Microsoft Link Dump: Load #5

CC Photo Credit: by Choctopus on Flickr

Got Shovel?

Virtualization Stuff

Dual-booting Windows 7 from a VHD setup on our laptops is rocking solid.  I almost never drop into the main Vista system anymore.  Neither does Lavie. So even though I currently have a pretty good handle, it never hurts to learn just a bit more. Here are some great tips and info.

• How to use the new VHD features of Windows 7 / Server 2008 R2 - TechNet Edge. Ten minute guided video on how to set up a VHD file under Win7 or Server 2008.

• Dual Boot from VHD with Windows 7 and Windows Sever 2008 R2 - TechNet Edge. Twenty-three minute video from MS pro Keith Combs on specifically dual-booting systems from VHD files.  It’s quite good.

• Creating virtual machines with Windows Virtual PC. – Virtual PC Guy’s WebLog – Basic stuff but a reminder that Windows 7 XP-Mode virtualization isn’t just for running XP’ish app under Win7.  It is a full-features virtualization platform and you aren’t limited to just one virtualized XPM system. Make many…covering other supported OS’s as well.  

UAC Under Win 7 – The Controversy Continues 

• User Account Control: Inside Windows 7 User Account Control. – TechNet magazine – Mark Russinovich goes to bat to try to defend MS’s positioning of UAC and try to define it’s relationship with security.  I get the points but unfortunately, I think UAC has been engrained in many folk’s minds as being “solely” a security measure. MS it trying to make it more nuanced from their technical understanding of the Windows platform architecture.  This is going clear over the heads of common users.  From Mark’s post:

The primary goal of UAC is to enable more users to run with standard user rights. However, one of UAC's technologies looks and smells like a security feature: the consent prompt. Many people believed that the fact that software has to ask the user to grant it administrative rights means that they can prevent malware from gaining administrative rights. Besides the visual implication that a prompt is a gateway to administrative rights for just the operation it describes, the switch to a different desktop for the elevation dialog and the use of the Windows Integrity Mechanism, including User Interface Privilege Isolation (UIPI), seem to reinforce that belief.

As we've stated since before the launch of Windows Vista, the primary purpose of elevation is not security, though, it's convenience: if users had to switch accounts to perform administrative operations, either by logging into or Fast User Switching to an administrative account, most users would switch once and not switch back.

Thing is, most tech-pros and security folks just aren’t buying it. Particularly when the default user profile level in a Windows 7 setup is at “admin” level.  There is just so little encouragement offered to set up the user account as a “standard” user rights.  And, it appears that even with a standard-level account AND UAC that malware or maliciously coded apps can still work their magic against the user.

• Windows 7 UAC code-injection vulnerability: video demonstration, source code released - istartedsomething. How applications can take advantage of Win7 and elevate permissions without UAC prompting. Darn.

• UAC in Windows 7 still broken, Microsoft won’t/can’t fix code-injection vulnerability - istartedsomething.  More thoughts by Long Zheng on UAC.

• UAC, UAC, go away, come again some other day - Within Windows. Rafael Rivera provide the quote-byte of the week on UAC: “Here’s my million dollar question: If UAC wasn’t designed to ultimately protect us from anything, why does its icon resemble a damn shield?”

• 4sysops - Thoughts about User Account Control’s (UAC) primary design goal. – 4sysops - Michael Pietroforte thoughtfully sums up the problem and frustration with folks-in-the-know on UAC.  Most either tolerate it and some just turn the thing off.

Windows 7 Mashup  

More news and various interesting bits to sort through regarding Windows 7.

• Windows 7 Kernel Architecture Changes - api-ms-win-core files. – NirSoft.  Nir takes the time to explain function changes internal to some key Windows 7 dll files.  This means that some calls previously used in application code might not be as efficient as newer ones.  It’s interesting stuff.
• New DLL Information site for Windows 7. – Nir Sofer’s NirBlog – Nir has created a new website “containing information about every DLL in the system32 directory of Windows 7 Release Candidate”: DLL File Information for Windows 7. It’s tech-head stuff but good to bookmark if you are into DLL stuff.
• Will the Windows 7 price be right? - Ed Bott’s Microsoft Report
• Best Buy memo leaks Windows 7 pricing? Upgrades might cost less than half than Vista equivalent. - istartedsomething.

I’m still not sure what the final prices will be, but if upgrade pricing come in as teased, I’d seriously consider dropping Windows 7 Home premium (x64) on both Lavie and Alvis’s laptops as soon as it is released.  I’m not sure if I will go for Windows 7 Professional (x64) for mine.  I’d actually use some of the XPM features so I might be able to justify the price which might be 2x that of the Home Premium tag.

• Microsoft Hardware to Take Advantage of Windows 7 - Windows 7 Team Blog. Hardware interfacing support for Win7 gets a big enhancement.
• Admiring Windows 7’s high-resolution device icons - istartedsomething.  Pretty icons…and they mean something this time as well!
• Creating, Saving, Sharing Themes in Windows 7 - Engineering Windows 7 – I’ve dropped a static wallpaper on my Win7 desktop, but I keep going back to the provided themesets.  It’s really neat.  However, creating your own theme-sets isn’t quite an intuitive thing.  This is a must-read post if you want to spin your own.  Turn’s out it is pretty easy-peasy!
• Windows 7: Personalize your PC – Microsoft – Turns out that you can download some more “official” themes that weren’t bundled in the Win 7 release disks.  These are the real-deal and quite beautiful.
• Windows 7 to officially support logon UI background customization - Within Windows.  Since we are on a tweaking bend, don’t forget you can tweak the login background with a bit of clever editing.
• Tweak your Windows 7 Logon UI “button set” - Within Windows.  Of course, you might find that if you do change the logon background you might have some default text issues. These tips will help you cycle through some native adjustments to make the login dialogs easier to see.

Microsoft Goodies

• Test Your Website’s Compatibility with SuperPreview – On10 – Neat little tool for website developers that allows you see how your website looks in different browsers. What is cool is that you can open the same site in multiple browser versions at once and then “stack” them transparently. These overlays make it very easy to see rendering differences.  MS Download: Expression Web SuperPreview for Internet Explorer. Spotted on Calendar Of Updates.
• Sysinternals Site Discussion : Updates: VMMap v2.0, ClockRes v2.0. – Changes to two Sysinternals tools including the very cool VMMap to display memory usage details.
• Use FAT16 with 64K cluster size for best performance on <=4GB ReadyBoost devices - Aaron Tiensivu’s Blog.  Clever tip to enhance ReadyBoost performance.  Is it just me or is ReadyBoost a non-issue with Windows7.  Sure it is supported but there’s been no buzz this go round.  Maybe because Win7 performs so much better with available system RAM that no one feels a need for ReadyBoost under Win7 to eek out needed performance? Besides with lessons learned from Vista from most Windows OEM platform sellers, you rarely see consumer systems offered for Vista now with less than 2 GB.  3-4 GB seems standard. I expect Windows 7 systems when they hit the market will be the same.  Compare that with XP and early Vista system releases where standard system consumer configurations offered 512 MB or 1 GB.  Yikes!
• ImageX GUI (GImageX) – freeware – New beta version released in May by Jonathan Bennett. This new beta version supports the WAIK for Windows 7 RC.  I loaded that one on my “new” laptop system along with this beta version, but found that it sometimes won’t open my Vista WAIK ImageX version WIM files. Those that it does takes a loooong time to mount.  It’s a pain but there are good improvements in the Win7 Imagex version. For more info on the benefits (and the mounting delay) see this GSD post: WIM tool enhancements and Fiddling with VHD’s.

Microsoft Security Essentials: Free MS AV Solution Beta – Coming soon.

Microsoft announced that it would be entering the freely-provided AV market soon.  Microsoft Security Essentials (MSE)…previously code-named Morro…this product would pick up where Windows Defender (malware focused) left off.  In fact install this version and Windows Defender gets disabled as it is an “up-version” of that protection.  It should appeal to the non-techie pc buyers who have a light (but growing) understanding of security needs.  It will also probably play into SO/HO and small business users who need some MS-stable AV solutioning without the advanced administration requirements of larger corporations or businesses.  Interface is very basic…which is probably a good thing.  Though not “cloud-based” it still packs a “cloud-supported” feature to provide added protection for emergent threats and will be offered in both 32-bit and 64-bit Windows OS versions. That alone seems noteworthy. 

• Microsoft announces free antivirus, limited public beta - Ars Technica.
• Microsoft Security Essentials: What wannabe testers need to know – Mary-Jo Foley’s All about Microsoft
• How good is Microsoft’s free antivirus software?  - Ed Bott’s Microsoft Report. Contains great pre-beta screenshots.

Whew!

--Claus V.