrictions and hassles, open for the world to see and modify, and lighter weight to run faster and more securely than any modern version of Windows.

You've read my other entries about dabbling with Ubuntu, and how I was impressed that things just seemed to work "out of the box". But the challenge to get things done in a similar fashion will remain, as will compatibility issues, and the learning curve of a different universe of applications. But it seems to me that the best way to do this is what I have already been doing for years - start using programs that run on multiple platforms, and migrate to the browser as the center of the productivity mechanism. There are a LOT of great web apps out there and many more coming down the road.

Using open source, web-centered applications will make the operating system less relevant and easier to migrate, whether to newer versions of Windows or to Linux or the Mac, etc. It's a certainty that Windows will continue to "grow the bloat" and take on many new and varied functionalities traditionally reserved for application programs. If we go down that road, and drink the Kool-Aid, as it were, the harder it will be to make the eventual break (if that's what we want) or migrate to safer, more reliable platforms, including mobile computing and ARM-based netbooks, or whatever else the future might hold for us.

Here's the Plan, as it stands now: STAY WITH XP and all its field-tested, battle-hardened features, and use programs that are available on the other major platforms (Linux and Mac) as much as humanly possible. This alone may be the major challenge for some users and enterprises, getting weaned from the Redmond teat. But mark my words: the future will be brightest for the pioneers and trailblazers, not the me-too followers and the technological fashionistas.

NEXT UP - trailblazing and pioneering at the Strelecki Labs outside Atlanta. On the shopping list are Chrome OS, Ultimate Edition Ubuntu, Jolicloud, Moblin, and anything else that comes this way that looks like it could be reliable, safe and productive, and maybe even a little fun. That's the plan, Pilgrims. Wish me luck.

Thanks for reading.

Tuesday, December 15, 2009

Seven to Get a Second Shot?

Yes, I know I've been railing against Windows Seven and declaring it unfit for my own use, but in the meantime I've been doing lots of reading. LOTS. It seems that this new Windows OS may have some architectural enhancements I was unaware of when I made my high-minded pronouncements, stuff like better utilization of multicore CPUs, actually useful security for antivirus and malware, supercharged network file transfer speeds, and probably more I can't think to gush about right now.

This is not to say I was wrong in my previous analyses regarding Seven's lack of killer features over the venerable and not-so-long-in-the-tooth XP, but it is an admission that I was ignorant of some of the less obvious improvements that have been engineered. That, and I got a FREE COPY at a Microsoft event a while back and have decided that it's just too difficult to leave the darned thing sitting on the shelf and keeping dust off the floor.

My plan revolves around using W7 as the main OS and then virtualize XP if (and when) I encounter a must-have application that has problems working correctly in the new environment. Whereas XP64 would allow me to install an unsigned device driver, W7 "don't play that game" in an effort to preserve system integrity and stability. And that's OK, but for the record, I've not had any problems in XP64 using unsigned drivers. In fact, XP64 has been working sterlingly for six months now, with no bluescreens AT ALL, and that's running 24-7 (no pun intended) as my main workstation.

I am intrigued by web discussions of W7's better affinity management on systems using multicore CPUs, the Intel Core I-series, in particular. My current workstation uses the Core I7-920 on an MSI X58 motherboard with 6GB tri-channel DDR3 RAM, and I'm very interested in testing the ability to get ALL the horsepower I paid for when I do things like transcode video, compress and uncompress files, and do serious multitasking with office productivity apps as well as multimedia processing and web-based browsing, downloading and whatever else I want to do.

As I prepare for this next bare metal clean install, I am assembling the latest drivers and application versions, as well as planning the best way to set it all up. The idea will be to setup W7 (likely Home Premium x64) and tweak it and tune it, then install VirtualBox and XP Pro (x86 this time) to do those (hopefully few) things W7 will refuse to accommodate. I am wary of the reach that DRM has made into MS operating systems, as well as the sheer volume of services that run by default at every boot. My intention is to minimize those services (the Black Viper is your friend) in an effort to maximize performance and eliminate third party controls on my computer.

So for now, the Strelecki Labs are in planning phase, assembling all the good stuff needed to make a clean install successful, as well as taking stock of these last 180 days (give or take) of using XP64. I'll keep you posted as I move ahead.

As always, thanks for reading!

Saturday, September 19, 2009

Seven Is Not The One (For Me)

I dunno if I should be shocked, surprised or disappointed.

One of the last things I did while experimenting with various OSes on the Acer laptop was to take stock of the size of the install - the amount of space it took up on the hard drive. I figured it might be a good way to compare the relative "weight" or volume of each OS and then evaluate that in terms of the usefulness and productivity of the environment.

My assumption was, as history has shown, that the newer OSes would be bigger than older ones, and that turned out to be true. But in a Really Big Way.

In a nutshell, both Vista and Windows 7 were ten times the size of XP. Or bigger. That was a something I had not anticipated, and based on another important factor - performance - I came to an easy conclusion as to which OS - XP, Vista, or Windows 7 - was the best one for me. It's XP by an order of magnitude. Based on a pure bang for the buck value analysis, it would seem apparent that any OS thats ten times bigger and only fractionally better, if that, isn't worth the time, money and hassle of upgrading.

As I've written here and elsewhere already, the fact that the interface (look and feel) changed more than the underlying architecture (file system, security controls, API, etc.) tells me that the newer versions are more concerned with how they look than how they work. And that might not be a bad thing, but for me and the thirty-five years I've been using computing technologies, and the time delay between the release dates of XP and Vista, I would have bet money on the fact that the Very Smart Folks at Microsoft would have done the best they could to make their flagship product the very best it could be. You know - more secure, faster, more reliable. That kinda thing.

But that's not the case.

An operating system is traditionally defined as the "software heart of the computer, ...a set of programs that manage the hardware resources of a computer, provide the environment for application programs to run and provide the user interface." I think it's fair to say that Windows has grown quite significantly since its initial release in November of 1985, in size as well as functionality. Originally, Windows was not an operating system, but instead a graphical application environment that ran on top of PC- or MS-DOS. It was another ten years before Microsoft combined MS-DOS and the Windows GUI to create Windows 95. Windows NT shipped in July 1993 and was a true OS, but it was mainly used in professional/business circles and not marketed to the mainstream user. It was developed by Dave Cutler from DEC and his crew of minicomputer engineers, not by 'Softies.

Shortly after Windows 95 was released, Microsoft decided to ship their own web browser which was later integrated into the operating system. This decision introduced a wave of vulnerabilities that are still being exploited fifteen years later. In fact, Windows continues to be extended with applications that are of elementary utility, designed for the simplest of users, many of which contain weaknesses that can compromise the entire system. The media player, paint program, email client and web browser (Internet Explorer with ActiveX and Browser Helper Object architecture) permit execution of rogue code ("drive-by install") that can compromise system security and in many cases allow remote control of the system by unauthorized users.

In Vista and Windows 7, a feature called User Access Control (UAC) was added to provide feedback to the user whenever an application or process needed to make an important modification to the system. More code was added to attempt to manage the old insecure/buggy code that was probably so ingrained in the system that changes or security fixes to it would probably break tons of exisiting programs. My takeaway is that backward compatibility is a liability that constrains the OS from taking the more/most secure route. Microsoft shipped XP SP2 and KNEW they would affect application operation but made that decision because of the tidal wave of infections that were plaguing the platform. It was the right thing to do, without a doubt, and the world became a tiny bit safer that day.

Vista shipped with an entirely new driver model, and for the X64 platform, finally enforced driver signing where XP64 had not. Both changes were made knowing that users would likely need new hardware devices, as many old ones failed to install or operate properly under Vista's "enhanced" UAC feature or other "improvements" made to the OS. This is a painful reality of the evolution of modern operating systems - progress at the expense of compatibility - but sometimes it's necessary to leave behind the old ways in order to achieve more powerful results in the newer versions.

Most operating systems that compete with Windows in the twenty-first century marketplace are based on Unix, which has a long history of being secure and reliable. The mechanisms of user authentication and process control are baked-in to Unix and its cousins Linux and MacOS X, not layered on after the fact, like the UAC. By default, Unix/Linux users MUST login to the system and provide credentials each time some important change is requested, like an application install, driver update or security patch. This is done for the most obvious reason, to protect the computer and ensure the reliable operation of the system.

Until we get a mainstream Windows version that has security architected from its core, and while we are forced to use addons, third party utilities, and access programs like UAC to protect ourselves, we will not have a safe harbor for our computing and data storage. Microsoft needs to take a deep breath, and make the leap that will truly benefit the world, and break with the dangerous ways of the past. We need a Windows that is built Ford tough, a version that's really professional grade, a Windows that takes a licking and keeps on ticking. Unfortunately for all of us, Windows 7 is not the one.