Vol. 20, #13 - March 30, 2015 - Issue #1023
Antivirus software: who can you trust?
- Editor's Corner
- Ask Our Readers - Microsoft licensing question
- From the Mailbag
- Antivirus software: who can you trust?
- Comparing cloud archiving solutions
- Bruteforce attack on an Apple iOS lockscreen
- Search engine weirdness - Bing vs Google (for Aussies)
- Surfing the Web with a Macintosh Plus
- Send us your feedback
- Recommended for Learning - Free ebook!
- Microsoft Virtual Academy
- Quote of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- This Week's Tips
- More drag-and-drop Outlook tips
- Best keyboard shortcuts for Microsoft Office
- Suppress confirmations when running PowerShell commands
- Events Calendar
- Webcast Calendar
- Register for Webcasts
- Tech Briefing
- Amazon AWS
- Enterprise IT
- Microsoft Azure
- Windows PowerShell
- Recommended TechGenix Articles
- Recommended articles from websites in TechGenix Network
- Windows Server News
- Taming the multi-cloud beast
- So, you're done virtualizing. Now what?
- Where's your desktop? Defining VDI and DaaS
- Which vSphere virtual switch is the best fit for you?
- WServerNews FAVE Links
- The World's Fastest Juggler - Soslan Suanov
- OK Go - Chinese Furniture Store Commercial
- Akira Kurosawa - Composing Movement
- 'House Of The Rising Sun' - The Animals - 1964
- WServerNews - Product of the Week
- Deep Packet Inspection for Quality of Experience Monitoring
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
In this week's newsletter we ask the question: How well can you trust the antivirus software you use in your company? We'll also examine cloud archiving solutions, a new brute force attack against locked iOS devices, why Your Editor is getting tired of Bing, and what it's like surfing today's Web using an old Mac Plus. Plus we have some tips on Microsoft Outlook, Office, and PowerShell. And lots more feedback from readers on the topic of PC failure rates and how to mitigate them. All this and more in this week's issue of WServerNews.
Ask Our Readers - Microsoft licensing question
While one should normally ask the vendor representative when it comes to licensing questions, sometimes you get different answers from different so-called experts on product licensing. So we're tossing out this question we received from reader Jeff Magee to see if anyone in our community can shed any light on the matter:
Hi – I've been given the run-around by Microsoft on what I thought would be a simple question without need to cough up a credit card for an answer.
I am working on an installation of a Ruckus based wireless network for one of my clients. The folks at Ruckus seem to be stumped since we've gone from Linux based FreeRadius to Windows 7 FreeRadius and now to a Windows 2012 server based Active Directory based authentication model. The site has a visitor database of about 250,000 possible users and the controller needs to authenticate the users from AD (in this latest iteration) but never more than about 1,500 users at any one time. The only device that will ever connect to the server is the Ruckus controller to verify user/password.
A TechNet blog post seems to say that only devices that actually use the server software or a service requires a license. The end user device (phone/tablet/laptop) isn't using any DNS/DHCP/AD/file shares on the server and in fact will never know a server exists on the back end. Do the end user devices require a license? Obviously we wouldn't use the W2012 server for AD authentication if that is the case as the cost would be astronomical.
Got any suggestions for Jeff? Email us at [email protected]
Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]
From the Mailbag
One of our items in Issue #1020 Worse than Superfish? was "Ask Our Readers: PC failure rate" where a reader named Tom told us that he was interested in knowing what other readers of our newsletter have to say concerning the failure rate of desktop and laptop computers. We then published some of the reader feedback we received on this topic in Issue #1021 Reader Feedback: PC failure rate. Since then we've received lots more feedback on this topic, so we're sharing a selection of it in this week's Mailbag.
To start things off, a reader named Tim who is a CTO of a company said:
Regarding Mark Douglas's comments on PC failure. I have been building and maintaining corporate infrastructure for close to thirty years, and my experience show that with the exception of infant mortality or DOA, and Mark's burn in process will catch that, issues virtually all PC failures are traceable to two component engineering issues that present a failure cascade.
1. Moving parts. Whether its disks or fans or head actuators, if it has motors and bearings they will eventually fail. Better quality ones will last longer and you get what you pay for. Items I stay away from at all costs are consumer grade hard drives, and cooling fans of any sort that have sleeve bearings. These crappy little devices feed in to the cascade of failure by failing at some point to keep other items cool, and all electronic hardware engineering is dependent on power budgets and thermal budgets. Failed cooling is the root cause of much of the rest of the problems. An engineer who designs with adequate safety margin on components, voltage ratings, and thermal derating has a better chance of a long life product, but it can all depend on capabilities of a cheapie cooling fan that forces good components outside their design margins. This feeds directly into Item 2.
2. Power supplies which is where the rubber meets the road, or electrons hit the copper. Virtually all power supplies today are switch mode devices that are dependent on temperature sensitive power switches and regulators as well as passive components that all have thermal degradation issues if they are not kept inside design temperatures. Do that job with a crap fan and a lousy ventilation path and all bets are off. That's the start of the fail cascade. The second stage is that all the critical voltages from that power supply are controlled by regulators that are themselves temperature sensitive, and when they get outside of design temps so do the supplied voltages. That's the third stage of failure when the mobo components are laboring under out of boundary voltages or currents. The last stage is the outright failure mode of many switching supplies which is a coin toss whether the switch component fails open in which case is a certain voltage is no longer supplied, or the worst case, it fails closed and everything downstream gets hit with much more than it was designed for. Did it "just quit" or does it smell bad too?
The place to do PM is power supplies, cooling and airflow. Do these right and everything else will probably live within the design envelope. This is edited on my 2009 vintage PC on its second top quality ball bearing fan cooled power supply after 6 years of 24/7/365 service. Last comment, buy the good ones with thermal fusing that are guaranteed to fail open instead of cheapies that can fail to a short and your mobo and components will live to serve under a new power supply!
Clare from Waterloo, Ontario, Canada shared the following:
It is interesting to see people are experiencing such high failure rates on quality machines. I install ONLY Acer Veriton systems for my business clients. One office has 40 PCs and 3 servers in house (2 acer and one HP) the other has about 50 PCs and 2 servers. The servers are new and about 17PCs are brand new Acers, the rest an assortment of Del Vostro, MDG, local clones, and about 33 old Lenovos.
In the first office(a large insurance brokerage) we try to keep the computers under 7 years old, and I have had a total of 3 hard drive failures, and 4 or 5 powersupplies fail over the last 4 years. I currently have one failing motherboard (about 6 popped caps) on a computer that is overdue for replacement (installed 07/07) The servers are 5 and 6 years old and I have replaced 4 out of 6 hard drives (in Raid 5 set). NONE of the PC failures have been within the first 2 years, 2 hard-drives have been covered by warranty. The server drives were all under warranty.
At the second customers (a manufacturing facility), we replaced dumb terminals in the plant with used Lenovo PCs almost 5 years ago. Most were 486 xp systems purchaced used from a discounter and were 4 or 5 years old when purchased ($99 each with Kbd, Mouse, and WinXP Pro) We are now seeing a high failure rate on the 486 machines, with capacitors popping left right and center. The Pentium Dual Core units we bought on the second round (to complete the changeover and for spares) have been standing up quite well. We had some DOAs, but otherwize they've been pretty good. These systems are 9 years old and older. The non Acer PCs were all installed before I started looking after them - most were less than 3 years old so are approaching 5-8 years of age. About half a dozen or so have failed totally in the last 18 months, and many of the others have slowed down significantly (some due to bad caps) - and switching to Windows 7 from XP has initiated the change-over of the rest of the systems (mostly Pentium Dual Core and Core2 Duo processors) I've changed a few hard drives and power supplies on these older machines over the last 4 years or so. One server was DOA.
Of my smaller clients, I have had one DOA, about 2 power supplies and 2 or 3 hard drives over the last 9 years on the Acers, and yes, some of te first Acers I sold are still in service. Previous to selling Acers I sold locally built higher quality clones from 2 suppliers with spotty results (and no consistency in product)
Since the defective capacitors have worked their way out of the supply chain, PCs are pretty reliable - particularly "professional" quality brand name (Acer in particular) systems - and I won't sell anything else.
Antonio, a reader from Sydney, Australia commented as follows:
I cannot agree with Mark Douglas on 'Cheap systems usually do not get past 4 years service unless they are rarely used, powered down most of the time'. First of all, how does he define whether a system is cheap or not? Are customer systems from Lenovo, HP, Acer or ASUS cheap? Or all systems less than A$500 is cheap? My employer manages 2000+ desktop and notebook systems from Lenovo and Acer. Most systems are less than A$500 and most have life for as long as 6-8 years. Most of the repairs are hard drive related.
I also built my home computers and for my friends. At least my computers are being used everyday, and none of them fails within that 4 years period. I have been looking forward to upgrade to newer systems for a long time and they simply just won't break, not even my hard drives.
And finally a reader named Jeff who works in the US government said:
I suggest to your readers that appreciate reliability over a "so called" bargain to looking into the following:
1. Power supplies Energy star rated that are over 80% efficient.
2. Solid State Drives (SSD) that are 2 million hours Mean time between failures (MTBF) not the old 600.000 hour specifications. This can cut your hard disk failure rate in half, not to mention the performance improvement.
3. Displays built from Gorilla Glass that lowers failure rates from broken displays.
Those of you who do not appreciate reliability should have a good backup of your data on a USB drive or server. When will you learn, some are still in the school of hard knocks? I also laugh at those that call PC's a commodity in light of these differences.
If any readers have more to say on this topic you can email us at [email protected]
And now on to this week's main topics...
Antivirus software: who can you trust?
Antivirus software is one of the key parts of any defense-in-depth strategy for protecting the client and server systems your business relies on. But what if the antivirus software you've deployed in your environment may not be trustworthy? You may have already heard how Kaspersky Lab has reported finding evidence that the US National Security Agency (NSA) might be involved in the development and release of malware. Wired magazine first on this here:
Ars Technica went into more detail about it here:
and then announced a few weeks later that a new smoking gun had been found:
The Register then picked up the story:
But now Bloomberg has challenged the story by alleging that Kaspersky Labs has been ignoring problems in their own back yard:
The Bloomberg article appears to allege that as a result of recent staff changes Kaspersky Lab may now be "filled by people with closer ties to Russia's military or intelligence services" and that this information was gathered from "six current and former employees who declined to discuss the matter publicly because they feared reprisals". Of course the implication that some might draw from reading this is that any security products produced by Kaspersky Labs should not be trusted.
Eugene Kaspersky however denies all such allegations and responds point by point to the Bloomberg article in this post on his blog:
I guess it's simply reality that the mistrust that exists in the political world between nations would spill over like this into the cyberworld of software. But it does make you wonder: which antivirus software can I trust more? IT usually compares protection software primarily on the basis of how effective it is in identifying and repelling threats and secondarily on its usability/manageability. But maybe we should also start considering how trustworthy it is.
What do you, our readers, have to say concerning this issue? Email us at [email protected] and let us know what you think.
Comparing cloud archiving solutions
What's most important for your company when it comes to choosing a solution for archiving rarely-needed business data into the cloud? Is it cost per gigabyte or terabyte? Is it how quickly you can access archived data? Or something else? Forbes has an interesting comparison between two increasingly popular solutions, Amazon Glacier and Google Nearline:
Has your organization used either of these products or some other solution? What are your thoughts about it? Send us your feedback to [email protected]
Bruteforce attack on an Apple iOS lockscreen
Those readers who have iPhones and other Apple devices running iOS might be interested to read this article from MDSec:
If you can't see the video on that page, try here on YouTube:
Search engine weirdness - Bing vs Google (for Aussies)
Oi! As an IT pro I rely heavily on search engines to help me find technical documentation when I'm stuck on something, which is often. I used to be a Google die-hard but about two years ago I switched over to using Bing for two reasons. First, I work mostly with Microsoft products and write about them a lot:
Second, having worked with many Microsofties over the years I've developed a liking for the company. So out of "brand loyalty" or something like that, I decided awhile back to make Bing my default search engine.
It's been rough sailing lately...
While I'm sure that both Microsoft and Google regularly fine-tune how their search engines operate, lately I've been finding Bing much less useful when I have a very targeted query I'm trying to search. For example, recently I've been looking for good vegetable spreads that don't have anything spicy like pepper or chili and also don't have garlic. The other day I stumbled across an Australian favorite called Promite:
Promite is a close cousin of another spread called Marmite, and there's a fascinating blog post that compares the taste and culinary characteristics of Vegemite, Marmite, and Promite here:
After reading this post I wondered whether Promite might be available here in Canada. So I tried Binging this query:
but there's obviously a lot of noise in those results, so let's see what happens if I add plus ("+") signs to each word:
Well, that's no help. Let's try putting double quotes around each word. After all, Bing Help says doing this "Finds the exact words in a phrase" so that should work, right?
Still the same noisy results!! Hey Bing, I'm really not interested in how Canadian ministers promote Canada as a top investment destination or finding out where I can buy waterproof ProMariner on-board marine battery chargers, eh? I want some Promite so I can try spreading it on toast in the morning, argh...
So I decided to give Google a try and search for Promite Canada without the quotes and without prefixing plus signs before each word. Here's what I got:
Ta. I guess that's Google 1 Bing 0. But why?
I wonder if maybe Microsoft is trying too hard to make Bing "intelligent" in the sense of "What you really want is probably this" whereby Bing thinks you've probably misspelled something in your query and tries to make some guesses about what you had intended your query to be. But whatever the reason is for such behavior, it's been rendering Bing less and less useful for me. This isn't the first time this kind of thing has happened when I binged something, and it's even occurred when I've been searching for something technical and Windows-related.
But let's get back to Google. Searching for this:
returns "about 144,000 results" from Google. What if I prefix each word with a plus sign like this?
This now says "No results found for +Promite +Canada" and shows me the results with no plus signs instead. What's going on? I thought adding a plus sign in front of a word when googling something forced Google only return results in which that word was present.
So I went to Google Help and found this page:
Aha! Google must have changed this becuase now when you prefix a word with a plus sign Google limits the scope of the search to Google+ pages. When did that happen?
Let's see what happens I enclose the words in double quotes instead:
I now get "about 146,000 results" which is weird. It seems that adding double quotes around each word has returned more results than without the double quotes.
But there must be a way of forcing Google to make sure the results returned include both words (Promite and Canada) right? Let's try Google Advanced Search, which is inconveniently accessed by clicking Settings at the bottom right of the Google home page and selecting Advanced Search from the menu that appears. Then on the Advanced Search page, I type both words in the "find pages with all these words" textbox and once again I get "about 144,000 results" so no need to use the Advanced Search when I need to google something specific.
What about Bing? When I bing these words:
I get "37,300,000 results" which is clearly ridiculous, tons of noise there. How I can force Bing to return only pages that include both words exactly as spelled? Let's try Bing Advanced Search instead, but how do you access it? Bing Help says the following:
Use advanced search to help narrow your results.
- On the search results page, click in the search box, and then click Advanced search at the bottom of the search suggestions list.
- In the Advanced search box, choose an option to narrow or widen your search, and then click Add to search.
The search results are updated automatically.
Here's where you can find these instructions:
So it seems what I need to do is start by searching for Promite Canada from the Bing homepage, and then when the 37,300,000 search results are displayed, I simply click in the search box and then click Advanced search at the bottom of the search suggestions list that appears. Let's try this:
Wait a minute, there isn't any "Advanced search" item in the search suggestions list. Could Advanced search be broken in Bing? I checked the Settings page for Bing and Search Suggestions is indeed turned on.
This is getting weird. Maybe I should go back to using Google as my default search engine? Email us if you have any thoughts about Bing, Google, and how the whole Internet is starting to fall apart: [email protected]
Anyways, guess I won't be getting to taste Promite anytime soon. No wuckers...
One more fun item coming up next.
Surfing the Web with a Macintosh Plus
Finally, we found tan article in The Kernel this week describing how someone managed to get a 1986 vintage Mac Plus up and running again and connected to the Internet. Guess what it's like trying to surf today's Web using this classic computer:
Maybe I should dust off that old Amiga 500 in my garage and see if I can do something similar...
Send us your feedback
Got feedback about anything in this newsletter? Let us know at [email protected]
Recommended for Learning - Free ebook!
Microsoft Press has just published another free ebook where your own Dear Editor was involved. It's called "Microsoft System Center Deploying Hyper-V with Software-Defined Storage & Networking" and it's by Microsoft TechNet and the Cloud Platform Team with Mitch Tulloch as Series Editor. The book is a step-by-step guide on performing a proof-of-concept (POC) deployment of a software-defined datacenter based on Windows Server 2012 R2 and System Center 2012 R2. You can download it today in PDF, EPUB and MOBI format from this link on the Microsoft Press Blog:
Microsoft Virtual Academy
Some announcements from the Microsoft Virtual Academy:
April 15-16: Getting Started with Azure Security for the IT Professional
Get the information and confidence you need, from the pros who know, as they demystify security in the cloud! On April 15 & 16, join Rick Claus and a team of experts, for this two-part, demo-filled course. Explore datacenter operations, virtual machine (VM) configuration, network architecture, and more. Register today!
On-demand training: PowerShell Desired State Configuration (DSC)
Want to learn more about this fast-moving technology? Watch Getting Started with PowerShell Desired State Configuration (DSC), and find out how – using DSC as your management platform – you can control the deployment, maintenance, and configuration of your traditional datacenter and apply that knowledge to a hybrid environment:
Then, for a deep dive into how you can use DSC for automated deployment and resource management, watch Advanced PowerShell Desired State Configuration (DSC) and Custom Resources:
Quote of the Week
"Ours is not to reason why, just reboot and then retry." --heard somewhere on the Internet
Until next week,
Note to subscribers: If for some reason you don't receive your weekly issue of this newsletter, please notify us at [email protected] and we'll try to troubleshoot things from our end.
JetStart gives you quick access to categorized Start Menu shortcuts, recently launched programs and system commands:
Image Resizer for Windows lets you resize one or more selected image files directly from Windows Explorer by right-clicking:
This week we have tips on drag and drop in Microsoft Outlook, keyboard shortcuts for Microsoft Office products, and how to suppress confirmation messages when running some PowerShell commands.
More drag-and-drop Outlook tips
In last week's Issue #1022 Hybrid Exchange Deployment, in the This Week's Tips section, we included several tips for users of Microsoft Outlook. Craig Hollins, Director of Qbit Computer Tech & Managed Service Specialists in Australia, responded by sending some of his own tips for using drag-and-drop with Microsoft Outlook:
G'day from downunder!
I noticed your Outlook save as tip – one I've been using for years. I've got a bit of a history with email starting back with cc:Mail on a 3,000 user site in the '90s. I've kinda continued that interest up to present day. I regularly conduct short training mornings on Outlook for my clients and I'm astonished at how little most people know about all the hidden features in the program.
A couple of my lesser known favourites:
Drag and drop works on just about everything. As you discovered you can drag an attachment to explorer. You can also drag a message to explorer and it will save the entire message, complete with attachments as a single .msg file. Explorer search will search the text of the message when you need to file it again. This can be handy if you want to store all relevant customer information.
Now some of the cool ones. I often get emails inviting me to events. These aren't meeting invitations, just messages. Drag the message to your calendar folder and it creates an appointment with the text of the email in the notes area and the subject of the email is the meeting title.
Someone sends you an email and you want to add them to your contacts? Drag it to your Contacts folder (or People if 2013) and it creates a contact for you with the friendly name and email fields already filled in. The text of the original email is in the notes area.
It also works with Tasks and Notes.
Best keyboard shortcuts for Microsoft Office
CMIT Solutions has a great post titled "15 Quick Keyboard Shortcuts to Supercharge Your Use of Microsoft Office" on their blog here:
Anything missing from this list? Send us your favorite keyboard shortcuts for Microsoft products and we'll share your expertise with our readers: [email protected]
Suppress confirmations when running PowerShell commands
Get tired of "Do you really want to do what you're trying to do? Press Y/N" messages when you're trying to automate a task by running a PowerShell script? This tip on PowerShell.com might be able to help:[email protected]
AmericasMicrosoft Build on April 29 - May 1 in San Francisco, California USA
Microsoft Ignite on May 4-8, 2015 in Chicago, Illinois USA
Microsoft TechDays 2015 on May 28-29 in the Hague, Netherlands
Add Your Event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]
Register for Webcasts
Add your Webcast
PLANNING A WEBCAST you'd like to tell our subscribers about? Contact [email protected]
A Crash Course in Amazon Terminology (Part 2) (InsideAWS.com)
Getting Started with AWS (Part 5) (InsideAWS.com)
Product Review: GridVision (WindowsNetworking.com)
Five steps in choosing the right server (Coffee Coaching)
Microsoft Azure Virtual Machine Readiness Assessment (Courtenay Bernier)
Microsoft Previews Dynamic Group Rules for Azure Active Directory (Redmond Magazine)
Poor Man's Guide to Troubleshooting TLS Failures (Tim Springston)
Cisco ACI - Cisco Application Virtual Switch (VirtualizationAdmin.com)
Forensics: Audit Group Policy Links and Changes with PowerShell (Goatee PFE)
Creating Active Directory accounts using PowerShell (WindowsNetworking.com)
Cloud Security Prospects for 2015
Microsoft + AWS: A Winning Combo (Part 4)
VMs with Multiple NICs and Virtual Network Appliances in Microsoft Azure
Assessing the Security of Mobile Applications (Part 1) - Planning
Why Use Enterprise Wi-Fi Security
Taming the multi-cloud beast
Managing multi-cloud environments can be extremely difficult since no two clouds are built exactly alike. Fortunately, you can simplify multi-cloud management and make things much less complex going forward by using these new management tools.
So, you're done virtualizing. Now what?
When it comes to virtualization, documentation is critical to avoid having to retrace your steps later on. Find out why you must record what you do, as you do it, to save precious time in the future, and discover the benefits of establishing a working baseline for server performance.
Where's your desktop? Defining VDI and DaaS
Today's IT shops have to decide between hosting deskops in their own data centers through VDI or in a service provider's data center through DaaS. Access this exclusive guide for a comprehensive breakdown of everything you need to know about VDI and DaaS before making your desktop hosting decision.
Which vSphere virtual switch is the best fit for you?
Currently, there are two options VMware offers when it comes to virtual switches, and though each virtual switch shares the same basic functions, only one comes with the top-of-the-line license option. Discover which option it is and learn why it might be the best fit for you.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]
The World's Fastest Juggler - Soslan Suanov
The world's fastest juggler Soslan Suanov performs his incredible act at The Old Moscow Circus:
OK Go - Chinese Furniture Store Commercial
Famous for its innovative music videos, OK Go does a commerical for a Chinese furniture store with a remix of 'I Won't Let You Down' - all recorded in one take!
Akira Kurosawa - Composing Movement
Possibly the greatest composer of motion in film history, Kurosawa had an innate understanding of movement and how to capture it onscreen:
'House Of The Rising Sun' - The Animals - 1964
The British rock group The Animals perform 'The House of the Rising Sun' in 1964:
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.