I’ve been trying to improve my Photoshop skills recently including signing up for Digital Photography evening classes at a local college (which, 4 weeks in, are very disappointing) but I’ve also been picking up some tips at my local camera club.
At last night’s club meeting, John Winchcomb gave a very technical talk on tone and colour correction which I’m still trying to get my head around but that talk included a very useful tip: instead of reaching for the various adjustment options on Photoshop’s Image menu (including common options like levels and curves), consider creating a new adjustment layer instead. That way it is possible to go back and edit the adjustments as they are applied as a non-destructive edit rather than being directly applied to the image. Normally the adjustment layer will apply to all layers below but it can be created as a clipping layer to only affect the layer immediately below.
Other advantages to adjustment layers include the ability to selectively edit using an image mask and also to copy and paste adjustment layers in order to apply the same changes to multiple images.
Whilst on the subject of layers, it’s probably worth highlighting another tip I picked up recently: before doing anything in Photoshop, create a new layer by copy (Ctrl+J on a PC or command+J on a Mac) and work on that. Using this method, the original image will remain on the background unaffected, should you ever want to revert, or to compare the manipulated image with the original.
For almost as long as this blog has been up and running I’ve been using FeedBurner to manage the RSS feeds. It’s been working well for years but Google bought FeedBurner a while back and tonight my feeds were migrated to the big G.
Those who are subscribed to http://feeds.markwilson.co.uk/marksweblog/ shouldn’t see any changes (at least not if I made the DNS changes correctly) but there may still be a few people subscribed using old feed addresses (e.g. http://feeds.feedburner.com/marksweblog/) and these might not always work (sadly this is outside my control). If you do find that my posts stop appearing in your RSS reader, please try resubscribing to the site feed.
Thanks for sticking with me.
[Update 31 January 2009: There seems to be a problem with the main feed as it’s returning HTTP 404 (Not Found) error pages (even where DNS propagation is complete)]
Now that the Windows 7 beta is out and my NDA has lifted, I can finally write about my experiences of installing Windows 7 on a netbook. In a word:
You see, Windows XP works well on one of these little machines but who wants XP? It’s eight years old (an eternity in IT) and, for anyone who’s used to working with anything remotely modern, it’s a bit difficult to step back to (I was recently forced to revert to Windows XP and Office 2003 for a month whilst my main machine was being repaired and it was painful). I could install Vista but even Microsoft doesn’t think its the right OS for a netbook (that’s why they allowed vendors to continue shipping XP). Meanwhile, much has been said about how Windows 7 requires fewer resources and I wanted to find out how it would run on a typical netbook.
Following James’ notes I used diskpart to shrink the existing disk partition, create a second partition and install Windows 7 (with no optical drive available, I used a USB hard disk as a boot volume and Windows 7 installed quickly and easily). There were a couple of unrecognised devices (the Broadcom wireless card and the Lenovo power management but I installed the XP drivers (I would have expected Vista drivers to work but not XP) and they seemed to do the trick. Everything else worked as intended.
Next, I downloaded and ran EasyBCD to edit the boot options. The Windows 7 installation wiped the boot loader that Lenovo had supplied, so I have no access to the recovery volume but it was simple enough to put Windows XP back in as a boot time option (actually, it should be simple enough to put in the recovery volume when I get around to it).
After a few more apps (Microsoft Live Meeting, Windows Live Writer, Google Chrome – not to use as a browser but to set up application shortcuts for Google Mail and Calendar) and I had the machine configured as I needed for roaming around, checking e-mail, writing the odd blog post, etc.
So, how did it perform? Absolutely fine. This machine has a 160GB hard disk, a 1.6GHz Intel Atom CPU, integrated graphics and just 1GB of RAM. 3D graphics support was great (with really smooth transitions – e.g. Flip 3D) and the Windows System Performance Index showed 2.2, which may not sound high but makes sense when you look at the subscores:
What is rated
Calculations per second
Memory operations per second
Desktop performance for Windows Aero
3D business and gaming graphics performance
Primary hard disk
Disk data transfer rate
So, fast disk, fast memory, let down by the CPU and the graphics. Not surprising given the class of machine that we’re looking at here.
Task Manager shows that Windows 7 is using 650MB of RAM, which doesn’t leave a huge amount for Office applications but it’s fine for a bit of browsing, e-mail, blogging, and even watching videos. Regardless of the fact that the machine seemed to run well with only a gig of RAM, I decided to see if adding more would make a difference.
First, I tried ReadyBoost to see if it would increase system responsiveness, using an old 1GB SD card, but I have to say that I’m not sure it really made any difference. Then I bought a 2GB SODIMM from , taking the total installed to 2.5GB (for some reason, XP only sees 1.99GB but Windows 7 recognises the whole amount) and measured the stats again. Surprisingly, the score dropped, but only by a fraction as the graphics subscore fell to 2.1 with memory IO slightly up to 4.5 and all other scores unchanged (as might be expected – after all, none of those components had been upgraded).
So, eight weeks after installation, what’s my verdict? Well that is probably pretty obvious by now – Windows 7 runs nicely on a little netbook. How it will perform on older hardware is anyone’s guess but it also seemed fine on my Compaq Evo D510SFF with a 2.4GHz Pentium 4 CPU and 2GB of RAM (albeit with basic graphics). On that basis, it should be fine for most corporates (although even Vista should also be, with tactical RAM upgrades) and the only barriers to adoption will be cost (of a desktop refresh at a time of economic uncertainty) and application compatibility (as with Vista). It’s also remarkably stable – and I’m still running the pre-beta code (build 6801 with the Blue Badge “tweak”).
There’s plenty written elsewhere about Windows 7 features but those were not the purpose of this post. The one thing I cannot ignore is that Microsoft is yet to make a statement on netbook support for Windows 7 although TechRadar includes the major points in its article explaining Windows 7 netbook system specifications. Microsoft’s problem is that revenues are lower on netbooks (if the hardware is sub-Â£250, then it’s difficult to sell an operating system at full price without making the Linux alternatives look more attractive) but they also wants to stop shipping XP.
My netbook it only came with 1GB of RAM, so I decided to see what effect the option to â€œSpeed up my system using Windows ReadyBoostâ€ would make (presented by Windows Vista and later when inserting removable media â€“ more details can be found over on the Kodyaz Development Resources site).
First of all I tried a 1GB USB key that Iâ€™d been given with some presentation materials on it but Windows told me the device was not fast enough to use for ReadyBoost.
â€œIf you get a failure message when you first insert a flash device and try to use it as a ReadyBoost drive, you can click Test Again to get a second hearing. If the drive fails several tests, you can look up the specific performance results for yourself. Open Event Viewer (Eventvwr.msc) and click the Applications And Services Logs category in the console tree on the left. Under this heading, click Microsoft, Windows, and ReadyBoost. Under this latter heading, select Operational. The log entries in the center pane include performance test results for both successful and unsuccessful attempts.â€
Sure enough, checking the logs on my Windows 7 system showed messages like:
Source: ReadyBoost EventID: 1008 Description: The device (UT163 USB Flash Disk) will not be used for a ReadyBoost cache because it does not exhibit uniform performance across the device. Size of fast region: 0 MB.
Source: ReadyBoost EventID: 1004 Description: The device (UT163 USB Flash Disk) will not be used for a ReadyBoost cache because it has insufficient write performance: 173 KB/sec.
First I saw an event to indicate that the card exhibited the necessary performance characteristics:
Source: ReadyBoost EventID: 1000 Description: The device (Generic- Multi-Card) is suitable for a ReadyBoost cache. The recommended cache size is 991232 KB. The random read speed is 3311 KB/sec. The random write speed is 3500 KB/sec.
and then a second event recording the creation of the cache:
Source: ReadyBoost EventID: 1010 Description: A ReadyBoost cache was successfully created on the device (Generic- Multi-Card) of size 966 MB.
So, after creating the cache, did ReadyBoost actually make a difference? Itâ€™s difficult to say â€“ on a relatively low-powered PC (the one I used only has an Intel Atom 1.6GHz) performance is not blindingly fast and, as the USB ports (including internal ones used for devices like media card readers) rely on the main CPU for IO processing, it could be argued that use of USB attached memory would even compound the issue when the PC is running out of steam. Those with faster PCs, or faster memory devices may see a difference.
â€œI donâ€™t agree with [â€¦] how ReadyBoost has been marketed and perceived by the public. ReadyBoost does not improve performance, it only improves responsiveness. It wonâ€™t make your system or [applications] run any faster, but it will make things faster to load and initialize to a working-state.
If youâ€™re on a budget, then ReadyBoost is premium accessory that is definitely not value-for-money. Youâ€™re literally paying a price to slice milliseconds off loading times. But if youâ€™re a professional or heavy business user, then ReadyBoost might be a cheaper, easier or the only alternative to upgrading memory.â€
Long suggests that ReadyBoost is not value for money. Iâ€™d add that it may be if, like me, you have a lot of small USB keys that are doing nothing more than gathering dust on a shelf. Itâ€™s probably not worth investing money in new hardware especially to use ReadyBoost though. Indeed, one of Longâ€™s readers (Tomer Chachamu) makes a distinction which is extremely important to consider:
â€œI am using [ReadyBoost] for several weeks now and I can confirm your experiences, that it helps a lot to improve the responsivness [sic.] of the system.
So it helps to make the whole system perform faster. So isnâ€™t it the same?
High responsiveness: the system â€˜feels fastâ€™ and you donâ€™t have to wait for something to load when youâ€™re about to go to a command. (Example of high responsiveness: when you logon, you immediately want to go to the start menu and launch something. The time from logon to launch is a busy wait for you.) – this is affected by readyboost [sic].
High speed: the system performs computational (or I/O) tasks fast. (Example: you are ripping a massive library of CDs. It takes about 10 minutes. If it took less time, say by offloading floating point calculations to the GPU, then that would be high speed. Itâ€™s still longer than half a minute so the system is fast, but not responsive. When youâ€™re encoding the CDs, you can do other useful activities, so itâ€™s a non-busy wait.) – this is not affected by readyboost [sic].â€
#2 showed light at the edge of the screen where it should have been covered with the black bezel (visible in a dark room), so yesterday Apple changed that for me too (on yet another visit to the Apple Store to try and get my MacBook fixed…).
#3 so far so good, except…
…I was playing some music tonight and accidentally covered the speaker with my finger. Then I noticed that sound only came out of one speaker. Arghhh!!!
It turns out that is normal behaviour. The left grill next to the dock connector covers the speaker, the right grill covers the microphone.
Windows updates don’t normally feature highly on this blog… after all, they come along every month, you test them (perhaps?), install them, and leave things along for a few weeks. Sometimes there’s an out of band patch release and that ought to indicate that there is a significant problem that requires attention. So why have I been hearing so much over the last few weeks about the Win32/Conflicker.B worm with people panicking to update systems, install the latest AV updates, and generally try and catch up after being so lackadaisical in the first place?
Let me explain what I mean… according to an e-mail I received from Microsoft last week:
“Win32/Conficker.B exploits a vulnerability in the Windows Server service (SVCHOST.EXE) for Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows 2008. While Microsoft addressed this issue in October with Microsoft Security Bulletin MS08-067, and Forefront antivirus and OneCare (as well as other vendorâ€™s anit-virus products) helped protect against infections, many systems that have not been patched manually through Server Update Services and Microsoft/Windows Update or through Automatic Updates have recently come under attack by this worm. Attacked systems may lock out users, disable our update services and block access to security-related Web sites:
In response to this threat, Microsoft has:
Updated the January version of the [MSRT] to detect and remove variants of Win32/Conficker.B. You can download this version from the MSRT from either the Microsoft Update site or through its associated Knowledge Base article.
It is our hope that these resources can assist you in resolving issues with unpatched, infected systems and that you can apply MS08-067 to any other unpatched systems as soon as possible to avoid this threat.”
I’m sure there are some people who feel that applying updates is an intrusion, an unnecessary interruption into the day (these are probably the same people that advocate turning off user account control…). Others will claim that other operating systems don’t need patching so often (I don’t know about the frequency of updates but patches on my Macs always seem pretty big and Linux is in one big patch cycle as the open source model is one of continuous improvement). Personally, I’m glad that Microsoft settled down to a predictable monthly cycle and for those who think that’s a problem because it gives hackers a predictable timeframe for reverse engineering patches and attacking weaknesses in unpatched systems it’s all the more reason why every organisation’s IT security people should be ready to look at the update announcements on the second Tuesday of every month and then to act accordingly. And when a patch comes along outside that predictable schedule to consider that, yes it’s a pain in the neck, but it might just be important…
Which brings me back to the point. Conficker (also known as Downadup). As F-Secure put it:
“First â€” It was an out-of-band update.
Second â€” It was given an ‘Exploitability Index Assessment’ of ‘1 â€“ Consistent exploit code likely’.
That kind of speaks for itself, doesn’t it?
Third â€” It allows for Remote Code Execution, in numerous versions of Windows (particularly critical for 2000, XP, and Server 2003).
All of these combined factors equals something quite serious that should be patched as soon as possible. If you are having difficulties with Automatic Updates, the bulletin links to manual downloads.
It’s always a good idea to be ready for out-of-band updates. You can subscribe to Microsoft Security Notifications here.”
The other thing that this worm has awakened is corporate IT departments saying things like “how can we check that all our machines are updated with the Microsoft update and with the latest antivirus signatures?”. Well guys, there’s a feature called Network Access Protection (NAP) and it’s implemented in Windows XP SP3, Windows Vista and Windows Server 2008. Whilst you’ve all been bleating about how Vista is bad, perhaps you should have looked a bit further and seen some of the advantages it could bring. If you still can’t stomach a Vista upgrade because somehow you think that Windows 7 will be easier from an application compatibility standpoint (I have news for you…) or think that Microsoft and security in the same sentence indicates an oxymoron then there are plenty of third party endpoint security systems with similar controls…
Perhaps we need an outbreak like this from time to time to wake up the IT Managers and persuade them to spend some money on security improvements within the infrastructure.
Here endeth the lesson. Now go and update your systems.
The Windows 7 team announced on Friday that, starting tomorrow, the Windows 7 website will be updated with a warning that time is running out. No new downloads will be possible after 10 February (but downloads in progress will continue) and on 12 February the tap will be turned off completely (product keys will still be available).
This applies to public downloads from the Windows 7 website – if you are a TechNet or MSDN subscriber, you will still be able to download the beta (and presumably the same rules apply for Microsoft Connect, although I’ve not heard anything official).
As a result of my timezone blindness, combined with Skype problems, James and I didn’t manage to record our usual conversation for this episode but, a couple of weeks back, James hooked up with Microsoft’s Michael Kleef and Jason Leznek to chat about some of the management features in the Windows client and server operating systems as well as how we can start to prepare ourselves for Windows 7 and Windows Server 2008 R2.
If you like what you hear, then you might like to consider subscribing – there are two podcast feeds available (MP3 and AAC) – if you use iTunes then I recommend the AAC version as that’s the enhanced podcast with chapter markings and context sensitive links but MP3 should work for just about everyone. The AAC feed is also included in the Podcasts directory on iTunes:
If you don’t like it, please tell us why. We’re still learning how to do this podcasting stuff and there’s a lot to take on board but we really would like feedback – including suggested topics for discussion.
Going forward, James and I hope to get an episode out every month. They are time-consuming to produce though, so please bear with us if the schedule is not as regular as we’d like.
Finally, here are the show notes for episode 2:
Mark introduces the podcast.
James interviews Michael Kleef and Jason Leznek:
We start off with the guys introducing themselves.
Michael explains that group policy management is core to both the server and client versions of Windows 7, and how Windows PowerShell provides command line access to group policy objects.
Starter GPOs in Windows Server 2008 R2 are enhanced – providing templates of ADMX settings to kickstart creation of a new template.
Group Policy preferences are not known by many customers but are new in the Windows Server 2008 and Vista SP1 RSAT tools to do more than policy allows. Whereas policy enforces fixed settings, preferences are more like suggestions and can be targetted to provide a variety of settings, which can also persist across logons and in many cases remove or reduce the requirement for logon scripts.
James asks why GPO administration would need to be scripted – Michael explains that automation can be applied to backups, reporting and any other repetitive operations.
Jason suggests another scenario where different business units have similar but different settings and how scripting the policy creation can reduce the effort in creating the new objects.
Michael explained that these features will work downlevel where the client operating system supports the settings – not all settings will be applicable to downlevel operating systems and so policies may need to be written accordingly.
When asked what IT Pros can do to get ready for Windows 7 and Windows Server 2008, Michael suggests getting familiar with group policy preferences (and you only need a Vista SP1 machine – no domain changes needed – you could still be using Windows Server 2003). Jason added that it’s the RSAT tools that are required (including an updated version of GPMC). [of course there’s far more to do in order to prepare for a new operating system release but this needs to be taken in the context that Michael and Jason are subject matter experts for specific areas of Windows.]
Michael talked about how to work in a mixed environment – you might need separate policies for XP and Vista [and 7] in certain circumstances but many settings will work cross-platform.
When asked how the upgrade path will work as Windows Server 2008 R2 comes in – Michael stressed that fresh 64-bit installs will be required (R2 is 64-bit only and there is no direct upgrade path from 32-bit) but that services will co-exist between versions of Windows Server.
When asked about the implications for organisations moving to Windows 7 and Windows Server 2008 R2 in terms of business value, Jason explained that there is a better together concept with many new features benefitting from the latest client and server releases – for example: Direct Access enabled an end user to access network resources seamlessly without the need for a VPN; or branch cache, which allows files to be cached locally for efficient use of network bandwidth.
Like a dog after a bone, James keeps on digging to find business value in Windows 7 and Server 2008 R2 for those organisations that have already deployed Windows Vista. Jason talked about features like Bitlocker to go, which not supports the encryption of data on removable devices in Windows 7 as well as the productivity improvements that the technologies Jason had already highlighted could potentially provide.
Michael then explained how group policy applies to remote connections.
Just as the interview draws to a close, the conversation turns to application compatibility [probably the biggest sticking point when it came to Vista deployments and just as critical for a Windows 7 deployment…] and Michael referred to one of James’ articles in which he recommends that customers start testing applications on Windows Vista SP1 in preparation for Windows 7.
Please give us your feedback!
(Next time, we should be back to the normal format and we have a new team member as Alistair Weddell joins us to perform the post-production work that is the bulk of the effort in producing this podcast.)