Practical Technology

for practical people.

February 19, 2010
by sjvn01
2 Comments

Is Windows 7 really a memory hog?

I’m no Windows fan. But, I use Windows 7 every day and I’ve deployed it on several dozen PCs and I’ve never seen Windows 7 misuse memory like Devil Mountain Software’s claims that it does.

While it’s doubtlessly true that, as Craig Barth, Devil Mountain’s CTO, is reported to have claimed, that “Everyone thinks that they’re a [Windows] performance expert,” and that “They look at their PC and say, ‘My PC doesn’t do that.'”

Well, while I can’t claim to be a Windows performance expert, I can justifiably claim to be an operating system expert, and that I’ve recently done a lot of detailed analysis and work with Windows 7. I’ve never seen Windows 7, in and of itself, on the approximately sixty systems I’ve either used it on or installed it on exhaust its memory resources to the point where I saw any performance problems.

More >

February 19, 2010
by sjvn01
2 Comments

Who’s really to blame for the Windows XP Patch BSOD?

More than a week after Microsoft released an XP patch that seemed to cause BSODs (Blue Screen of Death), Microsoft announced that the immediate cause was the Alureon rootkit. Fair enough, but what about the 17-year old Windows security hole that the rootkit was exploiting?

I mean, come on. This bug dates back to 1993 when Windows for Workgroups 3.11 and Windows NT 3.1 instead of Windows 7 were the hot new versions of Windows. Many of you have never even seen those operating systems much less used them. Since Microsoft has left this security hole open almost long enough for it to be old enough to vote, shouldn’t they get some of the blame?

After all, the hackers behind Alureon, aka TDSS, Tidserv and TDL3, botnet were able to fix their malware to work around the Windows’ fix before Microsoft finally figured it out. Maybe Microsoft should hire them to work on Windows security instead of relying on their own in-house software engineers. Nah. They’re probably making more money from their botnets than Microsoft is willing to pay them.

More >

February 18, 2010
by sjvn01
0 comments

It’s not just Twitter

A recent Washington Post story observed that Twitter loves open source. Twitter’s not the only ones. Most, if not all, social networks are built on top of Linux and open-source software.

When the writer wrote that Twitter loves open source he wasn’t exaggerating. He was quoting from Twitter’s About Open-Source page. There, Twitter states that, “Twitter is built on open-source software-here are the projects we have released or contribute to.”

It’s quite a list of C++. Java, Ruby, Ruby on Rails, and Scala programs. If you dig deeper, by looking at Twitter’s job postings, you’ll see Twitter also makes great use of the standard LAMP (Linux, Apache, MySQL, and Perl/PHP/Python) stack. In particular, being able to demonstrate that you’ve been open-source contributor is a big plus for many Twitter jobs.

More >

February 18, 2010
by sjvn01
0 comments

Computer Breaking and Entering is a Business

Most of the attention on a recent report from ScanSafe, a Cisco-owned security company, has been on the fact that attacks on Adobe PDF Reader vulnerabilities comprise up to 80% of PC attacks. That’s actually not quite right. The ScanSafe threat report doesn’t cover programs that work directly with the Internet like Web browsers and e-mail clients. Instead, it only covers programs that can be successfully attacked after files have arrived in a PC over the Internet. For my money, the important news in the report is just how totally computer hacking has become a business aimed at other businesses.

Don’t get me wrong. It’s vital to update your copies of Adobe Flash Player, Acrobat and Reader with the latest patches. But, what caught my attention in this report is that by focusing so much on the trees of individual security problems and patches we may be missing the forest of a parasitic industry.

According to ScanSafe, “Few victim companies choose to self report. Instead, the breaches that get acknowledged publicly are generally only those which involve theft of consumer or employee data – and only then because the laws require it. This selective disclosure fuels the misconception that cybercriminals are only intent on stealing data intended for credit card fraud and identity theft. In reality, cybercriminals are casting a much wider net.”

More >

February 17, 2010
by sjvn01
0 comments

Troubleshooting IPv6 on Windows 7 (and Why It’s Worth the Bother)

You may not need IPv6 right now, but you will soon. Fortunately, Windows 7 supports the advanced networking protocol better than any other Windows version. But that doesn’t mean you should rely on the default IPv6 configuration.

If you’re an old tech coot like me, you know that the “Imminent Death of the Internet” has been predicted for decades now. While the Internet is in no danger of dying anytime soon, the days of relying on the old core TCP/IP protocol IPv4 do appear to be coming to an end.

After years of delaying it with techniques like Network Address Translation (NAT), we’re finally really running out of IPv4 addresses. Major ISPs like Comcast, and Web sites such as YouTube now support IPv6. This time around, IPv6 really is getting attention in corporate networks and the Internet. Fortunately for the enterprise desktop, Windows 7 is also ready.

Early Windows versions of IPv6 were, ah, crude. Though that’s not to say that Windows 7 does a perfect job with IPv6 even now. Certainly, the people who appear to have IPv6 connectivity but no network access have learned this the hard way.

As Scott Hogg, the director of advanced technology services for Global Technology Resources, pointed out in a NetworkWorld article, Windows Server 2008 and Windows 7 both still use “random interface identifiers when creating its IPv6 addresses.”

That’s not how IPv6 addressing should work. Instead, an IPv6 device should autoconfigure its address with the Neighbor Discovery Protocol (NDP) to determine their network and interface identifier and to form the computer’s 128-bit IPv6 address. The details of how addresses should be assigned are in these documents:

For some reason, Microsoft mixed up how the interface identifier should be created even though Microsoft engineers helped write RFC 4941. Be that as it may, you can force Windows 7 to use the correct method by issuing the following command from a DOS prompt:

netsh interface ipv6 set global randomizeidentifiers=disabled

I recommend that you run this as an automated command on all your new Windows 7 installations. Doing so avoids any possible IPv6 network problems with other Windows 7 systems and with IPv6 address-compliant networking equipment such as Cisco Catalyst Switches.

That out of the way, Windows 7 does quite well with IPv6. For starters, Windows 7 comes with two networking programs that rely on IPv6. These are DirectAccess, Microsoft’s IPv6 enabled Virtual Private Networking (VPN) program, and the small group friendly HomeGroup.

If your networking equipment is IPv6 ready, then Windows 7 is ready as well. However, you may find that your gateway, routers, and switches aren’t IPv6 ready. The only long-term solution to this problem is to get network hardware that works with IPv6.

I know, I know, just what you need: another mandatory hardware update. Many businesses haven’t seen a compelling reason to upgrade to IPv6. With the upcoming shortage of IPv4 addresses on the Internet, that’s about to change. While your core business can continue to use its existing addresses, by the fall of 2012, according to the most optimistic estimates, we’ll be out of IPv4 addresses.

While this shortage doubtlessly will be mitigated by the creation of a market for TCP/IP addresses similar to the ones that currently exist for domain names, the bottom line is that you’re going to find it increasingly difficult and more expensive to get additional blocks of IPv4 addresses for new offices and branches. In short, you’ll have no choice but to upgrade to IPv6.

In the meantime, though, you’re much more likely to run into problems with non-IPv6 compliant network equipment. To get around this, you have several choices (besides begging for more budget from the CFO).

First, you can use Teredo. This is an IPv6 transition technology that provides address assignment and tunneling for IPv6 traffic. Teredo does this by hiding IPv6 packets within IPv4 User Datagram Protocol (UDP) messages.

In practice, on Windows 7 systems you do this by enabling the Microsoft Teredo Tunneling Adapter device from the Device Manager (or installing it, if for some reason it isn’t there). After opening Device Manager, click on the “View” menu and select “Show Hidden Devices.” Next, scroll down to locate “Network Adapters.” There, you’ll find the Teredo Network Adapter. Right click on it and select “Update Driver” to make sure you have the most current version. After a reboot, Teredo should be working.

If that doesn’t get Teredo underway, you may also need to enable the Teredo Adapter. To do that, open an elevated command prompt and run :

netsh interface ipv6 set teredo client

That should get your Windows 7 system working with Teredo.

Of course, if you have a cranky IPv4-specific gateway, you may still need to set up a Teredo server or relay to make it out of your IPv6 intranet to the Internet. Fortunately, Windows Server 2008 R2 with DirectAccess up and running provides a Teredo server by default. For more on that, and how to work with Teredo, I highly recommend the Technet Magazine article, Support for IPv6 in Windows Server 2008 R2 and Windows 7.

Of course, if worst comes to worst you can always disable IPv6. While you can do this with regedit, it’s easier to just turn it off by just going to the Network and Sharing Center and from there selecting “Change adapter settings.” Once at the Network Connections window, pick the “Local Area Connection” for the network card, then “Change settings of this connection,” un-check the box for “Internet Protocol Version 6 (TCP/IPv6).” Close all the windows and reboot.

Just be sure to remember one thing: Before you replace that Windows 7 PC with a new computer, you are likely to need to reactivate IPv6. Whether or not you’re ready, IPv6 is coming to the Internet. Fortunately, for you, Windows 7 is already set up for IPv6. Alas, now if we could only say that about the rest of our networking equipment!

A version of this story first appeared in IT Expert Voice.

February 16, 2010
by sjvn01
1 Comment

What happens to Sun’s open-source software now?

The deal is done. Oracle now owns Sun. Oracle’s main message to Sun’s customers seems to be “Don’t worry, be happy.” That’s not easy when Oracle is not explaining in any detail what it will be doing with open-source software offerings like MySQL, OpenOffice, and OpenSolaris.

In general, we know that Sun’s software product catalog will be cut back and that many Sun staffers will soon be laid-off. Historically, when Oracle acquires a company, deep cuts are the rule. For example, Oracle fired about 5,000 workers after acquiring PeopleSoft. This time around Oracle is saying that there will be only about a thousand layoffs. In particular, although no one is going on record, it’s feared that Sun’s open-source groups will take the brunt of these cuts.

No one is going on record either with what’s going to happen to Sun’s open-source software. We do know that at least one small open-source project, Project Wonderland, a Java-based platform for developing 3-D virtual worlds, has been cut off from Sun resources. In addition, Oracle is shutting down Project Kenai, Sun’s collaborative hosting site for free and open source programs.

More >