Monday, December 29, 2014

Cheap (as in free) desktop video capture


If you're anything like me you've found the need to capture your desktop activities more than once and the options out there tend to either be prohibitively expensive or woefully inadequate.  Being an IT guy AND an avid gamer I've been on both sides of the fence when it comes to trying to grab video from my desktop.

It's the whole desktop thing that's been a stumbling block.  That was until I figured out how to make a free video capture app, MSI Afterburner, grab my desktop and not just my game footage.

MSI Afterburner isn't just a video capture app, it's a unified suite of apps that include video card monitoring, tweaking and logging.  

Of course its video capture capabilities are geared toward gaming but a little digging found a simple solution to leverage the considerable muscle of Afterburner's video capture capabilities.  


Check out the videos below to see the secret I've unlocked....




Thursday, December 4, 2014

Windows 10 on ESX with all the uglies...




I've just completed the first in what I hope to be a short series of videos in the vein of the Windows 8 videos I did a few years ago.  This one is about installing and configuring Windows 10 on an ESX 5.5 virtual host.

Come along and see what it's like with all the uglies left in!  I don't know about you but I hate tutorials that never tell me what to do when something bad happens!

Without further adieu I give you Windows 10 on ESX!



Monday, November 24, 2014

IT on the cheap: Dealing with resource attacks


In a perfect world the Internet would be free, nobody would want to steal your stuff and bad people would be too stupid to do any harm.

Alas, we don't live in such a blissful Utopia and have to deal with the seedy underbelly of a connected world.  As such if you're the guy managing servers and networks you have to be concerned about security.

It doesn't matter how deftly you can crank out pages of powershell commands if your network is under attack.  Worse, if you don't have the budget for the latest IDS (Intrusion Detection System) you're going to have to do some of the heavy lifting.

Thankfully, it's not that hard and while not the ideal scenario you can improve security even if your tools come from Ebay and Best Buy sales.

So take a look at the video below while I walk you through some basic security procedures and deal with an ongoing attack.





Thursday, October 23, 2014

Updates to Info Tech As I see It

While this blog isn't as popular as I'd like it to be I know there are enough readers who do to merit an explanation as to why all the video links suddenly went dead last week.

The reason is simple and is directly related to the content I provide.  You see, I was hit by the #microstopped YouTube takedown last week.  The videos in question were two of my most popular on using Windows 8 Enterprise edition.  Apparently thousands of people found the information useful in the 2+ years they were on my channel.

Unfrotunately a clueless marketing lackey for Microsoft thought that I and thousands of others had no right to share the information.

Well, fast forward to this week and suddenly there's a new source for those same videos.  I've made a brand new YouTube channel with all the content of my former one but without the unrelated clutter you had to sift through to find the infomation you want.

The channel is called IT Mostly on YouTube and will serve as the official video partner to this blog.  You can find it at the link in the sidebar as well as here: https://www.youtube.com/user/ITasIsee

By the way, the YouTube copyright strike has been removed and those same 2 videos are back up and in public circulation again and will remain so until further notice.

For more on the story see this article on my other blog, Digital Dyanmic, here.

For a sampler of what's on the YouTube channel, I invite you to try out the playlist I've provided below.

That's all for now.



Friday, September 26, 2014

FIX your BASH already! Correcting the BASH shellshock vulnerability

By now you've heard that just about every 'Nix box on the planet is vulnerable to a flaw in the BASH shell that allows code insertion regardless of your level of access.  Worse, it's been that way for 25 years!

Ok, so that's a problem but what's the solution?

It's actually pretty simple...

First you test, then you patch, then you test again.  I've provided some command line snippets you can use on your Red Hat or Debian based Linux distros.  The testing command is almost universal the patch commands are more system specific.  Regardless, you need to get this done ASAP as less than 24 hours after its discovery there were already active bots scanning the net looking to exploit the vulnerability.

The command snippets you need are below as well as a video showing the update process.  The following link had the most complete information I've found if you want to know more.

https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability

You've got what you need, now go to it!



()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()

Testing command (at a shell prompt or terminal session)

env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"


Bash updates:

Debian/Ubuntu-

sudo apt-get update && sudo apt-get install --only-upgrade bash

CentOS/Red Hat

sudo yum update bash



Wednesday, August 20, 2014

Microsoft's Bloody Tuesday

Originally published on Kupeesh as Fear and Loathing of a Microsoft Patch



Poor Microsoft, it's been a tough couple of years for the software giant as it's gone through management upheavals, a failed operating system and a lackluster foray into the mobile market.

It seems they just can't catch a break...

That doesn't preclude them, however, from breaking things.

Case in point.  Last week's round of "Patch Tuesday" updates was filled to the brim with security and operating system fixes that millions of Windows PC's dutifully installed via automatic updates.

Normally keeping an operating system up to date is a good idea if you want to keep the bad guys out of your stuff.  But what do you do when the supposed good guys blow up your computer?

That's a question thousands of Windows users are asking as they now find themselves between the rock of Internet security threats and the hard place of a botched update.  

Even longtime Microsoft watchers like Paul Thurott (Windows Weekly, Winsupersite) can only answer with, "That's a tough one."

The patch causing so much trouble is a seemingly innocuous update to the Russian Ruble currency symbol in the windows font library (KB 2970228).  Apparently some users are experiencing everything from screwed up fonts to Blue Screens of Death (BSOD) after its installation.  As a workaround Microsoft is currently advising users to remove it and 3 other updates (KB2982791,KB2975719,KB2975331) that contain the offending code.  In addition, the download description pages for the affected update patches have had their download links removed while Microsoft, "investigates the issue."

Windows 7 and 8 are arguably the most robust operating systems Microsoft has ever produced.  So the return of the BSOD nemesis from the days of Windows XP is going to raise some eyebrows.  BSOD's only arise when a core operating system function has failed beyond recovery.  

That's something we thought we left behind when the house of cards that was Windows XP finally shuffled off the stage.  So with so much progress, how could Microsoft allow an obviously unvetted update to be distributed on platforms from Server 2003 to Windows 8.1.

Yes I know, Microsoft, unlike Apple, doesn't control every variant of hardware that runs their software.  But it's for exactly that reason that one would think their update policy would err on the side of caution.  That goes double in a week that also saw major outages of the company's Azure cloud services.

Instead Microsoft seems bent on releasing new products (patches included) like automakers release new cars.  But operating systems aren't Chevy's and rushing new products to market always leaves something to be desired.  Just ask GM about taking shortcuts in a process for proof.

So what's the answer when a strategy of "rapid release" seems to rule the day.  Unfortunately it's "Caveat Emptor," Buyer Beware.  Microsoft appears committed to shooting out software patches and asking questions later.  So for now, you may just want to switch those automatic updates to "manual" and wait a week after Patch Tuesday to install those non-critical updates.


In this case the cure was worse than the disease.

Thursday, July 10, 2014

A new perspective on old Operating systems


I see a lot of uproar over Operating systems lately. 

Not the normal Windows versus Mac versus Linux fare.  No, the wailing starts around the time an older version is no longer supported meaning no further updates are produced for it and every request for help is met with the maddening phrase...

"Upgrade to the newer version."

Now truth be told, we rarely hear anyone complaining much about the abandonment of an old version of Mac OSX or a Linux distribution.  Devotees of those platforms are usually breathlessly awaiting the next release. 

It's usually the Windows world that complains the most and with good reason.  Their customer base is always wary of a new Microsoft release especially if it follows a successful predecessor.  That's because success is usually followed by failure.  A short review of recent history bears that out..

  • Windows 2003/Windows XP - Stable, easy to manage and user friendly at least after the first service packs.
  • Windows Vista - I don't care what Paul Thurott says, it was/is slow and almost completely unusable before service pack 2.  Microsoft's "my way or the highway" stance didn't help it gain many fans either.  It's the reason why Windows XP only recently entered obsolescence.
  • Windows 7 - Everything Vista should have been and for many the worthy successor to XP.
  • Windows 8 - A sign of things to come in interface design but a bit too much too soon.  Great for tablets but lousy on anything without a touch screen. 


So the trend is evident.  Expect the release of a successful Microsoft product to be immediately followed by a failure. 

Perhaps a change of perspective is needed here.

Operating systems are just "products" and products have a shelf life.  That means after a certain amount of time they go "bad."

So I'm proposing we think of operating systems in the same way we think about cars. 

When you buy a new car you can expect that for at least 5 years you're going to have full support from the factory that made it.  Any little thing that goes wrong will be quickly and cheerfully rectified and you can bet that all the latest features will be there for the taking.


Now moving past that 5 year mark we're getting into the realm of "mature" products.  You may still have a warranty but you're going to find that if the sun visor falls off it's going to be fixed but it's probably going to be on your dime.  If the engine blows up, however, it'll probably be covered.  Don't expect any feature updates from the factory though.  They've moved on to this year's model which more likely than not isn't much different than yours so there's no real compelling reason to "upgrade."


Once we get to 10 years you now own an old car.  You're probably not visiting the dealer to get it repaired anymore mostly because it's too expensive.  If you hold on to it you've either got a trusted mechanic close to home or you've suddenly taken an interest in automotives.


Over 10 years and the words "End of Life" start showing up.  At this point you're into legacy status and the factory could care less about your car.  If you really like the car you'll find all sorts of "aftermarket" parts and services to keep it running.  Chances are the factory and dealer won't be able to do much for you at this point. 

I think the model works pretty well for operating systems too.  At some point you have to accept that nothing is forever.  A 12 year old operating system is like a 12 year old car.  Obsolete, poorly supported by its maker and dependent on an "aftermarket" to support it.  There's nothing wrong with the aftermarket so long as they have good standing but it's a roll of the dice.  Also know that just as an old car may not have the safety features or fuel efficiency of a new model, an old OS may not be as secure or perform as well as a newer one.


So run Windows XP or MAC OSX Tiger if you want, just know that from now on you're going to be on your own.

Wednesday, July 2, 2014

Web hosting for cheap on a virtual machine


The thing you have to remember about working in IT is that no two projects are ever alike.  Even if you're being asked to do the same thing for 10 different people you're still going to be surprised.  Sometimes even on the same project.

So it was with my latest foray into virtualization on the cheap.  The client could barely afford to pay me let alone invest thousands in licensing fees.  So we had to get creative without sacrificing stability. 

That can be a tall order especially when everything you're using is Open Source. 

Now I have my issues with the way the Open Source community does things but a good product is a good product regardless of who made it.

Of course, "good" is a relative term. 

It's always a trade off.  A bit of pain to save a lot of money is fair but too much pain can cost more than if you'd just went with a commercial option.  And I do mean "commercial" because I still firmly believe that any product that relies on a fractured support community or high priced "experts" to make a product work is just this side of an amateur effort. 

Not that all open source products are that way, however.  

Some communities are better than others and if they put together a solid package with "readable" documentation then I'm all for it.  If we're just stroking somebody's ego so they can get a guest spot on Floss Weekly I'll take a pass every time.

I put CentOS, the open source version of Red Hat Enterprise Linux, and Z-panel, the open source clone of C-panel squarely in the "good" category.

Together they offered a cost effective and relatively stable platform for web hosting.  Add in a virtual platform for them to live on and you've got a web host that could fit on a keychain.  Not bad...

Instead of bore you with 4000 words of text describing my latest open source virtualization adventure I've created a video that takes you from creating the virtual machine to administering your new web host. 

As you're watching you may miss a few of the links in the video.  I've provided them below.



Tuesday, April 22, 2014

Why Heartbleed Happened

Originally published on Kupeesh!


So what's up with all this HeartBleed nonsense?

What could possibly be behind the greatest crisis in Internet security since the invention of phishing emails?
How could this possibly happen?  What could possibly jeopardize the security of thousands of websites and secure services we take for granted like Google, Tumblr and even banking sites?

I have an easy answer and it points right back to the Achilles heel of Open Source. 

While proponents will argue the merits of solutions that don't come from commercial sources the one inescapable fact of Open Source software is that it's developed under mob rule.

Therein lies the problem. 

While nobody questions the benefits of Open Source software like cost and ease of customization, proponents tend to gloss over the fact that some projects are better managed than others.

Take the case of OpenSSL.  It's the foundation for thousands of web services like Google, Yahoo and even your bank.   Except that somebody wasn't minding the store and for two years the mechanism that was supposed to secure your communications...didn't.

The flaw was inadvertently discovered by Google's Neel Mehta during a routine security sweep but the flaw had been in existence for 2 years.  Overlooked by one of OpenSSL's core developers, Stephen N. Henson, the vulnerability came as the result of additional but apparently untested new functionality known as a Heartbeat for OpenSSL.  The functionality was supposed to function as little more than an "I'm still here!" beacon to whatever service you're connected to.  

The short of it is this...

The problem comes from not bothering to check that what's sent matches what was requested.  A crafty hacker can take advantage by continually sending heartbeat requests claiming to be of a certain size but not actually being that size.  The server dutifully responds by sending back a response of the claimed size to the client and inadvertently dumping the contents of its memory to fill the otherwise empty space of the response.  The contents of which have been shown to contain user credentials among other compromised information.

It's apparently a simple fix but it's taken two years for anyone to notice. 

Meanwhile, nobody knows how long the bad guys have been aware of the flaw.  How can something like this get by the supposed vigilance of security gurus and major corporations alike? 
I can tell you how, it's endemic, it's cultural and it's arrogance...

It's a misguided belief that oversight of a product is best left to a community regardless of its qualifications to do so.  A community that frequently finds itself more concerned with the technical wizardry of its products than the users who deploy them

It's the same mindset that's kept other Open Source offerings like Linux in the shadows of Windows.  Let's be honest here.  You can only stomach so many unintelligible whitepapers or narcissistic support forum posts before you just give up.  The inmates are indeed running the asylum...

Heartbleed shines a light on the failure of the Open Source community in that it lays open the lack of even the most basic oversight of a critical and widely used service.  It's not so much about the failure of OpenSSL but rather that nobody including its chief stewards noticed the problem for two years.


This is nothing less than a reality check on the entire Open Source community.  One that should be raising questions in anyone that relies on their wares.

Thursday, February 6, 2014

An ESXi host, a NAS and NFS

When you're an IT guy tinkering is part of your lifestyle.  There has to be at least a modicum of curiosity about how things work.   We drive department heads crazy because just keeping stuff working isn't good enough for us.  We want that extra Megabit of throughput or another free Gigabyte out of the SAN.

Sadly, most of us can't afford to set up an server farm in a spare bedroom just to satisfy our need to tinker; but with virtualization you can come very close.

That is of course the promise.  Being able to harness the same capabilities of a small enterprise with a lot less hardware is undeniably a good thing.  Letting us run wild in our own little enterprise is even better.

VirtualBox, VMWare Workstation and their kind is fine for taking a new OS out for a spin but they fall a bit short for giving you real world skills.

ESXi, however, is another story.  Maybe more than any other platform, it's probably the most useful and relevant virtualization lab platform you can experiment with.  Don't confuse this with your grandpa's ESXi, though. 

Starting with version 5, VMWare decided that ESXi is the one hypervisor to rule them all instead of just being ESX's little brother.  That means anything you do with ESXi translates to what you can do in the enterprise.

It's one thing to play with virtual servers in VMWare but it's quite another to play with the platform itself.   After all, the more you tinker with it the better it works right?  Well, at least till we blow something up...

So this time around I decided I wasn't satisfied just locking myself out of the VSphere Client because I forgot the password.  I wanted to get some external storage online but I didn't have a spare ISCSI array laying around.   So I decided to venture into the wonderful world of NFS.

In ESXi you've basically got 2 options for storage.

1. Local - meaning it's either physically attached to the host or on a dedicated backbone via ISCSI

2. NFS - Which is pretty much "other"

Local's easy, if your storage controller can see it so can VMWare.  ISCSi  adds a wrinkle but so long as your target's on the network it's not a big deal.

NFS, ah, that's a different story.  A lot of Sys Admins can go an entire career without having to deal with it.   Like SMB, NFS is designed to offer up access to files on a network.  Those shares are usually hosted on Unix servers but unlike SMB, NFS is designed to fool your local PC into thinking a network resource is local.  An impressive feat compared to the clunky "Map Network Drive" or CLI "Net Use" commands in Windows.

Ok, so we know what NFS is but why do we care about it for VMWare?  Simple, most NAS storage devices will have support for the protocol to allow UNIX clients to access their shares.  Set up NFS on your NAS and you've given ESXi another potential datastore to play with.

NFS has it's quirks but most NAS management interfaces make it a relatively painless process to set up.  Once that happens just be sure you have a solid network connection between your virtual host(s) and the NAS.


Follow along with the video as I set up an NFS share for ESXi 5.5, play with a VM that lives on it and even break it!





Saturday, February 1, 2014

CLI-nging ON



Imagine if you had to do the following  just to start your car every morning...

1.    Pull the choke adjacent to the right fender while engaging the crank lever under the radiator at the front of the car, slowly turning it a quarter-turn clockwise to prime the carburetor with fuel.
2.     Get into the car. Insert the ignition key, turning the setting to either magneto or battery. Adjust the timing stalk upward to retard the timing, move the throttle stalk downward slightly for an idle setting, and pull back on the hand brake, which also places the car in neutral.
3.     Return to the front of the car. Use your left hand to crank the lever (if the engine backfires and the lever swings counterclockwise, the left arm is less likely to be broken). Give it a vigorous half-crank, and the engine should start.

Chances are, your great grandparents were very familiar with the procedure if they owned a Model T.  Mind you, all that bother just starts the car, you haven't even tried to drive anywhere yet.  A complicated procedure to be sure but it beat shoe leather, barely.

Times changed and eventually somebody figured out how to take all those manual processes and mechanically automate them.  Soon, starting your car was just a turn of a key and driving it was more about where you wanted to go than how to control a mass of cantankerous machinery.  It also made the act of driving more accessible to more people.

That's called progress....

So as I stare at my open PowerShell window with a line of gobbledygook that to my dismay is my only means of finding out how much space my email users are hogging I have to wonder...

[PS] C:\>Get-MailboxDatabase "Mailbox Database 1" | Get-MailboxStatistics | Sort totalitemsize -desc | Export-CSV C:\mailboxes.csv

What's up with this command line stuff? 

Go into just about any forum or social media discussion even remotely related to IT and the flame wars will start with the mere mention of the command line.

"Go play with Windows if you want to click buttons"

countered with...

"You know, nobody uses punch cards anymore"

On and on ad infinitum. 

I had just such an exchange the other day with an open source devotee.  He was one of those grizzled admin types who clings to the mantra that nothing real happens in IT without a CLI (Command Line Interface)
He went on and on about his numerous accomplishments with his mastery of cursor and alphabet.  He also bemoaned the lack of functionality in all those "buttons."

It brought me back to the story a friend told me of an old CPA who refused to use a computer with Windows on it because all those kinds of OS's were just "Game" machines.

Anyway, apparently support for his favorite open source R&D project was callously left out of the latest VMWARE Vsphere client.  There was no doubt that to him such an omission doomed VMWare's GUI.

I was quick to point out that the Vshpere client is the preferred method (or the Web client for 5.5) to manage VMWare.  Actually, it's one of the more complete GUI management interfaces available and there aren't a lot of "buttons" to it.

He didn't think so...

To my mind, if it isn't officially supported then you take your lumps and have no right to complain.  But it's pointless to argue with someone like that.  As far as I was concerned he could just go back to his cave...

So it should be no surprise that I hate the command line but only because it's frequently a requirement instead of an option and to me that's all kinds of wrong.  A throwback to carrying around a crank to start your car and the Charleston.

But I have to admit that my console loving friend does have a point.  Far too often Graphical User Interfaces (GUIs) let us down.  They only contain the bare minimum of functionality often forcing you to stare into the inky blackness of a console.

 After 30 years of interface development why is it that CLI's are still so prevalent even in operating systems called "Windows?"  Why, for instance, do I have to execute scripts to select multiples of anything instead of just selecting what I want as a group and clicking "OK"

What my troglodytic friend doesn't seem to understand with all his mastery of the blinking cursor is that he's being forced to do more work than he needs to.  System Administration is frequently bogged down by syntax.  I shouldn't need to be a closet code monkey just to efficiently manage an enterprise.

Microsoft, the entity that made the whole concept of a GUI interface acceptable to most of the corporate world seems to be at odds with its own history. (BTW, Yes I know MAC was first with GUI's)

With every new version of windows it seems simple functions are being relegated to scripts and command lines.  Only the most rudimentary controls are left behind.  Spend any time managing Windows Server 2008 or 2012 and it starts to feel like you've entered some twisted Twilight Zone version of Linux.

I'm not saying the command line should be abolished.  Just like you occasionally need to roll up your sleeves and get a little dirty to get your car started in the morning; there's times you need to drop to that nasty old CLI.

That's ok, I have a right to get a little dirty if I need to BUT it shouldn't be a requirement.  That's my problem with the CLI. 

There's an assumption among the CLI elitists that if you're not comfortable with the command line then you must not know what you're doing.

I can assure you, I know exactly what I'm doing.  I'd just rather do it than get bogged down in a layer of abstraction to get to it. 

Yes, I said it, the CLI is an abstraction almost to the point of a DIStraction.  Even more so than a GUI, the convoluted syntax and cryptic commands do more to separate you from the task at hand than any click ever could.

Is your DNS server more secure and better optimized than mine because you configured it with your arsenal of scripts?  Or is it really an indication of a lazy GUI development team that's given you inadequate tools.

Microsoft introduced the concept of a modular GUI interface called the MMC (Microsoft Management Console) back in the NT 4 days.  It was designed to be customizable and more flexible than the standalone applets that accompanied every service.  It was a step in the right direction but unfortunately began the trend of minimizing GUI functionality by neutering the available commands within the MMC applets.

I submit that both the GUI and CLI devotees are right.  I should never have to go to a command line or call up a script to perform management functions.  I should, however, have a robust CLI that doesn't require me to understand the intricacies of of the Microsoft Foundation Classes.  Interfaces should be complete or at least offer the option to be that way regardless of their presentation.. 

What's wrong about the CLI guys is all the arrogance.  So what if you can dash out 30 line scripts from memory or poke holes through VMWARE to support the latest R&D cloud project. 

Don't assume that because I choose not to waste my time on hand cranked cars to get where I'm going that I don't know how to get there. 

I just expect...no...I demand better and at this stage in the game it's just developer laziness that I don't have it.


Tuesday, January 21, 2014

VMWare 5.5, Vconverter and VSphere Client tips



Let's face it, when you think virtual servers, Microsoft isn't the first name to jump into your head.  VMWare shows up a whole lot more than Hyper-V and chances are if you're in a large enough organization it's the one you've got to manage.

The latest incarnation is version 5.5 which is primarily an answer to a laundry list of bugs that started with the 5.0 platform. 

For most people, the first time they get to play with virtualization is in a sandbox like VirtualBox or VMWare Workstation.  But what if you want to go beyond just taking Ubuntu out for a spin on your Windows desktop?

That's where ESX comes in and even in a large deployment you're going to find out that your most important tools are deceptively simple.  That being the VSphere Client and VConverter.

The whole concept of Virtualization revolves around the Host.  It's the container (hardware) that all your virtual machines live on.  While VMWare's VCenter suite has a number of tools and features to help you manage the virtual enterprise nothing really ever strays that far from those two tools.  Know them and you've got a handle on 80% of what VMWare is all about.

The VSphere client is your portal into managing a single VMWare host and while you can learn a lot by creating a Virtual Machine from scratch on it most people take a shortcut.  That shortcut is provided by VConverter which lets you take an image of your physical PC and migrate it to and ESX Host.  It's called Physical to Virtual Migration or P2V for short.

As VMWare has matured so have the tools.  VConverter now allows you to use backups from programs like Acronis True Image and Symantec to create a new virtual machine.  It also allows the import of Microsoft Virtual PC and HYPER-V images and a few other formats as well.  In fact, VConverter is so versatile that its VM's can often be used in other virtualization platforms like VirtualBox. 

That's the good but of course there's always a few bad apples in the bunch.  The most annoying of which is the fact that VConverter still needs Windows.   Speaking of windows, migrating a Windows installation often requires having full administrative privileges on the machine running VConverter as well as the disabling of UAC (User Account Control) on the Windows P2V target.  Those aren't exactly best security practices in my book.

That there isn't a native Linux version of the VConverter utility only exacerbates nagging problems with migrating Linux deployments to the VMWare platform.   

That doesn't mean you can't move Linux PC's to ESX or even Workstation.  The option is there, it just doesn't always work and requires a lot of configuration of the Linux host just to find out it doesn't.
Still, getting familiar with the tools is a worthwhile endeavor and can only add to your arsenal of IT skills. 
It's said a picture is worth a 1000 words so a video should be worth at least twice that, so I've provided one below...


Enjoy!






Thursday, January 16, 2014

Dealing with the latest Java Security update for your legacy apps

Java's gotten a bad rap lately and with good reason.  It's got so many security holes that it triggered an alert last year from Homeland Security.  Since then we've been getting pretty regular updates from the folks over at Oracle.

If you happen to administer networking equipment, especially Cisco branded devices, you've no doubt run into issues that come with Java updates.  If you have to manage different generations of networking equipment, for example, there's not doubt you have to maintain multiple versions of Java to manage them.

The latest Java security update for Java, 1.7.0_51, has finally made good on a threat.  It's activated functionality that effectively blocks any Java applet that doesn't have the "security manifest" parameters enabled.

That can leave you dead in the water.  Except, if you know how to work around it.  The video below shows you how to set an exclusion for trusted connections and applets.

Remember, this is only for connections and applets that you have complete trust in.




Monday, January 13, 2014

9 comes after 8 and that's Windows' new name

Leo Laporte may have officially proclaimed the death of Windows 8 last year but Microsoft made it official this week.  The operating system previously known as "Threshold" has a real name, "Windows 9" and a real release target, April 2015.

According to Paul Thurrott, Windows 9 is meant to be everything Windows 8 wasn't.  For one thing, the desktop will regain its prominence as will the Start Menu.  Metro 2.0, as it's called, will be somewhat deprecated as more of a windowed app instead of a GUI mandate.

The bones have been rolled and the Shaman was right, Windows 8 couldn't succeed in spite of its futuristic aspirations.  It's not that Windows 8 is a flawed operating system, it's not and its performance and security underpinnings are second to none in the Windows world.  But that GUI...That collection of pulsating tiles that consumers were forced to swipe away just to get to their email spelled doom for the Windows known as 8.

Metro isn't a bad idea and I still hold firm to the belief that one day we'll see a workforce happily swiping, typing and talking to their monitors as easily as they send a text message now.  I get it Microsoft.  You were trying to push the concept of a Kiosk operating system that was not only visually attractive but with all those annoying menu bits out of the way. 

Microsoft saw how consumers eschewed scrolling down menus and tiny keyboards on their smart devices for simple taps and swipes.  The proof still exists with the success of Apple and Android devices while Blackberry languishes for all but the most faithful.

But it didn't translate well to the office.  With a stated 25 million copies sold with most of those likely pre-installs on new PC's (whose sales numbers were already suffering,)  Windows 8 just wasn't going to fly with the bean counters.

Incompatibility with legacy applications, an interface inconsistent with current workflows and no real justification to move from windows 7.  When you consider that many businesses are still just in the throes of moving off of XP, the  picture becomes clear.

Windows 8 was an operating system ahead of its time if not its market.  Consumers may be used to scratching and tapping away at their smart devices but not their PC's.  They still expect that "legacy" experience and that translates to corporate America as well. 

That's why 8 failed, If the Fortune 1000 isn't buying it, you just have to call a Microsoft operating system dead. 

Windows 9 is a pullback from the brink.  Still, in the long run the great experiment will cost them little.  There was no upstart, no competition waiting in the wings to unseat the giant from its throne.  Apple? the enterprise is more nuisance than market to them.  Expect OSX to disappear into an API for IOS within the next 10 years.  Linux?  If corporate customers won't tolerate a tightly integrated kiosk experience they won't stomach the wild West of an open source operating system either. 

At this point the best thing Microsoft could do to advance Windows is to split the development  between consumer and business releases again.  If you want one interface across all "consumer" devices then by all means do it.  Let it grace the likes of phones, tablets and yes, consumer PC's.  Just don't try to force it down corporate America's throat.

People don't like to be forced to do anything.  They need time to get used to it.  Windows 95 brought the desktop to the next step in its evolution.  It was more about clicks than menus and command lines.  Consumers got used to that and were soon demanding the same from their business PC's.  Thus came Windows 2000 which was really just windows NT with a facelift and some beefier networking bits. 

It was all about the interface and customers both corporate and consumer asked for it.  

That's the key, consumers have to feel like it's their choice.  If they want to be told what's good for them they'll buy an IPAD.