• Home
• About
• Advertise
• Contact
• Search

Microsoft Techdays 2011–Finland

by Mats Hellman on 03.Apr, 2011 under Windows, Windows 7

I attended Techdays here in Finland 31 March and 1 April. This was a great event so I’m going to post a big thank you here to the people behind this event. The only thing I had trouble with was prioritizing which sessions to attend. There were just so many great speakers.

Things that really stuck were the session on Microsoft Intune by Salcom Group and the 7 ways to break into Windows 7 by Sami Laiho from Sovelto and Petri Paavola from Aalto Yliopisto and a really special session by Sami Laiho talking about WIOSKI.

Microsoft Intune

This is going to be big for any small companies. Remember I said this. Not because I’m really into cloud computing yet but the fact that any small-midsize company can easily get a management system for their computers.

Reporting is a big part of todays security, so getting reports on how many of your computers are patched is actually a big deal.

But the thing that I liked most about Intune was the fact that the license includes a copy of Windows 7 Enterprise, and when a new Windows version comes along you have the privilege to upgrade. This will effectively give small size businesses a chance to get BitLocker in use. And from a security perspective that’s a big deal.

One of the really great things is that since the whole system operates from the cloud the systems administrator can work from anywhere.

The remote assist feature is also a part of Intune but my personal opinion is that you’d be better of with something like TeamViewer.

Intune also includes Microsoft’s Forefront Endpoint protection, so technically you could ditch your current antivirus. I haven’t tried FEP but many who have says it can actually protect your computer from the malware and viruses you throw at it.

The pricing also looks quite affordable, at 11€ / workstation / month it’s really not that bad. You get a great system and you can ditch some costs, like Antivirus licenses and you’ll cut the management costs since you don’t have to keep your own servers. And that is a cost saver for SMB’s, since they are rarely able to keep them up to date and secured properly anyway.

You can find information about Intune here http://www.microsoft.com/windows/windowsintune/pc-management.aspx

7 ways to break into Windows 7

This was a really interesting seminar, thanks to Sami Laiho and Petri Paavola for this one, these guys really know how to take an audience.

The ways they break in isn’t in any way new, most of us know that if the systems physical security is compromised in any way, you can’t trust the system anymore.

The interesting part is that with simple disk encryption, like Bitlocker, most of the hacks can be stopped.

The hacks they did were simply to replace the Sticky keys (sethc.exe), Displayswitch.exe to cmd.exe. This way when Windows boots just press Windows+P or 5xShift to get a command prompt running with system privileges. After that just use net.exe to add your administrative user and the computer is yours.

This could, as I said be prevented with BitLocker because you can’t get to the encrypted drive and modify it from WinPE or a Linux LiveCD.

Even if BitLocker is enabled there are ways in if you don’t use pre-boot PIN codes. And since central management for the PIN code isn’t available yet many haven’t  applied it. This hack was using a Linux distribution to access the computer by writing directly to the memory, using the FireWire port. The scary thing is that this isn’t something that’s only available on Windows based PC’s. Any computer that has a Firewire port activated can be hacked using the same tools.

In Windows Administrators can use Group policies to force Firewire drivers never to install but I’m not sure how to get this done in any other environment.

And if you think you’re safe because you don’t have a Firewire port, think again. There are PCMCIA cards supplying this port and any modern operating system will without a question install the drivers unless it’s denied to do so.

WIOSKI

This is basically a really smart way to run a KIOSK computer. What Sami has done is put together a bunch of scripts using only standard Microsoft techniques. It works by using two VHD’s (Virtual Hard drives). Using one differential and one master image.

Basically you first operate the master one, install anything you need and after that reboot the computer to the differential VHD. The next time the computer is booted anything on the differential drive get’s trashed.

So every reboot you have a fresh start and the computer is just as it was when the administration installed and approved it.

The installation is dead simple and the performance isn’t bad in any way since no virtualization is done.

The only downside is that the only Windows versions able to boot from a VHD file is Windows 7 Enterprise OR Ultimate. So you need a license for one of them.

Anyway, you can find the Wioski medias and a instruction video from the site http://www.wioski.com.

 

Thanks again for a great couple of days to the organizers.

Leave a comment

Windows 7 report after 4 months of use

by Mats Hellman on 18.Oct, 2009 under Windows, Windows 7

I’ve now been a Windows 7 user for little over 4 months. And I must say the ride has been a lot better than it was back in the days I tried using Windows Vista.

Primarily I’ve been using Windows 7 64-bit on my Lenovo X200s and I’m amazed how well it runs on this laptop. The Vista drivers from the Lenovo download site work well on the machine and everything, yes every piece of hardware has been working from day one. You can read about my previous experience from this post.

I’ve since updated from the Beta to RTM version and decided to do a full reinstall instead of upgrading.

Sleep and hibernate

One of the things that in earlier versions of Windows has always annoyed me was the poorly working Sleep and Hibernate functions. Sleep never worked really well before Windows 7 and Hibernate, well it worked but had it’s glitches.

Since I started running Windows 7 I seldom turn of my laptop. Sleep works so darn well and it’s blazing fast (almost as fast as OS X) to start up when you need it to. I really only do some reboots to force the laptop to talk with the company domain controllers.

Antivirus and malware

We use F-Secure in our company network and it really was unusable in Windows 7 back when I installed Windows 7 RTM. It slowed the Lenovo down to a point I just had to remove it. The laptop was more or less unusable when F-Secure Client 8.01 was installed. So I had to remove it, I can’t wait 2 minutes when login in or even longer when trying to access the corporate network using VPN, sometimes not connecting at all.

Microsoft Security Essentials to the rescue

Microsoft security essentials is the new security suite by Microsoft. It has the basic Virus and Spyware scanner. What I really like about this one is it’s light if you compare it to most other suites. It doesn’t take 70% of my memory or processing power to run. And that, to me anyway,  is just as important as being protected. Why would I want to protect my computer if it makes it unusable, the point of the computer is to run software on it to make your life easier. If the reason to hardware upgrades is your antivirus suite is using all your resources the antivirus industry has really taken a step in the wrong direction somewhere along the way.

After installing Microsoft Security Essentials the first thing I notice is how light it is, I really don’t see an performance drop at all. It has a small memory footprint and it’s fast. We’ll see how well it protects users as soon as the first really bad worm hits the fan.

Virtualization in Windows 7

This has actually been the one thing I’ve had a bad experience in Windows 7 with. I’ve hear good things about the Virtual XP, but I have no use for it. What I do use is Windows Virtual PC for testing and learning. And I had to remove it from my system and install Virtual PC 2007 SP1 due to the fact Windows Virtual PC was really really slow. One problem might be I’m running it on a laptop, but the laptop does have 4 Gb RAM and support for hardware virtualization. So for now I’m sticking to Virtual PC 2007 SP1 because it works a lot faster and I can run more virtual machines in it than I could ever dream of doing in Windows Virtual PC.

Another thing I dislike in Windows Virtual PC is the way it is set up, I like to start my Virtual PC 2007 and be able to get the toolbar for settings and have at least some control over how the program works. And to my disappointment Microsoft has  removed (or I just can’t find it) this feature from the new Windows Virtual PC.

Libraries

Here is something I like. Really like. The new libraries, I use them like crazy. It’s a really good thing I can spread out files where ever I see fit and still have them listed in Libraries. It’s also a fast way to access important data like documents, downloads, pictures or even movies. So it your not using these take a look at them try them and you will use them.

You can link basically any existing folder to your libraries and always have a fast access to that folder even if it’s stored somewhere else on the filesystem.

Conclusion

Is Windows 7 really worth the upgrade money. I’d say yes and no. If you are running Vista and you’re happy with it I se no reason to upgrade. On the other hand, if you have as many problems with Vista I’ve had Windows 7 isn’t a bad upgrade.

If you’re running Windows XP and you’re happy whit it I’d say the same thing. If you want a modern operating system with a few more bells and whistles and you feel ok to couch up some money to upgrade then it might be a good idea.

Windows 7 isn’t really a revolutionary product, it more of a evolutionary product  just as XP was for Windows 2000 (to whom ever who just almost had an heart attack, I’m not comparing 2000 to Vista). Windows 7 doesn’t bring as much to the table as it should to be a really attractive update if your current operating system fits your needs.

1 comment

Reviewing Microsoft Windows 7 on a Lenvo X200s

by Mats Hellman on 10.Jul, 2009 under Windows, Windows 7

The time has come for me to take a look at Microsofts brand spanking new operating system Windows 7. Yesterday I decided to take a look at Windows 7. Since my experience with Windows Vista hasn’t been a good one, and reading about Windows 7 has given me some hope that this might be the one to finally replace Windows XP in our corporate environment. Windows 7 is still in RC (Release Candidate) status so you should not expect a fully working operating system.

First of all I ran the Vistas answer to XP’s Files and Settings transfer wizard, the Easy Transfer. I’m used to do this with User State Migration tool but for a user Easy transfer is really what the name says, it’s easy. And the options to select what you really want migrated so you can save some space is a great new feature.

After migration I rebooted my Vista 64 Enterprise and slammed in the Windows 7 installation DVD. The installation kicks of and if you’ve done a Vista install this is no different. It’s not fast as many Linux installations but I don’t find it slow either, compared to a full Windows XP installation. After about 20 minutes I had my Windows 7 desktop in front of me. Looking at the standard desktop makes me think of KDE I’ve used so many times in my Linux computers.

Adding to domain

Next I had to add my laptop to our corporate domain, and this wasn’t a problem. I was amazed to see all our default software policies like Adobe Reader, Java, Flash and antivirus getting deployed when the computer rebooted. Wow! And everything even works. So next I imported my settings with Easy transfer and after the reboot I had my documents and settings back. Everything fine so far.

Hardware and drivers

As I said, Windows 7 is still in RC status so getting drivers isn’t a walk in the park. I also chose a not so compatible computer to install it on. I went to Lenovo’s site to get some Vista 64 drivers and they seem to work fine. My Ericsson F3507G HSDPA card works like a charm, the fingerprint reader software works and I have no exclamation marks in device manger. All to god to be true? Well actually it isn’t. I’ve been struggling with Vista for 6 months now and it has never worked as good as the RC of Windows 7. The only Lenovo software I use and can’t get working is Access connections but I’m sure a working version will soon be released.

Looks

As I said in the beginning of this post, the desktop reminds me of KDE. Any way there are some really great improvements.  The taskbar for example, programs are now organized behind their icon which results in a less cluttered taskbar. Also the function to see and select your preferred window on hovering the icon is useful.

Performance

What interested me most in all the articles I read about Windows 7 was that it performed better than Windows Vista. It does, but at standard settings the result isn’t as great as all the hyped articles tell you. It does boot a little faster and getting to the stage were you can start working doesn’t take over a minute anymore. I won’t say it’s not good because I already prefer 7 over Vista and I’ve been using it for a day now.

Security

In my quick trial with Windows 7 this is where I noticed the biggest difference. UAC was a good idea that became an annoying function in Vista. Most users probably shut it down as soon as they installed Vista, it didn’t bother me that much but compared to the way Ubuntu or OS X handles the same functions it was not good either. This has been upgraded in Windows 7, UAC doesn’t jump in your face every time you want to change something and that’s an improvement.

BitLocker

I never tired BitLocker in Vista because I always forgot to partition my hard drive to support it. I was happy to see that I didn’t have to partition my drive in the install process to get BitLocker running in Windows 7. I activated Bitlocker and the encryption process does take forever, so if your in a hurry do it later. One cool new feature is BitLocker ToGo, it supports encrypting your USB drives, and this really makes us corporate administrators sleep better at night. We can now get an easy to use encryption software out to our users and that is something I look forward to.

Conclusion

Running Windows 7 has been a good experience for me. You might argue that using Vista for 6 months can make a man weird in ways hard to imagine but Windows 7 does feel like a step in the right direction. It performs better and handles better in every way in my opinion than it’s predecessor Windows Vista. It’s been a long time since I’ve looked forward to a Microsoft OS release but this time I am.

1 comment

Advertising

Recent Posts

• Configuration Manager 2012 installation trouble
• Install Software Updates hang on Downloading update
• SCCM 2007 management point fails to install
• Setting up Windows Server DHCP for SCCM2007
• The tale of the broken hard drive

Archives

January 2012

December 2011

July 2011

May 2011

April 2011

March 2011

February 2011

January 2011

December 2010

November 2010

September 2010

May 2010

Login

Register

Log in

Browse by tags

Acrobat Active Directory Apache Apple ASP.NET CentOS Defragmentation Drivers Free Software Group policy Install iPad Linux Microsoft MSI OSX Redhat SCCM Security Service Pack 3 SSL VPN SSTP VPN Virtual PC VPN Windows 7 Windows Deployment Services Windows Server Windows Vista Windows XP WinPE

Ads

Ads