Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Saturday, January 31, 2009

Windows 7, Not Ready for Prime Time

If you’ve been following the news about Windows 7 you’ve probably noticed a lot of positive reviews.  We’ve all been hoping for a great version of Windows.  Vista was a big disappointment and those of us who have so many years invested in Windows really want Windows 7 to succeed.


Unfortunately, Microsoft may have been letting all the positive reviews go to their head. There’s now hints of a release candidate later this spring and an actual release this summer.  Microsoft isn’t alone. Some folks have started a petition to have Microsoft release Windows 7 immediately.  Wake up folks, there’s a reason for beta testing. All the good press is because the current version of Windows 7 is great for a beta version but it still needs to complete a normal beta cycle.  If Microsoft called it a release all the reviews wouldn’t be as nice.

The Blog Engineering Windows 7, has defined the milestones plans for Windows 7. The expected dates have not been announced publically.



  • Pre-Beta – This release at the PDC introduced the developer community to Windows 7 and represents the platform complete release and disclosure of the features.

  • Beta – This release provided a couple of million folks the opportunity to use feature complete Windows 7 while also providing the telemetry and feedback necessary for us to validate the quality, reliability, compatibility, and experience of Windows 7. As we said, we are working with our partners across the ecosystem to make sure that testing and validation and development of Windows 7-based products begins to enter final phases as we move through the Beta.

  • Release Candidate (RC) – This release will be Windows 7 as we intend to ship it. We will continue to listen to feedback and telemetry with the focus on addressing only the most critical issues that arise. We will be very clear in communicating any changes that have a visible impact on the product. This release allows the whole ecosystem to reach a known state together and make sure that we are all ready together for the Release to Manufacturing. Once we get to RC, the whole ecosystem is in “dress rehearsal” mode for the next steps.

  • Release to Manufacturing (RTM) – This release is the final Windows 7 as we intend to make available to PC makers and for retail and volume license products.

  • General Availability (GA) – This is a business milestone and represents when you can buy Windows 7 pre-installed on PCs or as full packaged product

A reasonable beta is required to flush out the bugs especially when you have such a HUGE user base. This week a potential security flaw was found in the new User Account Control feature. Long Zheng has pointed out how a simple script can be used to change the UAC settings.
Sacrificing security for usability: UAC security flaw in Windows 7 beta.


One result of this news was the addition of a new feature for WinPatrol v16. WinPatrol currently lets you know if someone has changed the auto-update settings. The new version will also warn you if someone has changed the settings for User Account Control. UAC settings are global so if one of your kids removes this feature everyone will lose this feature. WinPatrol v16 will alert you if malware makes the change or someone else using your machine. WinPatrol v16 b3 will be available on Monday at http://www.winpatrol.com/beta16.html



 

Share on Facebook


Sunday, January 25, 2009

What's New in Windows 7 Security

One of the main reasons Vista evangelists encourage others to upgrade is security. Unfortunately, many have scoffed at User Account Control for being too heavy handed. Vista 64 users found that many Anti-Virus programs didn’t work. Vista doesn’t solve the most common reason for infections which remains user error. Windows 7 still doesn’t solve the problem of user’s being tricked but it does come with some serious improvements.


Bitlocker is Finally Useful
Bitlocker has been available in the more expensive versions of Vista but was never a tool I would have recommended.  Bitlocker encrypts your entire disk drive so you need a private key or password to access anything on the disk. While this may sound desirable, it increases the possibility of hard drive errors. It reminds me too much of when Microsoft added full disk compression to Windows to increase disk space. It was a great idea that led to more data loss then it saved.


Enter “Bitlocker To Go”. Bitlocker can now be applied to portable storage devices like USB flash drives. This is one of my favorite new features in Windows 7. The use of portable devices to store data has become very common.  It also means misplacing data in public areas happens far to often. You know darn well people working for banks and credit card companies are bringing their work home on thumb drives. Bitlocker To Go makes it less dangerous to all of us.

New Bitlocker in Windows 7 showing flash drives.
Bitlocker now shows and encrypts portable storage media


 User Account Control Options

The User Account Control feature now has some options.  You can turn if off completely or choose two middle settings. One of the options removes the annoying black screen that secures the desktop and lets you know the UAC dialog is coming.  I wish this was an option by itself . To disable the black screen on Windows 7 you’ll also need to agree to remove UAC when “I make changes to Windows settings”.  I’m still looking into what Microsoft considers “Windows settings”. Vista users can click here for instructions on how to remove the black UAC screen.

What would really be nice is to come up with a scheme that would keep UAC active but like many firewalls, allow you to mark particular programs or functions as permitted.

New UAC Dialog
New User Account Control options dialog



Smart Cards
Expect to see an increase in the use of Smart Cards in Windows 7.  Smart Card drivers were first introduced in Windows XP SP2 and enhanced in Vista but certification testing and installation wasn’t a simple process.  Windows 7 automatically detects which drivers are needed without any user intervention. Do you have a hard time keeping track of passwords? A smart card may be in your future.

I also expect to see applications using smart cards to combat software piracy. In the 70’s some software was released with little “dongles” that needed to be plugged in for the software to work. The dongles in the old days were easy to get around. Smart cards will require some serious and costly efforts to break when used to prevent illegal software distribution.

What I’d love to see is the ability to use a smart card in combination with User Access Control to give permissions to commonly used programs.


Local Security Policy
Windows 7 has plenty of security settings available if you’re helping someone else set up their computer. Unfortunately, additional security settings may not be obvious. One applet in need of help is the one used to set Local Security Policy settings. This is a very powerful tool that could really be easier to use. IT managers need to be familiar with this applet. If you’re configuring a home machine for family members knowing more about Security Policy settings is a real plus.  Just like RegEdit, this tool can really get you into trouble if you don’t know what you’re doing.  And like RegEdit, it should receive a major UI overhaul.

Local Policy Settings
Local Security Policy


Action Center

If you’re looking for a friendly interface for security settings you’ll want the “Action Center”.  This single, simple applet gives you access to many of the settings you’ll want to review when using Windows.

Windows 7 Action Center


Conclusion
Microsoft has obviously been listening to users and they know security is a huge problem. I’m sure they’d be happier if they could reduce the calls from infected users. Windows 7 addresses security as much as time and testing has allowed.  Personally, I would have liked to see more improvements in firewall and networking monitoring but they have to leave some functionality to 3rd party solutions.


Most of the security improvements in Windows 7 will never be noticed by users. Improvements in code to prevent buffer overflows, and other vulnerabilities has been a major focus in Redmond. We all hope, Tuesday Security Patch Days will be something we can someday reminisce about.


 

Labels: , , ,

Share on Facebook


Tuesday, January 20, 2009

Yes We Can, Release WinPatrol v16 Beta

On this historic day I’ve chosen to watch the Inauguration on TV instead of going down to D.C. for the event.  If this event was in April I might have chosen differently.


To make my impact on history today I’ve released a new build of WinPatrol simply called WinPatrol v16. I considered calling it WinPatrol 2009 but with all the exhortionware like AntiVirus 2009 and others using it, the 2009 moniker has become tainted.


This new version has a couple major changes.  The first has to do with Windows 7 and User Access Control.  There are two versions of the small WinPatrol monitor component. One requires UAC permission, one does not.


Initially, the non-UAC version will run so you don’t have a UAC alert every time you reboot.  If however, a change is detected and WinPatrol needs permissions we’ll swap the WinPatrol monitor with the one which requires UAC.


Lets user know that UAC access is required
This dialog will only be seen by Vista and Windows 7 machines with UAC activated. It will only occur once and only if needed.


 


The 2nd big change is a long time request. Many users have wanted to configure WinPatrol so that alert messages may be hidden from users.  Typically, this has been requested by IT managers or parents but it may also be handy to regular WinPatrol users. This will be a bonus feature available only to supporters who have upgraded to PLUS.


Dialog allowing users to hide alert windows


I’ve also thrown in a feature which ignores “RunOnce” changes to the registry.  I have never seen malware use this entry alone and it’s often used by legitimate and frequent updates. If you’re setting up a system for someone else this might be an option you’ll want to use.


Keep in mind this is a beta version which I hope to finalize soon. If you’re interested in helping to report bugs you can download the new beta version at http://www.winpatrol.com/beta16.html


Thanks,
Bill Pytlovany

Share on Facebook


Monday, January 19, 2009

Remove "Downadup" aka Win32/Conficker Infection

Today, Microsoft notified a number of security experts about a known vulnerability and exploitation of Windows Server service (SVCHOST.EXE). Even though Microsoft provided a fix for this vulnerability in October 2008, they say reports of the exploit are on the rise.

In October, Microsoft warned users of a critical Microsoft Security Bulletin MS08-067.

Executive Summary

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.

Unfortunately, there seems to be too many unprotected users out in the real world. Microsoft provided details on this infection at its Malware Protection Center.

The following system changes may indicate the presence of this malware:
  • The following services are disabled or fail to run:
    Windows Update Service
    Background Intelligent Transfer Service
    Windows Defender
    Windows Error Reporting Services

  • Some accounts may be locked out due to the following registry modification, which may flood the network with connections:
    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    "TcpNumConnections" = "0x00FFFFFE"

  • Users may not be able to connect to websites or online services that contain following strings:
    virus, spyware, malware, rootkit, defender, microsoft, symantec, norton, mcafee, trendmicro, sophos, panda, etrust, networkassociates, computerassociates, f-secure, kaspersky, jotti, f-prot, nod32, eset, grisoft, drweb, centralcommand, ahnlab, esafe, avast, avira, quickheal, comodo, clamav, ewido, fortinet, gdata, hacksoft, hauri, ikarus, k7computing, norman, pctools, prevx, rising, securecomputing, sunbelt, emsisoft, arcabit, cpsecure, spamhaus, castlecops, threatexpert, wilderssecurity, windowsupdate

    Hmmm, should I feel bad that WinPatrol isn’t included in this list?

I recommend, as does Microsoft to keep your system updated with necessary security patches and updates. At the very least you should download the Microsoft Malicious Software Remove Tool


 

Labels: , ,

Share on Facebook


Wednesday, January 14, 2009

Fake and Deceptive Advertising is Growing

A friend of mine once referred to Ben Edelman as the Ralph Nader of the internet.  That really is an understatement. Ben has a long history of exposing malicious advertising and his research has saved millions from potential adware/spyware infiltration. Ben has been an expert witness and has helped many bring legal action against evil companies.  Yesterday, Ben published a new paper taking aim at Yahoo’s Right Media for their fake and deceptive ad practices.

Unfortunately, many of us have come to accept these deceptive ads as normal. The truth is, many are sucked into costly situations because they believe these ads.  Each time they’re clicked someone makes money.  This not only hurts the consumer but it makes advertising on the internet more costly. Companies like Yahoo really need to take steps to police their advertisers and affiliates but they have no incentive to do so.  It’s up to crusaders like Ben to expose these practices and shame companies into playing fair.

Take a look at the ads below. They’re from Yahoo’s Right Media. I’m sure you’ve seen them or something similar.

Would you be tempted to click on this ad?
Is this an ad?  Aren’t advertisements suppose to say so?



This is evil
Is this a fair way to get a users attention?


This is just plain wrong
This just wrong but someone makes money anytime it’s clicked.


Free?  No so much.
Just click and get a free dinner.  Yea, right!


If you go to a web page where you see deceptive ads, let the owner of the web site know.  Many web sites just accept plug-in code and don’t know what ads are being served. We all need to stand up and let our voices be heard.  We’re mad as hell and we’re not going to take it anymore!


See more examples and learn more about this topic at http://www.benedelman.org/rightmedia-deception/


Thanks to Ben for allowing me to use the images above.




 

Labels: , ,

Share on Facebook


Sunday, January 11, 2009

Excitement Beamed Into CES 2009 & Twitter

Have you heard the news from CES? I haven’t attended a Consumer Electronic Show in many years and I expected this years to be a real snoozer.  For the most part, I was correct.  The most exciting product announcement seemed to be the Palm Pre although it’s not available yet and is limited to Sprint.


The big excitement came from Levar Burton who arrived and spent time with many of our favorite geeks. Suddenly, the interest of all the editors and bloggers went from new products to the opportunity to really get to know the man who brought Geordi La Forge into our lives.


Harry, Marie and Levar
Harry McCracken, Marie Domingo and Levar Burton at CES


Levar was also introduced to the world of Twitter and has been actively talking to many of his fans.  He’s discussed his love of Reading Rainbow, life with fellow actors on Star Trek TNG and hinted at some future plans  I happen to notice that in his list of followers was @ABC_DWTS (Dancing with the Stars).  That leads me to believe he’s either a big fan of the show or we’ll be seeing Levar as one of the Stars dancing on the show next season. I would certainly rather see Levar Burton dancing than Cloris Leachman. How about you?


Levar shows off his tattoo


 


 


Levar showed off a tattoo to his new friends on Twitter, explaining that if you look at it one way, it says Kunta from his break-through role on the Mini-Series, Roots.  If however you look at it from the other way it says Levar. Way cool.







It was designed by Mark Palmer and is called an Ambigram.
http://www.redchapterclothing.com/
 

Last week I mentioned many of the businesses I follow on Twitter.  Levar isn’t the only celebrity who spends time talking to fans and making new friends.  If you’re a Sci-Fi fan you’ll also find Wil Wheaton on Twitter as http://twitter.com/wilw and Kryten from Red Dwarf as http://twitter.com/bobbyllew. Like Levar, they’re the real people and not some PR agent.  Just understand with the number of replies they get, you may not be one of the lucky ones who get a reply back


UPDATE: Thank you to Levar for mentioning this post on Twitter.  I'm not actually the one in the photo above but I appreciate his attention. I've been flooded with stories about what a nice guy Levar is including an injured solider who cherishs an autographed photo of Kunta Kinte which he carries with him when visiting his family in Ethiopia.
Levar has been silent on my theory that he will be appearing in Dancing with the Stars.  That makes me think we really may have a scoop here.  :)


Labels: , ,

Share on Facebook


Friday, January 09, 2009

New York Taxing the Internet

Remember back when you received bogus Email's claiming there was going to be a tax on the Internet?  Ahhh… those were the good ol’ days. It has taken a while but it appears like the tax man is coming. It’s only a matter of time before other states follow New Yorks lead.

In the past only companies that had actual offices in New York State were required to collect sales tax on purchases by New York residents.  This is typically the case in many states.  Last year New York informed companies like Amazon they were required to collect tax on from New York resident because they had “affiliates” in the state. While companies lobbied hard against this tax, they failed.  Just last month I was notified by one of the companies who broker affiliate deals that I wasn’t wanted.

Dear element 5 / share-it! Affiliate,

We have been working diligently over the last several months to find ways to continue our relationship with you given the new tax laws recently enacted. Unfortunately, at this time and effective immediately, we are no longer able to allow any New York based affiliates to participate in our affiliate program. We look forward to resuming our relationship in the future if the situation allows.

We have appreciated your partnership. If you have any questions or concerns regarding the terms and conditions, please contact us at: affiliate@us.shareit.com or affiliate@us.element5.com


Best regards,
Your element 5 team


To make matters worse our current un-elected Governor Paterson has proposed to solve New Yorks budget problem by adding more taxes on the Internet. It’s called an “iTax” and will apply an 8% tax on any music that is downloaded. Our local assemblyman Jim Tedisco has even created a YouTube video to air his dissatisfaction with the proposed tax.


 You can join the fight at http://www.stoptheitax.com. Facebook users can join the “Stop the iTax” group at http://www.facebook.com/group.php?gid=53869903141


If you think this tax is unbelievable the governor has also asked for a Fat Tax on soda and other beverages which contain sugar. New Yorks Health Commissioner Richard Daines has taken to YouTube to make his case.



I love New York

Labels: , ,

Share on Facebook


Sunday, January 04, 2009

Getting Customer Support You Deserve

What do you expect as good customer service?  It’s no secret that everyone has more than one customer support horror story.  We’re all sick of pressing or saying something numerous times before we can talk to a live person. Our expectations for customer service has dwindled to the point some people give up and dump a faulty product instead of asking for help.


I’ve been lucky that my online presence has sometimes provided me with some special help. You really don’t have to be someone or have a Blog to carry some clout. Many times you can just post a message or leave a comment in the right place.

Case 1: Getting the Help You Deserve

Earlier this year my daughter was having a frustrating time trying get a new battery from Dell. In the process she ended up with two wrong batteries and still couldn’t use her computer. I wrote about her plight and within 24 hours I was contacted by a Dell Customer Advocate offering to help. My story made it to another blogger with “The Consumerist” and it wasn’t long before a correct battery was shipped and wrong batteries returned. It wasn’t really a complicated issue but the phone reps with their “help scripts” were incapable of helping.


Case 2: Getting  Extra Special Treatment

Long before blogs existed I created a web site called QComet.com to manage online photos. Some of the most popular photos were from various trips and vacations. I had created a nice collection of Aruba photos on a site we called Aruba.calm. When on vacation at the Renaissance Aruba Beach Resort I made our hotel manager aware of my photos and reviews. I never asked for special treatment but before I knew it, the manager told us we would be charged the Marriott employee rate and even gave us tickets to a show.

What Should Your Business Do?

Companies are slowly learning that they have to watch the internet for signs of customer satisfaction.  Many have support groups on MySpace and Facebook. On Twitter a number of companies have representatives available to catch vocal customers and make them happy.

I currently follow the company reps below
@Comcastcares, @SouthwestAir, @zappos, @hrblock,  @Dunkindonuts,
@rubbermaid,  @JetBlue, @Residio, @1800flowers, @wholefoods,
@cz -FIOS, @jeffwc – Time Warner, @lindsaylebresco – Graco,
@ScottMonty – Ford, toniahammer and molsonferg from Molson.
Dell has a number of employees online and even a devote page http://www.dell.com/twitter for Twitter users.  As long as companies use social networks to help and not as PR vehicles they’ll get my business.

Here are some real responses on Twitter

JetBlue Change fees are waived for customers traveling today to/from BOS,Upstate NY and NY metro. Additional details at http://is.gd/Pjg 



To support WinPatrol customers, I make a point to use search.twitter.com to see if anyone is mentioning WinPatrol.  I will follow anyone who uses WinPatrol in case I’m needed.  I also have Google Alerts configured so any mention of WinPatrol in newsgroups or blogs will be Emailed to me. I recommend other companies do the same.


Earlier this month I created a WinPatrol specific Twitter account for news and support.  Go to http://twitter.com/WinPatrol and click follow.


 

Labels: , ,

Share on Facebook