Blog Archives

Performing a Clean Windows Install …

without losing your files, settings and tweaks.

The key lies in preparation.  Here a couple of things you want to do:

Image representing Windows as depicted in Crun...

Image via CrunchBase

First make sure you know what current programs you want to re-install.

Before you do anything else, it’s handy to have a list of all your currently installed programs so you know what settings to back up, and which programs you want to reinstall later on.

Next backup …

Windows settings

Back up any Windows settings you can so you don’t have to do too much tweaking after you reinstall. The best way to do this is with Windows Easy Transfer, Windows’ built-in migration program for just such occasions.

Documents and files

Just copy these to an external drive or move them with Windows Easy Transfer as described above, though if you back up your computer regularly (which you should), you can always just restore them from your backup later on as well.

Then after completing the Windows re-install it’s time for the restore process.  Basically it’s the opposite of what you did during the backup process.  However what you may not have known is that there are tools out there that can help make re-installs of applications quick and easy.  Keep in mind though that these tools won’t have all the programs you want to re-install.

Ninite

Just check off all the programs you want, and Ninite will create an all-in-one package to install them in one fell swoop.

Chocolatey

 If you’re more of a command line geek, Chocolatey is a handy utility that brings Linux-style package management to Windows. With a few well-placed commands, you can install a ton of programs at once, bypassing the need for all those separate installers.

Portable Apps

Portable apps essentially let you carry all your programs and settings over to another computer with no installation required. You’ll still have to search out each app yourself, but after you do it once, you’ll never have to do it again—every clean install from here on out will be much quicker because you’ll already have half your apps ready to go.

Head over to the source for all the details involved with performing a clean install of Windows.

 

The long life and slow death of the virtual server

A drawback of the virtual machine world?

Back before we spun up VMs on a whim to handle whatever application or platform we needed, every deployment was painstaking and time consuming. These servers would be carefully built by installing the OS from the ground up, tweaking the BIOS tweaks, installing drivers, and laying the applications or frameworks over all of above. We would back up that server to tape and hope the server would reach hardware obsolescence before it broke down.

In either case, the server that replaced this physical server would almost certainly be different, and the notion of restoring the bare-metal backup on a new physical server often meant more work than just starting fresh on the new hardware. This was especially true for Windows servers. Starting anew was a good way to clear out the cruft of years of operation and begin again with a blank slate.

In the world of server virtualization, the day for the organic refresh never arrives. Virtual servers don’t break down. They don’t become obsolete. They simply keep going, while the physical hardware cycles underneath them throughout their existence. In fact, the only reason to rebuild on a new VM is if the OS vendor has stopped supporting that version and there are no more security updates to be had. Even then, you’ll find a great many instances where that VM will continue to run forever or until it becomes compromised.

Paul Venezia makes some very interesting points.  Read the rest: The long life and slow death of the virtual server | Data Center – InfoWorld.

Why did Microsoft scrap the start button in Windows 8?

An interesting change:

Of all the confounding changes made in the latest Windows 8 consumer preview, few upset people quite as much as .

But what hasn’t been clear is why Microsoft removed the feature, which has been a central pillar of Windows for over a 15 years.

The answer might be obvious: People weren’t using it. In an interview with PCPro, Microsoft program manager Chaitanya Sareen said that as users began pinning more applications to the taskbar, start button usage took a major hit. Instead of going to Start menu to access applications, users were just clicking shortcuts. The taskbar was just too fast and convenient.

Find out what Microsoft put in it’s place:  Why did Microsoft scrap the start button in Windows 8? People weren’t using it | VentureBeat.

New Zero-Day Vulnerabilities

in Adobe Flash Player.

English: Logo for Adobe Flash Player

Image via Wikipedia

When it comes to malware exploits, Adobe’s Flash and PDF software can’t seem to catch a break recently.

Recently a vulnerability was found in both Mac and Windows versions of Adobe’s Acrobat and Reader products that could allow an attacker to crash the programs and gain control of the system. So far only attacks on Windows machines have been found, but Mac systems could be affected as well.

Now two similar vulnerabilities have been found in Adobe’s Flash Player, which likewise could result in arbitrary code being executed on the system.

The flaws were found by a Russian vulnerability research company and advisories have been issued.  So what is the vulnerability?

Apparently the vulnerability bypasses antiexploitation features in Windows such as DEP and ASLR, and can get around the Internet Explorer sandbox (there is no information on how other browsers handle the issue).

While Intevydis has so far shown the exploit on Windows machines, apparently it works in OS X as well.

The vulnerability, as of December 9, had only been partially addressed by Adobe.

So far Adobe has only addressed these exploits for version 9.x of its Reader and Acrobat products for Windows; fixes for the other versions are due in about a month’s time. Adobe has not yet issued a response to the current findings regarding Flash Player.

If one heavily  utilizes Adobe Flash Player, it may be wise to find an interim alternative to block unwanted Flash considering this:

Unlike malware that is directly downloaded to a system and scanned, these malware attempts run through the Flash Player or Adobe Reader programs themselves, making it harder for malware scanners to detect them.

So should Adobe be moving faster to address this issue or is the risk overstated?

Enhanced by Zemanta

Easy Ways To Remove Windows Bloat

Bloat.  It’s something that constantly needs to be dealt with on a Windows-based computer.  Unless you want it to run slow.  For some savvy computer users it may be an option to just re-format the hard drive and start from scratch with a fresh OS.  But for most that isn’t a convenient option.

Here are a couple easy ways to take care of that Windows bloat that invades after just a few weeks.

A lot of these apps and methods highlighted do pretty serious things to your computer, so I hope it goes without saying that you should have a full bootable system backup before attempting any of them. You have been warned!

Remove Windows Features You Don’t Need

Windows is a massive operating system, with an array of features and processes that the majority of us simply don’t need. Luckily, Windows makes it relatively easy to turn features on and off.

Just go to Control Panel -> Programs -> Turn Windows Features On or Off.

Uninstall Old Apps

This might seem obvious, but uninstalling apps we no longer use is a sin that can pass even the best of us by sometimes. Head to Control Panel -> Uninstall a Program and see what useless apps are lurking within.

Go to the source to learn more ways to “speed up” your computer by removing the dreaded Windows bloat.  You’ll also find some alternative tools for uninstalling applications.

Enhanced by Zemanta

 

Microsoft a leader …

Microsoft Co. Ltd.
Image via Wikipedia

in security?

Talk about a turnaround. It’s always hard to recognize the larger, slow-moving paradigm shifts as they happen. But after a decade of bad press regarding its commitment to software security, Microsoft seems to have turned the tide. Redmond is getting consistent security accolades these days, often from the very critics who used to call it out. Many of the world’s most knowledgeable security experts are urging their favorite software vendors to follow in the footsteps of Microsoft.

Haters will always continue hating, but the technical press is giving a lot of favorable coverage to Microsoft’s successful efforts to make itself a computer software security leader.

It isn’t just press talk alone. Every common security and vulnerability metric shows Microsoft’s software security has dramatically improved over the years, especially compared to its main competitors. Vulnerabilities found by employees and external researchers are down well over half from just a few years ago. For some products, such as IIS and SQL Server, the improvement is startling, going from dozens of exploits a year to barely a handful over five years.

Hackers have moved on from focusing on Windows holes to attacking third-party applications or social engineering the end-user as the primary attack vector. Patch Tuesday was derided when it first appeared. Now it has become a model for many other popularly attacked products, and vendors not using a regularly scheduled patch period are being asked to get on board by their customers.

Sure, Microsoft still has its share of critics, and it has a long way to go before it is done, but it’s hard to argue that the company has not made significant progress.

The reason for the turnaround?

Although there are many factors to its success, including better patching, host-based firewalls, and increased responsible disclosure, the lion’s share of the success belongs to its dedication to Security Development Lifecycle (SDL) processes. Microsoft is being touted more and more frequently, even by people who otherwise would claim to hate Microsoft, as a programming security model to follow.

And those documents and tools are free!

But the best part is that most of the tools and thousands of pages of information that Microsoft used to turn itself around are freely available to anyone. They can be used by you and your company to create more secure software. You don’t have to reinvent the wheel or discover the secrets of secure coding on your own. Microsoft is pretty far along in the maturity of their SDL model, and you can benefit from the policies, standards, and procedures it has developed. Instead of guarding this know-how as a secret competitive selling point, Microsoft is inviting everyone to participate. After all, a stronger, more secure computing ecosystem benefits everyone. (Source: Pigs fly! Microsoft leads in security)

Now after you’ve overcome the shock of Microsoft being a security leader, go to the SDL resources page.

Reblog this post [with Zemanta]

Phishing attack targets …

microsoft outlook logo
Image by adria.richards via Flickr

Microsoft Outlook users.

Trend Micro is warning about a phishing attempt that targets users of Microsoft Outlook.

The phishing e-mail arrives in Outlook e-mail in-boxes and looks like it comes from Microsoft. It prompts recipients to reconfigure their Outlook by clicking on a link that leads to a Web site that asks for an account name and password, as well as mail server information, according to the TrendLabs Malware Blog.

By getting the mail server information, the phishers would get total access to the Outlook user’s account and be able to read e-mails and use it to spam others, TrendLabs said. (Source: Microsoft Outlook users targeted in phishing attempt)

In other words use caution and don’t click anything without highlighting the link to see where it goes.

Reblog this post [with Zemanta]
%d bloggers like this: