Sunday, August 19, 2007

Power Surge

I thought I had a decent disaster recovery plan in place - a UPS on each PC, accessories like modems & routers plugged into surge suppressors, and I periodically copy my critical files to one or more other PC's on the network, and the extra-special stuff goes on thumb drives too.

However, last Tuesday about 3:00 AM there was a major electrical storm in the area. I lost my Internet connection; resetting the modem fixed that. But the storm shorted out one of my telephones (good-old POTS wired land-line) and also blew up my router. Worst of all, my main PC's NIC appeared to be damaged as well.

I managed to connect one PC direct to the cable modem, and after an hour on the phone with one of Cox's absolute best techs I've ever spoken with, I was back online with one PC. But he confirmed that the modem was not talking to the router, or vice-versa.

I had been using primarily LinkSys equipment, but I had tried NetGear at my Oregon office & it worked just fine with Comcast and their Motorola cable modem, so I selected the NetGear WGT624, a 4-port switch with a 802.11g wireless AP, about $65 with tax. Works like a champ.

Still had issues with the main PC. I even tried installing another NIC, a D-Link 530-TX, but the PC recognized it as a second instance of the built-in NIC. Tried running Add New Hardware, but Windows could not find it. Not sure exactly what fixed my problem, but I removed the D-Link, disabled the connection from Control Panel, disabled the NIC in Device Manager, powered up, powered down, danced around in a circle (just kidding) and at that point I suspected that I needed to reinstall the Windows networking components.

To test that theory, I pulled out my Ubuntu Linux 6.06 Live CD and figured that if I booted from that & Linux found the NIC & connected to the Net, that would confirm Windows' confusion. Just before I did that, I decided to try one more time - reenable the NIC, reenable the connection, reconnect the Ethernet cable & boot into Windows. JOY! It worked.

Now, everthing is back online except for my old Sony laptop with a PC Card Ethernet adapter - none of the lights are coming on, so I suspect that the card is toast. Luckily I have a wireless PC Card, I'll be trying that later on today.

Thursday, August 09, 2007

Unwanted Bundles

There seems to be a trend that some software packages will bundle unwanted extras, without any opt-out options. Two recent examples:

Updating a Windows XP machine with Internet Explorer 7 bundled the Google Toolbar, with no option to reject it. The installer stated that "it can be uninstalled afterwards" which I did, but why subject the user to that extra step & wasted time?

Updating Yahoo Messenger bundled the Yahoo Toolbar, in that case with an option to reject it, however, upon reboot the Messenger service started automatically - I did not select that option, and it was not in the Startup group, so I had to regedit to remove that option.

There is enough stuff being installed as it is, I think software companies need to reevaluate their offerings and give control of their PC's back to the users who paid good money for them.

End of rant.

Tuesday, August 07, 2007

Access Bible, Chapter 3

I just finished the 3rd chapter of the Access 2007 Bible, and I'm surprised that somebody actually published it with so many bad ideas, good gosh. Chapter 3 speaks of "Bulletproofing" your database, but following their recommendations would certainly leave gaping holes in your protection.

After stumbling through a clumsy explanation of normalization, they start talking about how you might decide to use natural keys for table PK's, which is SUCH a bad idea. Before I go too far, let me be clear that I believe only in surrogate keys (Autonumber in Access, IDENTITY in SQL Server) .

Their first bad example is using Social Security Numbers. Aside from the obvious risk of identity theft and the potential legal exposure of using them, if you have any employees outside the US they won't have SSN numbers and your app will break. (The only place for SSN's is deep within the confines of HR, and they need to be encrypted.) The second suggestion - using employee ID numbers - is equally bad, because if you have an employee leave the company and then return, they might not be assigned the same ID number. In fact, as a consultant, I have a customer that assigns me a different C-number every time I come back in to do a project for them. The database would think I'm a different consultant for every project.

To be fair, they do endorse the use of Autonumbers for PK's but incorrectly state that a number can never be reused. The fact is that if a record is started but not saved, Access will not reuse that autonumber, but it is possible to insert that missing number using sql; the same holds true for SQL Server. Good thing to know if you're ever audited & they ask about that missing number.

Anyway, now that we have some wacky PK's, the authors talk about creating relationships between the tables that use outer joins, instead of inner joins. What?? The whole point of a relational database is that you create and enforce relationships. This is so disturbing to me, I have to stop writing now.

Sunday, August 05, 2007

Vista Explorer tricks

The Windows Explorer in Vista leaves out two important features from previous versions:

The up-folder icon is missing from the toolbar. Somebody at MS got the great idea that they're going to copy the behavior of the Linux File Browser, where the folder hierarchy is spread out across the address bar, like

Computer ~ DRV1_VOL1 (C:) ~ Share ~ Sysinternals

and to go up one level, you need to click on the folder to the left of your current location. Fortunately, you can press Alt-Up Arrow to move up one level. Intuitive? I don't think so. And the Linux version also has the up-arrow icon on the toolbar. Intuitive? Yup.

The second, most irritating omission is that you can't easily resize column widths - there is no column sizer like prior Windows versions, or even Access or Excel for that matter. You can sort by a column, or drag columns into different orders, but the only resize options are Resize to Fit, for either the current column or all columns.

Here, you have to right-click on the gray title bar and select More... and at the Choose Details dialog, you select the column to be resized and then enter the number of pixels in the little box. How many pixels should it be? Your guess is a good as mine and YMMV, but using 1024x768 resolution, it seems that 166 gives a reasonably good view for file names. I give this feature a big zero for ease-of-use. Once again, the Linux File Browser has the same good old column resizer feature that users are accustomed to having.

After five years of development, you'd think they would have made things easier to use, instead of more difficult. It's sad that I even have to post these "tricks".

Saturday, August 04, 2007


Nowadays I'm a database guy, but over the years I've done countless software installs, hardware upgrades, and recently I built myself a server starting with an empty box, system board, cards, drives, and cables.

However, Friday afternoon I paid a quick visit to a customer and I was unexpectedly pulled in to a malware situation on one user's PC. It started with a radio playing in the background (?) and quickly escalated to numerous popup advertising windows in Internet Explorer.

I ran some of the Sysinternals utilities available from Microsoft, notably the AutoRuns and Process Explorer, and found numerous evil entries and killed the processes & deleted them from the registry using those tools. However, after a shut down / cold restart as soon as you opened an Internet Explorer window the popups resumed.

I then ran the RootKit revealer which takes a long, long time, but it did in fact find files that were "visible to the Windows API but not in the MFT" located in C:\ and also C:\WINDOWS\System32. I opened an Explorer window set to show all files including hidden & system files, but couldn't see them. Then I opened a command window (cmd) and tried Dir /ah, Dir /ar and so forth but they weren't visible there either. Aha! This must be a rootkit, I thought. Unfortunately, the RootKit Revealer has no delete options built-in, so I could see the bad stuff but couldn't reach it.

This PC is on a corporate network and is running Trend Micro anti-virus. We checked the activity log and discovered that Trend was reporting "successfully found ... but unable to repair or delete" the evil files. We also tried running the Update Now for the AV but without any improvement. A Trend Micro web search netted only two results, one from Europe and one from Australia, but no hard facts or solutions.

On Monday, we're going to try upgrading to IE7 to see if that is immune to the malware, or least capable of blocking the popups. If that doesn't do the trick, we'll try a System Restore - we've identified the date and approx time of the infection, so hopefully that will silence the demons.

The only good thing about this whole episode is that the user is still able to send and receive emails, and the malware is not propagated to the recipients.

That being said, I simply cannot understand the whole point of this malware epidemic that we all face today. What could possibly be the purpose of it? Is it just for a prank, are they getting paid for advertisers that are being displayed, or what? From studying this infection, the malware author obviously spent a lot of time creating this, with many interconnected files, and taking great effort to hide the activity from the OS.

I have purposely not disclosed the names of the various bad files, so as not to encourage the malware author.