Category Archives: Windows

Easy updates with iOS and Linux vs bomardment from Windows

Posted on by

When I want to check email on my iPod Touch, I simply unlock it, load the email application, and read messages. What a joy. The tool works and works for me. It is my servant, instead of me being its servant.

Compare that to my corporate Windows Laptop. I open the lid and unlock it, wait for corporate anti-virus (I think) to chew through the I/O on my machine for several minutes. Then I can read my email using the unimpressive and slow Lotus Notes (I’d rather be using Thunderbird, Outlook, or speedy mutt).

Or compare to my home Windows Laptop. I open the lid, log in, and am bombarded with requests from several programs to install updates. I just want to check my email, not be attacked with annoying “update me!” windows. I see one from Thunderbird, another from Adobe Flash, another from Mozy and another from Firefox. By the time I’ve upgraded, sometimes I’ve forgotten what I wanted to accomplish in the first place.

Apple has it right with updates for the iPod Touch: They stay out of my way until I want to bother with them, and then they’re all manged together.

Linux has it right: A single package manager updates everything, in one shot, including from third parties.

I’ll continue to use Windows. There are other benefits, even though third-party updates are annoying.

Worth the money: Automated, online backup

Posted on by

10 February 2010

Yesterday, I found out I’d lost over three thousand calendar entries, and I had lost them five months ago. Fortunately, I had been using an automated, online backup service and was able to restore the missing data.

I found out about my loss when I searched for a phone number on my Palm TX that should have been in my calendar, but was missing. I wondered what was up, and started going through my calendar a month at a time. I noticed that calendar entries after Sept 7, 2009 were present, but nearly everything before that was missing.

My Palm TX is synchronized frequently with Windows, and infrequently with Linux. My Linux copy of the calendar wasn’t going to help me, because it was missing the calendar entries as well. The same was true for the Windows copy.

The Palm-to-SD-card backup that happened every night wasn’t going to help, because it deletes any backups older than seven days old to make room for the new backups. I needed something that stretched back five months or more.

The backup of my Linux computer wasn’t going to help me, because I overwrite my old backups with new copies of the same files, using ‘rsync’.

I thought my Mozy backups worked the same way. Fortunately, I was partially wrong. Mozy keeps point-in-time backups of some files. I don’t know how they determine which files to do it for, but they did it for my Palm Pilot calendar database file. I was able to restore my missing calendar entries, which was a huge relief.

I heartily recommend automated online backups. Manual backups aren’t done by most people and if they are done, they’re sporadic and incomplete. My intermittent manual, replace-the-old-files style of backup to USB hard drive wouldn’t have allowed me to restore the calendar entries. The $5/month that I spend for online backup was very worthwhile, and easy to justify considering that it’s less than the cost of eating out for lunch. It’s less expensive than a cell phone or monthly internet service.

If you aren’t already doing automated backups, I recommend that you sign up with an online backup service today. Here are some recommendations:

  1. Dropbox is the most popular. Works on Windows, Mac, Linux, iPhone.
  2. Spideroak is the second most popular. Works on Windows, Mac, Linux.
  3. Alternatives to these, including Mozy, which is what I use for Windows: http://alternativeto.net/desktop/dropbox/.

A word of caution: backups can’t work miracles. If a file was corrupted BEFORE it was backed up, no backup solution is going to be able to solve the problem. This is why I make two copies of all photos from my digital camera BEFORE deleting them from the camera. Still, if the memory card in the camera contained corrupted images, even this wouldn’t be good enough.

The missing calendar entries were, in fact, not missing. They were corrupted. I found this out by running jpilot-dump -D | sort -r on my linux computer. I had 3462 blank entries listed on 12/31/1969. The first time I restored my Windows datebook.dat, and hot-synced, all of the restored records were again “deleted” because my Palm though it had the more current copy of those records in 1969. I had to purge the records from my Palm before hot-syncing with the restored datebook.dat file.

Techrepublic has a Review of 10 outstanding Linux backup utilities, many of which work on other platforms as well.

Personal solutions (not hosted):

  • Simple Backup Suite for Ubuntu and Fedora, which does full and incremental backups, on a schedule or manually. Install it on Fedora by running “yum install sbackup“. Configure and run by running “/usr/bin/simple-backup-config
  • fwbackups, of which Techrepublic says, “This is, by far, the easiest of all the Linux backup solutions.”
  • Rsnapshot
  • Duplicity which is a command line utility, and is recommended by http://rsync.net

Backup that laptop!

Posted on by

Recently, a relative called and said her laptop wouldn't boot. She wondered whether I could help. I asked if she had a backup. "No" was her answer.

I booted into linux (using Knoppix from a bootable CD) and attempted to back up her Windows account to an external USB hard drive. As I worked with the laptop, I discovered it was shutting itself off. On my second attempt, I managed to make a successful backup.

I tried running the system restore, but it would fail at random intervals. Next, I booted into the System Rescue CD and ran the memory test. It shut at random intervals during each memory test. I figured it couldn't be the hard drive that was at fault, but that the hard drive had probably gotten corrupted from the computer powering off suddenly.

My relative took her laptop to Geek Squad to see if they could diagnose the problem. They ran the system restore, and it succeeded. They didn't do any further troubleshooting. They charged her $50.00 without solving the root problem. It continued to shut off at random intervals.

A colleague of mine looked at the computer, and found that the heat sink on the CPU was clogged with dust. Most likely, the CPU was getting too hot and powering off. He removed the dust buildup, and from then on, the laptop seemed to work well. I was able to restore the files, and my relative was much happier.

And she bought an external USB hard drive to do future backups. Good thinking.

I use Mozy for automated, regular backups of my most important files. It's not a complete solution for my whole hard drive, but it's far better than nothing, and it only costs $5.00 a month. For linux, I need a similar solution. It turns out that there is one: spideroak. It runs on Windows, Mac and Linux. And it can synchronize files between several computers.

Fedora 10 lacks “wow” appeal; OpenSolaris 11

Posted on by

I upgraded one of my machines to Fedora 10 last month, and for me, this release lacks the “wow” appeal that other releases have had. A minor annoyance is that the keyboard repeat delay is broken for me and so far, there is no fix other than disabling keyboard repeat. On the plus side, Fedora 10 includes OpenOffice.org 3 and other new features. Be sure to check out the Common Issues people have experienced with Fedora 10.

The other day, a co-worker handed me an OpenSolaris 11 Live CD. I booted it, expecting to be underwhelmed like I was with the Solaris 10 JavaDesktop. I was pleasantly surprised, however. Sun’s “Nimbus” GNOME theme knocks the socks off of the boring Fedora window manager themes. The experience felt like I was running Linux. It was responsive, supported my newer hardware, and the system was built with GNU utilities on the command line so I get my favourite options to ‘ls’, ‘grep’, etc. It supported my NVidia card out-of-the box, and had Compiz eye-candy as an option. The only thing I missed (in my superficial test) was the familiar ‘yum’ and ‘rpm’ for package management. I suspect that if I used it from day to day, I’d find other things I miss. Does OpenSolaris support encrypted file systems? Does it have as much optional software as I can get with Fedora Extras?

I’ll keep my eye on OpenSolaris a little more closely in the future.

Products to avoid

Posted on by

The nice thing about mass-market commercial software is that I can purchase it at a small fraction of the cost to develop it myself, which I would never do because I don’t have the time. Unfortunately, home-user mass-market software seems to lack quality. Here are some that I recommend against.

  • Greeting Card Factory. When I opened the package, I discovered that the software shipped on about six separate CDs! I purchased the software in 2007 — an enlightened age where most people have DVD drives. I’m impatient, and disliked having to play disk jockey to install the software. Once installed, I discovered that it’s cumbersome to use — too much clicking with the mouse required to get the job done. There’s no good preview of card greeting messages in the template browser, so I have to load each one in, click through the buttons to see the message, and then start all over again to find an appropriate card. It sure is a waste of time. The best greeting card software I’ve used was American Greetings, but that version was designed years ago and required inserting CDs to load some of the cards. Hallmark’s software was the most polished, robust, and least annoying, but I liked the quality of cards from American Greetings better.

UPDATE: There is a good way to preview greeting card messages in the template browser — you have to increase the zoom level to the maximum, and additional preview controls become visible.

  • Symantec and McAffe AntiVirus. They slow down a computer too much (by 20% or more!). Anything that annoys my grandmother about activation is too much of a hassle. Switch to AVG Free. I run Vista with an unprivileged account, and so far, I haven’t needed AV. I ran AVG Free on Windows XP for several years, and never got a virus — because I didn’t download and install random software — and because my user account didn’t have administrative privileges.

There’s hardware to avoid as well:

  • Kodak printers. I decided to give a Kodak printer a try because of the promise of cheaper ink. The printer has been a constant hassle ever since we purchased it. Just tonight, even after selecting the best print quality, it still printed every other line as faded and smudgy. My wife seems to know the ritual to make it print better, but she’s not here at the moment. Avoid Kodak printers at all costs. Go with an Epson or an HP — they provide quality results. If a laser printer fits your needs, they’re usually more reliable than an inkjet printer.

What programs are listening to the network?

Posted on by

Sometimes, I’d like to know what programs on my system are listening to the network, and to quote the Perl motto, “there’s more than one way to do it”. On Linux, there’s lsof -Pi and netstat -p. On Windows XP and Vista, there’s the built-in netstat -b[v] -a and a separate utility called tcpview. I’ve included example usages and outputs.

lsof (Linux)

sudo lsof -Pni

COMMAND     PID    USER   FD   TYPE DEVICE SIZE NODE NAME
python     1886    root    4u  IPv4   6621       TCP 127.0.0.1:2207 (LISTEN)
cupsd      1898    root    3u  IPv4   6663       TCP 127.0.0.1:631 (LISTEN)
cupsd      1898    root    4u  IPv6   6664       TCP [::1]:631 (LISTEN)
cupsd      1898    root    6u  IPv4   6667       UDP *:631
sshd       1912    root    3u  IPv4   6711       TCP *:22 (LISTEN)
httpd     20084  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20085  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20086  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20087  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20088  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20089  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20090  apache    4u  IPv6   7293       TCP *:80 (LISTEN)
httpd     20091  apache    4u  IPv6   7293       TCP *:80 (LISTEN)

netstat (Linux)

sudo netstat -lp --inet --numeric-hosts

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address    Foreign Address  State   PID/Program name
tcp        0      0 0.0.0.0:ssh      0.0.0.0:*        LISTEN  1912/sshd
tcp        0      0 127.0.0.1:ipp    0.0.0.0:*        LISTEN  1898/cupsd
tcp        0      0 127.0.0.1:2207   0.0.0.0:*        LISTEN  1886/python
udp        0      0 0.0.0.0:ipp      0.0.0.0:*                1898/cupsd

Where’s httpd? It should be there, and it is, when I exclude the --inet option:

Proto Recv-Q Send-Q Local Address    Foreign Address  State   PID/Program name
tcp        0      0 :::http          :::*             LISTEN  2038/httpd
tcp        0      0 ::1:ipp          :::*             LISTEN  1898/cupsd

TcpView (Windows)

Download and start TcpView. From the menu, choose File > Save. Here’s the output from the file.

Process           Protocol Local Address            Remote Address   State
svchost.exe:1064  TCP      jareds-xp:epmapi         jareds-xp:0      LISTENING
System:4          TCP      jareds-xp:microsoft-ds   jareds-xp:0      LISTENING
svchost.exe:976   TCP      jareds-xp:3389i          jareds-xp:0      LISTENING
nxssh.exe:2032    TCP      jareds-xp:11000          jareds-xp:0      LISTENING

netstat (Windows)

Note that this runs quite slowly on Windows.

netstat -bva

Active Connections

Proto  Local Address          Foreign Address        State           PID
TCP    jareds-xp:epmap  jareds-xp.mydomain.com:0  LISTENING       1064
c:\windows\system32\WS2_32.dll
C:\WINDOWS\system32\RPCRT4.dll
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ADVAPI32.dll
[svchost.exe]

TCP    jareds-xp:microsoft-ds  jareds-xp.mydomain.com:0  LISTENING       4
-- unknown component(s) --
[System]

TCP    jareds-xp:3389  jareds-xp.mydomain.com:0  LISTENING 976
-- unknown component(s) --
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ADVAPI32.dll
[svchost.exe]

TCP    jareds-xp:11000  jareds-xp.mydomain.com:0  LISTENING       2032
[nxssh.exe]

TCP    jareds-xp:3389  jareds-xp.mydomain.com:0  LISTENING 976
-- unknown component(s) --
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ADVAPI32.dll
[svchost.exe]

Palm TX: There’s more than one way to install an application

Posted on by

When I got my Palm TX, I didn’t realize that the Palm Desktop software wasn’t completely compatible with Windows Vista. For example, I can’t install new palm apps via hot syncing. Here are some alternative install paths:

  1. Attach the pdb files to an email, and send it to myself. Use VersaMail to retrieve the message, and install the pdb attachments.
  2. Use the web browser to download and install a pdb file.
  3. Have someone beam it using the IR interface.
  4. Have someone send it using bluetooth.
  5. Install from an SD card. I haven’t verified that this works.

While I’m at it, it seems like configuring Linux to hotsync with Palm devices can be a pain. As an alternative, I think I’ll get an SD card and use nvbackup to backup to SD, and then copy the backup from SD to my Linux box and use it with JPilot.

There’s more than one way to do things, especially for a Palm equipped with built-in WiFi, bluetooth and an SD expansion card.

Disk Encryption: Not as secure as I thought

Posted on by

Apparently, it’s easier than I thought to recover disk encryption keys from a stolen laptop computer. The attack works against “several popular disk encryption systems: BitLocker (a feature of Windows Vista), FileVault (a feature of Mac OS X), dm-crypt (a feature of Linux), and TrueCrypt”. Watch the demonstration video at http://citp.princeton.edu/memory/.

The root of the problem lies in an unexpected property of today’s DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn’t so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.

Encrypting a disk drive does increase the confidentiality of data. It’s just not as secure as once thought.

Sidenote: Software and hardware based key loggers can reduce the security of encryption as well.

Vista’s VirtualStore silently causes problems

Posted on by

When our household bought a Vista laptop, I migrated our install of Quicken 2002 to the new computer. My wife and I have separte accounts, and we update the checkbook separately. When she went to balance the checkbook, she noticed that my entries were missing.

On further investigation, it turns out that when I run Quicken, I can see my entries, but not hers. When she runs Quicken, she sees her entries, but not mine. It appeared that we are using two different databases. Quicken 2002 is supposed to write its files to the c:\Program Files\QUICKENW directory. I had given each of our non-Admin users access rights to write to that directory. I installed Process Explorer so that I could see what files Quicken had open, and their location. It turns out that Quicken was writing its files to C:\Users\[USERNAME]\AppData\Local\VirtualStore\Program Files\QUICKENW. Why was it doing that? What is this VirtualStore thing?

Apparently, Windows Vista enforces security policy and doesn’t allow applications to write to C:\Program Files. Instead, it redirects badly behaved applications, like Quicken 2002, to write files to a per-user VirtualStore directory, and it does this silently (for backwards compatibility). I wish Vista had simply denied write access to Quicken, so I would have known that there was a problem early on, before getting into this mess of having two diverging checkbook databases. I like the additional security that Vista enforces, but it’s inconvenient in subtle and exasperating ways.

Now I need to figure out how to merge our separate copies of the checkbook.

Update: I never did merge the two quicken databases.