Monthly Archives: January 2009

Uncategorized

Useful Links: January 2009

A list of items I’ve come across recently that I found potentially useful, interesting, or just plain funny:

Uncategorized

Why adjustment layers are preferable to directly editing an image in Photoshop

I’ve been trying to improve my Photoshop skills recently including signing up for Digital Photography evening classes at a local college (which, 4 weeks in, are very disappointing) but I’ve also been picking up some tips at my local camera club.

At last night’s club meeting, John Winchcomb gave a very technical talk on tone and colour correction which I’m still trying to get my head around but that talk included a very useful tip: instead of reaching for the various adjustment options on Photoshop’s Image menu (including common options like levels and curves), consider creating a new adjustment layer instead. That way it is possible to go back and edit the adjustments as they are applied as a non-destructive edit rather than being directly applied to the image. Normally the adjustment layer will apply to all layers below but it can be created as a clipping layer to only affect the layer immediately below.

Other advantages to adjustment layers include the ability to selectively edit using an image mask and also to copy and paste adjustment layers in order to apply the same changes to multiple images.

Whilst on the subject of layers, it’s probably worth highlighting another tip I picked up recently: before doing anything in Photoshop, create a new layer by copy (Ctrl+J on a PC or command+J on a Mac) and work on that. Using this method, the original image will remain on the background unaffected, should you ever want to revert, or to compare the manipulated image with the original.

Site notices

RSS feeds migrated to a new host – hopefully everything is still working

For almost as long as this blog has been up and running I’ve been using FeedBurner to manage the RSS feeds. It’s been working well for years but Google bought FeedBurner a while back and tonight my feeds were migrated to the big G.

Those who are subscribed to http://feeds.markwilson.co.uk/marksweblog/ shouldn’t see any changes (at least not if I made the DNS changes correctly) but there may still be a few people subscribed using old feed addresses (e.g. http://feeds.feedburner.com/marksweblog/) and these might not always work (sadly this is outside my control). If you do find that my posts stop appearing in your RSS reader, please try resubscribing to the site feed.

Thanks for sticking with me.

[Update 31 January 2009: There seems to be a problem with the main feed as it's returning HTTP 404 (Not Found) error pages (even where DNS propagation is complete)]

[Update 1 February 2009: The 404s are fixed; a full description of what went wrong has been posted; please let me know (assuming you can read this) if you find any other issues with the feed].

Uncategorized

Running Windows 7 on a netbook

Now that the Windows 7 beta is out and my NDA has lifted, I can finally write about my experiences of installing Windows 7 on a netbook. In a word:

Sweet.

You see, Windows XP works well on one of these little machines but who wants XP? It’s eight years old (an eternity in IT) and, for anyone who’s used to working with anything remotely modern, it’s a bit difficult to step back to (I was recently forced to revert to Windows XP and Office 2003 for a month whilst my main machine was being repaired and it was painful). I could install Vista but even Microsoft doesn’t think its the right OS for a netbook (that’s why they allowed vendors to continue shipping XP). Meanwhile, much has been said about how Windows 7 requires fewer resources and I wanted to find out how it would run on a typical netbook.

My Lenovo S10e arrived in early December and before installing anything I took an image of the hard disk so that I could return it to factory state if required (Lenovo provides a Windows PE-based recovery image but that’s not much good if you’ve accidentally wiped the hard disk using a pre-release operating system). I could have used Windows Deployment Services for this, but it was just as easy to fire up an old copy of Ghost and boot from a floppy drive and universal network boot disk.

With the disk backed up, I set about installing Windows 7 in a dual-boot scenario (I still needed to drop back to XP occasionally for BBC iPlayer downloads – although since then the BBC has made a version of iPlayer available that runs on other platforms). This was where I found James Bannan’s step-by-step guide on installing Vista to dual boot with XP so useful – the process that James describes is not exactly rocket science but it is good to know you’re following a process that has worked for someone else – and it also works for Windows 7.

Following James’ notes I used diskpart to shrink the existing disk partition, create a second partition and install Windows 7 (with no optical drive available, I used a USB hard disk as a boot volume and Windows 7 installed quickly and easily). There were a couple of unrecognised devices (the Broadcom wireless card and the Lenovo power management but I installed the XP drivers (I would have expected Vista drivers to work but not XP) and they seemed to do the trick. Everything else worked as intended.

Next, I downloaded and ran EasyBCD to edit the boot options. The Windows 7 installation wiped the boot loader that Lenovo had supplied, so I have no access to the recovery volume but it was simple enough to put Windows XP back in as a boot time option (actually, it should be simple enough to put in the recovery volume when I get around to it).

With Windows 7 installed, the next items to install were Vodafone Mobile Connect (which installed using the same options as for Vista) and some antivirus software (I used the free version of AVG, although I’ve been having problems whereby the resident shield won’t start automatically and I have to deactivate it, save the changes and then reactivate it.

After a few more apps (Microsoft Live Meeting, Windows Live Writer, Google Chrome – not to use as a browser but to set up application shortcuts for Google Mail and Calendar) and I had the machine configured as I needed for roaming around, checking e-mail, writing the odd blog post, etc.

So, how did it perform? Absolutely fine. This machine has a 160GB hard disk, a 1.6GHz Intel Atom CPU, integrated graphics and just 1GB of RAM. 3D graphics support was great (with really smooth transitions – e.g. Flip 3D) and the Windows System Performance Index showed 2.2, which may not sound high but makes sense when you look at the subscores:

Component What is rated Subscore
Processor Calculations per second 2.9
Memory Memory operations per second 4.4
Graphics Desktop performance for Windows Aero 2.2
Gaming graphics 3D business and gaming graphics performance 3.0
Primary hard disk Disk data transfer rate 5.3

So, fast disk, fast memory, let down by the CPU and the graphics. Not surprising given the class of machine that we’re looking at here.

Task Manager shows that Windows 7 is using 650MB of RAM, which doesn’t leave a huge amount for Office applications but it’s fine for a bit of browsing, e-mail, blogging, and even watching videos. Regardless of the fact that the machine seemed to run well with only a gig of RAM, I decided to see if adding more would make a difference.

First, I tried ReadyBoost to see if it would increase system responsiveness, using an old 1GB SD card, but I have to say that I’m not sure it really made any difference. Then I bought a 2GB SODIMM from , taking the total installed to 2.5GB (for some reason, XP only sees 1.99GB but Windows 7 recognises the whole amount) and measured the stats again. Surprisingly, the score dropped, but only by a fraction as the graphics subscore fell to 2.1 with memory IO slightly up to 4.5 and all other scores unchanged (as might be expected – after all, none of those components had been upgraded).

Windows 7 System Properties on Lenovo S10e after 2GB memory upgrade

So, eight weeks after installation, what’s my verdict? Well that is probably pretty obvious by now – Windows 7 runs nicely on a little netbook. How it will perform on older hardware is anyone’s guess but it also seemed fine on my Compaq Evo D510SFF with a 2.4GHz Pentium 4 CPU and 2GB of RAM (albeit with basic graphics). On that basis, it should be fine for most corporates (although even Vista should also be, with tactical RAM upgrades) and the only barriers to adoption will be cost (of a desktop refresh at a time of economic uncertainty) and application compatibility (as with Vista). It’s also remarkably stable – and I’m still running the pre-beta code (build 6801 with the Blue Badge “tweak”).

There’s plenty written elsewhere about Windows 7 features but those were not the purpose of this post. The one thing I cannot ignore is that Microsoft is yet to make a statement on netbook support for Windows 7 although TechRadar includes the major points in its article explaining Windows 7 netbook system specifications. Microsoft’s problem is that revenues are lower on netbooks (if the hardware is sub-£250, then it’s difficult to sell an operating system at full price without making the Linux alternatives look more attractive) but they also wants to stop shipping XP.

It seems to me that this is purely a marketing issue – from a technology standpoint, Windows 7 (plus Windows Live Essentials) seems to be an ideal netbook operating system.

Uncategorized

A quick look at Windows ReadyBoost

My netbook it only came with 1GB of RAM, so I decided to see what effect the option to “Speed up my system using Windows ReadyBoost” would make (presented by Windows Vista and later when inserting removable media – more details can be found over on the Kodyaz Development Resources site).

First of all I tried a 1GB USB key that I’d been given with some presentation materials on it but Windows told me the device was not fast enough to use for ReadyBoost.

That was something of a surprise to me – I knew that not all devices were suitable for ReadyBoost but how could I tell why my device was failing? In his article, Is your flash drive is fast enough for ReadyBoost?, Ed Bott explains that:

“If you get a failure message when you first insert a flash device and try to use it as a ReadyBoost drive, you can click Test Again to get a second hearing. If the drive fails several tests, you can look up the specific performance results for yourself. Open Event Viewer (Eventvwr.msc) and click the Applications And Services Logs category in the console tree on the left. Under this heading, click Microsoft, Windows, and ReadyBoost. Under this latter heading, select Operational. The log entries in the center pane include performance test results for both successful and unsuccessful attempts.”

Sure enough, checking the logs on my Windows 7 system showed messages like:

Source: ReadyBoost
EventID: 1008
Description: The device (UT163 USB Flash Disk) will not be used for a ReadyBoost cache because it does not exhibit uniform performance across the device.  Size of fast region: 0 MB.

and:

Source: ReadyBoost
EventID: 1004
Description: The device (UT163 USB Flash Disk) will not be used for a ReadyBoost cache because it has insufficient write performance: 173 KB/sec.

173KB per second is about 10% of the required speed for ReadyBoost so I tried again, this time using a 1GB SD card.

First I saw an event to indicate that the card exhibited the necessary performance characteristics:

Source: ReadyBoost
EventID: 1000
Description: The device (Generic- Multi-Card) is suitable for a ReadyBoost cache.  The recommended cache size is 991232 KB.  The random read speed is 3311 KB/sec.  The random write speed is 3500 KB/sec.

and then a second event recording the creation of the cache:

Source: ReadyBoost
EventID: 1010
Description: A ReadyBoost cache was successfully created on the device (Generic- Multi-Card) of size 966 MB.

So, after creating the cache, did ReadyBoost actually make a difference?  It’s difficult to say – on a relatively low-powered PC (the one I used only has an Intel Atom 1.6GHz) performance is not blindingly fast and, as the USB ports (including internal ones used for devices like media card readers) rely on the main CPU for IO processing, it could be argued that use of USB attached memory would even compound the issue when the PC is running out of steam.  Those with faster PCs, or faster memory devices may see a difference.

Long Zheng has a good summary in his article which puts forward the notion that ReadyBoost works but that it’s not a miracle:

“I don’t agree with […] how ReadyBoost has been marketed and perceived by the public. ReadyBoost does not improve performance, it only improves responsiveness. It won’t make your system or [applications] run any faster, but it will make things faster to load and initialize to a working-state.

If you’re on a budget, then ReadyBoost is premium accessory that is definitely not value-for-money. You’re literally paying a price to slice milliseconds off loading times. But if you’re a professional or heavy business user, then ReadyBoost might be a cheaper, easier or the only alternative to upgrading memory.”

Long suggests that ReadyBoost is not value for money. I’d add that it may be if, like me, you have a lot of small USB keys that are doing nothing more than gathering dust on a shelf.  It’s probably not worth investing money in new hardware especially to use ReadyBoost though.  Indeed, one of Long’s readers (Tomer Chachamu) makes a distinction which is extremely important to consider:

“I am using [ReadyBoost] for several weeks now and I can confirm your experiences, that it helps a lot to improve the responsivness [sic.] of the system.

So it helps to make the whole system perform faster. So isn’t it the same?

High responsiveness: the system ‘feels fast’ and you don’t have to wait for something to load when you’re about to go to a command. (Example of high responsiveness: when you logon, you immediately want to go to the start menu and launch something. The time from logon to launch is a busy wait for you.) – this is affected by readyboost [sic].

High speed: the system performs computational (or I/O) tasks fast. (Example: you are ripping a massive library of CDs. It takes about 10 minutes. If it took less time, say by offloading floating point calculations to the GPU, then that would be high speed. It’s still longer than half a minute so the system is fast, but not responsive. When you’re encoding the CDs, you can do other useful activities, so it’s a non-busy wait.) – this is not affected by readyboost [sic].”

ReadyBoost is not about high speed – it’s about responsiveness (which explains why PC World were unimpressed when they tested some ReadyBoost-capable USB flash drives on Windows Vista).

In the end, I decided to buy some more RAM but, for those considering using ReadyBoost, it’s worth checking out Tom Archer’s ReadyBoost FAQ.

Get more memory at Crucial.com!

Uncategorized

Sound only coming from one speaker on your iPhone?

I’m now on my third iPhone 3G (in just 5 months):

  • #1 developed a crack in the case (and was replaced under warranty by Apple).
  • #2 showed light at the edge of the screen where it should have been covered with the black bezel (visible in a dark room), so yesterday Apple changed that for me too (on yet another visit to the Apple Store to try and get my MacBook fixed…).
  • #3 so far so good, except…

…I was playing some music tonight and accidentally covered the speaker with my finger. Then I noticed that sound only came out of one speaker. Arghhh!!!

It turns out that is normal behaviour. The left grill next to the dock connector covers the speaker, the right grill covers the microphone.

Checking out some of the forum sites reveals this is a common concern (there’s even a website dedicated to the topic) but nevertheless it had me worried until I googled it…

Of course, I could just RTFM – but where’s the fun in that?

Uncategorized

Windows 7 beta deployment tools

Those who are checking out the Windows 7 beta with a view towards automated deployments may be interested to note that a beta of the Windows Automated Installation Kit has been released for Windows 7 along with an open beta of the Microsoft Deployment Toolkit 2010.

Uncategorized

It’s time to take patch management seriously

Windows updates don’t normally feature highly on this blog… after all, they come along every month, you test them (perhaps?), install them, and leave things along for a few weeks. Sometimes there’s an out of band patch release and that ought to indicate that there is a significant problem that requires attention. So why have I been hearing so much over the last few weeks about the Win32/Conflicker.B worm with people panicking to update systems, install the latest AV updates, and generally try and catch up after being so lackadaisical in the first place?

Let me explain what I mean… according to an e-mail I received from Microsoft last week:

Win32/Conficker.B exploits a vulnerability in the Windows Server service (SVCHOST.EXE) for Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows 2008. While Microsoft addressed this issue in October with Microsoft Security Bulletin MS08-067, and Forefront antivirus and OneCare (as well as other vendor’s anit-virus products) helped protect against infections, many systems that have not been patched manually through Server Update Services and Microsoft/Windows Update or through Automatic Updates have recently come under attack by this worm. Attacked systems may lock out users, disable our update services and block access to security-related Web sites:

In response to this threat, Microsoft has:

It is our hope that these resources can assist you in resolving issues with unpatched, infected systems and that you can apply MS08-067 to any other unpatched systems as soon as possible to avoid this threat.”

I’m sure there are some people who feel that applying updates is an intrusion, an unnecessary interruption into the day (these are probably the same people that advocate turning off user account control…). Others will claim that other operating systems don’t need patching so often (I don’t know about the frequency of updates but patches on my Macs always seem pretty big and Linux is in one big patch cycle as the open source model is one of continuous improvement). Personally, I’m glad that Microsoft settled down to a predictable monthly cycle and for those who think that’s a problem because it gives hackers a predictable timeframe for reverse engineering patches and attacking weaknesses in unpatched systems it’s all the more reason why every organisation’s IT security people should be ready to look at the update announcements on the second Tuesday of every month and then to act accordingly. And when a patch comes along outside that predictable schedule to consider that, yes it’s a pain in the neck, but it might just be important…

Which brings me back to the point. Conficker (also known as Downadup). As F-Secure put it:

“First — It was an out-of-band update.

Second — It was given an ‘Exploitability Index Assessment’ of ’1 – Consistent exploit code likely’.

That kind of speaks for itself, doesn’t it?

Third — It allows for Remote Code Execution, in numerous versions of Windows (particularly critical for 2000, XP, and Server 2003).

All of these combined factors equals something quite serious that should be patched as soon as possible. If you are having difficulties with Automatic Updates, the bulletin links to manual downloads.

Security Update for Windows XP
Security Update for Windows Server 2003

It’s always a good idea to be ready for out-of-band updates. You can subscribe to Microsoft Security Notifications here.”

The other thing that this worm has awakened is corporate IT departments saying things like “how can we check that all our machines are updated with the Microsoft update and with the latest antivirus signatures?”. Well guys, there’s a feature called Network Access Protection (NAP) and it’s implemented in Windows XP SP3, Windows Vista and Windows Server 2008. Whilst you’ve all been bleating about how Vista is bad, perhaps you should have looked a bit further and seen some of the advantages it could bring. If you still can’t stomach a Vista upgrade because somehow you think that Windows 7 will be easier from an application compatibility standpoint (I have news for you…) or think that Microsoft and security in the same sentence indicates an oxymoron then there are plenty of third party endpoint security systems with similar controls…

Perhaps we need an outbreak like this from time to time to wake up the IT Managers and persuade them to spend some money on security improvements within the infrastructure.

Here endeth the lesson. Now go and update your systems.

For more information, check out Centralised information about the Conficker Worm and MS08-067 Conflicker worm update.

Uncategorized

If you haven’t downloaded the Windows 7 beta yet, you need to do it soon!

When the Windows 7 beta was announced, it was originally limited to 2.5 million users. This was later relaxed but the shutters are about to come down again.

The Windows 7 team announced on Friday that, starting tomorrow, the Windows 7 website will be updated with a warning that time is running out. No new downloads will be possible after 10 February (but downloads in progress will continue) and on 12 February the tap will be turned off completely (product keys will still be available).

This applies to public downloads from the Windows 7 website – if you are a TechNet or MSDN subscriber, you will still be able to download the beta (and presumably the same rules apply for Microsoft Connect, although I’ve not heard anything official).

Uncategorized

Coalface Tech: Episode 2 (interview with Microsoft’s Michael Kleef and Jason Leznek)

Coalface Tech podcast graphic
After some late-night editing, Episode 2 of the Coalface Tech podcast that James Bannan and I produce is online at the APC Magazine Pro website.

As a result of my timezone blindness, combined with Skype problems, James and I didn’t manage to record our usual conversation for this episode but, a couple of weeks back, James hooked up with Microsoft’s Michael Kleef and Jason Leznek to chat about some of the management features in the Windows client and server operating systems as well as how we can start to prepare ourselves for Windows 7 and Windows Server 2008 R2.

If you like what you hear, then you might like to consider subscribing – there are two podcast feeds available (MP3 and AAC) – if you use iTunes then I recommend the AAC version as that’s the enhanced podcast with chapter markings and context sensitive links but MP3 should work for just about everyone. The AAC feed is also included in the Podcasts directory on iTunes:

Coalface Tech (MP3 podcast) Coalface Tech (MP3 podcast).
Coalface Tech (AAC enhanced podcast) Coalface Tech (AAC enhanced podcast) (or subscribe via iTunes).

If you don’t like it, please tell us why. We’re still learning how to do this podcasting stuff and there’s a lot to take on board but we really would like feedback – including suggested topics for discussion.

Going forward, James and I hope to get an episode out every month. They are time-consuming to produce though, so please bear with us if the schedule is not as regular as we’d like.

Finally, here are the show notes for episode 2:

  • Mark introduces the podcast.
  • James interviews Michael Kleef and Jason Leznek:
    • We start off with the guys introducing themselves.
    • Michael explains that group policy management is core to both the server and client versions of Windows 7, and how Windows PowerShell provides command line access to group policy objects.
    • Starter GPOs in Windows Server 2008 R2 are enhanced – providing templates of ADMX settings to kickstart creation of a new template.
    • Group Policy preferences are not known by many customers but are new in the Windows Server 2008 and Vista SP1 RSAT tools to do more than policy allows. Whereas policy enforces fixed settings, preferences are more like suggestions and can be targetted to provide a variety of settings, which can also persist across logons and in many cases remove or reduce the requirement for logon scripts.
    • James asks why GPO administration would need to be scripted – Michael explains that automation can be applied to backups, reporting and any other repetitive operations.
    • Jason suggests another scenario where different business units have similar but different settings and how scripting the policy creation can reduce the effort in creating the new objects.
    • Michael explained that these features will work downlevel where the client operating system supports the settings – not all settings will be applicable to downlevel operating systems and so policies may need to be written accordingly.
    • When asked what IT Pros can do to get ready for Windows 7 and Windows Server 2008, Michael suggests getting familiar with group policy preferences (and you only need a Vista SP1 machine – no domain changes needed – you could still be using Windows Server 2003). Jason added that it’s the RSAT tools that are required (including an updated version of GPMC). [of course there's far more to do in order to prepare for a new operating system release but this needs to be taken in the context that Michael and Jason are subject matter experts for specific areas of Windows.]
    • Michael talked about how to work in a mixed environment – you might need separate policies for XP and Vista [and 7] in certain circumstances but many settings will work cross-platform.
    • When asked how the upgrade path will work as Windows Server 2008 R2 comes in – Michael stressed that fresh 64-bit installs will be required (R2 is 64-bit only and there is no direct upgrade path from 32-bit) but that services will co-exist between versions of Windows Server.
    • When asked about the implications for organisations moving to Windows 7 and Windows Server 2008 R2 in terms of business value, Jason explained that there is a better together concept with many new features benefitting from the latest client and server releases – for example: Direct Access enabled an end user to access network resources seamlessly without the need for a VPN; or branch cache, which allows files to be cached locally for efficient use of network bandwidth.
    • Like a dog after a bone, James keeps on digging to find business value in Windows 7 and Server 2008 R2 for those organisations that have already deployed Windows Vista. Jason talked about features like Bitlocker to go, which not supports the encryption of data on removable devices in Windows 7 as well as the productivity improvements that the technologies Jason had already highlighted could potentially provide.
    • Michael then explained how group policy applies to remote connections.
    • Just as the interview draws to a close, the conversation turns to application compatibility [probably the biggest sticking point when it came to Vista deployments and just as critical for a Windows 7 deployment...] and Michael referred to one of James’ articles in which he recommends that customers start testing applications on Windows Vista SP1 in preparation for Windows 7.
  • Please give us your feedback!

(Next time, we should be back to the normal format and we have a new team member as Alistair Weddell joins us to perform the post-production work that is the bulk of the effort in producing this podcast.)

%d bloggers like this: