Windows Enterprise Desktop

March 31, 2013  8:50 PM

Don’t Forget Windows 8 “Health Check”

Ed Tittel Ed Tittel Profile: Ed Tittel

In Windows 7, Microsoft introduced a canned report from the built-in Windows Performance Monitor — renamed to the Resource and Performance Monitor — sometimes known as the Windows “Health Check” or “Health Report.” From a search box or the command line, you can enter perfmon /report to produce this survey of any Windows 8 system and its current health and resources. This produces a window that looks something like this on Windows 8:

You want to see that row of 5 "green lights" for a clean bill of system health.

You want to see that row of 5 “green lights” for a clean bill of system health.

If any of the indicators are red, you can use the plus signs at the far left to drill down into underlying information more deeply. Thus, for example, the first time I ran this tool to produce the screen shot for this blog post, I discovered I’d accidentally turned off the Windows Search service (which some Windows pundits decry, but which I have come to appreciate, thanks to its ever-improving built-in capabilities so readily available through the File Explorer search box, and other search boxes elsewhere in the system — as in the old Win7 position when using the Stardock Start8 Start Menu replacement tool, as I so often do). I had just finished fooling around with the latest version of Iolo’s System Mechanic (v11.7 Pro) on the system, and had apparently and inadvertently turned off the Windows Search service as part of their recommended “tune-up” settings. A quick jump to services.msc to restart the service and restore it to Automatic status, and I was back in (normal) business.

The other tabs in this report are also worth exploring, so here’s a little bit of explanation for what you’ll find there:

1. Performance provides an overview of resource utilization for CPU, Network, Disk, and Memory.
2. Software Configuration provides oodles of information from OS Checks, Security Center, lots of details on System Services, and Startup Programs.
3. Hardware Configuration covers various Disk Checks, System details, desktop performance rating data (from Windows Experience), BIOS info, and key Device Manager details.
4. The CPU heading provides information about running processes and their resource consumption (Image Statistics), Service Statistics, active/running services, and a raft of system performance counters and data.
5. The Network heading tracks protocol-related counters and data for TCP, the physical interface (data link layer), IP, and UDP, and provides great detail on network traffic levels and activity.
6. The Disk heading provides information on so-called “Hot Files” (major files that Windows uses heavily at run-time), disk activity, physical disks, and NTFS performance.
7. Under the Memory heading, you can examine RAM consumption by process, along with working set size, total commit charges, and distribution between shareable and private memory, along with all the major memory counters that Performance Monitor supports.
8. Report Statistics ties the report content to a specific PC and OS installation, with information about files run and created to generate the report, and events processed to obtain the report’s contents.

Not only is this a useful report when checking up on a system, it’s also a quick and easy way to obtain (and even to retain) system state, health, configuration, and components/devices information for any PC on which it’s run. Worth getting to know!

March 29, 2013  9:28 PM

MS Bows to the Market, Alters Win8 Specs to Permit 7″ Tablets

Ed Tittel Ed Tittel Profile: Ed Tittel

A recent spate of stories on the Web (The Verge, Ed Bott/ZDnet, and so forth) disclose Microsoft’s interesting alteration of its minimum hardware requirements for Windows 8 devices. Whereas tablets had been limited to a minimum of 1366×768 in the past, Microsoft has dropped that number to 1024×768 (which old-timers like yours truly recognize as the old XGA monitor standard that’s been around since the early 1990s). This matters because it opens the door for seven- and eight-inch display form factors on Windows 8 tablets, which has naturally also led to speculation that a “Microsoft e-reader” could be in the offing, as well as a Windows Phone 8 based competitor to the wildly successful Galaxy tablet/phablet designs from Samsung.

Ed Bott reports further that this change appeared in the March 12 (2013) Windows Certification Newsletter, which provides information for hardware OEMs interested in selling systems — tablets, in this case — that meet Microsoft’s requirements for obtaining an official Windows Logo designation (this program had been known as the Logo Program in the past, but is now called the Windows Certification Program, not to be confused with credentials offered to IT professionals through Microsoft Learning).

A 7" tablet opens all kinds of interesting possibilities for the MS Surface product line.

A 7″ tablet opens interesting possibilities for the MS Surface product line.

There is a catch, however, and it’s not a pretty (or convenient) one: the lower resolution does indeed disable the Windows 8 “snap” feature, which permits two Modern UI/Windows Store apps to appear side-by-side on a Windows 8 display. OEMs will be required to warn buyers in advance that this particular screen resolution does NOT support this feature. Bott goes on further to discuss the on-year anniversary of a patent settlement between Barnes & Noble and Microsoft, and a possible partnership between those two companies to produce an e-reader based on the upcoming “Blue” version of Windows 8. The most interesting aspect of this partnership, which Bott obtained via Mary Jo Foley (another ZDnet Windows maven) is “…the formation of a joint Microsoft/B&N company (Nook Media, LLC, called ‘NewCo’ in the SEC disclosure, with this tantalizing language in the agreement: ‘Microsoft Reader.

If Microsoft creates such an e-reader, Microsoft may include an interface to the NewCo Store in that reader and may surface in that reader all Content purchased by customers from the NewCo Store.'” Veeeeeeeeeeeeeeery interesting, sez I! If, as Bott speculates, such a item could hit the market at a price under $300, there could be a whole new game in town, not only because of the B&N relationship, but also because a Win8-based 7″ tablet could also run any of a number of other PC-ready e-reader programs, including the Amazon Kindle app.

March 26, 2013  6:15 PM

Demise of the Win8 Desktop Highly Unlikely, Rumors Nothwithstanding

Ed Tittel Ed Tittel Profile: Ed Tittel

Le desktop c'est mort. Vive le desktop!

Le desktop c’est mort. Vive le desktop!
[Image credit: Shutterstock 131795768]

One of my favorite Windows curmudgeons has to be the one and only Steven J. Vaughan-Nichols (who understandably mostly goes by his initials, SJVN). He’s been waxing bilious and profane about the Modern UI in Windows 8 pretty much since it first came along, and maintains special reserves of both spleen and ire for the difficulties it can impose upon the ignorant or unwary when it comes to finding one’s way to the desktop in that operating system. But even he is taking issues with some reporting in the wake of recent BitTorrent leaks of the upcoming Windows “Blue” release (an annual release that may do away with boxed or less frequent “major OS releases” sometime in the Windows future). That reporting — which involves long-time and well-respected Windows guru Paul Thurrott  and long-time Windows industry and technology watcher Preston Gralla— makes the proposal that Microsoft may be planning to do away with the desktop completely in future Windows versions.

My reaction to this reporting is the same as SJVN’s (and when we agree on something Windows-related, you know it has to be pretty inarguable, because otherwise we’d be arguing about it instead). “No Windows desktop mode!? No!” is the title of his reaction piece to such supposing, to which my only amendment would be: “Not only no, but heck NO!” SJVN also makes mention of “…hundreds of thousands of desktop applications that will take years, if not longer, to migrate to WinRT API-based apps…” necessary to make them work in a Modern UI-only Windows world. I just don’t think that business users will tolerate complete and utter disposal of the desktop, since that’s where most of them (including me) spend their days as they do their jobs on their computers.

SJVN also observes that Microsoft could “… move all its business apps to the cloud and make them software as a service (SaaS) apps,” a migration that he says fits nicely with Ed Bott’s “… vision of Microsoft’s future as a cloud-based service provider with its own hardware line, Surface.” This causes SJVN to pause and scratch his metaphorical head, to opine that “if moving its business applications to the cloud really is the plan, then Microsoft could indeed leave Windows 8’s desktop mode behind…” True or false though this may be, it still leaves orphaned the hundreds of thousands of commercial and custom-built applications that business users run on the desktop daily, and would have to wait for their migration from desktop to the great beyond (my tongue-in-cheek reference to their cloud-based, Modern UI friendly replacements) before they could assume the happy and virtuous state of desktoplessness, as it were.

I have to believe that sheer inertia dictates that a desktop of some kind will remain available in Windows until the vast majority of business developers have themselves made the move to the Modern UI, or whatever name the “next big touch- and mobile-device-friendly UI” might happen to take. I can’t see this happening in less than 10 years, though I would be delighted to be proved wrong. But as always, in matters of dispute like these, time will tell!

[PostScript Added 3/27/2013:
This morning, I found another story from Preston Gralla for Computerworld entitled “Three reasons Microsoft wants to kill the Windows Desktop.” In short, his three reasons are: 1. To help Windows Phone and Windows tablets gain market share; 2. to unify the operating system (by supporting only a single interface, to eliminate tension between the old-fashioned desktop and newfangled Modern UI); and 3. to lock enterprises into future versions of Windows (if enterprises build Modern UI apps, this locks them into Windows moving forward).  My response is that 1 is inarguable, that 2 is questionable, and that there’s a mighty big “if” involved in number 3. No matter what I think (or anybody else outside Microsoft, for that matter), this is turning into an interesting discussion, with a bizarre take on Microsoft’s methods and motives emerging. Does the conversation say more about the analysts, or the analysand? I wonder… ]

March 24, 2013  11:04 PM

RDP Imposes Some Gotchas on Remote Win8 Computing

Ed Tittel Ed Tittel Profile: Ed Tittel

My home office set-up includes a pair of 27″ Dell monitors (2707 WFPs) on my primary production desktop. I say this by way of explaining why one of my favorite working techniques is to stay logged into that machine, and to use Remote Desktop Connection (and the RDP protocol) to reach out from that desktop to other machines I want to work on here and there around the house. In particular, I’ve got 2 Windows 8 test machines that I work on quite regularly — a Lenovo X220 Tablet with an i7-2640M and 12 GB of RAM, and a home-built desktop with an Asus P8Z68V-PRO GEN3 mobo, an i7 2660K CPU, and 32 GB of RAM — where my preference is to remote into those machines and work on them.

But alas, that doesn’t always work, because not all applications are 100% (or even a little bit) compatible with RDP. And figuring out what’s compatible and what’s not can be interesting, too. Until some time in 2011, Microsoft offered a free tool called the RDS Application Compatibility Checker. But in 2011 they handed off this functionality to a Dell-owned software company formerly known as Quest Software, whose ChangeBASE product includes a variety of tools, including automated application compatibility testing that incorporates a variety of remote access compatibility checks. I’ve launched inquiries to find out more about this capability, because I have to imagine that many IT professionals (and network/data center/virtualization admins) will want to know what’s safe to use with RDP and what’s not, particularly when it comes to custom applications of the mission critical variety, as well as any number of common desktop tools and utilities.

What spurred this blog post from me was the discovery, upon installing and learning to use StarDock Software’s ModernMix utility (which permits Modern UI apps to run in Windows on the Windows 8 desktop, instead of taking over the whole screen — or part of it, if you’re inclined to run multiple Modern UI apps in tandem) that it worked wonderfully when I was sitting at the real physical keyboard for those PCs, but not at the remote keyboard. The issue is that it uses the F10 function key to instruct the program to switch from filling the entire display to displaying inside a window, and function key presses are notoriously tricksy to transport across a remote link.  However, after setting up one app in a desktop window, all other apps would then appear via remote access. Nevertheless, I had to make that happen at the real physical keyboard to enable the remote connection to work properly. Here’s a screencap of the Skydrive app running in a window, after the initial set-up was handled on the actual machine:

All it takes is one successful use for set-up, then remote access works just fine.

All it takes is one successful use for set-up, then remote access works just fine with ModernMix.

I have discovered other apps that are even less well-behaved when using remote access to my Windows 8 desktop. On the Lenovo machine for example, Lenovo System Update v5 works perfectly when run from the local keyboard; if you launch the program from a remote connection, nothing ever appears on the display to indicate that the program is running (nor does an application entry appear in Task Manager, either). The only way to get the program to work remotely is to fire it off before starting a remote session, after which it stays up and running in the remote window that Remote Desktop Connection opens to that machine. I assume the same conditions might hold for programs that operate on hardware at a low level, too: that’s why I’d be leery of trying a disk partitioning program through a remote connection, for example, or nervous about other, similar low-level hardware configuration or set-up tools.

All of this, of course, confirms the notion that testing of applications in a corporate environment must include checking them through a remote access window as well as on the local desktop. It will be even harder for help desk or tech support folks to get their jobs done if the tools they’d like to use don’t work that way: far better in fact, to find tools that are amenable to remote control and operation, to ensure that when those hard-working IT pros must reach out to a user’s desktop their chosen tools will work  as needed and expected.

March 22, 2013  7:33 PM

A Recovery UFD Plus Refresh Image For Ultimate Win8 Restore Capability

Ed Tittel Ed Tittel Profile: Ed Tittel

Windows 8 includes a Control Panel widget called “Create a recovery drive,” that you can use to create a USB flash drive to boot up and repair your system should anything go wrong with the boot or system partitions. And if your PC includes a custom-built recovery partition (something you’ll have at your disposal when the machine comes from an OEM, or the system builder has taken the trouble to build a recovery partition as part of the initial system install), you can even move it from its present location on the system/boot drive to the flash drive to free up space. This can be especially helpful on tablet, notebook, or other PCs with smaller (less than 256 GB) system/boot drives, where every GB of storage space really counts. A typical recovery partition might be as big as 10-15 GB: on a 64 or 128 GB SSD, that’s a significant amount of storage space.

Building such a recovery drive is very easy. Type “Create a recovery drive” in the Windows Start screen (Modern UI method) or into the search box in a Start menu replacement such as Start8 or Classic Shell, then follow the prompts as they appear. Depending on whether or not you have a recovery partition to transfer, the process takes as little time as under a minute (no recovery partition) to as long as 10 minutes (15 GB recovery partition) to complete. You’ll know what you’re up against depending on whether or not the checkbox and text that reads “Copy the recovery partition from the PC to the recovery drive” is available and in dark text, or unavailable in greyed-out text on the initial Recovery Drive screen as shown here:

The first screen for Recovery Disk lets you know if you've got a recovery drive to copy or not.

The first screen for Recovery Disk lets you know if you’ve got a recovery drive to copy or not.

I built one of my Windows 8 test machines from scratch, and installed Windows 8 over Windows 7 on the Lenovo X220 Tablet, so neither of those machines had a recovery partition for me to copy. However, after setting up a recovery drive for my desktop Windows 8 machine, I then turned to RecImgManager to create a refresh image for that machine on the same 32 GB flash drive where the initial recovery drive materials were deposited. Since the base level files consume only 223 MB of disk space (this proved to be the same for both desktop and notebook PCs, so I must believe that this holds true for all 64-bit Windows 8 PCs). The refresh image for my X220 Tablet is 8.5 GB, while the one for my i7 2600K desktop is 7.5 GB so you could easily use a 16 GB flash drive, instead of the 32 GB unit I employed for this maneuver.

The combination of the recovery drive functionality and a refresh image means you can start up Windows 8 from the USB flash drive, but some additional work is required to re-create a usable environment on a target PC. You must basically convert the .wim into an install image, so that you can then install that image to rebuild your machine. The good news is this custom install will include your drivers and applications; the bad news is, you must jump through a few hoops to make this happen. Fortunately, it is all nicely explained in a forum thread over on the Windows Eight Forums entitled “recover Windows 8 from a .wim file.” I’ll be fooling around with this in my spare time over the next week or two, and will report further as I learn more.

[Note: Although the recimg utility itself didn’t help me troubleshoot this problem, I was able to Google my way into understanding that you cannot capture a refresh image onto an SD Card or a USB Flash drive. The utility insists on writing to a full-fledged disk of some kind (works with both SATA or other direct-attached SSDs or conventional drives, and with USB attached SSDs or conventional drives). I don’t have any USB3 high-speed/high-capacity UFDs around right now, but I plan to try some out as soon as I can lay hands on one that’s big enough — 32 GB or better — and affordable. This means you can still build the kind of Recovery UFD I’m talking about in this blog post, but you can’t use that UFD as the target when recording the .wim image you’ll convert to another form as described in the utilities mentioned in the Win8 Forums blog posts above. Again: more on this as I keep digging deeper.]

March 20, 2013  6:50 PM

Worth Considering: Paul Thurrott Praises the Win8 Desktop

Ed Tittel Ed Tittel Profile: Ed Tittel

There’s a terrific piece over on Paul Thurrott’s Supersite for Windows that posted yesterday, entitled “In Praise of the Windows 8 Desktop.” In that story, he calls out all the new features on the old-fashioned but still extremely usable desktop in Windows 8 that deliver new or vastly improved functionality. Those items are worth perusing and pondering, as they do provide some real and tangible reasons why business might consider permitting Windows 8 to find a spot on their users’ desktops. And FWIW, I mostly concur with his observations and analyses, and even add a special favorite item of my own.

Among many utilities, Task Manager gets a major and welcome overhaul in Win8 (see my story on this updated tool at SearchEnterpriseDesktop)

Among many utilities, Task Manager gets a major and welcome overhaul in Win8
(see my story on this updated tool at SearchEnterpriseDesktop

He calls specific attention to the following elements or aspects of Windows 8 in the story:

  • Aero and its resource-hungry “glass effects” have given way to a more spare, square, and opaque Window display on the desktop. Aero was banished because of its negative impact on battery life, which makes the new look also more battery friendly.
  • Windows Explorer — actually called “File Explorer” in Windows 8 to distinguish it better from IE — gets a ribbon-based UI (that power users can banish from the File Explorer window, if they so choose). Other improvements include the ability to mount ISO files and virtual hard disks (vhd and vhdx files) right in File Explorer, in the form of volumes with drive letters and everything. I also like the speed improvements to file copy and move operations, and the added details on progress boxes that tell you what’s going on. If only MS would add the ability to resume interrupted file move/copy operations as well…
  • Task Manager gets a big increase in capability, including a vastly improved look (which Thurrott correctly attributes to Sysinternals’ excellent Process Explorer utility, the brainchild of Windows guru Mark Russinovich, who’s been a Microsoft Fellow for almost a decade now), the ability to manage startup items (no more msconfig.exe, yippee), services, app history, and more.
  • Improved security thanks to a beefed-up Windows Defender and Smartscreen technology. Given recent reviews have found these free MS built-ins less secure than other free (and commercial) alternatives, I’m not sure I buy into this 100%. But I do confess to using Windows Defender on test systems and VMs because it installs by default and is at least adequate at keeping things secure.
  • For power users, Thurrott points to Storage Spaces fast and simple support for JBOD and data redundancy without — as he puts it — “…a master’s degree in RAID required.” He also mentions BitLocker, BitLocker to Go, and improved support for multiple displays as boons to those who want to give Windows a real work-out.
  • Finally, he calls on fast boot (and shutdown) times and the ability to reset a Windows install to factory reset conditions (he calls this “nuke from space”) as great improvements over earlier Windows versions, with reports of 6 second boot times and the ability to run a reset in 6-7 minutes. My times aren’t that fast — more on the order of 30-50 seconds — but mine are better than Windows 7 on the same systems across the board, too.

Of course, I’ve got some items I’d like to add to this list, too:

  • The “Refresh your PC” capability is also great, but even better is the built-in recimg (record image) command that lets you capture a complete Windows install image after you’ve updated all the drivers and installed all of your favorite applications (especially desktop applications and installer-based device drivers) and use it as the source for the refresh operation. Slimware Utilities’ free RecImgManager tool makes this facility especially easy and convenient to use, too.
  • Because Windows 8 supports the same hypervisor that Windows Server 2012 uses (Hyper-V Manager v3.0), using VMs in Windows 8 beats the pants off Virtual PC or Virtual Server in Windows 7: you get support for bigger virtual disks (VHDX format), faster VM load/unload times, more VMs, and lots more.
  • I like Windows 8’s ability to use the Microsoft Live ID login for system access, and the ability to synchronize multiple Windows 8 user environments that share a common Live ID. I use this on multiple Windows 8 installations very gladly.
  • Windows 8 adds improved support for the Universal Extensible Firmware Interface (UEFI) and provide the ability to secure the boot-up process before the OS is loaded. Though I’ve had occasional issues with this facility, it does provide better low-level diagnostics and troubleshooting for PCs, and will protect boot-up from malware and break-in attempts.

I do see Thurrott’s point — that there are things about the Windows 8 desktop that users and admins will like — but I also get the backlash against the removal of the Start Menu from the base OS, and how little business users like being forced to boot into the Modern UI tile-based Start screen, rather than the old, familiar Windows desktop. Nevertheless, there are real, positive reasons to look further and deeper into Windows 8. Whether or not this leads to wider adoption still remains to be seen.

March 17, 2013  10:33 PM

RecImgManager Shows Its Real Abilities In Win8

Ed Tittel Ed Tittel Profile: Ed Tittel
Though some initial effort is involved, RecImgManager makes it easy to organize and use recimg .wim files.

Though initial effort is involved, RecImgManager makes it easy to organize and use recimg .wim files.

I’ve blogged here repeatedly about the benefits — and some gotchas — for the built-in Windows 8 recimg (record image) command. Here’s a list of those items for anyone who might be interested in learning more about this fabulous Windows 8 (only) utility that permits admins to capture and store current Windows 8 system images in .wim (Windows Image) file format, then restore them to refresh their systems as and when they might be needed:

  1. Create Your Own Refresh Image for Windows 8 (12/7/2012)
  2. Make DISM Your Go-To Image Management Tool in Win8 (12/10/2012)
  3. What Gets Lost When Using Win8 Refresh (1/21/2013)
  4. More Benefits of Win8 Refresh (1/23/2013)

I’ve become a big believer in using the built in recimg command to capture — and when necessary, restore — Windows 8 image files as a way of fixing subtle problems in Windows that might otherwise take weeks to troubleshoot. I learned this lesson the hard way on one of my Windows 8 machines when it wouldn’t let me run the recimg command at the command line (which means RecImgManager couldn’t work either, of course). After running a factory refresh on that machine I was able to start using recimg at the command line and through the RecImgManager program itself.

As depicted in the screen cap at the head of this blog post, you can add image snapshots  already captured using recimg at the command line. This works by using the browse button (bottom right) in RecImgManager to find and integrate such captures as “Imported Snapshot” items (you see an image I grabbed in late January as I was working on the “What Gets Lost…” post linked to in item 3 above). As long as you know where to find your images (easy enough to do, using File Manager to search on “*.wim”) you can add them to the items under RecImgManager’s control.

Now that I’ve been able to work with the underlying recimg command and the RecImgManager utility from SlimWare, I’ve really learned to appreciate the latter’s convenience. It doesn’t do anything the command line utility can’t do, but it provides a very nice visual organization to those capabilities, and makes it much easier to capture new images, and especially, to select images to use for a restore operation. It’s always nice when you find a good, free, and capable software tool that makes it easier to manage desktops. This would be one of those.

March 15, 2013  3:21 PM

What Makes Sense for a Real Work-Worthy Windows 8 Tablet?

Ed Tittel Ed Tittel Profile: Ed Tittel
Tablets, tablets everywhere, but nothing just right for me just yet.

Tablets, tablets everywhere, but nothing just right for me just yet.

I’ve been reading a whole spate of reviews on various Windows 8 tablets lately, including the Dell Latitude 10, the Acer Iconia W510, the Lenovo ThinkPad Tablet 2, and so on and so forth (for a nice synopsis on why Windows tablets might actually make sense in the enterprise see Adrian Kingsley-Hughes 3/14/13 post entitled “New Windows-powered tablets threaten iPad’s enterprise dominance, claims analyst“). All of this has got to me to thinking about why I’m not willing to buy the current Surface Pro, or any of these other models at this point in time. In so doing, I hope I’ve formulated a nice list of design goals for the OEMs and system designers to ponder as they design a next generation of Haswell-based tablet PCs for business users like me:

  1. More horsepower: most of the successful tablet designs right now rest on the latest dual-core Atom processors, and simply don’t have enough oomph for me. Those that do have oomph — like the current Surface Pro — don’t have enough battery life (see next item).
  2. Longer battery life: the tablets with oomph can’t generally manage to squeak more than 5 hours out of a fully-charged battery. I want at least 8 hours, preferably 10 hours or more. Here again, those tablets that can do this (the Dell Latitude 10 is an excellent example) currently lack the processing power I want.
  3. More pixels, please: Far too many tablets still sit at 1366×768 resolution, which isn’t enough pixels anymore, even on a smaller screen where that form factor looks acceptable. I want at least full HD (1980×1020) or better, please, with a pixel density of at least 200 ppi.
  4. User accessibility: Though this may mean slightly thicker enclosures, I’d like to see the next-gen high end-tablets with underside ports to access memory, mSATA SSD ports, WLAN ports, with a user-replaceable battery receptacle. Storage and RAM are growing too fast to force buyers to accept soldered-in components for the 3-5 years that’s typical for the life of a modern notebook PC (or a valid tablet replacement); WLAN modules must often be replaced for overseas travel; and a user-swappable battery makes it possible to keep computing on long flights (or very long days).
  5. Multi-factor authentication, plus: Go ahead, put a fingerprint scanner into these units, or add both a front-facing camera and facial recognition software, so that enterprise users can add biometric authentication to the more usual account/password or image-touch-sequence login methods. Let installers add a “nuke the drive” option after a large number of failed log-in attempts (10 or more is good), and make sure the device works with remote wipe facilities included in most Mobile Device Management (MDM) platforms nowadays.
  6. Smart virtualization: Make sure the units support virtualization (as both client and hypervisor) to permit clients to remote into their data centers quickly and easily on the one hand (acting as a client), and to run various VMs locally (acting as a hypervisor) as well.
  7. Good accessories: Provide strong, durable cases with keyboard/mouse modules that don’t add too much to the overall size/weight equation of the tablet itself. Docking stations for work at the office are also very nice: make sure you put lots of ports, video options, and GbE Ethernet into these babies, and make it way easy to dock/undock the tablet for high-speed entrances and exits.
  8. Fast peripheral and storage ports: At least two USB 3.0 ports, and a reliable microSD port, please. The former lets me use all kinds of high-speed peripherals and storage, the latter lets me extend my storage space by 50% at a modest cost (64GB microSD cards go for about $65-90 these days). A mini-DisplayPort would be nice, too, but not really necessary if you add another USB 3.0 port for video access.

I know, I know: it’s a LOT to ask, and I’m hoping that Intel will fix its chipset USB3 issues with the Haswell chipset quickly, so technology can jump on that bandwagon sooner rather than later. Given the lower power consumption of the Haswell CPUs, we may even see something like what I’ve described late in 2013 or early in 2014. I would happily pay a premium over Surface Pro costs of about $1,200 at the moment to get everything I’m after — say $1,600 for a Surface-Pro like tablet with a 256 GB mSATA SSD, 16 GB RAM, and an LTE WLAN module? Here’s hoping this might actually come to pass!

March 15, 2013  2:27 PM

OK, I get it now: musings on the Prometric Cyber Security Essentials…

Ed Tittel Ed Tittel Profile: Ed Tittel

Mistakenly posted to the wrong blog (my apologies): find the real article over at my IT Career JumpStart blog instead.

March 13, 2013  4:11 PM

Patch Tuesday Brings Numerous Updates to Windows

Ed Tittel Ed Tittel Profile: Ed Tittel

I know I’m busy, busy, busy when Patch Tuesday takes me by surprise, and that’s what happened to me yesterday. Between phone calls galore, and catch-up from a long family weekend, I wasn’t necessarily ready to go haring after Windows Updates. But, ready or not, there it was and I’ve been digging in ever since. My Windows 8 machines show 14 updates for Windows itself, and another 10 for Microsoft Office 2013; my Windows 7 machines show 7 for Windows and components (including Internet Explorer 10 , which has now been pushed into the Windows Update channel) and another 3 for Microsoft Office 2010.

Numerous bulletins, and many CVE entries, made this month's bill of fare.

Numerous bulletins, and many CVE entries, made this month’s bill of fare.

A quick gander at the latest Microsoft Security Bulletin for March 2013 reveals bulletins numbered MS13-021 through -027, for a total of 7 bulletins overall. Four of them are labeled critical (MS13-021 through -024), with the first three qualified as “Remote Code Execution” and MS13-024 as “Elevation of Privilege.” The coverage is all over the place: -021 is a cumulative security update for IE, -022 addresses Silverlight vulnerabilities, -023 tackles the Visio Viewer 2010, and -024 addresses four SharePoint vulnerabilities.

The remaining three bulletins are rated Important, where -025 and -026 are qualified as “Information Disclosure,” and -027 as “Elevation of Privilege.” The -025 update is for OneNote, -026 is for Outlook for Mac, and -027 touches on Kernel-mode drivers. MS13-021 and -027 require a restart, -023, -024, and -025 may require one, and the remaining items (-022, -026) do note require a restart. Severity ratings nothwithstanding, my impression is that admins will want to consider accelerating deployment of -021 and -027 first and foremost, as these are most likely to address potential vulnerabilities on the vast majority of end-user machines, unless Silverlight is also in broad use (in which case it should be prioritized for testing and possible deployment as well).

BTW, I really like the Acknowledgements section that has been added to the MS Security Bulletins, which gives those who report vulnerabilities credit for their work, and also ties updates to specific entries in the Common Vulnerabilities and Exposures (CVE) database. It’s also interesting to see many of the same names (and test labs) showing up in those credits as well. Here’s a snippet, by way of illustration:

Partial credits for the MS13-021 bulletin (5 shown of 11 total).

Partial credits for the MS13-021 bulletin (5 shown of 11 total).

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: