When I saw the news that Microsoft Security Essentials (4.0) had recently been released (see Paul Thurrott’s Microsoft Security Essentials 4.0 blog post for more information and a download link), I quite naturally found myself wondering if MSE and Windows 8 might finally collide. When I first installed the customer preview in late February of 2012, I tried to install MSE 2.0 shortly thereafter, only to have the installer inform me that the program was incompatible with my version of Windows. Thinking that now that MSE developers must surely take cognizance of Windows 8 with the Customer Preview already out, and more releases in the offing for July and October, I tried to install it on my Windows 8 desktop, only to be greeted with this very interesting results window:
You’ll notice that the preceding message include language indicates that Windows 8 essentially includes the same capabilities as MSE 4.0, built into the Defender module whose name is familiar since the days of Windows Vista. Although the Building Windows 8 blog addressed the OSes anti-malware capabilities in a post dated September 15, 2011, it hadn’t dawned on me that Windows 8 includes comprehensive, built-in anti-malware protection right out of the box. But when I saw this message from the MSE 4.0 installer, I started doing my homework, and learned that there’s a lot more to Defender in Windows 8 than there was in either Windows 7 or Vista.
The blog post says it best: “The improvements to Windows 8 Defender will help protect you from all types of malware, including viruses, worms, bots, and rootkits by using the complete set of malware signatures from the Microsoft Malware Protection Center, which Windows Update will deliver regularly with the latest Microsoft antimalware engine.” Also: “…Windows Defender will no provide you with real-time detection and protection from malware threats using a file system filter, and will interface with Windows secured boot, another new Windows 8 protection feature.”
This blog post (“Protecting you from malware“) is worth a (re)-read because it covers Windows 8 anti-malware features and protections pretty comprehensively. I certainly perused it with more interest and attention than I did last year, now that I’m running several systems with the Windows 8 Customer Preview. Maybe I didn’t really need the Norton Internet Security 2012 I installed on my Windows 8 desktop, after all?
Buckle your seatbelts! Since its hiatus the Building Windows 8 blog has come roaring back with lots of new content in the last week (see my previous blog “The Return of BW8: Two Posts!!” for info about its recent resumption of activity). Monday, they fired off another salvo with a SkyDrive related blog entitled “Making personal cloud storage for Windows available anywhere, with the new SkyDrive.” Here’s she skinny on what you’ll find available right now through the Microsoft SkyDrive pages (Windows Live ID required for sign-in and use). And right now, those who already SkyDrive qualify for a free upgrade from 7 to 25 GB of storage space. Considering that adding 20 to 100 GB of storage costs from $10 to $50 a year, that’s a pretty good free offer.
But there’s more to the latest iteration than more storage. SkyDrive is now accessible via a preview app on Windows Vista, 7, and 8 in 106 different languages. Users can access, browse, or stream files from a remote PC running the new preview app which works on lots of different platforms, as depicted below:
Set-up is fast (under half a minute) and easy, and I’m already transferring files among Windows 7 and Windows 8 PCs, and my MacBook Air, plus my iPhone and iPad. Way cool. Be sure and give it a try (and if you’re already signed up for SkyDrive, be sure to upgrade from your original 7 GB allotment to the 25 GB made available to us pioneers).
BW8 is a common abbreviation for Microsoft’s Building Windows 8 blog, an occasional source of insight and information about the upcoming new desktop OS from the wizards of Redmond. After a 20-day hiatus (from March 28 to April 17 — the longest gap between two posts for BW8 on record so far), posts resumed last Tuesday, followed two days later by another one with the following titles:
- April 17: “Reclaiming memory from Metro style apps” by group program manager Bill Karagounis, from the Windows Performance team
- April 19: “Managing ‘BYO’ PCs in the enterprise (including WOA)” by program manager lead Jeffrey Sutherland, from the Management Systems group
I’m very glad to see BW8 back in action, with some interesting posts on some key concerns about how the new OS manages memory, and how best to maintain control over personal computing devices that employees and contractors are increasingly inclined to bring “on the job” with them to work.
Reclaiming memory from Metro stype apps
An explanation of how Windows 8 manages memory for Metro style apps that are suspended and not in active use. Here’s a key statement from this post “…whenever Windows  detects memory pressure on the system, it will repurpose nearly all the memory that suspended Metro style apps would otherwise hold onto. Windows 8 can reclaim this memory without having to terminate an app” (emphasis from the author). There’s even a nice video that uses Task Manager to show how memory usage adapts to overall machine workload for suspended Metro-style apps. Essentially memory pages are queued up to be written to disk when memory pressure occurs, then “tricked out to disk” to prevent the IO from impacting other processes, and gotten out of the way in the background. I like to think of it as private, app-level memory management for Metro-style apps, which is way cool. The blog post backs up the video with a nice set of diagrams and explanations, and is worth a quick once over.
Managing BYO PCs
This posting is well worth reading, and makes some interesting points. First and foremost, the post discloses the development of “a new management client that can communication with a management infrastructure in the cloud to deliver LOB [Line Of Business] apps to users” (emphasis Sutherland’s, who also promises that this capability will be covered in more detail in an upcoming System Center blog). There will be a client-side agent built in to Windows 8, ready to interact with an organization’s management infrastructure, with a Metro-style app called the self-service portal (aka SSP) that users employ to find and install LOB apps visible to them. This post also explains how BYO devices connect to the management infrastructure, how settings policies are established, used, and managed, how LOB apps can be managed and controlled, and more. Very interesting!
And again, I’m glad to see BW8 back in action, and find myself looking forward to further posts soon.
DISM stands for Deployment Image Servicing and Management. This tool was introduced in Windows 7 and will be taking on more features, functions, and responsibilities in Windows 8. DISM replaces the following well-known image creation and management tools: pkgmgr, PEimg, and IntlConfg, and adds considerably to previous tools for customizing and managing images built around the Microsoft Preinstallation Environment (WinPE or sometimes just PE).
Still unclear about DISM? Here’s how the afore-linked Technical Reference describes this toolset:
Deployment Image Servicing and Management (DISM) is a command-line tool used to service Windows images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. Subsets of the DISM servicing commands are also available for servicing a running operating system.
DISM is installed with Windows 7, and it is also distributed in the Windows OEM Preinstallation Kit (Windows OPK) and the Windows Automated Installation Kit (Windows AIK). It can be used to service Windows Vista with Service Pack 1 (SP1), Windows Server 2008, Windows 7, Windows Server 2008 R2, or Windows PE images. DISM replaces several Windows OPK [OEM Pre-installation Kit] tools, including PEimg, Intlcfg, and Package Manager.
To me, the best things about DISM are its abilities to let you customize WinPE to add to the basic functionality that a minimal Windows run-time image already brings to the Windows installation media (which runs off WinPE) and to any system repair disks you might choose to create (which also run from WinPE). What I sometimes need to do is to add drivers to that basic image so I’ll be sure to be able to access various bits and pieces of hardware on my various desktop and notebook PCs (case in point: unless I provide WinPE with a driver to recognize the Ricoh SD card reader in my Lenovo X220 Tablet, it happily ignores the 32 GB SDHC card I keep in its card slot, with a bunch of tools and utilities designed to help repair balky or boot-troubled PCs).
The following TechNet tutorials explain how to do this kind of thing:
In fact, a search on “use DISM to add drivers to WinPE” also comes up with numerous third party tutorials as well.
With Windows 8, DISM will gain some cool features. For one thing, you’ll be able to interact with VHD images (for virtual machines) and not just Windows Image (WIM) files. The old, clunky ImageX utility is gone, replaced with a number of direct image manipulation commands (see the MSFN.org post entitled “DISM Improvements in Windows 8” for more details). Looks like working with images in Windows 8 is going to be a lot easier and more interesting than it has been so far. Good-oh!
How many editions will Windows 8 have? Two consumer versions for x86/64 machines, one OEM-only version (for ARM processors), and one “specifically for those enterprise customers with Software Assurance agreements.” Oh, and by the way, here’s my favorite quote from Brandon LeBlanc’s April 16, 2012, post to Blogging Windows entitled “Announcing the Windows 8 Editions:”
Windows 8 is the official product name for the next x86/64 editions of Windows.
I’m glad the common name for the new OS has finally been adopted as its real name as well. That said, here’s a run-down of the Editions presented or noted in LeBlanc’s post:
- x86/64 versions are to be called Windows 8 or Windows 8 Pro. What distinguishes these two versions? Windows 8 Pro will provide features for encryption, virtualization, PC management, and domain connectivity, all of which will apparently be left out of plain-vanilla Windows 8.
- The ARM version will be known as Windows RT (previously known as Windows on Arm or WOA), and as stated before, will only be provided pre-installed on PCs and tablets built around ARM processors, designed to run on thin and light devices “with impressive battery life.” And yes, this edition does include “touch-optimized desktop versions of the new Microsoft Word, Excel, PowerPoint, and OneNote.”
- The Windows 8 Enterprise edition takes Windows 8 Pro as its base, then adds “features for IT organization that enable PC management and deployment, advanced security, virtualization, new mobility scenarios, and much more.” How much more, and how security, virtualization, management and deployment differ from Windows 8 Pro is not yet clear. We’ll see, I guess…
There’s also a spiffy table in this blog post that calls out 41 distinct OS features and recites which editions support which ones. The last items in the table are particularly interesting, as they apply only to Windows 8 Pro (and thus by extension to Windows 8 Enterprise as well): BitLocker and BitLocker To Go, boot from VHD, Client Hyper-V, Domain Join, Encrypting File System (EFS), Group Policy, and Remote Desktop (host). Except for boot from VHD and Client Hyper-V, not too different from Windows 7 Home editions versus Windows 7 Professional, either.
It’s not often that I get the chance to plug another fellow IT Knowledge Exchange blogger’s post in one of my own blogs, but today sure is that day. Thanks to the news stream from my colleagues over at the Internet Press Guild I picked up a pointer to Robin “Roblimo” Miller’s coverage of a PDF report from Randstad Technologies entitled “IT Worker Confidence Reaches Highest Level on Record.” My reaction to this claim was apparently the same as Rob’s because I instantly questioned the credibility, the survey base, and the very sanity of the organization behind such an outrageous claim.
But no, here’s a list of the companies behind this report: Harris Interactive, a well-known and -respected online survey firm; Randstad Technologies, a huge global human services and resources firm; and TechniSource, Randstad’s IT recruiting and placement subsidiary. About the only thing I can see that might be a little wonky is the survey population, which consisted of 4,341 adults from the USA, of which 253 “are employed in the technology industry.” I’m not really sure what “technology industry” means in this context, and at 5.8% of the total, that segment of 253 workers represents a somewhat different component than information workers vis-a-vis the civilian workforce as represented in Table A-14 of the latest USBLS Employment Situation Summary dated April 6, 2012 (that ratio is 3.7% instead, which has IT pros a bit over-represented in the overall sample, by my reckoning).
Even so, all reservations aside, the contents of this summary are mind-boggling at first blush:
- Technology professionals’ confidence in the overall economy stands at 40 percent “now believing the economy is getting stronger” — this is up by 18 percent since their Q4 2011 report.
- About one third (32%) of IT workers believe that more IT jobs are now available, up by 14 percent over the same period.
- Forty-two percent of IT workers expressed confidence in their ability to find a new job, unchanged from the prior report.
- Forty-one percent of IT workers say they’re likely to seek new work within the next twelve months, up nine percent from the prior report.
What does closer examination of this data tell me? First and foremost, it says that only the 253 IT professionals who made up around 1 in 20 of survey participants were able to express opinions reflected in this survey. This is still a respectable sample size, but not as good as a population of over 4,000. Randstad and Technisource see these responses as more reflective of a bullish economy, and advise employers to redouble their employee retention efforts, while trying to meet needs for “specialized skills as the job market heats up.”
What I see is less than a majority feeling somewhat better about the employment situation and their prospects for new work, and a lukewarm endorsement of the pace and substance behind the current economic recovery. Now that I’ve looked more closely at the data and the sample, my response is “I think they mean all-time high since the market downturn in 2008, don’t they?” or perhaps “Wake me up when the percentage levels reflect a clear majority for all the various metrics presented.”
But I have to say that pegging IT worker confidence at “an all-time high” reflects too narrow a time horizon, and too ebullient an interpretation of the data collected from the survey. This report might be good for Randstad’s core business, but I don’t think it necessarily reflects a bullish IT employment market in general, nor does it foretell brilliant prospects for IT job seekers or hoppers.
See Robin Miller’s blog over at Climbing teh IT Career Ladder for some follow-up questions he posed to Chris Mader, a Managing Director at Randstad Technologies. There, you’ll find some other interesting prognostications and outlooks on IT employment. I see Mader’s reasoning, but I’m not sure I buy those forecasts, either. But hey: I hope he’s right! If so, things are looking up a great deal more for IT than other recent reports and trends have suggested. Keep your fingers crossed…
For many Windows 7 (and even some Windows 8 ) users switching over to a solid state disk, or SSD, comes after the OS has already been installed to a conventional drive. The adventure begins — but doesn’t end — with cloning the old HD to an SSD. That’s because although Windows 7 or 8 will happily set themselves up for best behavior with an SSD if you install them to an SSD to begin with, the same is not true when you start on a conventional HD and only later move from that drive to a solid state replacement.
This situation is particularly common for notebook or laptop PC owners who may — like me — choose to take whatever comes standard on such PCs that they buy from a vendor or reseller, only to install an SSD once the unit has been delivered, and the software and setup (and drivers) tweaked to where they really need to be. I do this because vendors and resellers tend to mark SSDs up by $50 or more from what you can purchase the same units from online e-tailers such as Newegg or Provantage (two very good online sources for rock-bottom SSD prices, particularly during their regular special promotions), and I suspect I’m not alone, either.
I am writing today to recommend two extremely good resources to help people switch over from an HD to an SSD (or to set up such a switch for their users at work). One is the “SSD Tweaks and Optimizations in Windows 7” tutorial at Windows SevenForums by member lightningltd. The other is a software package from Elpham.soft called SSD Tweaker (available in a more limited free edition and a $13 pro edition). These two items go together quite well, because the vast majority of what the tutorial explains how to do manually, one tweak at a time, in great and glorious detail (fascinating to a Windows geek like myself, perhaps less so to other less technically obsessed readers) the SSD Tweaker tool does automatically through a longish laundry list of settings and configuration checkboxes.
For those who’ve made the switch and haven’t followed up with painstaking optimization, or those who are contemplating or preparing to make the switch, these items are real nonpareils. Be sure to check them out, and use them when you can.
In previous blogs I’ve written about the Unified Extensible Firmware Interface, a 21st century, mostly 64-bit replacement for and upgrade to the 16-bit BIOS (Basic Input-Output System) that goes all the back to the first IBM PC, circa 1981 or thereabouts. Now that Windows 8 is embracing UEFI technology to help secure and manage the boot process, and fend off pre-boot-based malware and attacks, it’s time for lots of people — including me — to get more serious about UEFI and start putting it to work.
I’m learning, slowly but surely, with lots of trial and error, that using UEFI as Windows 8 wants it to be used, isn’t quite as easy as I’d hoped or thought it might be. As I’m learning and figuring things out, here are some interesting realizations I’ve uncovered along the way:
1. If you want to use UEFI with Windows operating systems (including Windows 7 and Windows 8 ) you must perform a UEFI install of the operating system. This requires a completely different install approach and disk layout from taking the BIOS route. So far, I’ve purchased two UEFI-based notebooks (both from Lenovo) and both continue to come with BIOS based Windows installs rather than UEFI install. Switching over to UEFI disk layout essentially blows away the built in recovery layout and capability, and probably voids the warranty, too. When Windows 8 goes commercial, that’s gonna have to change! For a sense of what’s going on, see this TechNet Blog post “Installing Windows 7 on UEFI based computer.”
2. Although the UEFI supports a pre-boot command shell with a rich set of commands and capabilities, getting to that shell is proving a little more difficult than I’d expected it to be. Despite numerous claims about required directory structures and specific files (for example shellx64.efi as the right name for the shell file) I’m still grappling with booting into UEFI and gaining access to the shell. My next move is to buy and read the Intel publication “Harnessing the UEFI Shell” which purports to be both a reference and how-to for all things related to the UEFI shell to figure out exactly what to do and how to do it.
3. Once I master these basics I should then be able to start digging into Windows 8’s UEFI security features, and understand how they are invoked, and how they may best be used. Hopefully, getting past items #1 and #2 won’t take too terribly long, so I can start digging into these meatier topics.
Count on me to keep reporting on this subject as I learn more, along with how-to’s on how to grab and use this stuff for yourself. Nothing irks me more than when seemingly straightforward things turn more tortuous in practice than in theory, so it will be my pleasure to try to make this material more approachable and understandable. Stay tuned!
For the record, here are my previous UEFI blog posts
9/23/2011: Great UEFI Post Appears on “Building Windows 8” blog
12/2/2011: UEFI Rears Its Lovely Head Once Again for Windows 8
In my previous post “Interesting Windows 8 Issues on Lenovo X220 Tablet” I delved into some Windows 8 driver shenanigans as they related to that machine. In the past few weeks I’ve performed over two dozen Windows 8 installs on several notebook and desktop PCs, and have started getting comfortable with post-install driver catch-up as well as the surprisingly fast and reliable OS installer itself. At the same time, I’ve observed an increasing influx of Windows 8 drivers as device makers start gearing up for the OEM Release Candidate in July 2012, and the General Availability release in October 2012 as well. Here’s my most important point of this post, new and exciting driver and software updates notwithstanding: In the vast majority of cases, Windows 7 drivers and software work FINE with Windows 8! But around the edges of the computing industry lots of interesting new developments are also underway…
Thus, for example, you can now find a Windows 8 Beta Drivers page amidst the Lenovo support pages, and you are starting to see Windows 8 discussions (but still with lots of disclaimers) on the related forums at the HP (forum post search) and Dell (community search) sites. Other vendors are no doubt working feverishly on Windows 8 to prepare for the upcoming OEM/RC release but most are being much more cagey and less visible about their Windows 8 efforts at the moment, however.
One interesting ray of sunshine comes from nVidia, which is now including Windows 8 in its lists of recognized operating systems. Alas, the site couldn’t recognize my video card to tell me I’m running the current Windows 8 friendly release (296.17, released March 6, 2012) though it was happy to let me navigate to that driver manually:
I’m expecting to see an increasing number of Windows 8 specific drivers popping up all over the place in the weeks and months ahead, as release dates draw closer. As if to confirm my expectations, Gabe Topala has just released a beta version of his excellent System Information for Windows program (SIW) that’s named SIW-X64 v2012.04.08. It now recognizes the Windows 8 OS and its runtime environment:
Just the beginning of a huge wave to come. Stay tuned: I’ll report other updates and goodies as I find them!
All in all, I’ve been pretty impressed with the X220 Tablet PC from Lenovo. It ran Windows 7 like a champ with good performance and touch response. Once I learned that a clean install of Windows 8 actually works better than an upgrade install from 7 to 8 in terms of drivers and touch, I have come to feel the same way about this machine running the Windows 8 Customer Preview as well.
But I have hit several interesting glitches on this machine, some merely annoying others somewhat more serious. After several long half-day sessions dealing with drivers, I realized that the best approach to bringing the system up to snuff works like this:
- Install Windows 8 from the ISO (I used the Windows 7 USB DVD Download Tool to take the Windows 8 ISO and create a bootable USB Flash Drive aka UFD from which I installed the OS).
- Run Windows Update until no new updates are available (easiest way to do this is to enter Windowkey-R to open the Run box, then type “wuapp” into that box to launch the program).
- Download and install the latest Intel chipset utility files (for the nonce that’s version 188.8.131.529, though Lenovo now has a Windows 8 download page up where you can grab version 184.108.40.2060, along with other Windows 8-specific goodies.
- Use a driver scanner/update service to catch and fix other missing or outdated drivers. Five items show up as missing drivers after Windows 8 install: the Ricoh card reader, three items related to the Intel Management Engine Interface (which uses a Serial on LAN, or SOL, connection to do sideband communications with devices that can’t even boot into an OS successfully), and the Integrated Web Camera. Between DriverAgent’s recommendations (that the driver scanner service I use) and the downloads available from the Lenovo support pages, I was able to find and fix pretty much everything.
But I have hit a few less tractable snags on the X220 Tablet. First and worst, the built-in Windows Backup doesn’t work on this machine. I tried half-a-dozen different remote storage options (multiple USB external drives, network drives on other hosts in the same homegroup, and so forth) during each of which I would get the error message that “Windows backup skipped backing up system image because one of the critical volumes is not having enough free space. Free up some space by deleted unnecessary files and try again.” All of the target machines I chose to store the backup had at least 0.5 TB of storage available, so I knew that wasn’t the problem. I am using an SSD as the primary drive in this test machine, and it currently has about 80% free space, so I’m mystified as to how it might be the problem, either (but that could be it). The system drive has a couple of other partitions on it: first, the Lenovo Recovery Partition is 9.45 GB of which 8.8GB is in use; and second, there’s an SYSTEM_DRV partition as well: it’s more or less invisible to Windows, though you can see this 1.17 GB partition with the Windows Disk Management utility. Right now, I can’t use either Windows Backup (through the Windows 7 File Recovery control panel item, where it lurks under a misleading item identifier) or Lenovo Rescue and Recovery backup on this machine. Fortunately, Acronis True Image Home 2012 works fine, so I’m using it instead.
I also had to do some dithering about to get the Wacom pen working properly on the X220 tablet. The Lenovo ThinkVantage utilities have enjoyed mixed success on this machine running Windows 8, too. The console works, and so do the system scans. Rescue and Recovery doesn’t work (nor backup, as already mentioned), nor does the built-in software and driver update utility named ThinkVantage Update. I am sure this simply reflects the lack of catch-up to Windows 8 at PC Tools, which is the company that builds the ThinkVantage stuff for Lenovo as far as I can tell. So, I’ve put a call into my contacts there to see if I can learn more about what’s up.
[Follow-up Note: 2:00 PM 4/6/2012]:More research into the error code 0X81000033 (thrown by my failed backup in Windows 8 ) shows that a too-small first physical partition on the hard disk can provoke this error condition. I used WinDirStat to check the contents of the SYSTEM_DRV partition and, sure enough, it contained three huge WIM (Windows Image) files for various repair and recovery scenarios. What I needed was more free space in this partition, but Disk Management wouldn’t let me expand the partition, only shrink it!
But after a quick Skype session to my friendly and supportive Paragon Software press person, Katia Shabanova, who works for them in Germany (fortunately for me she was still at her desk), I obtained a copy of that company’s Hard Disk Manager 12 Suite. In 15 minutes, after downloading and installing the software, I was resizing the initial partition from 1.7 to 3.9 GB (I doubled its size, figuring that would be enough for scratch files during backup). On my next attempt, Windows Backup completed successfully and all was well I hope the Lenovo guys are reading my blog because they apparently need to change the disk layout for their Windows 8 builds, to increase the size of the SYSTEM_DRV partition somewhat. It may not be necessary to grow it to nearly 4 GB as I did, but I’m sure they can figure out exactly how big to make it. I just didn’t want to bother with the trial-and-error or experimentation necessary to set the size more precisely. Nevertheless, I’m glad to have another bump in my Windows 8 road out of the way!