I had the recent opportunity to troubleshoot lack of performance on a Windows Vista laptop. That laptop had always been very slow... With 1GB of ram and two CPU cores, it is swapping to disk. There were periods of heavy swapping which resulted in non-responsive applications.
I disabled/removed many memory consumers such as McAfee anti-virus, Windows Media Center startup tasks, and some factory-installed HP applications. I removed Shockwave, as websites have been phasing out use of that bug-prone software.
After installing the modern Firefox browser and virus cleaning, I made a restore point and went on to making a backup with a portable external USB drive. Upon plugging it in, Windows Vista asked if it should be used for ReadyBoost. This got me thinking about the potential of using the mostly-unused media memory slots for a permanent ReadyBoost drive.
ReadyBoost works in conjunction with SuperFetch, which watches OS usage and preloads frequently used files. If those files are large and sequentially read, a traditional hard drive is likely faster. If those files are small or use non-sequential read access, a flash drive may be useful. On RAM memory-constrained machines, SuperFetch can place those files on ReadyBoost, possibly increasing performance.
In summary, ReadyBoost may be useful on machines with slow internal hard drives (Windows Experience Index less 3 or less are candidates), and constrained RAM, and no desire to increase RAM quantity (maybe the RAM slots are full, or laptop RAM is not worth the price).
Note that Windows Experience Index seems to be missing from Microsoft Windows 8.1.
Note that Windows Vista can only use 4GB of space. The size limitation has been increased up to 256GB, with eight separate 32GB drives in Windows 7.
Monday, January 12, 2015
Wednesday, November 19, 2014
Security software on Microsoft Windows 8.1
With the explosion of zero-day exploits, vendors are rushing to patch critical vulnerabilities. In my opinion, this does not allow time for complete regression testing against the wide variety of applications and hardware. Since broken and non-booting machines can be difficult to fix in a reasonable time frame, I now recommend installation of Microsoft patches not on patch Tuesday but a day or two later - after the patches have been tested by other users.
For home use, I run the following free security products on Microsoft Windows 8.1:
For home use, I run the following free security products on Microsoft Windows 8.1:
Saturday, November 15, 2014
BlackBerry Smartphone - One Month Impressions
While this model is a couple years old, I am thoroughly enjoying the BlackBerry Z10.
The BlackBerry Hub integrates all forms of communication onto one page. This is surprisingly useful, and I won't go back to previous checking of this and that ... calls and voicemails and texts and emails. Multiple email accounts + text + calls + voicemail + notifications all on one page, and I can specify the order of priority. This one feature makes the BlackBerry a real business communicator.
BlackBerry native apps allow the user to control app permissions such as access to files, camera, contacts, etc. This level of permission control greatly enhances user privacy - no longer do we have to accept apps that pick every possible permission.
Android apps run fine. I am currently using the Amazon app store, and have not tried sideloading apps.
Battery performance seems reasonable.
There are a few annoyances:
Mini-USB plugs in to the left side of the phone. The swipe to see the BlackBerry Hub swipes in from the left side, so when plugged in the cord can interfere with the swipe.
The built-in camera app has no ability to disable shutter sound. Supposedly this has something to do with Canadian law. A 3rd party camera app could be installed.
For Android apps, it does not allow user to over-ride the app permissions, as it does with BlackBerry apps. Permission control on Android apps is a much-desired feature.
The BlackBerry Hub integrates all forms of communication onto one page. This is surprisingly useful, and I won't go back to previous checking of this and that ... calls and voicemails and texts and emails. Multiple email accounts + text + calls + voicemail + notifications all on one page, and I can specify the order of priority. This one feature makes the BlackBerry a real business communicator.
BlackBerry native apps allow the user to control app permissions such as access to files, camera, contacts, etc. This level of permission control greatly enhances user privacy - no longer do we have to accept apps that pick every possible permission.
Android apps run fine. I am currently using the Amazon app store, and have not tried sideloading apps.
Battery performance seems reasonable.
There are a few annoyances:
Mini-USB plugs in to the left side of the phone. The swipe to see the BlackBerry Hub swipes in from the left side, so when plugged in the cord can interfere with the swipe.
The built-in camera app has no ability to disable shutter sound. Supposedly this has something to do with Canadian law. A 3rd party camera app could be installed.
For Android apps, it does not allow user to over-ride the app permissions, as it does with BlackBerry apps. Permission control on Android apps is a much-desired feature.
Microsoft Enhanced Mitigation Experience Toolkit
Earlier this year I installed Microsoft's Enhanced Mitigation Experience Toolkit (EMET) version 3. The Microsoft blog describes EMT as... "a free utility that helps prevent vulnerabilities in software from being successfully exploited for code execution. It does so by opt-ing in software to the latest security mitigation technologies. The result is that a wide variety of software is made significantly more resistant to exploitation – even against zero day vulnerabilities and vulnerabilities for which an update has not yet been applied."
I'm not sure why "Experience" is in the name of the product. EMET helps prevent bug exploits by forcing application address space layout randomization and data execution prevention in addition.
With the recent Microsoft zero-day patches, I learned that EMET is up to version 5. The latest versions add compatibility fixes and additional security protections.
Download the Enhanced Mitigation Experience Toolkit 5. For those uninstalling a previous version, go to the Programs page in Control Panel and look for "EMET".
I'm not sure why "Experience" is in the name of the product. EMET helps prevent bug exploits by forcing application address space layout randomization and data execution prevention in addition.
With the recent Microsoft zero-day patches, I learned that EMET is up to version 5. The latest versions add compatibility fixes and additional security protections.
Download the Enhanced Mitigation Experience Toolkit 5. For those uninstalling a previous version, go to the Programs page in Control Panel and look for "EMET".
Thursday, September 25, 2014
BlackBerry Smartphone - First Look
Turning on a new unlocked BlackBerry Z10 smartphone, the messaging hub is impressive. The hardware and phone software work together smoothly, and multitasking works allowing apps to continue to run when another app is started. The built-in security and device encryption is appreciated. Granular controls of app access to the device (files, contacts, camera, etc.) is a huge improvement over iPhone/Android and was one of the features which attracted me to the BlackBerry. Speaker sound is surprisingly good. For a model two years old, the camera is OK.
I'm not missing the junk apps that were installed on other phones. There is no need for developers to create hundreds of flashlight apps, as a flashlight is built in. Beyond the BlackBerry World app showcase, Amazon's appstore is available by using the Browser to go to http://amazon.com/getappstore and clicking the prominent download button. Must-haves such as PasswdSafe, Opera web browser, and Pandora music are there.
The BlackBerry hub, which integrates email, SMS, phone logs, multiple email accounts, and even what is playing on Pandora is simply fantastic. Contacts can be selected for prioritization in the hub, and it shows actions/contacts by day and time. On the case there is a red indicator which flashes upon a new contact - much like old-style office phones with a flashing light for voicemail, this flashes (without having to look at the screen display).
Excited to have BlackBerry Blend available on this device soon. It was recently released for the new BlackBerry Passport, to rave reviews. Access everything from other devices, without a security-prone hackfest. Wow!
From the manufacturer website, "...software you can download for your computer and tablet that seamlessly brings messaging and content that’s on your BlackBerry smartphone to your computer and tablet."
I'm not missing the junk apps that were installed on other phones. There is no need for developers to create hundreds of flashlight apps, as a flashlight is built in. Beyond the BlackBerry World app showcase, Amazon's appstore is available by using the Browser to go to http://amazon.com/getappstore and clicking the prominent download button. Must-haves such as PasswdSafe, Opera web browser, and Pandora music are there.
The BlackBerry hub, which integrates email, SMS, phone logs, multiple email accounts, and even what is playing on Pandora is simply fantastic. Contacts can be selected for prioritization in the hub, and it shows actions/contacts by day and time. On the case there is a red indicator which flashes upon a new contact - much like old-style office phones with a flashing light for voicemail, this flashes (without having to look at the screen display).
Excited to have BlackBerry Blend available on this device soon. It was recently released for the new BlackBerry Passport, to rave reviews. Access everything from other devices, without a security-prone hackfest. Wow!
From the manufacturer website, "...software you can download for your computer and tablet that seamlessly brings messaging and content that’s on your BlackBerry smartphone to your computer and tablet."
Sunday, June 08, 2014
Shockwave Vulnerabilities
I read this post on Krebs on Security, about how Adobe is not keeping Shockwave patched to prevent recent exploits. The post encourages us to ask why Shockwave is needed on MS Windows.
I uninstalled Shockwave a couple weeks ago, and haven't noticed any incompatibilities. Software minimization is a principle of secure systems, so removing unneeded software is a good move toward more secure systems.
I uninstalled Shockwave a couple weeks ago, and haven't noticed any incompatibilities. Software minimization is a principle of secure systems, so removing unneeded software is a good move toward more secure systems.
Saturday, April 19, 2014
Add-on For Website Risk Rating
Netcraft has a useful web browser add-on, which includes analysis for the Heartbleed SSL exposure. Download the add-on for Opera or Firefox or Chrome.
Monday, January 13, 2014
Mobile Phone Notes: Android, ATT, Verizon
A couple privacy apps to consider are PasswdSafe (password manager) and textSecure (encrypted SMS texting).
textSecure will achieve wider adoption when it has a message indicator flag on the icon, like the standard messaging apps. textSecure is open source and hosted on github.
When using textSecure on ATT, the MMS settings page should work without further configurations.
When using textSecure on Verizon, the MMS settings page will need the following configuration:
When prioritizing ATT's 3G Microcell network traffic, prioritize the following ports for both inbound and outbound:
textSecure will achieve wider adoption when it has a message indicator flag on the icon, like the standard messaging apps. textSecure is open source and hosted on github.
When using textSecure on ATT, the MMS settings page should work without further configurations.
When using textSecure on Verizon, the MMS settings page will need the following configuration:
- MMSC http://mms.vtext.com/servlets/mms
- MMS Port 80
- MCC 310
- MNC 012
When prioritizing ATT's 3G Microcell network traffic, prioritize the following ports for both inbound and outbound:
- 123/UDP: NTP timing (NTP traffic)
- 443/TCP: Https over TLS/SSL for provisioning and management traffic
- 4500/UDP: IPSec NAT Traversal (for all signaling, data, voice traffic).
After NAT detection, 4500/UDP is used - 500/UDP: IPSec Phase 1 prior to NAT detection (after NAT detection, 4500/UDP is used)
Friday, December 20, 2013
Set "Date Taken" As Default Sort Order
Running MS Windows 8.1 Pro, I prefer to have folders containing camera pictures to sort by "Date taken". When I created new folders for my pictures, I had to manually add the column and sort option. While this was easy, it cried out for automation.
How to set "Date taken" as default sort order for new picture folders in MS Windows 8:
Note: If you change the folder settings, those new settings will dynamically be applied to child folders.
How to set "Date taken" as default sort order for new picture folders in MS Windows 8:
- Open File Explorer
- On the left side, look for Desktop and Libraries. Go to the Libraries folder.
- Go the the Pictures folder. File explorer title bar should now show: Libraries\Pictures
- Right click and set your column and sorting preferences.
- Other folders inside this folder will inherit the same preferences.
Note: If you change the folder settings, those new settings will dynamically be applied to child folders.
Saturday, September 07, 2013
Microsoft Windows Disk Encryption
As a backup and scratch space, I purchased a 3 terabyte external USB drive. To try encryption, I considered using the Microsoft Windows 8 BitLocker drive encryption. With Microsoft giving user information to the NSA, I am weary of placing trust in Microsoft. Looking for alternatives, I tried TrueCrypt disk encryption.
Read the beginner tutorial and run the program.
Installing TrueCrypt on a Microsoft Windows 8 disk:
While not explicitly supported, download and install the package.Read the beginner tutorial and run the program.
Friday, June 21, 2013
Which Display for Windows 8 Start Screen?
In Microsoft Windows 8, the "Start" screen can be moved from monitor 1 to monitor 2.
Press the Windows logo key
to make the Start screen visible.
Press the Windows logo key+PgUp. The Start screen will move to the second monitor.
Press the Windows logo key
to make the Start screen visible.Press the Windows logo key
+PgUp. The Start screen will move to the second monitor.
Sunday, February 24, 2013
Website Opt Outs
Tired of slow web page loading because of external includes?
Opt out of social sharing buttons that clutter websites. It will place an addthis.com opt out cookie.
Opt out of InviteMedia for DoubleClick.
Opt out of social sharing buttons that clutter websites. It will place an addthis.com opt out cookie.
Opt out of InviteMedia for DoubleClick.
Friday, January 11, 2013
Add Features to Windows 8
This post described upgrading Windows Vista to Windows 8.
After completing the form for the free Media Center upgrade, I applied the key. The upgrade was quick, with a reboot.
Performance results:
For a limited time, get a free Windows Media Center to Windows 8 Pro upgrade.
After completing the form for the free Media Center upgrade, I applied the key. The upgrade was quick, with a reboot.
Performance results:
For a limited time, get a free Windows Media Center to Windows 8 Pro upgrade.
Sunday, December 16, 2012
Find Microsoft Windows Files with Linux
The rainbow tables were unable to crack the password of the account with administrator access, though it did crack password for a non-administrator account. The next approach, which will always work, is to boot the machine from another operating system that can mount the ntfs file system. Then read every file.
Download Knoppix Live-CD and and create a bootable CD.
Turn on the PC and bring up the boot order menu. This could be a press of the <esc> key or a function key. Refer to your machine manual for the proper key press.
In a later step, an sftp server is useful. If you need an sftp server for MS Windows, try Xlight FTP Server.
Allow Knoppix to boot into the windowing environment.
Mount the Windows filesystem. Open File Manager (lower left corner) and click to "/media/sd2/Windows".
Open Terminal emulator (lower left corner).
cd /media/sda2/Windows
mkdir test
cd test
The following find will show errors when it finds the file it just copied. Ignore those errors or send to /dev/null. If desired, add lines for additional file name extensions.
find /media/sda2/Windows -name \*.bmp -exec cp '{}' . \;
find /media/sda2/Windows -name \*.jpg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.jpeg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.pic -exec cp '{}' . \;
find /media/sda2/Windows -name \*.pict -exec cp '{}' . \;
find /media/sda2/Windows -name \*.png -exec cp '{}' . \;
find /media/sda2/Windows -name \*.psp -exec cp '{}' . \;
find /media/sda2/Windows -name \*.tif -exec cp '{}' . \;
find /media/sda2/Windows -name \*.tiff -exec cp '{}' . \;
find /media/sda2/Windows -name \*.avi -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mov -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mp4 -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mpg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.vob -exec cp '{}' . \;
find /media/sda2/Windows -name \*.wmv -exec cp '{}' . \;
Create compressed file.
zip imgfiles *
ls -l imgfiles.zip
Transfer the file to another machine.
Use the network if hardwired or wireless is configured. Midnight Commander, a GUI ftp, is available on Knoppix. Or use sftp.
mc
sftp <ipnumber>
Download Knoppix Live-CD and and create a bootable CD.
Turn on the PC and bring up the boot order menu. This could be a press of the <esc> key or a function key. Refer to your machine manual for the proper key press.
In a later step, an sftp server is useful. If you need an sftp server for MS Windows, try Xlight FTP Server.
Allow Knoppix to boot into the windowing environment.
Mount the Windows filesystem. Open File Manager (lower left corner) and click to "/media/sd2/Windows".
Open Terminal emulator (lower left corner).
cd /media/sda2/Windows
mkdir test
cd test
The following find will show errors when it finds the file it just copied. Ignore those errors or send to /dev/null. If desired, add lines for additional file name extensions.
find /media/sda2/Windows -name \*.bmp -exec cp '{}' . \;
find /media/sda2/Windows -name \*.jpg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.jpeg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.pic -exec cp '{}' . \;
find /media/sda2/Windows -name \*.pict -exec cp '{}' . \;
find /media/sda2/Windows -name \*.png -exec cp '{}' . \;
find /media/sda2/Windows -name \*.psp -exec cp '{}' . \;
find /media/sda2/Windows -name \*.tif -exec cp '{}' . \;
find /media/sda2/Windows -name \*.tiff -exec cp '{}' . \;
find /media/sda2/Windows -name \*.avi -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mov -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mp4 -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mpg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.vob -exec cp '{}' . \;
find /media/sda2/Windows -name \*.wmv -exec cp '{}' . \;
Create compressed file.
zip imgfiles *
ls -l imgfiles.zip
Transfer the file to another machine.
Use the network if hardwired or wireless is configured. Midnight Commander, a GUI ftp, is available on Knoppix. Or use sftp.
mc
sftp <ipnumber>
Wednesday, December 12, 2012
Recover Windows Vista Password
A friend had two laptops from his son (who died). He didn't know the passwords and wants to retrieve the photos on the laptops.
Download the free Ophcrack live CD and burn it with ISO Recorder. ISO Recorder can be found by right-clicking the file iso file to burn:
Boot the Ophcrack CD and let it run. It can quickly use rainbow tables, those this won't break every possible password. Brute force is needed to break every possible password. If it doesn't find a password, make sure all of the tables are installed.
Download the free Ophcrack live CD and burn it with ISO Recorder. ISO Recorder can be found by right-clicking the file iso file to burn:
Boot the Ophcrack CD and let it run. It can quickly use rainbow tables, those this won't break every possible password. Brute force is needed to break every possible password. If it doesn't find a password, make sure all of the tables are installed.
Sunday, December 09, 2012
Microsoft Windows 8 Upgrade
A desktop 4 core PC has Windows Vista (virus) so it suffers from frequent hangs for no apparent reason. No amount of patching and disabling services has cured it.
Microsoft Windows 8 upgrade is currently offered at $39.99, including Media Center upgrade to play DVDs. The upgrade was surprisingly pleasant. As promised, data files were saved and everything else was removed during the clean install. After the install, don't forget to request the Media Center upgrade key.
Screen shots of the Windows 8 upgrade process.
Checking compatibility
Price and license agreement
Choose to create media or download on the fly
Choice to keep personal files and settings
Install
Personalize color scheme
Express settings, or not
Sign in means to sign in to web account. Downloading apps through web store will require this account.
Installation complete
Begin re-installing applications and customizing.
Microsoft Windows 8 upgrade is currently offered at $39.99, including Media Center upgrade to play DVDs. The upgrade was surprisingly pleasant. As promised, data files were saved and everything else was removed during the clean install. After the install, don't forget to request the Media Center upgrade key.
Screen shots of the Windows 8 upgrade process.
Checking compatibility
Price and license agreement
Choose to create media or download on the fly
Choice to keep personal files and settings
Install
Personalize color scheme
Express settings, or not
Sign in means to sign in to web account. Downloading apps through web store will require this account.
Begin re-installing applications and customizing.
Tuesday, November 27, 2012
Wifi Router Fixes for Actiontec and Zytel
I encountered a Verizon Actiontec home wifi box that would connect for hard-wired, a laptop, and a tablet. It would not connect to a smartphone. The security was WEP. I changed the security to WPA2 and every device was able to consistently connect.
I encountered a CenturyLink Zytel PK5000Z wifi box that would not allow connections for transient devices. Devices that were consistently at the store were able to reliably connect. Transient devices would start to connect then fail to get IP address. There was no WEP/WPA security. Changing to WPA2 made no difference. Removing NAT made no difference. The firmware was up-to-date. I changed the DHCP expiry from one day to five minutes. This allowed all devices to consistently connect.
I encountered a CenturyLink Zytel PK5000Z wifi box that would not allow connections for transient devices. Devices that were consistently at the store were able to reliably connect. Transient devices would start to connect then fail to get IP address. There was no WEP/WPA security. Changing to WPA2 made no difference. Removing NAT made no difference. The firmware was up-to-date. I changed the DHCP expiry from one day to five minutes. This allowed all devices to consistently connect.
Saturday, November 17, 2012
Tools for Website Maintenance
A friend asked for help with a website. These tools have been useful.
http://www.angelfire.com/fl5/html-tutorial/fontlist.htm
Color wheel:
http://www.w3schools.com/tags/ref_colorpicker.asp
Simple yet feature rich image editing suite. Doesn't use Windows installer.
http://download.cnet.com/PhotoFiltre-Portable/3000-2192_4-75374045.html
Core FTP LE
FTP client.
http://www.coreftp.com/download.html
TotalEdit
Text editor supporting many software languages.
http://download.cnet.com/TotalEdit/3000-2352_4-10422689.html
<a href="http://validator.w3.org/check/referer" title="This page validates as XHTML 1.0 Transitional"><abbr title="eXtensible HyperText Markup Language">XHTML</abbr></a> | <a href="http://jigsaw.w3.org/css-validator/check/referer" title="This page validates as CSS"><abbr title="Cascading Style Sheets">CSS</abbr></a>
Reference Guides
Font examples:http://www.angelfire.com/fl5/html-tutorial/fontlist.htm
Color wheel:
http://www.w3schools.com/tags/ref_colorpicker.asp
Software
PhotoFiltre PortableSimple yet feature rich image editing suite. Doesn't use Windows installer.
http://download.cnet.com/PhotoFiltre-Portable/3000-2192_4-75374045.html
Core FTP LE
FTP client.
http://www.coreftp.com/download.html
TotalEdit
Text editor supporting many software languages.
http://download.cnet.com/TotalEdit/3000-2352_4-10422689.html
Code
Place syntax validators in page footers:<a href="http://validator.w3.org/check/referer" title="This page validates as XHTML 1.0 Transitional"><abbr title="eXtensible HyperText Markup Language">XHTML</abbr></a> | <a href="http://jigsaw.w3.org/css-validator/check/referer" title="This page validates as CSS"><abbr title="Cascading Style Sheets">CSS</abbr></a>
Sunday, November 04, 2012
Removing GoogleUpdate.exe
How to stop GoogleUpdate.exe from running on MS Windows.
With task manager, end the GoogleUpdate.exe process.
Run services.msc from a command prompt. Set the googleupdate entries to DISABLED.
Run taskschd.msc from a command prompt. Delete the task.
OR
Start --> Control Panel --> Scheduled Tasks
Delete the task.
Run msconfig from a command prompt.
On the "Startup" tab, uncheck "GoogleUpdate".
With these changes in place, over time the entries will return. Now remove the actual program.
Remove GoogleUpdate.exe from the following paths. Drive letter could be different on your system. If you are administrator, go to your user name.
C:\Documents and Settings\Administrator User Name\Local Settings\Application Data\Google\Update
With task manager, end the GoogleUpdate.exe process.
Run services.msc from a command prompt. Set the googleupdate entries to DISABLED.
Run taskschd.msc from a command prompt. Delete the task.
OR
Start --> Control Panel --> Scheduled Tasks
Delete the task.
Run msconfig from a command prompt.
On the "Startup" tab, uncheck "GoogleUpdate".
With these changes in place, over time the entries will return. Now remove the actual program.
Remove GoogleUpdate.exe from the following paths. Drive letter could be different on your system. If you are administrator, go to your user name.
C:\Documents and Settings\Administrator User Name\Local Settings\Application Data\Google\Update
Thursday, October 25, 2012
Microsoft Windows 8 Upgrades
Anyone who is still suffering with MS Windows Vista may be interested in upgrading to Windows 8 Pro. Considering the frequent slowdown and hangs with Windows Vista, a $40 upgrade is reasonable.
After upgrading to Windows 8 Pro, an upgrade to turn on the Media Center features is no charge. "... you can add Windows Media Center for free through the “add features” option within Windows 8 Pro after your upgrade."
The upgrade pricing is available through January, 2013.
For those purchasing a new system with Windows 7, the upgrade will cost $15 after registering for the promotion.
After upgrading to Windows 8 Pro, an upgrade to turn on the Media Center features is no charge. "... you can add Windows Media Center for free through the “add features” option within Windows 8 Pro after your upgrade."
The upgrade pricing is available through January, 2013.
For those purchasing a new system with Windows 7, the upgrade will cost $15 after registering for the promotion.
Subscribe to:
Posts (Atom)