Full-time freelance writer, researcher and occasional expert witness, I specialize in Windows operating systems, information security, markup languages, and Web development tools and environments. I blog for numerous Websites, still write (or revise) the occasional book, and write lots of articles, white papers, tech briefs, and so forth.
This weekend, my Webmaster (Rebekkah Hilgraves, the lovely and talented proprietress of SheTech) and I decided to make the switch from the old EdTittel.com Website to the new site you’re looking at right now. Along the way, we made lots of interesting platform changes and design decisions. What you’re looking at right now is a WordPress-based Website, but one that uses a customized design with heavily customized CSS to present just the kind of look and feel that I thought long and hard about, and that Rebekkah’s superior design sense and skills implemented for me as you see here. Rebekkah started with the standard WordPress Graphene theme, then customized appearance and functionality via CSS to give me just the kind of site functions I really wanted. I hope you’ll enjoy the new look and feel, but that you’ll also provide us with feedback if you see anything that needs work, deserves fixing, or requires correction (contact me or Rebekkah with your input, please).
Taking advantage of some of the great functionality in both WordPress and through this great theme (Graphene), EdTittel.com has gotten a significant overhaul and facelift. Come on in and look around!
In trying to get one of my SSD-based test systems to work properly, I decided to upgrade from x86 Windows 7 Ultimate to x64 Windows Professional. And alas, I thereby willingly threw myself into the slough of despond. Even though I swapped out the SSD for a conventional HD, when I tried to run the Windows 7 64-bit installer, it would hang every time the program got to the “Expanding Windows Files” stage, usually somewhere between 52 and 62 percent of the way through that part of the process. Continue reading The importance of “opportunity cost” in troubleshooting→
In Windows 7, running Windows XP mode requires that the computer support Virtualization Technology (VT). Most modern Intel and AMD CPUs support VT, but I am learning to my woe and dismay that some motherboards — including some relatively new ones — do not.
This includes the Asus P5K motherboard that has otherwise proven itself to be a capable and rock-solid Windows 7 test platform: I’d been running it with 12 GB of RAM installed and it was fast, agile, and let me run as many as half-a-dozen VMs with Virtual PC 2007 and XP, Vista, and various Windows 7 versions.
Upon learning this, I could suddenly understand why my test platform wouldn’t run Windows XP mode. I called my resident hardware guru, Toby, and asked him if any relief might be at hand. He said “Download the Asus BIOS Update utility, and grab the latest BIOS. It might fix this problem, if Asus has added VT support to a later release.” What he didn’t tell me, and I didn’t know, was that the P5K models are subject to total BIOS obliteration if the flash fails to complete or to validate properly. When I flashed the BIOS and saw the latter failure reported, I figured “No problem. I’ll reload the old BIOS on my next boot.” Not gonna happen, apparently: the BIOS never even started to POST so I had no way to get back into the system to make the change.
The BIOS is completely hosed, and I’ve ordered a new BIOS chip from an eBay supplier for a mere $20. My gut feel is that the chip may restore the motherboard to operational status, but it’s unlikely that I’ll get the VT support that I need from this motherboard. I’m planning to order a new, ultra-stable model from Asus or Gigabyte to replace it, probably with the P45 or a newer chipset, which is much more likely to suppport the virtualization technology I need.
In the meantime, my primary test machine is down for the count until the new BIOS chip arrives in the mail. Good thing I’ve got another backup PC to put in its place in the meantime. It’ll have to wait until this weekend, however, when I should have time to run through yet another install and finish-out for Windows 7 on my currently unused Vista Media Center box. Wish me luck!
I’d been hoping to try an upgrade install on my balky, problem-prone production PC to see if it could cure or at least help to address some of the issues that Vista has developed over time in that runtime environment. Alas, it was not to be. I’ll share the details in the next paragraphs, but for now I can only report that a strange and possibly spurious leftover from Trend Micro Internet Security 2008 stymied my in-place upgrade attempts. All contortions to remove its traces failed, and the upgrade utility wouldn’t let an upgrade proceed, so I performed a clean install instead. Overall results from that maneuver are 98% positive, as I will also report later in this blog as well. On to the (failed) in-place upgrade attempt.
Attempting In-Place Upgrade
On my initial attempt to run an upgrade install from Vista to Windows 7 Ultimate on my production machine, the first run produced the following list of applications that had to be uninstalled for the process to proceed:
Intellitype and/or Intellipoint: With an MS Comfort Curve 4000 keyboard installed I had the former, so it was removed without incident. Close examination also showed the presence of Intellipoint as well, so it was removed as well. I used Revo Uninstaller throughout to clean up lingering files and registry traces after the built-in uninstall utility completed; both programs uninstalled themselves without leaving any lingering traces.
Daemon Tools Lite: I used this to mount ISO images as virtual file systems on my PC, now that I’ve been downloading them regularly from MSDN (and having also grabbed some from BitTorrent during my work on a recent Windows 7 book). Interestingly, neither the Programs and Features item in Control Panel nor Revo Uninstaller sees this application. Fortunately, the built-in uninstaller worked to Microsoft’s satisfaction.
Trend Micro Internet Security 2008 (TMIS08): Not installed on my PC, and I have no memory of ever having done so on this machine. Just to be safe, I uninstalled the two Trend Micro products I did have installed on this machine — namely, Hijack This! and Housecall, using Revo Uninstaller. No lingering traces for either item reported by that program. [Update on 8/14/09: On the phone with Rebekkah Hilgraves earlier this week she reminded me that I had indeed installed this software on my PC last year in connection with work for Digital Landing. It had been long since removed, with no obvious traces of its presence, but something must have been left behind.]
Alas, my next attempt to perform the in-place upgrade still failed, and reported that TMIS08 still needed to go. I searched my system drive for Trend Micro files and directories, found none. I searched and removed all Trend Micro references from my registry, ran CCleaner, rebooted, then tried again. No joy. Thinking it might be my current AV/anti-spyware package causing a false report, I uninstalled Spyware Doctor with Antivirus and tried again. Still no joy. I searched the Web for instructions on uninstalling TMIS08 and made sure I’d covered all the bases (I had, and even the MS Install Clean-up Tool reported no traces of this program on my system) and decided to give up and perform a clean install instead. I have to believe this was the proper course of action anyway, given the numerous problems I’ve been fighting in Vista on this machine. Though I wasn’t able to satisfy my perverse curiosity, I do think this was the the right thing to do anyway.
Performing a Clean Install
After spending about four hours trying to make the in-place upgrade work, it took less than half an hour to perform the clean install. After that, it took about an hour to get all of the Windows Updates items installed, including a quick install and post-install cleanup to get MS Office 2007 Enterprise Edition up and running. The updates brought in new drivers for ACPI and my motherboard’s built-in RealTek GbE Ethernet adapter. Following that maneuver I installed the DriverAgent drive scanner to assess how Windows 7 did in supplying drivers for my motherboard, and had to install the latest Logitech SetPoint 4.80 version (out last Wednesday, 8/5), a driver for my second monitor, a Dell 1905FP that showed up as a “Generic PnP Monitor” instead, and update the drivers for my Dell AIO 968 inkjet all-in-one unit. Not too shabby an experience, all-in-all —if anything, even better than what I experienced on half-a-dozen PCs (2 desktops, 4 notebooks) while working with the beta Windows 7 versions from Build 7000 through Build 7100 (the RC).
After that, I installed a pretty lengthy list of applications to re-create the everyday work environment on my production PC (but left everything not absolutely necessary, trimming total count from over 100 to 43 including system and driver related components listed in Revo Uninstaller):
Production PC Applications and Miscellany
Freeware
Remarks
Commercial SW
Remarks
Driveragent
Driver currency check
MS Office Enterprise 2007
Standard productivity suite
FileZilla
FTP client
PC Doctor w/Antivirus
Favorite AV/antispyware pkg
HP USB Format Tool
Builds bootable UFDs
Acronis TrueImage Home 2009
Use this for occasional image backups
Secunia PSI
Software update monitor
Corel PSP X2
Budget image editor for pix and screencaps
WinDirStat
Visual disk space mapper
HP MediaSmart Tools
Client SW for HP MediaSmart Server
ISO Recorder
Excellent ISO burning tool
WinZip 12.1
Still my favorite file compression toolkit
Logitech SitePoint 4.80
Mouse driver and mgmt tool
WAIK for Windows 7
For building minimal book/repair images
Firefox
Alternative mainstay browser
More Freeware
More Remarks
Adobe Reader
PDF reader
Adobe Flash
Flash players for IE and Firefox
Piriform CCleaner
Registry and file clean-up tool
Revo Uninstaller
App uninstaller and clean-up tool
Skype
VoIP and IM program
Intel Matrix Storage Mgr 47
Manages mirrored boot/system disks
MS Intellitype 7.0
Keyboard mgmt app
Dell AIO 968 tools
AIO setup, mgmt, and misc tools
Total time expended for everything, including installing and minor OS tweaks (set up ReadyBoost, tweak Folder Options, configure e-mail accounts, and so forth) and installing all of the drivers and apps was about 12 hours. This is at least four hours shorter than my last major Vista rebuild, and I account for the the time difference thanks to Windows 7′s faster install time (1 hour for Vista versus half an hour for Windows 7) and an easier time with drivers and post-install set-up than with Vista (lots more updates to slipstream on an older operating system, to be sure).
What’s My Status?
My previous Vista issues have all but disappeared (see …Vista Mysteries for details): Sidebar and Event Viewer are working normally, there are no strange networking connectivity issues or spurious reports of same, and there are no dwm.exe or explorer.exe failures to report just yet. The HP MediaSmart connector and other software is functioning perfectly, and I’m once again able to interact with the MediaSmart Server as I should be. In short, all of my software mysteries have indeed been fixed. [Update on 8/14/09: I’m having WHS Connector problems on another Windows 7 machine, and thought I was having similar problems on the production machine as well, but they proved related to a failing D: drive gave up the ghost yesterday morning–though recovery took time, I was incredibly thankful to have a current backup).]
But all is not peaches and cream, either. I still have some issues with the memory card reader integrated into my Dell 2707 WFP monitor. Its USB hub works just fine now, and I can interact with SD cards, but the Compact Flash reader doesn’t appear to be working (and probably accounts for the Unknown Device warning that DriverAgent reports but that Device Manager does not). I do still have some USB issues on the system, but I’m increasingly inclined to suspect balky, damaged, or failing hardware (I bent the USB connector on the Corsair UFD that I now use for ReadyBoost — it’s my fastest flash drive —and I believe there’s an internal short or connection failure on the 2707′s CF memory card reader) for such problems as remain. But because I have a built-in card reader on the Dell AIO that works just fine, and even a plug-in CF-to-USB adapter, I’m not too concerned about the 2707 issue, particularly because my second monitor covers up those connectors anyway.
So far, I can live quite nicely with my current situation, and I see almost none of the disturbing signs of system instability under Windows 7 that I saw every day under Vista. My only current problem is that the video on my primary 2707 monitor goes black for a couple of seconds three or four times a day, with obvious signs of video driver issues (I’m running an Nvidia GeForce GTX 275 with driver version 8.15.11.8635 [Update on 8/14/09: yesterday MS provided a new, Windows 7 labeled Nvidia driver via Windows Update which I installed immediately; now, I’m done to one brief daily blackout). I’ll wait for more usage history to be reported online and may roll back to an earlier version if that shows signs of easing my plight.
Time will tell, as it always does with Windows, including this latest version. All in all, I’m much happier with Windows 7 on this production unit than I was with Vista. So far, my intuition that this would be the case is holding out pretty well, but I’m not inclined to declare victory until I have more time in the Windows 7 harness and can see how things go on a day-in, day-out basis. Going forward, though, I will be limiting my experimental installs of new or test software to virtual machines, and trying to limit the amount of gunking up that I allow on this newly rebuilt Windows image. I have to see that as a potential and likely cause of my earlier Vista woes on this system.
Last week, I swapped notebook PCs with a co-worker, who essentially traded me a smaller, lighter MSI PR200 notebook for a larger, heavier Acer model. Essentially I took over a machine that had been somebody else’s for over a year and had to go through the clean-ups and contortions necessary to make it mine (or ours, actually, as this machine is destined to become my son’s first full-time PC). Boy, was I ever in for it, though I wouldn’t realize it for a few days.
First, I went through the hard disk, cleaning up all the files and applications I didn’t need anymore. For some reason or another the putative 160 GB (actual binary 146 GB) hard disk on this MSI notebook came to me with three partitions installed:
The C: (boot/system) drive measured ~47 GB, over 75% of which was occupied. Two days (not full time, mostly watching TV or sitting after dinner) later, I had it down to 51% or thereabouts. I also defragged the drive about four times, using the excellent Raxco Perfect Disk 10 product to consolidate free space as well as defragment files.
The D: (data) drive measured 97 GB, and was virtually empty with less than 400 MB of material present, most of it downloads I installed while adding some utilities, and updating the BIOS and drivers for the system.
There’s also a hidden E: partition named WinRE (which is shorthand for Windows Recovery Environment), probably a Windows PE based factory reinstall utility. I have to use Disk Management or a third-party partition manager to see it, and to determine that it’s almost 6 GB (5.86 to be more precise) in size.
After I cleaned up the disk drive,I installed my usual grab-bag of favorite tools and utilities to help me get on top of and manage this machine. I’m running lightweight security with Windows Firewall, AVG AntiVirus 8.0 Free, and Windows Defender. I figure a 5-year-old won’t be doing much Web surfing just yet. Later on, I’ll probably upgrade him to NIS or perhaps an all-PCTools environment (Spyware Doctor, PC Tools AntiVirus, and PCTools Firewall). I always use the excellent CPUID tools, HWMonitor and CPU-Z, so on they go, along with CCleaner and Revo Uninstaller. Then, of course, Raxco’s Perfect Disk to get going on good defragmentation. Of the many apps left on the machine, I kept WinRAR (which I’m learning to appreciate as a WinZip alternative), Daemon Tools (for mounting ISOs), plus Google Chrome and the latest Opera (both of which I’ve been enjoying playing with).
Next, I started attacking the system drivers using my tried-and-trusted sidekick DriverAgent. Of the 93 drivers on the PC, I needed to update an even dozen. No big problems there, except for the time and a constant repetition of the download-install-reboot cycle. I ended up updating various system device drivers, the integrated Intel graphics, all the networking drivers, including wireless (Intel), wired (Realtek), and Bluetooth (IVT Firmware), the modem (which I’ll probably never use), the Webcam (Bison), and RealTek HD Audio. This probably took me about 5 or 6 hours to complete, all told. Though it took some time everything went smoothly.
Then came the rock upon which this poor little notebook PC almost foundered. Upon checking the MSI Website, I noticed the machine was running a 2006-vintage BIOS about 5 revs back from the current version, released in mid-January 2009. I grabbed an AMI BIOS flashing tool and the most current BIOS download and then set to work. Having just done some reasonably serious Award BIOS hacking without difficulty, I asked myself “How hard can this be?” Alas, I was about to find out…
Any time you mess with the BIOS you always start by making a backup of the current, installed version. If you’re smart, you’ll stick on a USB key where you can get to it from just about anywhere. I was later to thank my lucky stars for having done just that. After a bit of blithe research through Google, I began my efforts with a Windows-based BIOS flashing utility called AFUWIN.exe (AFU stands for AMI Firmware Update, WIN for Windows). “Heck,” I said to myself,”It’s from AMI, so how bad can it be?” I would shortly be finding out, because when I ran the program and performed the BIOS update, it informed me I didn’t need to update two of the 8 or so defined regions in the BIOS map, so I allowed it to proceed as it wanted to. Bad move!
When I restarted the machine, I discovered signs of serious issues. Bluetooth wouldn’t work, and Vista started complaining about all kinds of device related issues; numerous services wouldn’t start, and other odd behaviors soon manifested. “No problem,” says I, “I’ll just roll back to the old BIOS and everything will be OK.” If I hadn’t used the same tool to try to roll back that I had used to roll forward it all might have ended there. But alas, I did, and once again permitted the reflash to skip the same two BIOS regions it had skipped on the first flash. The result was a somewhat more stable, but still noticeably flaky system.
Only then did I begin to suspect my problem came from the tools, and not the BIOS files or the PC itself. I quickly became acquainted with the excellent Wim’s BIOS page and soon learned that many of the better third-party (non-AMI) tools available there wouldn’t touch my BIOS because it was corrupted and they didn’t want to make a bad thing worse by messing with it. After noodling around and trying (and failing) with about half-a-dozen more third party tools did my research lead me to learn that wholesale BIOS rewrites are easier to force from a DOS boot, using ruder, cruder, and more powerful flashing tools at the command line in that environment.
Next, I learned how to build a DOS-bootable UFD, copy the DOS BIOS flasher and BIOS files onto that device, and have my way with the MSI PR200′s BIOS. I got fed up enough with the lack of clear, cogent information on exactly how to do this that I wound up going to instructables.com yesterday, where I crafted a profusely illustrated, step-by-step tutorial on how to pull all the tools and ingredients together, and how to implement this process on your own PC. It’s called “Build a Bootable UFD for flashing AMI BIOS,” and I urge you to check it out.
Once I force-rewrote the entire BIOS using my original version and got back to where I had started, I bit the bullet, and repeated the process with the 1/13/2009 BIOS build A1221IMS v1.48 I had downloaded from the MSI site. Bingo! I was back in business with the updated functionality the BIOS version description had promised working as advertised. But wow, did that take a long time and give me a big scare… At one point, I was researching vendors who could send me a replacement BIOS chip, having read enough horror stories about the issues that a corrupted BIOS chip can cause to think an outright replacement might be called for. Thank goodness, that turned out to be unnecessary.
In the meantime, I’ve gotten to know this little notebook PC very well, and have learned more about its performance and behavior. I’ve ordered 2 2GB SO-DIMMs to replace the 1 GB modules currently installed in the machine, believing it will benefit from the effective 1 MB increase in RAM that will result from this maneuver ($40). I’ve also ordered a 7,200 RPM hard disk to replace the 160 GB Fujitsu 5,400 RPM model it currently contains ($50). I’ve got an HD caddy into which I can pop the new drive and then copy an image of the old drive onto to make the upgrade reasonably swift and painless. I’m also considering installing Paragon Partition Manager on this machine and merging the C: and D: partitions since I can’t see any compelling reason why I should continue to keep them separate.
In the meantime, what with all the hangs, crashes, and app problems the balky BIOS caused while I was troubleshooting and experimenting have caused the System Reliability Index on this machine to fall from an acceptable 8.88 to a pretty dismal 4.14. I’m hoping this will climb steadily over the coming weeks and stay up above 9.0 where it belongs!
Although my recent recitation of Vista system problems has not been altered (and I’ve also lost my ability to interact with my HP MediaSmart Server via the Windows Home Server Connector in the interim), I’m still going to try an upgrade install from Windows Vista Ultimate to Windows 7 Ultimate on my primary production machine. Everything I know about Windows says that if your registry has problems in the predecessor OS, those problems will be inherited in the successor OS after an upgrade. But I’m going to go ahead and do it anyway, in the expectation that I’ll have to wipe the system drive and do a clean install shortly thereafter. I’m not sure if simple curiosity, sheer cussedness, or outright perversity is driving this action, but I really want to try this and see what happens.
In the four or five months I’ve been working daily with Windows 7, I’ve been impressed by its great stability overall and its improved resilience in the face of problems, issues, and failures as compared to Windows Vista. That’s why I’m going to jump in and try the upgrade install — probably some time later today, in fact. I started downloading the Windows 7 .iso images for Professional and Ultimate x86 and x64 versions yesterday, and am nearing the half-way point on my download of the 32-bit Professional version as I write this, with both versions of Ultimate still ahead as I write this blog. Here’s a screencap from the Microsoft File Transfer Manager that reports on my progress so far:
At my present rate of download progress — which remains much slower than the 1 MBps rates I normally get from MSDN for downloads, even though MS has enlisted Akamai to help handle the severe spike in demand that posting Windows 7 RTM has caused — I will probably be able to conduct this experiment either this evening or some time tomorrow. Count on me to post my results, and share my observations as to issues and problems, as soon as I can. While you’re at it: wish me luck, too! I have a strong feeling I’m going to need it…
[important][Update at 3:22 PM: Finally got to the last item in the download list, and the one I need to update my production machine and transfer rates are an abysmal 20-26 KBps, with estimated transfer times between 27 and 31 hours. Looks like I won’t get to do this one until tomorrow, after all…][/important]
In attempting to fix erratic mouse behavior on my production desktop, I discovered the need to visualize what USB devices were connected to which ports on my PC. I also wanted to make sure I had USB 2.0 devices connected to USB 2.0-capable ports and hubs, while I was looking into these matters.
To those ends, I tried to run down a reasonably capable but free USB inspection or reporting tool that could tell me what was what on my PC. Ultimately, I wound up with USBView, a simple but effective Microsoft-made utility.
One interesting thing about this task was how to search for what I wanted. “USB scanner” didn’t do it, nor did “USB mapper,” “USB diagnostics,” or “USB ports.” After flailing about for a while, I went to visit a familiar USB Website I turn to from time to time, EveryThingUSB. They recommended a tool called USBinfo, but all the links I could find to the program (especially the latest version, 2.0) were defunct (though I did find a working link to a Version 1.2 download). I also discovered a USB sniffing tool from HHD Software called USB Monitor Lite, for which a free trial download is available (it’s only good for 14 days, after which the buy-in is $40). I also found a nice-looking utility from Nirsoft called USBDeview but it wouldn’t work properly on my PC, and appeared to cause the very kind of erratic mouse behavior that had prompted me to search for such a tool in the first place!
But once I had some program names and looked at what they called themselves, and how they described themselves, my search terms became more relevant to the actual tools and utilities out there in cyberspace. In fact, a search on “USB utilities” proved most useful, and led me to the site where I discovered Microsoft USBView.
USBView lists the hierarchy of USB devices present on your PC. If you haven’t added a bus-attached USB controller to your system, it lists all of the USB Universal Host Controllers (UHCs) on your motherboard at the top of the hierarchy, followed by the USB root hubs attached to the host controllers. If you do have one or more additional USB controllers, you’ll see extra entires at the top two levels of the hierarchy. At the next level down, you’ll see either Port numbers or any secondary hubs that you may have attached to USB ports on your PC or notebook computer. At each level in the hierarchy, any device you highlight in USBView’s left pane displays its properties in the right pane for inspection. Clicking on any Port to which a “Device connected” notification attaches will usually permit you to identify that device by looking at its associated property values.
For my SuperTalent Pico 8GB Flash drive, however, I had to identify it by process of elimination because USBView failed to resolve its vendor ID. All of the other devices were identifiable by type and by vendor in the properties information pane. As it happens, the Pico’s vendor ID resolves to the chip maker’s name for the Flash RAM it contains, rather than the device builder’s name anyway, as I discovered thanks to a handy unofficial list of USB vendor IDs. When in doubt, I also discovered, you can always remove or insert a device to change your configuration, or do both, to conclusively identify any particular USB device anyway.
For others who are incurably curious about what’s on and in their PC’s, or those who must deal with USB problems, some or all of the utilities mentioned here may come in handy. For me, USBView was just what I wanted, so it was the only one to remain resident on my machine.
[notice]Note: USBInfo 1.2 and 2.0 Incompatible with Vista[/notice]
Just for grins, I decided to install USBInfo version 1.2 on my Vista machine to see how it compared to Microsoft’s USBView. I’ll never know, because the program is incompatible with Vista. It uses several obsolete and deprecated DLLs, some of which are no longer available in Vista, and some of which provoke a “contact Microsoft for more information” warning when the program goes looking for them (most notably msvbm50.dll, which dates all the way back to the Visual Basic 5.0 era).Though there are sources for such things online, I decided to forgo this dubious privilege and immediately used Revo Uninstall to get the program back off my machine, with no apparent ill effects. I also found a download for version 2.0 at www.onlinedown.com through mirror 6 or 7, but it too suffered from exactly the same problems. My advice: don’t bother with this software on a Vista system!
Totally updated for 2011, here’s the ultimate study guide for the CISSP exam!
Considered the most desired certification for IT security professionals, the Certified Information Systems Security Professional designation is also a career-booster. This comprehensive study guide covers every aspect of the 2011 exam and the latest revision of the CISSP body of knowledge. It offers advice on how to pass each section of the exam and features expanded coverage of biometrics, auditing and accountability, software security testing, and other key topics. Included is a CD with two full-length, 250-question sample exams to test your progress.
Essential reading for launching a career in computer forensics!
Internet crime is on the rise, catapulting the need for computer forensics specialists. This new edition presents you with a completely updated overview of the basic skills that are required as a computer forensics professional. The author team of technology security veterans introduces the latest software and tools that exist and they review the available certifications in this growing segment of IT that can help take your career to a new level. A variety of real-world practices take you behind the scenes to look at the root causes of security attacks and provides you with a unique perspective as you launch a career in this fast-growing field.