Skip navigation

Category Archives: Operating Systems

Remote Assistance/Information Gathering Aid – SupportDetails

I’m putting together a computer & online safety presentation for an upcoming talk at a senior center in Portsmouth (NH) and came across Support Details in my information hunting trek. This site makes it dirt simple to get basic information from whomever you are providing remote support to (a task I’m sure many of us have to do on occasion). I suspect it could also be handy to a developer who wants to double-check client settings. If you’ve ever tried asking someone what their IP address is or even what browser they are using, you know how helpful it might be if you could find out simple information quickly and painlessly.

Support Details collects data on the following system/browser elements:

  • Operating System
  • Screen Resolution
  • Web Browser
  • Browser Size
  • IP Address
  • Color Depth
  • Javascript
  • Flash Version
  • Cookies
  • User Agent

Support Details | Tech Support Management

Both Windows and OS X provide internal utilities to do full screen sharing – and more – for remote assistance if you’re on that same platform. There are third party services such as GoToAssist and Copilot that enable remote support across platforms. While Support Details does not even come close to either types of interaction it does provide basic data to help you triage where to go next…and, it’s free.

Never A Better Time To Baseline

If you’re preparing to install Windows 7 or Windows Server 2008 R2 Service Pack 1, now would be a good time to give Microsoft’s Attack Surface Analyzer a spin. ASA takes a baseline snapshot of your system state and then lets you take another snapshot after any configuration change or product installation and displays the changes to a number of key elements of the Windows attack surface, including analysis of changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters.

Ideally, you’d take your baseline after a fresh install of your workstation or server from known, good media/images and after your own base configuration changes.

This would also be a good thing to do when building your base VM images so you can then validate their state as you duplicate and modify VDIs.

The installation of a Service Pack is a pretty radical change to your environment. If you run ASA prior to the SP install you can see if there are any significant changes to your system’s security profile after the bundle of patches and hotfixes are put down. You could also use the SP1 event to baseline post-install, provided you’ve done as thorough of a malware & rootkit sweep as can be done (you still cannot truly trust the results).

It may take some discipline to run ASA regularly on your personal systems every time you update software or drivers. IT shops should have an easier time scripting ASA during system deployments as well as application code updates. In either scenario, this free tool from Microsoft should help make you a more informed user and also aid you in building and maintaining more secure systems.

See also: MSDN SDLC blog post on the new Attack Surface Analyzer

Quick Hits :: 2011-02-09

Security

  • VSR uses some high-ish profile attacks from 2010 to provide fodder for the VAR community :: Security Risk: Top Hacker Attacks of 2010. I include it as the examples they provide should make it easier for folks doing presentations where they need to show real-life attacks (without sifting through the individual entries at the various data breach web site databases). [Vertical Systems Reseller]

Windows

  • Windows 7/2008 SP1 looms large. OEMs, VLCs & MSDN/TechNet subscribers get it on February 16th and the rest of the masses can give it a go on February 22nd. It looks like it has a decidedly enterprise-y focus, but one can hope it continues Microsoft on the path to robust desktop & server experiences :: Announcing The Availability of Windows 7 and Windows Server R2 SP1 [Microsoft]
  • Autoruns – the ability to automatically perform tasks when certain devices are made available to Window systems (e.g. USB sticks) – are a boon to malware writers. While Microsoft has somewhat mitigated the threat they pose in more modern versions of their operating systems, it can be tricky to make older systems safe. With the latest round of Patch Tuesday updates, they included a way to disable Autoruns in older systems. W00t! Microsoft Update Offers an Easier Way to Turn off Autoruns [PC World]
  • Succinct and informative article by Chris Sanders on how to determine if your systems is being actively compromised. Chock full of screen shots and examples of what to look for. While not exactly aimed at the general Windows community, it does provide a solid introduction to core tools that technically-inclined users should make room for in their toolboxes :: http://www.windowsecurity.com/articles/Determining-You-Actively-Being-Compromised.html [WindowsSecurity.com]

Programming

  • Pageforest helps you ship complete web applications without having to write any server-side code. You can build your application using HTML[5], CSS & javascript and the Pageforest service provides application hosting, user authentication & data storage. You only use client-side javascript and are free to include jQuery, Prototype or any other frameworks that you need to include in your app. Hosting is currently free and the site includes a full IDE to help you get started coding :: A Pure JavaScript Web Application Platform [pageforest.com]

‘Spaces’ for Windows

UPDATE [2011-02-05] Added VirtuaWin to the list thanks to a tip by @ken5m1th.

I’ve been setting up a relatively new 64-bit Windows 7 Ultimate machine and decided to see if the virtual desktops landscape had changed much in the recent past. It’s amazing that with all of the feature duplication between OS X, *nix (esp Ubuntu) and more modern Windows systems that the ability to create, manage and use more than one desktop is not yet a built-in feature that one can just enable.

Poking around, I saw a few contenders, including:

Given that this is a built-in (i.e. I don’t have to pay extra for it) feature on two of my other operating systems, I immediately excluded the ones I’d have to pay for, even though a couple of them looked pretty snazzy.

I started with Finestra since I’ve used it in the past (under it’s old name) and was greeted with numerous “shortcut key conflict” errors and some .NET soft-app-crashed and working with the taskbar icon. It did it’s job, but it also made Xshell completely lose its window when I quit the switcher.

I decided to give Microsoft’s offering a go next as you’d think that they could use some of there seekrits to make for a very rich desktop switching experience. Unfortunately, it felt more like an app that I might have written (no polish, kinda clunky but functional). A big plus is that it did not require going through a slow install process. Download->run>->try->quit. I wish more software for the Windows platform was like that.

The last one I tried and have stayed with is WindowsPager. I was immediately impressed that it had a 64-bit compiled version and also that it did not require an arduous installation process.

WindowsPager lets you move individual windows from one desktop to another with a right-click in the title bar and presents a spiffy and functional mini-desktop view in the taskbar:

There are also many more ways to move around and place objects on individual desktops (you can see all the features in WindowPager’s documentation).

For the time being, I’m sticking with WindowsPager and am happy to have added functionality that really should have been there in the first place.

(Haven’t given VirtuaWin a go yet, but it looks like it might be a decent contender.)

AwesomeChartJS Meets Microsoft Security Bulletins

I wanted to play with the AwesomeChartJS library and figured an interesting way to do that was to use it to track Microsoft Security Bulletins this year. While I was drawn in by just how simple it is to craft basic charts, that simplicity really only makes it useful for simple data sets. So, while I’ve produced three diferent views of Microsoft Security Bulletins for 2011 (to-date, and in advance of February’s Patch Tuesday), it would not be a good choice to do a running comparison between past years and 20111 (per-month).  The authors self-admit that there are [deliberate] limitations and point folks to the most excellent flot library for more sophisticated analytics (which I may feature in March).

The library itself only works within an HTML5 environment (one of the reasons I chose it) and uses a separate <canvas> element to house each chart. After loading up the library iself in a script tag:

<script src="/b/js/AwesomeChartJS/awesomechart.js" type="application/javascript">

(which is ~32K un-minified) you then declare a canvas element:

<canvas id="canvas1" width="400" height="300"></canvas>


and use some pretty straighforward javascript (no dependency on jQuery or other large frameworks) to do the drawing:

var mychart = new AwesomeChart('canvas1');
mychart.title = "Microsoft Security Bulletins Raw Count By Month - 2011";
mychart.data = [2, 12];
mychart.colors = ["#0000FF","#0000FF"];
mychart.labels = ["January", "February"];
mychart.draw();

It’s definitely worth a look if you have simple charting needs.

Regrettably, it looks like February is going to be a busy month for Windows administrators.

Your web-browser does not support the HTML 5 canvas element.

Your web-browser does not support the HTML 5 canvas element.

Your web-browser does not support the HTML 5 canvas element.

Backup Workflow

I was trying to convey my backup workflow/setup to @joeday in 140 and it just wasn’t working very well. Twitter – as one might expect – is not exactly the place for detailed technical discussions, but it does provide fertile ground to spark ideas and dialogue. I told @geekshui that I’d blog my setup and that turned out to be just enough of a catalyst to force me to iron out my strategy for rud.is and future (if any) non-cooking/family blogging.

Background

I’m [still] a die-hard OS X user, despite the increasing gatekeeper motif Apple is sporting these days. My main computer is a MacBook Pro which I would stupidly run back into a burning building to rescue. Everything is on it. Everything. I digitize receipts, house our multimedia, spin out VMs like a DJ, create, compose, torrent, rip, zip and hack from it. Consequently, ensuring my data is available is kinda important to me.

I’ve been around computers long enough to have learned some painful lessons from four simple characters: MTBF. Drives break. Electronics fail. It’s an undeniable fact. The only way to recover from these failures is to have a good strategy for keeping your data available.

Strategy #1: Backups

While hard to digest on Twitter, my backup strategy is pretty straightforward. I use Time Machine for OS-managed full system backups. I rotate these between two large (1TB & 2TB) hard drives and I retire one large hard drive each year (MTBF…remember?). This gets me individual file recovery pretty quickly over a decent time period and a bit of hardware piece of mind.

I also have two 2.5″ IEEE 1394 drives that I SuperDupe/CarbonCopyClone images to every time Apple issues a 10.x.y update. Again, I rotate between since I really don’t trust drive manufacturers. I haven’t relied on TrueCrypt for a while (which would make for an ugly workflow) for system volumes, but it’s easy to clone disks that have FileVault protected data as long as you do so from an account that does not use or rely on FileVault data.

Both Time Machine and the drive cloning can occur while I’m sleeping, so no workflow is impacted.

Strategy #2: Dropbox

I have to start by sharing just how much I <3 Dropbox. I don’t use the free service as I grew weary of keeping within the paultry limits. Getting a paid sub to it provides more than just freedom from minutiae. I now get (as long as they have no hiccups) full recovery back as far as I want in the event I do actually lose a file or two. I have Dropbox configured on my MacBook Pro, a home Windows machine and a home Linux box. This means that even if I lose the drive on my Mac, I can get some of my non-sensitive data back from one of the other Dropbox-enabled systems (which is much faster than recovering from backups). It also means that I can get right back to work on a different system – as long as I have not used an OS X-specific program.

I could rant for quite a while about Dropbox, but it should be pretty obvious why this is part of of my backup strategy.

Strategy #3: rsync.net

While Dropbox houses non-sensitive data offsite (again, assuming no service hiccups), there is a subset of my information that I do want housed off-site in the event there is a catastrophic issue with our abode. For that, I have been using rsync.net since it’s inception. They provide outstanding customer support, have a unique view and practices around warrants and fully understand the needs of technical users concerned about availability and privacy.

There are some other things we do to ensure a refresh of the content on media drives that get hooked up to our PS3 or displays, but the the above three steps are how I ensure that I always have access to the data that enables my workflow.

HDMI Overscan Tweak For Wimpy Windows Font Display

CATALYST Control Center

Overscan setting

I recently hooked up a Windows 7 box to my Dell ST2310 monitor and was surprised at just how horrid the fonts looked, especially since my MacBook Pro looks fantastic using both DVI and HDMI with the display. I even tried all the ClearType tweaks to no avail.

Then, it suddenly dawned on me – when I started viewing some iTunes videos – that the OS was not taking advantage of the available screen real estate (in full screen view mode).

I tried to go minimal with the Windows 7 install, as I find that too many utilities, tray icons and services still manage to clog up the works. To solve this problem, I had to grab the ATI CATALYST Control Center software to do more detailed tweaks.

It turns out that the problem was with the overscan settings. The original, default setting by the built-in Windows 7 drivers had the slider right in the middle. I had to move it all the way to the right (full overscan) to both reclaim viewing space and font crispness.

Believe it or not, Engadget has a pretty good breakdown of the in’s-and-out’s of overscan if you’d like further reading. I blogged this mainly to help folks out who may be as frustrated as I was.