Windows Enterprise Desktop

July 4, 2011  9:36 PM

Latest Patch Batch Fixes ClearType Issues in IE9

Ed Tittel Ed Tittel Profile: Ed Tittel

Thanks to Ed Bott’s June 30 blog “A fix for fuzzy fonts in IE9,” I finally get what recent fix labeled KB 2545698 is all about. Here’s Microsoft’s explanation from the just-cited Knowledge Base article:

This issue occurs because of a design change to how Internet Explorer 9 renders text. By default, Internet Explorer 9 uses sub-pixel positioned ClearType to render text by using DirectWrite, whereas Internet Explorer 8 uses whole-pixel positioned ClearType to render text by using the Microsoft Windows graphics device interface (GDI). [Quoted from the “Cause” section.]

I run a big monitor myself (a Dell 2707 WFP display) and I usually jack up the Web page display to 125% to minimize strain on my aging eyes, so I only noticed this when running my screen at true 100% resolution. But indeed the fix does make formerly fuzzy text appear more sharp and clear. This is one case where a small change in the code apparently makes a pretty big difference in readability on some displays. If your users complain about type that’s fuzzier in IE9 than it was in IE8, this fix could be worth rushing through testing and into deployment.

It worked for me, anyway. Give it a try on a test machine and see if it works for you.

July 1, 2011  9:24 PM

A Picture Tells an Interesting Mobile IPv6 Story

Ed Tittel Ed Tittel Profile: Ed Tittel

In my last blog, “The IPv6 Adventure Gets Underway,” I posted some information about getting my network boundary set up to handle IPv6 traffic. Thanks to some creative tunneling to IPv6-savvy ISP Hurricane Electric, and the acquisition of a Fortinet Fortigate 80C firewall device, my home network is now completely IPv6 capable and enabled.

After Monday’s excellent set-up and configuration examples, my partner in crime (and for the forthcoming 4th edition of Guide to TCP/IP) Jeff Carrell fired up a passel (5 to be more precise) of Wi-Fi capable mobile devices to see whether or not they too could use IPv6 on my network. As the following image attests, all devices could access and use IPv6 for their mobile communications, at least to access an IPv6-only Web page.

What you see in this picture is (clockwise from far left):

  1. HP Slate running Windows 7 Professional, showing a complete passing score from the online IPv6 test
  2. HP Mobile Workstation notebook PC also running Windows 7 Professional with the same passing display
  3. Apple iPad running IOS 4.3.2 ditto
  4. (Background) Asus TransFormer running Android 3.1 showing IPv6 compliance with a warning that the address in use contains the unit’s actual MAC address (called an EUI-64 IPv6 address, this poses the security risk that attackers can use that information to perform system footprinting). But it’s still running IPv6 and able to access IPv6 resources online.
  5. HTC Tilt 2 running Windows 6 Mobile also gets the green light from a passing IPv6 score

What this picture tells us is that most of the major mobile platforms can use and understand IPv6. Of course, this really won’t matter much until the ISPs catch up and IPv6 access becomes broadly and generally available. But it is working, and it is coming, so it’s probably time to start thinking about IPv6 network design, security, and policy.

June 28, 2011  1:11 AM

The IPv6 Adventure Gets Underway

Ed Tittel Ed Tittel Profile: Ed Tittel

When my co-author for the upcoming revision to our Guide to TCP/IP  (getting ready to come out in a 4th edition) showed up at my door mid-morning today, I finally got started on the IPv6 adventure of a lifetime. Fresh from his triumphant visit to Palo Alto (where he taught three or four IPv6 Test Lab classes at Sharkfest ’11) and Fremont (where he installed a couple of racks worth of switches, routers, firewalls, and servers at Hurricane Electric aka my good buddy Jeff Carrell came bearing a fabulous Fortinet FortiGate 80C firewall/switch/router that offers extensive and well-thought out IPv6 support.

Though the Fortinet box set me back over a grand, it comes with the most serious IPv6 support I’ve seen in a boundary device that’s suitable for SMB or “geek home” use (like at my house). Jeff had painstakingly  documented his set-up routine based on working with a handful of these devices already, so I got to guinea-pig his instructions as we updated its firmware, then worked through a standard firewall set-up, followed by a set of basic IPv6 configuration and firewall rules. I did hit some minor snags along the way (mostly owing to IPv6 address typos, or misunderstanding the configuration instructions) but we were able to shoot our way through all of this trouble in under 2 hours.

We set up an IPv6 tunnel through the Tunnel Broker facility, and I can now say that my home network registers with all the important test sites as IPv6 compliant. Take a look at these results from the IPv6 connectivity test published for World IPv6 Day (held on June 8, 2011).

IPv6 is finally working on my home network (addresses munged for security reasons)

IPv6 is finally working on my home network (addresses munged for security reasons)

Now that I’ve got IPv6 up and running on this network, I can get back to work on earning Hurricane Electric’s IPv6 certification. Sage status, here I come!

June 24, 2011  10:06 AM

Get Ready for Nitro PDF 2!

Ed Tittel Ed Tittel Profile: Ed Tittel

In May of 2010, I posted a blog here entitled “New Nitro PDF Knocks Your Socks Off,” wherein I profiled my introduction to and growing satisfaction with the free Nitro PDF Reader. Over a year later, it’s still my PDF tool of choice, and I even forked over US$80 to purchase a copy of the professional version that adds support for distilling PDF and various annotation, editing, and formatting options (the list price for the program is US$100, but if you look around or wait for discounts you can usually find 15-20% off deals here and there). To me the things that make Nitro PDF Reader preferable to the Adobe or Foxit Readers are: a small executable, blazing fast performance, and value-add features out the ying-yang (other readers charge for most, if not all, of these).

I’ve just jumped into the latest release of the program, called Nitro PDF Reader 2, which hit the streets last Tuesday, July 21. It maintains the small code size (under 70 MB for the x86 version as installed, under 100 MB for the x64 version as installed), still runs like blazes, and adds a bunch of new value-adds to its latest incarnation, including:

  • Integrates with IE, Firefox, and Chrome so you can open PDFs right inside a browser tab or window.
  • Reworked PDF Creator engine runs up to 4 times faster than the previous version, and creates output PDF files half the size of those built by its predecessor.
  • Nitro PDF Reader has always done quality rendering, but on my 27 inch monitor (Dell 2707 WFP) the type is crisper and cleaner than ever with Nitro PDF Reader 2, invariably more readable than Adobe Reader.
  • Free support for incorporating a scanned handwritten signature right into fill-in form type documents (used to be available only in Nitro PDF Pro, now built right into the free Nitro PDF 2).
  • Support for content grouping layers (OCG, or Optional Content Group stuff) as well as XML Form Architecture (XFA) forms.

The latest user interface also adopts the Windows 7/Office 2007&2010 ribbon model. It looks and runs very nicely. Nitro PDF Reader 2 looks like it’s more than earned a spot on my “must-have Windows applications” roster. I’m going to spend a month or so with the program, after which I’ll report back on my experiences and continuing impressions.

Nice ribbbon, clear type, faster performance

Nice ribbbon, clear type, faster performance

I’m also pleased to report that Chris Dahl, Nitro PDF’s CTO, informed me yesterday by phone that Nitro PDF Reader is now using a single code base for both x86 and x64 versions of their programs. In the past, there had been some delays in obtaining x64 versions of the program, and it was more difficult to lay hands on the x64 version of the code. No longer. The base code for the application (the PDF renderer and UI portion) is actually the same 32-bit component, and runs as a 32 bit image on the x64 WOW (Windows-on-Windows) environment. The PDF Creator portion however (which requires a device driver, and thus can’t use 32-bit code) is implemented in native 64-bit code. Both portions installed seamlessly on my x64 test machine, and this version appeared to run just as fast (if not faster) than its 32-bit counterpart. This should be a real boon for the increasing number of users who are now running 64-bit Windows versions.

June 23, 2011  4:12 PM

Boatload of Windows 7 Clinics and Courses Available from MS Learning

Ed Tittel Ed Tittel Profile: Ed Tittel
Searching MS Learning Online Training Catalog

Searching MS Learning Online Training Catalog

Get this! Microsoft not only offers 3 free clinics on Windows 7 (more info to follow), they also offer over 20 courses that ranage in price from $14.99 to $319.99. It’s all listed on the Windows 7 Online Training page at Microsoft Learning, where you’ll find these free clinics at the head of that list (it’s sorted in ascending order by price so naturally the free stuff shows up first):

  • Clinic 10125: What’s New in Windows 7 for Consumers
    Type : Course Published : 8/31/2009
    This one-hour clinic provides you with an overview of key enhancements in Windows 7 that help you work more efficiently and easily with your computers. It describes the new features and tools that you  
  • Clinic 10088: What’s New in Windows 7 for Information Workers
    Type : Course Published : 8/31/2009
    This two-hour clinic provides you with an overview of key enhancements in Windows 7, which help information workers to improve their productivity as well as work in a more secure environment.
  • Clinic 10077: What’s New in Windows 7 for IT Professionals
    Type : Course Published : 8/28/2009
    This two-hour online clinic provides an overview of the new and enhanced deployment, security, manageability, and performance features in Windows 7. 

In addition, you’ll find courses on everything from basics (Essentials I and II, $14.99 each) all the way up to collections On Installing and Configuring Windows 7 Client (preps for 70-680; $287.99) and Planning and Managing Windows 7 Desktop Deployments and Environments ($319.99).

There is some great information, and some good deals, here for those seeking to boost Windows 7 skills and knowledge. Check it out!!

June 17, 2011  4:27 PM

Banner Crop of Windows Updates for June 2011 Patch Tuesday.1

Ed Tittel Ed Tittel Profile: Ed Tittel

Take a look at this frequency graph from Secunia PSI: it charts the number of security updates that have been released in the past 6 months. When Microsoft dropped 18 items on my Windows 7 PCs on Tuesday, I figured this would be a big month for security updates, and the graph clearly shows my figuring was on the spot:

Notice the spike at the right-hand side of the graph

Notice the spike at the right-hand side of the graph

And sure enough, the latest Microsoft Security Bulletin (June 2011) lists 16 security updates plus other recurring entries: 9 critical (remote code execution) plus 7 important (information disclosure, remote code execution, elevation of privilege, and denial of service all appear) items make an appearance therein. At least 8 of the 9 critical items affect all modern versions of Windows desktop and server operating systems, so you’re going to want to dig into this latest security bulletin and fire up the test lab to start scheduling patch deployment sooner rather than later (for more info, see also Susan Bradley’s nice recent article on this latest Patch Tuesday, with some special emphasis on IE 9, in the Windows Secrets newsletter).

One thing’s for sure: the number of updates just spiked, and there’s some work to do in their wake. Roll up your sleeves, and get to it!

June 10, 2011  12:24 PM

Why Does the BIOS Default to Disable USB Keyboards?

Ed Tittel Ed Tittel Profile: Ed Tittel

As I fired up one of my test machines yesterday after replacing a defective motherboard and Windows started to boot, I thought I might actually have gotten away with something grand and glorious. Not!! Although I was able to replace an Asus P5 Pro that had gone wonky on me with a Gigabyte GA-P43-ES3G and get Windows to start seemingly OK, further analysis revealed that I’d been bitten by an interesting pair of BIOS defaults involving:

  • USB Keyboard disabled
  • IDE disk controller (not AHCI)

Both the source and target systems use a built-in Intel AHCI ICH10 SATA RAID controllers, and I’d hoped to transfer the 64-bit Windows Professional AHCI installation unaltered as well. But because the BIOS refused to recognize the USB keyboard the first time the system booted (so I couldn’t enter the BIOS set-up program by hitting the DEL key), it automatically defaulted to IDE controller status and trashed all the carefully constructed AHCI setup I’d gone through on the previous incarnation.

Is it my fault that I forgot to plug in the PS/2 keyboard for that first boot-up? Technically, yes it is. But dang, nobody uses PS/2 keyboards any more and it ticks me off to no end (especially since I’m now going to have to rebuild this whole installation from the ground up) that the BIOS makers still don’t turn support for USB keyboards on as a BIOS default. C’mon guys: this was OK in the mid-90s when USB keyboards were the exception rather than the norm. But they’ve been the norm for at least 15 years now, so it’s time to change the basic set of assumptions that BIOS builders encode into their platforms to reflect a more current reality now on the ground.

I’d been so happy that Windows 7 didn’t puke on my motherboard swap and make me re-assert my license (though it did ask me to (re-)activate my license, at least I didn’t have to get on the phone to get a 25 digit activation key from somebody, which is usually a 20-minute process or so) that it took me a while to recognize that I’d munged the re-animation of this machine anyway by neglecting to hook up a PS/2 keyboard for its initial reboot. Now that I’ve been forcibly and painfully reminded of this situation once again, I won’t make this mistake for another two years or so. But again I really wish the BIOS builders would catch up with the first decade of the 21st century, rather than maintaining the status quo that prevailed at the close of the last millenium.

I’m waiting for some more memory, a new SSD, and a newer graphics card to replace the fanless 9600GT in this test machine before I re-do the current installation, but it’s already on my to-do list for later this month. In conclusion, all I can say is “Ouch! Ouch! Ouch! My bad…”

June 8, 2011  3:00 PM

AppRx Migrates Applications to the Cloud

Ed Tittel Ed Tittel Profile: Ed Tittel

Interesting announcement at Cloudexpo in NYC yesterday (6/7/2011) entitled “Futurestate IT introduces AppRX and announces an agreement with App-DNA to provide Application Compatibility in the Cloud.” Seems that Canadian-based FutureState has created an environment that permits companies to assess, plan, and migrate applications to newer operating systems and platforms. App-DNA already helps to automate this process, but it is still most commonly performed on local test or laboratory platforms during an extended analysis, planning, and migration process. AppRx moves this effort into the cloud and supports Windows 7, Windows Server 2008, Microsoft App-V, and Citrix XenApp.

FutureState AppRx Cloud Based App Analysis

FutureState AppRx Cloud Based App Analysis

Over time, AppRx performs what FutureState calls “application currency management” to help organizations maintain ongoing currency, and forward planning and conversion for newer operating systems and platforms as they work through pre- and commercial release phases. The company promises reduce time for migration, lower costs for development, QA, and test efforts, improved reliability, and automation for Service Pack (SP) releases. Check it all out at

June 6, 2011  1:36 PM

Win7 Deployment FAQ Still Worth Consulting

Ed Tittel Ed Tittel Profile: Ed Tittel

For organizations seeking to plan and automate Windows 7 deployments, there are few Web pages better equipped to help with that process than the TechNet Windows 7 Deployment FAQ. Not only will you find links to the various Microsoft planning, assessment, and deployment toolskits there, but you will also find issues related to Windows Server 2008 R2, recent Service Packs, and other important concerns addressed there as well. Think of it as a general clearinghouse for Windows 7 Deployment topics and you won’t be too far off the mark.

And while you’re in that part of TechNet, you’ll already be in the Windows 7 Desktop Deployment guide section as well. Be sure to check out the neighboring TechNet documents before you leave this area, including the various guides and toolkit overviews in that immediate vicinity (here’s a partial screenshot of the surrounding and relevant contents):

Windows 7 Deployment content in TechNet

Windows 7 Deployment content in TechNet

Although TechNet is not the be-all and end-all for Windows 7 deployment tools or information, it’s a terrific resource for learning and planning in this arena, particularly where the many and marvelous Microsoft related tools and information are concerned.

June 3, 2011  3:12 PM

Double the screen space, double the fun!

Ed Tittel Ed Tittel Profile: Ed Tittel

When I got back from a recent trip to the DFW area to meet with Jeff Carrell, my esteemed co-author for the upcoming revision to Guide to TCP/IP  for Cengage Learning/Course Technology, I found a ginormous box waiting for me in the doorway to my office. Apparently, that’s as far as the UPS guy was willing to carry it when he dropped it off at the house while I was away.

“What the heck is that?” I thought upon seeing the 24x31x17″ container. “Oh yeah,” I remembered, “it’s the refurbished Dell 2707 WFP monitor I ordered on Monday.” I already have a 2707 that I purchased in 2007 or 2008, and had been using a Dell 2309 1080p monitor as my secondary screen for the past couple of years. With a much smaller screen and the same 1920×1080 resolution, my aging eyes had been struggling to make out the details on the smaller screen to my left for some time, with increasingly worse results over the past six months or so.

In the wake of some recent consulting work (and ensuing earnings) I decided to spring just over $550 (including shipping, handling, and sales tax) for an identical if refurbished mate to my primary 2707. I could have bought a newer 27″ monitor for about $1,000, but I decided against upping the resolution to 2560×1440, figuring that the higher resolution would cause the same squinting and muttering on the bigger screen that I was already suffering from on the smaller one I wanted to replace.

I’m very happy to report that the refurb monitor is apparently defect free, despite the black magic marker on the outside of the box that says “6 or more dead pixels.” And I’m happy to observe that I can see everything on screen number 2 as well as I can see everything on screen number 1. Having now worked with dual monitors since 1999, I’ve observed that more screen real estate translates directly into increased productivity. I can now also attest that improved visibility/legibility appears to do likewise, since the number of pixels on the smaller previous screen matches the number of pixels on its much larger replacement. Take heed, baby boomers!

As an added bonus, now that both screens use the same driver, I’m not observing the occasional and unwarranted (if only momentary) lapses that have occurred with the original 2707 as it went to sleep even though I was using the monitor and it shouldn’t have timed itself out into a lower power state. Windows 7 seems happier and less inclined to time out the driver than it was before, when I was using different drivers with each of the two monitors.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: