Ed Bott's Microsoft Report

February 8th, 2010

Touchscreens in the tropics: an unexpected Windows story

Posted by Ed Bott @ 8:38 pm

Categories: Hardware, Touch

Tags: Touch Screen, Ireland, Intuit Inc., PC, Touchscreen System, Keyboards, Microsoft Windows, Monitors & Displays, Hardware, Peripherals

Normally, one goes on vacation to escape from work. And for the last 10 days I’ve been doing mostly that, relaxing on the beach in Hawaii. Except for an occasional scan through my Twitter timeline and e-mail inbox, I’ve been blissfully unaware of goings-on in the greater tech world.

So it was a pleasant surprise today to encounter a relevant tech story in Paradise, one that demonstrates both the strengths and weaknesses of the Windows platform.

This morning, my wife and I were walking through the historic Royal Hawaiian Hotel at Waikiki Beach and stopped at a little shop called Hula-La. While Judy was oohing and aahing over the stylish swimwear (yes, that link is safe for work, but just barely), I was eyeing the tiny all-in-one PC on the equally tiny checkout counter. “Is that a touchscreen system?” I asked the shop’s owner. Indeed it was, and in a rare intersection of geekiness and style, owner Erika Ireland proceeded to give me an enthusiastic and unsolicited rundown on the system she was using to run the boutique.

The small touchscreen system is an ASUS Eee Top, powered by an Atom N270 processor and running Windows XP Home Edition. Ireland told me she picked it out after seeing it in operation in a local shop and then verifying its reliability and performance via online reviews.

The retail part of the package is Intuit’s QuickBooks Cash Register Plus, included as part of a bundle at Costco that included the touch-enabled software, a credit card reader, cash drawer, and receipt printer. Total price of the system, including the PC hardware? Roughly a grand.

Touchscreen point-of-sale systems certainly aren’t new, but historically they have been sold as part of expensive proprietary solutions, typically aimed at vertical markets like restaurants and hotels, and usually costing several times the cost of the system I saw here. Those dedicated systems have typically been bulky, too, built like conventional cash registers. To see this system running smoothly with low-cost, energy-efficient, svelte hardware was eye-opening. And the reason that cheap, good looking, touch-enabled hardware exists is because Microsoft made a commitment several years ago to supporting touch input on the omnipresent Windows platform. (And yes, this system would have run just fine on Windows 7.)

The one weakness that this small business’s experience pointed out was an unfortunate and inevitable by-product of the Windows ecosystem. With hardware and software from as many as a half-dozen different companies, the potential for finger-pointing is always there if something goes wrong.

And indeed, Ireland’s initial experience was less than perfect, she told me. Although setup was simple, the credit card reader refused to work properly. Intuit swapped out the reader three times, without success, and blamed it on the PC hardware. ASUS pointed the finger back at Intuit. Ireland, a lawyer-turned-entrepreneur and a self-confessed “problem solver,” finally grew frustrated with Intuit’s India-based support staff and tracked down the maker of the card reader, MagTek. A call to that company’s U.S.-based support line quickly determined that the device was transmitting data faster than the PC could process it; editing a configuration file slowed the data rate to one that worked properly. After getting past that initial glitch, the system now works smoothly.

Ironically, in the corner of Hula-la I saw a large screen TV showing off the company’s swimware line in a web browser. That TV was hooked up to a Mac Mini. It looked fabulous, but it couldn’t handle the work of running the company’s business. Sometimes the metaphors just write themselves.

If you ever get a chance to stay at the Royal Hawaiian, I heartily recommend it. And even if you’re just passing through, be sure to stop by Hula-la and tell them I sent you.

February 3rd, 2010

Will your new Windows 7 PC support XP Mode?

Posted by Ed Bott @ 11:07 am

Categories: Hardware, Virtualization, Windows 7

Tags: Notebook, PC, Microsoft Windows XP, CPU, Intel Corp., HAV, E5300, Microsoft Windows 7, Microsoft Windows, Cloud Computing

Last May, a few months before Windows 7 was released to manufacturing, I looked at the then-current crop of CPUs available for business PC buyers and identified a potential sticking point: Some of the most popular Intel CPUs available at the time didn’t support hardware-assisted virtualization (HAV). That made them incompatible with the newly announced Windows Virtual PC and Windows XP Mode, a crucial compatibility feature in Windows 7. (For details about Intel CPU support, see “How many Intel CPUs will fail the XP Mode test in Windows 7?” For a closer look at Windows XP Mode, see this video demo.)

The problem is that Windows Virtual PC requires hardware-assisted virtualization (Intel VT for Intel CPUs, AMD-V for AMD processors). And the late-2008/early-2009 CPU lineup from Intel was notoriously inconsistent in its support for VT.

So, is that issue still a sticking point for corporate customers considering a Windows 7 upgrade in 2010? My quick survey of the current PC market says you’re much less likely to run into virtualization problems today, but at most online shopping sites you’ll have a hard time finding details about virtualization support for specific models. Here’s a recap:

Read the rest of this entry »

February 1st, 2010

Can Microsoft close the app gap with Apple's iPad?

Posted by Ed Bott @ 10:50 am

Categories: Apple, Tablet PC, Touch, Windows 7

Tags: PC, Tablet PC, Apple Inc., Microsoft Corp., App, Internet Explorer 8, Office 2010 Beta, IE8, Tablets, Desktops

Update 1-Feb, 3:30PM PST: See corrections below regarding Media Center support.

I’ve owned a Tablet PC for roughly seven years, nearly as long as they’ve been around. In fact, I’m composing this post on a Dell Latitude XT2 running Windows 7. That hardware/software combo supports multi-touch in addition to accepting input from a pen. So when Apple announced the iPad last week, I looked at it from a slightly different perspective than most. It’s clear that Apple has also been looking carefully at the technologies that Microsoft has been refining for the past decade, and I can confidently predict that Apple will do a much better job of implementing those features than any of Microsoft’s partners have done so far.

Why? Because Apple understands something that Microsoft has yet to figure out: Apps matter. Nearly eight years after its introduction, the Tablet and touch technology in Windows is nothing short of spectacular, especially the parts that recognize handwritten input. And yet it’s still nearly impossible to assemble a full suite of Windows apps that were designed to work well on a touch-enabled PC.

In a few months, when iPads are actually shipping, we’ll all be able to compare the two platforms for ourselves. Meanwhile, we can look at what Apple has announced and what it has already accomplished with the iPod Touch and iPhone and make some pretty easy projections. I certainly hope that Microsoft and its partners are already doing exactly that.

Read the rest of this entry »

January 26th, 2010

Unlock thumbnail previews for Firefox 3.6 on Windows 7

Posted by Ed Bott @ 8:54 am

Categories: Firefox, Tips, Windows 7

Tags: Mozilla Firefox, Microsoft Windows 7, Web Browsers, Operating Systems, Microsoft Windows, Software, Internet, Ed Bott

Firefox users, if you’re running the most recent release on Windows 7 you need to make a tiny tweak to your browser’s configuration. Some early adopters wrote about this topic back in November, in conjunction with the 3.6 beta release (The How-To Geek and Download Squad, for example). But I haven’t seen this mentioned much since the official release of Firefox 3.6 a few days ago, so here’s an update and a quick tutorial for those who bypassed the beta.

By default, Firefox shows a single thumbnail when you hover the mouse pointer over its icon in the Windows 7 taskbar with Aero enabled. Here’s what it looks like:

The problem is, this particular Firefox window actually contains four open tabs, and it could contain dozens. It sort of defeats the purpose of the Aero preview feature if you have to open a window before you can scan which browser tabs you have open. IE8 does it right, showing all open tabs in thumbnail previews when you point to its icon. So how do you add the same feature to Firefox 3.6? Simple:

Read the rest of this entry »

January 25th, 2010

A fast fix for IE8 crashes, slowdowns

Posted by Ed Bott @ 5:30 am

Categories: Adobe, Internet Explorer, Tips

Tags: Adobe Systems Inc., Macromedia Flash Player, Microsoft Internet Explorer, Add-on, Web Browsers, Internet, Ed Bott

Is Internet Explorer 8 acting sluggish or crashing regularly? The problem might be a corrupted add-in. And one of the most likely candidates is the widely used Adobe Flash Player. In this post, I’ll explain how you can troubleshoot IE8 performance issues by completely removing the Flash Player and temporarily disabling all other add-ons.

Updating the Flash Player is also a great way to ensure that you’re running the latest version of the Flash plug-in. That’s a crucial step in making sure you’re protected from the many security holes that have plagued this omnipresent add-in.

Here are step-by-step instructions for how to get Flash absolutely up to date. Read the rest of this entry »

January 22nd, 2010

Will switching from Internet Explorer make you safer?

Posted by Ed Bott @ 3:47 am

Categories: Internet Explorer, Security

Tags: Google Inc., Attacker, Vulnerability, Microsoft Internet Explorer 6, Microsoft Internet Explorer, Microsoft Corp., Web Browser, Exploit, Attack, Microsoft Windows

The panic over this month’s wave of targeted, zero-day attacks against Google, Adobe, and other companies is over. Microsoft has released a security update for Internet Explorer that patches the underlying vulnerabilities, and everyone can breathe a sigh of relief.

But what does this episode say about Internet Explorer? I’ve seen several pundits argue that Internet Explorer is inherently unsafe. I think they’re overreacting. Yes, there is a case to be made for using a different browser, especially one with a lower market share that is targeted less frequently than Internet Explorer. (And if you’re too impatient to read this entire post, then skip to the last page for that discussion.) But it’s also true that switching browsers is a small part of a comprehensive, defense-in-depth security strategy.

One thing’s for certain: Changing browsers isn’t a magic bullet, and it might not have made a difference in this case, as I explain in this post.

First things first: How do I protect myself from becoming a victim of this exploit?

Read the rest of this entry »

January 19th, 2010

Microsoft confirms plan to release out-of-band IE update

Posted by Ed Bott @ 12:05 pm

Categories: Internet Explorer, Security

Tags: Microsoft Internet Explorer, Microsoft Corp., Data Execution Prevention, Web Browsers, Security, Internet, Ed Bott

Update 21-Jan 11:00AM PST: Security Update MS10-002 is now being delivered via Windows Update and WindowsSoftware Update Services. It is also available for manual download and installation. For details, read Microsoft Security Bulletin MS10-002.

Update 20-Jan 10:20AM PST: Microsoft’s advance notification for this security update is now available. The update itself will be delivered tomorow, January 21. According to a Microsoft spokesperson, “This is a standard cumulative update, accelerated from our regularly scheduled February release, for Internet Explorer with an aggregate severity rating of Critical. It addresses the vulnerability related to recent attacks against Google and a small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicized.”

Microsoft has also updated its Security Advisory to address recent reports of exploit code (created by securit researchers) that is capable of bypassing Data Execution Prevention (DEP). Preliminary investigation suggests that the technique might be effective on Windows XP but will be more difficult to exploit on Windows Vista and Windows 7 because of an additional security feature, Address Space Layout Randomization (ASLR), available in those platforms.

I just spoke with George Stathakopoulos, General Manager of Trustworthy Computing Security at Microsoft, regarding the ongoing security issue affecting Internet Explorer. (For background, see my earlier post, It’s time to stop using IE6. For an update on the vulnerability and its impact, see this Zero Day blog post from ZDNet’s Ryan Naraine.)

According to Stathakopoulos, a security update for all versions of Internet Explorer will be released “out of band” - that is, earlier than the next regularly scheduled update cycle on Patch Tuesday, February 9. The update is currently undergoing testing, and Microsoft expects to announce a release schedule tomorrow, January 19.

Separately, Gregg Keizer at ComputerWorld reports that French security researchers claim to have circumvented the Data Execution Prevention security feature and executed their own exploit code on Internet Explorer 8 with DEP enabled. A Microsoft spokesperson says they are investigating those claims and “will take appropriate action to help protect customers.”

Stathakopoulos reiterated that Microsoft so far has seen only “very limited and targeted attacks” and confirmed that the only successful attacks have been against IE6.

I will update this post when further information is available.

January 16th, 2010

It's time to stop using IE6

Posted by Ed Bott @ 5:30 am

Categories: Internet Explorer, Security

Tags: Microsoft Internet Explorer 6, Microsoft Internet Explorer, Web Browsers, Microsoft Windows, Security, Internet, Operating Systems, Software, Ed Bott

If your organization is still using Internet Explorer 6 on Windows XP, just stop. Stop it now.

The marketplace is filled with credible alternatives to IE6, including Mozilla Firefox and Google Chrome. If you need to use Internet Explorer because it’s required for compatibility with specific websites or apps, you have alternatives from Microsoft itself. IE6 was replaced with the newer, more secure Internet Explorer 7 in October 2006, more than 40 months ago. And Internet Explorer 8 was released in March of 2009, nearly a year ago. Both browsers have large improvements in usability, including tabbed browsing, but their biggest selling point is security.

Any IT professional who is still allowing IE6 to be used in a corporate setting is guilty of malpractice. Think that judgment is too harsh? Ask the security experts at Google, Adobe, and dozens of other large corporations that are cleaning up the mess from a wave of targeted attacks that allowed source code and confidential data to fall into the hands of well-organized intruders. The entry point? According to Microsoft, it’s IE6:

At this time, we are aware of limited, targeted attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other versions of Internet Explorer.

[…]

Newer versions of Internet Explorer and later Windows releases are at reduced risk to the exploit we have seen due to platform mitigations explained in the blog post below.

Under the “Mitigating Factors” heading, the Microsoft Security Response Center specifically notes that the exploit used in this case does not run under IE7 and IE8 in Windows Vista or Windows 7. You’ve got one extra layer of protection if you use IE8, even under Windows XP Service Pack 3, thanks to Data Execution Prevention, which is enabled by default.

The accompanying blog post from Jonathan Ness of the Microsoft Security Research Center Engineering group is even more blunt:

I want to make one thing perfectly clear. The attacks we have seen to date, including the exploit released publicly, only affect customers using Internet Explorer 6. As discussed in the security advisory, while newer versions of Internet Explorer are affected by this vulnerability, mitigations exist that make exploitation much more difficult.

If your organization is still forcing you to use IE6 on Windows XP, send this blog post to your CEO, your CIO, and every member of your company’s Board of Directors. Be sure to include this graphic:

Yes, this vulnerability will be patched, probably within days. But the next one is just around the corner, or perhaps an exploit is being deployed right now. In 2010, with multiple alternatives available, there is no excuse for continuing to use an insecure Internet infrastructure.

IE6 users, it’s time to move on. Your IT staff has had more than three years to come up with alternatives to IE6. If they can’t handle it, maybe it’s time to replace them, too.

January 12th, 2010

94 more secret Windows shortcuts

Posted by Ed Bott @ 6:25 pm

Categories: Windows 7

Tags: Profile, Folder, Shortcut, SendTo Folder, Microsoft Windows, Operating Systems, Software, Ed Bott

Last week the blogosphere went temporarily insane over a simple GUID that displays a list of Control Panel shortcuts. It’s not even close to deserving the “God mode” label, but I’m still hearing about it. As I noted in response, that’s only one of 39 GUID shortcuts available in Windows 7. But even those are esoteric and mostly of interest to programmers and geeks.

But there’s another, much larger class of well-hidden Windows shortcuts that are useful to everyone, not just techies. I dug through my notes for Windows 7 Inside Out and found a treasure trove of information about these shortcuts. They wound up on the cutting-room floor for that first edition, but are scheduled to be in the expanded second edition in a year or so.

The shortcuts I’m referring to involve the shell command, which is curiously undocumented in the Windows 7 Help files or on Microsoft’s web site. The idea is to give Windows programs and users access to common locations using the Windows shell, Windows Explorer. The syntax is simple—you type shell, followed by a colon and the name of the shell folder location. That list of folder locations is hard to memorize, with lots of inconsistencies especially in regard to spacing. For example, the shell shortcut for the shared Downloads folder is shell:CommonDownloads, whereas the equivalent shortcut to the shared Documents folder is shell:Common Documents. And the command will not tolerate typos. If you add a space in the former or leave out the space in the latter, the shortcuts won’t work. The good news is that these commands are not case-sensitive, so you can ignore the sometimes odd capitalization.

Despite the syntactic challenges, these shortcuts are very useful for some tasks. They’re especially good for fast typists who don’t want to move their hands from the keyboard to do a bunch of mouse movements. If that’s you, tap the Windows key to open the Start menu with the insertion point already positioned in the Search box. Then type shell: followed by the location.

I’ve broken the full list of 94 shortcuts into four groups, each with its own page. If you want to dive right in, here are the links to click. But I suggest you keep reading for some examples of shortcuts that I find worth memorizing.

Note that many, but not all, of these shortcuts work with Windows Vista, and a smaller subset work with Windows XP. For this post I assume you’re using Windows 7.

• Page 2: Folders from current user profiles Use these Shell shortcuts for fast access to data stores in the currently logged-on user profile and the shared Public user profile.
• Page 3: Other interesting per-user folders These shell: commands help you get to collections of user data outside of your visible user profile.
• Page 4: Virtual folders and Control Panel shortcuts Windows Explorer is capable of displaying all sorts of data from folders that can’t be reached by starting at a drive letter.
• Page 5: System and per-machine folders These locations contain data that is available to every user.

The following list includes my favorite Windows shell shortcuts, those that I use regularly:

shell:Profile
This opens your user profile folder (on a default installation, you’ll find this at c:\users\username). You can get the same results by clicking your account name at the top of the Start menu’s right column. This location is also accessible via the environment variable %userprofile%.

shell:Personal
Typing this command takes you straight to the Documents folder in your user profile. You can reach the same destination by clicking the Documents shortcut on the Start menu’s right column.

shell:SendTo
This one solves a real usability problem for Windows users who are used to running with hidden files visible. If you look in your user profile folder, you’ll see a normally hidden SendTo shortcut. But clicking that shortcut displays this error message:

That’s because this shortcut is actually a junction, created for backwards compatibility. The real SendTo folder is several subfolders deep in your profile’s hidden AppData folder. After you use the shell command to open this file, you can add shortcuts that appear on the Send To menu when you right-click a file or folder. Add a shortcut to your favorite text or hex editor and you can view any file by sending it to that shortcut with a right-click.

shell:Public
Use this command to open the default collection of shared folders on your machine. If you use Homegroups, these folders act as dropboxes for shared libraries on your system, and this is an easy way to see (and search) their contents in one window.

shell:Common Startup and shell:Startup
Which shortcuts are loaded automatically when you start Windows? Program installers often create a shortcut that run automatically at startup. Some even offer the choice of running for just your account or for all users. You’ll find these shortcuts in two separate Startup folders, one buried deep in the hidden AppData folder of your user profile, the other in the hidden ProgramData folder, which is in the root of your system drive.

shell:ConnectionsFolder
This might not be the most elegant way to get to the Network Connections folder, but it’s definitely faster than the official path. Without this trick, you have to stumble to the Network and Sharing Center, then click Change Adapter Settings in the navigation pane.

shell:Programs and shell:Common Programs
These two folders (from your personal profile and the ProgramData folder, respectively) combine to create the All Programs list on your Start Menu. The mouse-driven alternative is to click the Start menu, right-click All Programs, and choose Open (for your profile) or Open All Users (for the much more densely populated list available to any user account).

shell:AppData and shell:Local AppData
These shortcuts open the Roaming Application Data and Local Application Data folders, respectively. In everyday use, you don’t need (or event want) access to these folders, but knowing their whereabouts is handy when you want to work directly with saved settings for a program. You’ll find Firefox and Thunderbird user profiles here, and most e-mail programs (including Outlook and Windows Live Mail) store the files containing saved messages and contacts here as well.

shell:Cookies and shell:cache
These shortcuts are, without question, the fastest way to see information saved by Internet Explorer. The first shortcut lets you inspect and manage saved cookies; the second opens the Temporary Internet Files folder. The alternative involves much spelunking through the Internet Options dialog box and is not recommended for long-term sanity.

Want to see the entire list? Click that link on the right.

Page 2: Folders from current user profiles –>

January 8th, 2010

The ultimate 'God Mode' list: 39 secret Windows 7 shortcuts

Posted by Ed Bott @ 6:02 am

Categories: Windows 7, Windows Vista

Tags: Shortcut, Microsoft Windows 7, Microsoft Windows, Operating Systems, Software, Ed Bott

For some reason that only the gods of the blogosphere can explain, an old Windows trick took on new life this week. If you create a new folder using an arbitrary name, followed by a period and the GUID {ED7BA470-8E54-465E-825C-99712043E01C}, you end up with a categorized list of Control Panel tasks. As I explained last weekend, there’s nothing new or hidden in this list, but calling it “God mode” seems to have given this tip wings. Even Steven Sinofsky got into the act, sending a list of 15 additional GUID-based shortcuts to my colleague Ina Fried at CNET.

So, that must be it, right? If Sinofsky has spoken then surely there can’t be any more.

Ha. I had compiled a list of these shortcuts for use in Windows 7 Inside Out but cut this section for space reasons. (It is slated to appear in the Deluxe edition, due next year.) I found that list the other day and just finished testing all of these shortcuts on a pair of clean Windows 7 installations. Here, then, is my Ultimate List of ‘God Mode’ shortcuts for Windows 7.

As with the other shortcuts, the process of turning one of these GUIDs into a shortcut that opens a shell folder or Control Panel item is straightforward. Start by right-clicking any empty space on the desktop or in a folder. Right-click and choose New, Folder. Type the name you want to appear under the shortcut, followed by a period and then the GUID shown in the list here, complete with curly braces on either end. Press enter and voila, you’re done.

I’ve divided the list into two groups:

• 14 GUID shortcuts that work only in Windows 7 (or later)
• 25 GUID shortcuts that work in Windows Vista and Windows 7 (or later)

Sorry, XP users, you’re out of luck.

Update: For those who are wondering how to make use of these shortcuts, here’s one trick I use. Create a shortcut in your Documents folder or on the Desktop. Call it something distinctive, like My Custom Control Panel. Now create a handful of GUID-based folders in here for the Control Panel shortcuts and shell folders you use most often. When you open that folder, you’ll see only the items you want, with no additional clutter. Unlike standard shortcuts, there’s no little arrow on the icon, and the Address bar always allows you to go right back to your custom folder. If you drag that icon onto the Start menu or onto the Taskbar’s icon, you can pin it for quicker access.

‘God mode’ shortcuts for Windows 7 only –>