Saturday, June 20, 2009

Microsoft Link Dump: Load #5

MSDump

CC Photo Credit: by Choctopus on Flickr

Got Shovel?

Virtualization Stuff

Dual-booting Windows 7 from a VHD setup on our laptops is rocking solid.  I almost never drop into the main Vista system anymore.  Neither does Lavie. So even though I currently have a pretty good handle, it never hurts to learn just a bit more. Here are some great tips and info.

  • Creating virtual machines with Windows Virtual PC. – Virtual PC Guy’s WebLog – Basic stuff but a reminder that Windows 7 XP-Mode virtualization isn’t just for running XP’ish app under Win7.  It is a full-features virtualization platform and you aren’t limited to just one virtualized XPM system. Make many…covering other supported OS’s as well.  

UAC Under Win 7 – The Controversy Continues 

  • User Account Control: Inside Windows 7 User Account Control. – TechNet magazine – Mark Russinovich goes to bat to try to defend MS’s positioning of UAC and try to define it’s relationship with security.  I get the points but unfortunately, I think UAC has been engrained in many folk’s minds as being “solely” a security measure. MS it trying to make it more nuanced from their technical understanding of the Windows platform architecture.  This is going clear over the heads of common users.  From Mark’s post:

The primary goal of UAC is to enable more users to run with standard user rights. However, one of UAC's technologies looks and smells like a security feature: the consent prompt. Many people believed that the fact that software has to ask the user to grant it administrative rights means that they can prevent malware from gaining administrative rights. Besides the visual implication that a prompt is a gateway to administrative rights for just the operation it describes, the switch to a different desktop for the elevation dialog and the use of the Windows Integrity Mechanism, including User Interface Privilege Isolation (UIPI), seem to reinforce that belief.

As we've stated since before the launch of Windows Vista, the primary purpose of elevation is not security, though, it's convenience: if users had to switch accounts to perform administrative operations, either by logging into or Fast User Switching to an administrative account, most users would switch once and not switch back.

Thing is, most tech-pros and security folks just aren’t buying it. Particularly when the default user profile level in a Windows 7 setup is at “admin” level.  There is just so little encouragement offered to set up the user account as a “standard” user rights.  And, it appears that even with a standard-level account AND UAC that malware or maliciously coded apps can still work their magic against the user.

  • UAC, UAC, go away, come again some other day - Within Windows. Rafael Rivera provide the quote-byte of the week on UAC: “Here’s my million dollar question: If UAC wasn’t designed to ultimately protect us from anything, why does its icon resemble a damn shield?

Windows 7 Mashup  

More news and various interesting bits to sort through regarding Windows 7.

I’m still not sure what the final prices will be, but if upgrade pricing come in as teased, I’d seriously consider dropping Windows 7 Home premium (x64) on both Lavie and Alvis’s laptops as soon as it is released.  I’m not sure if I will go for Windows 7 Professional (x64) for mine.  I’d actually use some of the XPM features so I might be able to justify the price which might be 2x that of the Home Premium tag.

Microsoft Goodies

  • Test Your Website’s Compatibility with SuperPreview – On10 – Neat little tool for website developers that allows you see how your website looks in different browsers. What is cool is that you can open the same site in multiple browser versions at once and then “stack” them transparently. These overlays make it very easy to see rendering differences.  MS Download: Expression Web SuperPreview for Internet Explorer. Spotted on Calendar Of Updates.
  • Sysinternals Site Discussion : Updates: VMMap v2.0, ClockRes v2.0. – Changes to two Sysinternals tools including the very cool VMMap to display memory usage details.
  • Use FAT16 with 64K cluster size for best performance on <=4GB ReadyBoost devices - Aaron Tiensivu’s Blog.  Clever tip to enhance ReadyBoost performance.  Is it just me or is ReadyBoost a non-issue with Windows7.  Sure it is supported but there’s been no buzz this go round.  Maybe because Win7 performs so much better with available system RAM that no one feels a need for ReadyBoost under Win7 to eek out needed performance? Besides with lessons learned from Vista from most Windows OEM platform sellers, you rarely see consumer systems offered for Vista now with less than 2 GB.  3-4 GB seems standard. I expect Windows 7 systems when they hit the market will be the same.  Compare that with XP and early Vista system releases where standard system consumer configurations offered 512 MB or 1 GB.  Yikes!
  • ImageX GUI (GImageX) – freeware – New beta version released in May by Jonathan Bennett. This new beta version supports the WAIK for Windows 7 RC.  I loaded that one on my “new” laptop system along with this beta version, but found that it sometimes won’t open my Vista WAIK ImageX version WIM files. Those that it does takes a loooong time to mount.  It’s a pain but there are good improvements in the Win7 Imagex version. For more info on the benefits (and the mounting delay) see this GSD post: WIM tool enhancements and Fiddling with VHD’s.

Microsoft Security Essentials: Free MS AV Solution Beta – Coming soon.

Microsoft announced that it would be entering the freely-provided AV market soon.  Microsoft Security Essentials (MSE)…previously code-named Morro…this product would pick up where Windows Defender (malware focused) left off.  In fact install this version and Windows Defender gets disabled as it is an “up-version” of that protection.  It should appeal to the non-techie pc buyers who have a light (but growing) understanding of security needs.  It will also probably play into SO/HO and small business users who need some MS-stable AV solutioning without the advanced administration requirements of larger corporations or businesses.  Interface is very basic…which is probably a good thing.  Though not “cloud-based” it still packs a “cloud-supported” feature to provide added protection for emergent threats and will be offered in both 32-bit and 64-bit Windows OS versions. That alone seems noteworthy. 

Whew!

--Claus V.

1 comment:

Anonymous said...

This one made me laugh:
“Here’s my million dollar question: If UAC wasn’t designed to ultimately protect us from anything, why does its icon resemble a damn shield?”

But is so true. I find the UAC on Vista to be such a pain in the rear I turned it off. Of course now every time I start up I get a warning to check my security settings.

One of these days (when I have the money to buy that Cadillac of KVM switches and once I can find a hard drive that doesn't sound like it is going to blowup (really should just go buy a new one) that I can put into my old (and stripped down) system) I'll install play with Windows 7.