Monday, April 13, 2009

Changing a Hard Drive or: 27 Screws

I had the distinct displelasure to have one of the hard drives in one of my fleet of MacBooks replaced today. This was a previous generation unit less than one year old-- one of the Penryn models immediately prior to the release of the current Unibody MacBooks. Just to be clear-- not an old POS by any stretch of the imaginaion. For regulatory reasons, I had to remove the hard drive and replace with a new one.

This operation took:
  1. Hiring an approved Apple Tech to do the swap, so that such an operation would not void the warranty.
  2. The removal of the battery, which I'll concede is a Very Good Idea in general when working on a notebook, but not required for most other brands/models.
  3. The removal of a body panel unrelated to the hard drive (Memory-- just to access some screws)
  4. The removal of 27 screws in total
  5. The use of two laptop-size screwdrivers-- a Philips and a Torx head (for no apparent reason.)
  6. The removal of one retention bracket holding one half of the hard drive.
At this point, the system was largely open, with the entire keyboard side of the bottom enclosure off. When reversing the process, you also have to take care to align tension clips in the case properly. Also, the thin aluminum shell of the pre-billet models is prone to minor dents which complicate servicing vs. purely cosmetic scratches in most other notebooks sustaining similar damage.

That's not acceptable. Business class notebooks should release a hard drive tray with no more than 2 screws, and the tray itself typically mounts to the drive with 2 more. Pop, pop, in and out.

Considering that drive removal/replacement is necessary and required for all sorts of good reasons, this design ethic is beyond reproach. I understand the "I want it to be pretty" BS, but in the real world, you can hit serious problems when a critical and basic task is denied to you.

Friday, April 3, 2009

Musings on Instant On and a Plea for OEMs

It's no secret that flash storage is getting cheap and Linux can be tweaked to boot pretty fast. Put the two together, and you get implementations like Splashtop, most commonly commercialized as ASUS ExpressGate and Phoenix' HyperSpace close behind in the race to market. The combined cost is low enough to be able to justify for most systems beyond the budget end of the spectrum. The goal is to be able to get a very basic OS with several key apps up and running in five seconds or less. We'll revisit those apps later.

The whole idea that we can have even a basic OS up and running in 5 seconds is amazing enough, but the concept of using part of the computer without taking the time to boot into a full featured OS isn't entirely new. By the late 90's, several manufacturers offered rudimentary audio controls on the outside panel of laptops so that they could be used as extremely large and overpriced CD player. That's not so much of a real OS, but baby steps... By the Athlon XP era, some of the highest end motherboards from manufacturers like DFI included enough extra BIOS functionality to boot into MemTest86-- we're getting closer, and probably the first precursor on the Phoenix side. Baby step number two.

I point these two out because you see a fundamental difference between these two approaches. One is a pure media/entertainment option, while the other is about geting work done in a very specific way. Having a second OS to boot into to troubleshoot, test or repair is a common and critical need when doing various computer tasks.

Maybe this made more sense when a full OS boot took two minutes and various suspend options were half-baked. I won't say that there are never problems with suspend and hibernate, but modern OSes and hardware have come a long way. I can bring back an already booted OS fairly quickly.


The current implementations favor entertainment and communication apps. There are certainly times when having Firefox up and running quickly would help troubleshooting, but I suspect there's a better way to go than getting quick access to Skype and MP3s. Building a troubleshooting-oriented OS would help tremendously more than a media mini-OS.

Imagine having the ability to:

Work with hardware before a hard drive is installed or with a blank hard drive before the OS is installed.

Have a trustworthy OS to assist with data recovery when the installed OS isn't working properly.

Have an OS to boot into in order to perform diagnotics away from the installed OS.

Boot into a "safe" OS while attempting overclocks without the risk of damaging an installed OS.

A Media-centric OS gets you a browser to help look stuff up when troubleshooting, but not too much more than that. I respectfully submit that having a work-oriented OS is far more useful than a limited media OS.

Thursday, April 2, 2009

Google Datacenter Video

As a supplement to the earlier post on Google's Servers & Datacenters, here's an astounding video.

It's just amazing how out-of-the-box the datacenter thinking is, and yet how scalable and reliable it is as well.

We see a lot of the software side of Google as the glamorous side-- Google Earth, GMail-- hell, even Blogger. It's good to shine some light on the awesome work the IT Infrastructure guys do.

Google's Server... the secret is revealed

This one's not an April Fool's joke. Google has finally presented their server design as well as their modular datacenter plans. It's quite a bit different than most large datacenter providers, and I think there are some really good lessons both on how to design a datacenter as well as the individual server units-- both in what to leave in and what to take out. The goal here was to help other companies with power saving initiatives, but we got a lot more information than just that.

I think the most important take-aways are:

Simplify your systems! The design cuts to the bare bones of what is needed. They're then able to expand with lots and lots of simple units. The designs look an awful lot like a motherboard on a tray that they were using in the beginning.

The nodes are really, truly generic. They've gone through 5 generations of these simple systems, and it doesn't matter what they do. Each one is a compute unit with no differentiation.

Since Google has the ability to build their own systems really and truly to spec (including entirely custom motherboards) they can do away with unimportant bits to save cost and add costs where necessary (e.g. the motherboad does the 5v step-down instead of the power supply-- a few dollar feature that is worthwhile for their specific design as it saves on power efficiency in the PSU, saving more than a buck or two in the long run.)

While Google is rumored to be not interested in repairing servers (they were famously supposed to leave broken servers in place and not bother fixing them), the most failure-prone stuff is very easy to service.

Batteries on each unit vs. a large UPS is a brilliant move. These guys won't last long enough for battery aging to be a big deal, and even if it is, they're small, discrete, and easy as hell to service compared to any UPS battery. Saving space, money, weight, etc. on UPSes really helps.

The whole containerized, customized datacenter design is so radical, I'm not really sure I fully appreciate it yet. It's got all the basics of a hot aisle system, but fantastic density. I'm going to have to think about this one it's so radical.

Anyway-- very cool stuff Google.


Wednesday, April 1, 2009

Happy April Fool's Day!

It's 4/1 again (or 1/4 in some crazy, mixed-up parts of the world.) I'd like to redo the whole site as a Panda AI with the personality of a mixed-up 13 year old, but I'm too busy doing real work.

Instead, I'm going to link up a few of the best I've seen, and hopefully these links will be good on 4/2...

Techreport.com taken over by LOLCats
HEXUS.net saying some interesting things about pixels
Thinkgeek has some good ones, but my choice is the Tauntaun sleeping bag! I want this so much for my inner child.
The USB Pet Rock and Squeez Bacon are right up there, too.

Saturday, March 28, 2009

Adventures at Best Buy

I'm going to ran for just a few minutes about the mega-retailer, so if you're not in a ranty mood, feel free to skip.

I have a relative who has a tendency to give me nothing but Best Buy gift cards for any occasion. That's a lot better than an ugly tie, but as I age, it's starting to be a real annoyance. I don't mind shopping in person, but the Internet has taught me to be a value shopper. I'll pay a little more for convenience, but not to the point of paying an extra 50+% for convenience. I also live in an area with high (8.75%) sales tax which can typically be avoided for most on-line purchases. I know I'm "bad" for not wanting to pay taxes... just like everybody else.

So, when presented with a small sum in gift cards, I have to try to spend them down somehow. I can either wait until I have enough saved up and buy something large, or try to spend it on small-ticket items. Even on small-ticket items, though, I feel continually frustrated by price and availability. I recently bought an Asus Eee 1000HE for personal/around-the-house use, and for lack of anything else there that I actually wanted to spend my money on under $50, I figured I'd buy a portable wireless mouse. No big deal, right? Well after a lengthy selection process, I had it down to one of two Logitech VX450 wireless mice. One was piano black, a better match for a piano black laptop and the other was black & silver/grey. I could go with either and get a good match. I thought the black one looked a little nicer, but it was $49.99, and the other was $39.99. Nicer, but not $10 nicer, I took my purchase up to pay. I was distracted by the "reward zone" crap while checking out and I had my gift card processed already when the $40 mouse rang up at $49.99. I had to get the manager to reverse the charge, re-credit the gift card back and do a price adjustment to get the price back to where it was marked on the shelf. Apparently the $39.99 price applied to the previous gen VX450 with a large USB transmitter instead of a mini-USB transmitter. Um... ok, well it didn't say that, the SKUs didn't match up and that's not how it was on the shelf. $10, please.

I'm very happy with the mouse, but the whole lack of organization and confusion I had to spend up front trying to figure out why the hell one color was 20% more expensive was tremendously unnecessary and confusing. Honestly, I would have probably ended up with a cheapo Microsoft mouse that was on sale had I known it would be a hassle... but hey, the mice under the "sale" sign were sold out and the same mouse in the Laptop section "looked different"-- minor color/version revision. I might have been in for the same thing all over again.

Unfortunately, the market is shrinking rapidly in this economy and the lack of counterbalance provided by Circuit City as a prime competitor feels like it's starting to show. They're moving a very limited CD selection to the back of the store, adding play areas for video game consoles while reducing game selection tremendously and treating PC gaming as a pariah (1.5 Aisle sides down from 4.5 a few years ago at this location.) They did add boutique mini-stores for cell phones, home theater, MP3 players and Macs. Whee.


The bottom line is that I'm used to selection and aggressive pricing. Big boxes don't have to be the cheapest, but they have to at least be in the game. I'm not sure how to satiate my desire to physically touch stuff without them, but we probably need to see some serious changes in the next 5 years or some shakeout in the market.

Rant over.

Saturday, March 21, 2009

Windows Tip - Preventing the connection of USB drives


Ever want to prevent a user from attaching a USB drive? Well, you could turn off USB in the system BIOS, but that prevents attachment of all USB devices, not just drives. That could be disastrous if you don't have a PS/2 Keyboard and Mouse attached.

There's a simple registry hack that manages how Windows XP SP2 and later and Vista manage attached drives (including external hard drives as well as flash) but not prevent the use of HID devices and other non-drive devices. There's a very good write-up on the How-To Geek. The hack can be summed up in this simple line:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]
"WriteProtect"=dword:00000001


For more security, you can look at physical protection. Unfortunately the USB physical standard doesn't allow any realistic way to permanently lock the drives, but you can block them. Lindy makes USB port blockers that will at least deter casual attempts to plug in USB and at least slightly slow determined users. They can be removed with a carefully bent paper clip, but once in, you can't easily remove with bare hands. Different colors use different keys to remove. Of course, you can buy them in colors other than pink...

Friday, March 20, 2009

Vista - No Telnet, really?

Telnet is bad, mkay? It's insecure. I get it. Everything goes in plaintext totally in the clear. However, it's still a useful tool. Vista (including Ultimate) apparently feels that such a powerful tool should be hidden away from prying eyes and doesn't install it by default.

To install the Microsoft telnet client, do the following:

1. Go to the Control Panel
2. Open Programs and Features
3. Go to Turn Windows features on or off (requires a UAC authentication if you don't have UAC turned off.)
4. Click the check box next to Telnet Client
5. Hit OK
6. "Please wait while the features are configured. This might take several minutes."
7. No, really, it takes a minute
8. Enjoy. May I recommend telnetting to towel.blinkenlights.nl for some ASCII Star Wars love?

Edit: Current Windows 7 Betas behave in the same manner.

Saturday, March 14, 2009

I hate being stupid busy

Over the last few weeks, I've been working very long hours, around personal committments. I've still got things to say, but things are only just starting to slow down slightly.

Stay tuned for more.

Thursday, February 12, 2009

Computer built under slave-like working conditions in China?

Looks like it's darn near slave labor, according to BoingBoing

I have a new appreciation for the Dell keyboards as shown in the photo...

Explaining Input Lag

Bit-Tech.net has an excellent explainer on input lag on a modern LCD monitor. A good monitor will techncially have some input lag, but at a tiny delay imperceptible to anyone. Poor-qualitiy displays are a diffrent beast entirely. Probably the best part of the article is explaining a methodology for detecting input lag. They're able to illustrate the problems clearly in video and pictures.

Sunday, February 8, 2009

Windows Vulnerabilities - 92% mitigated by not being administrator

I'm going to step aside from my normal patching discussions and talk about what happens when you do get attacked with malware that exploits a vulnerability. When a nasty program exploits an unpatched vulnerability, there are always mitigating factors that can help limit the impact. One of the big ones is that the exploit usually runs in the security context of the account which it attacks/is run against. Security vendor BeyondTrust looked at the 154 Microsoft vulnerabilities published in 2008. They found that 92% of all vulnerabilities had their impact mitigated or were rendered completely harmless when the user was running with no elevated privilege (normal user rights). Obviously this is a report from a security vendor selling software that helps manage user rights... but the breakdown for 2008 is striking, indicating that running as non-administrator at least mitigates:
  • 94% of Microsoft Office vulnerabilities reported in 2008
  • 89% of Internet Explorer vulnerabilities reported in 2008
  • 53% of Microsoft Windows vulnerabilities reported in 2008
That makes sense when you realize that the first two categories are just applications. They're very specialized, widespread and extensible applications, hence the risk. Ultimately, however, they're running at the user's privilege level. Even though the OS itself is somewhat less protected-- many of the juicier exploits will run at the System context or elevate privileges-- 53% mitigation is still pretty good.

Here's my beef with Microsoft in this regard. We all know that running in the least level of privilege is the safest and these numbers add good ammunition to that argument. While Microsoft has made great strides in allowing the user to elevate their privilege on some actions in the "XP era" and later, getting the ability to universally change security context on the fly eludes them. *nix with sudo and the standard GUI security elevation method of OS X both have serious problems, but they're a lot closer to right. Windows 7 will certainly continue the slow progress in this area, but at some point Microsoft ought to do better.

Wednesday, February 4, 2009

Windows 7 Update: Editions and Release Candidates

Windows 7 is moving along swimmingly (that's a betta splendens joke, son.) The good news that that the beta version that we have out currently is the only real beta we're going to get. RC1 be the next release. A mid-2009 release looks increasingly do-able with a late Q2 timeframe not out of the question.

The bad news is that Windows 7 will be coming in 6... editions that is. Things to note:
- Home Starter is a gimped edition allowing only 3 concurrent applications, similar to XP starter edition. This time, however, it'll be a worldwide OEM only release. Expect this version to ship on Netbooks, possibly including in developed countries.
- Home Basic is now for emerging markets only, but will look a lot like Vista Home Basic -- unlimited concurrent aplications but no Aero Glass, no "advanced multimedia" features and limited local area networking support.
- Home Premium is largely similar to Vista Home Premium in feature content with the main limitations being ones relating to remote access, joining a domain, EFS etc. This version will be available worldwide.
- Professional is the "intro" business class OS, with the ability to join a domain, use EFS, etc.
- Ultimate is again the ultimate home/business solution, and the best license that you can buy individually. Ultimate adds BitLocker, AppLocker, etc.
- Enterprise is available only as a volume license, and includes most of the same features that Ultimate does, plus deployment and management-centric tools.

At least it's no worse than Vista, but whomever thought limiting an OS to three concurrent apps should be shot repeatedly at close range. I'll be a sad panda if this version really starts infecting computers I have to touch.

Thursday, January 22, 2009

Seagate: Then and Now


I know I'm probably beating a dead (bricked) horse, here... but this Seagate drive survived being launched into space, operating in zero gravity and then crashing to Earth in a giant fireball. Why is it so hard to make drives today that die when you flip a power switch?

Wednesday, January 21, 2009

Seagate Drive Debacle, Take Two.

Seagate has now formally admitted that there is a problem. They even say so on their own support site. We're definitely looking at lots of drives affected, with what looks like all models of the 7200.11 and ES.2 affected. Seagate's got utilities up to detect the affected drives, but they don't have well-tested firmware to fix the problem before your drive bricks. What's more (and especially egregious considering the intended use of an ES.2) is that the detection and patching utilities are not only Windows-centric, but require the drive to be directly attached to a non-RAID SATA controller. Detecting, let alone fixing, nearline Enterprise drives is going to be a cast-iron b*tch.

On a lighter note, Seagate is reportedly going to be doing free data recovery on drives now that have bricked. That probably means just swapping the circuit board for one with a theoretical fixed firmware since the bits on the platters are just fine.

Does anybody have a catchy name yet for this disaster?

Friday, January 16, 2009

Hardware: High Failure rates on Seagate 7200.11 drives


I had seen inklings of this before, but now it's getting very close to official. Seagate 7200.11 1TB drives, primarily ones out of Thailand are bricking themselves with no warning. This typically happens a few months after the drive is installed, so we're seeing this get critical now that the drive has been out a while. This is on top of other firmware and related issues with the 7200.11 and ES.2 family. If you've got valuable data on a 7200.11 drive, be warned and get your backups sorted ASAP.

I don't know for sure whether or not the ES.2 1TB drives are affected or not, and if they are, to what degree. I've got my eye on both, as I manage both.

Since this failure is happening without warning, it's not clear yet how big this might be. We might be looking at the biggest batch of drive failures since...well, you know.

Seagate has recently cut its warranty on consumer drives to 3 years (in general) down from 5 years (across the board).

Remember MS08-067? It's baaaack (Conficker A)

And this time, it's bringing a worm. At this point, the estimate of infected systems is at around 8 million according to F-Prot. I've not seen an infection yet myself, knock on wood, but considering:

A.) That there was more than enough warning with Microsoft flailing their arms over a serious out-of-band patch on 10/23/2008, plus at least one, probably two Patch Tuesdays since the patch was released.

B.) This worm only spreads over corporate and local networks -- networks that are supposed to be managed by professionals.

The numbers are disheartening to say the least.

--

Edit: Microsoft has a helpful portal for this worm. Ars Technica also has a great article, quoting an infection rate of around 1.1 million PCs for the last 24 hours.

Thursday, January 15, 2009

Apple: Steve Jobs stepping down for 4-6 months


I don't know what more there is to say that hasn't been said better elsewhere, but "Teh Jobs" is stepping down for health reasons, and at least nominally to keep his health problems from distracting Apple's business. I'm not entirely hopeful that this is temporary, but we'll see. Best of luck to Steve as he fights whatever is really wrong.

Monday, January 12, 2009

Dell: Musing on the XFR D630 (Review)

I know the D630 is an old model, and I'm getting a hold of the highly specialized XFR very late in its lifespan... but the XFR D630 is still the pinnacle of Dell's Fully Ruggedized lineup. I'm going to give my impressions, but some basic familiarity with a D630, or similar Dell D-series Latitude notebook would be helpful to understanding the contrasts. Unfortunately, I don't have a Panasonic Toughbook-- the primary competition-- to cross-compare.

The first thing you notice about this guy is the he
ft-- it's big and very heavy. At roughly twice the height of a D630, you almost get the feel that the case of the notebook is a throw-back to a notebook of the mid-90s. Once you get past the greatly increased size and weight, you realize that you're looking at a totally different beast compared to a garden variety D-series. In fact, superficially it bears no resemblance to a D630 whatsoever. So, why is it still a D630? The guts are all still there. While the chassis is completely overhauled, if you remember basically where the ports, drives, access panels, and buttons were, they'll be in approximately the same locations on the XFR. While it's arguably different enough to be its own model, it still has to make-do with the D630 motherboard and the layout dictated by the basic D630 design.

So about this chassis? Is it rugged? In a word, yes. The outer casing appears to be hardened plastic with rubber bumpers around the sides and corners-- think Pelican case. Also in common with a ruggedized case, there's a nice Every single port can be sealed with a water-resistant hatch. The access panels in the bottom are secured by a simple screw, and then a lever to lock them down into place. The keyboard looks like a fairly standard D-series keyboard, but there's an extra water-resistant membrane visible underneath. The touchpad is still there, recessed, and the two buttons for the touchpad are underneath a rubber membrane.

So while on the subject of the keyboard, let's talk about usability.
Obviously this is all subjective and heavily biased in relation to my experience with the D630, but I have to start somewhere with a baseline.

Input: The keyboard at first seems a bit mushier than a standard D630, and flexes quite a bit more towards the
edges. There'e even significant flex evident when pressing down on the chassis panel directly above the keyboard. Even though it doesn't seem great, the center of the keyboard is fairly rigid and while not as good as a standard D630, it passes as acceptable. The touchpoint (nipple) mouse is retained between the G, H and B keys, but the left and right mouse buttons directly under the spacebar that normally work with the nipple mouse have been deleted. That makes it somewhat of a useless appendix. The recessed trackpad makes it a little harder to press on accident, but it also makes it feel fairly small. The option for scrolling hot-zones is preserved, but they're much harder to hit with the frame around the touchpad. The mouse buttons underneath the touchpad are mounted under rubber domes as noted earlier. I've got some very mixed feelings about this: The feedback is acceptable, and it's fairly comfortable to use the rubberized buttons, but at the same time, you're trying to push your thumbs down into a recess rather than just pressing on a button on top. My ultimate impression was that they were too short, top to bottom. If they had extended maybe 5mm towards the front of the case, my big meaty thumbs wouldn't have felt cramped when trying to press the buttons.

I'd like to give special mention to the (non-optional) fingerprint reader. It's located on the right wrist-rest, next to the touchpad. The mechanism is in a
recess under a recessed plastic door. It's wide enough to comfortably use, but it gets a bit in the way when touch-typing.

The screen, however is the bright (har har) spot of the whole experience. The outdoor-viewable screen is glossy, but it's also polarized and transflective. Indoors, it's bright.... VERY bright, with a very crisp picture. It's a huge step up from some of the grainier D620/D630 screens out there. It really is viewable outside in direct sunlight. Light colors show up better, with a somewha
t "3D" type effect visible with a dark item on a light background. While it's not "goregous" outdoors, at least it does work fine in bright, direct sunlight. For work in the dark, two red spotlights are built in to the top of the screen bezel. The only difference from a standard keyboard is that Fn-RightArrow turns the lights on and off.

In terms of ports, it has all of them, and in pretty much standard locations. A minor quibble with the switch to turn wireless on/off-- it's now under a door on the left side. That's fine, but that reduces the convenience factor somewhat. The USB ports on the right side and in the rear are recessed to the point where bulky devices
will probably have clearance issues-- obviously a hub or extension cable is needed here. The biggest issue is the optical-- what looks like a standard D-bay has been re-labeled as an X-bay and is not user-removeable at all. You'd have to tear the system down to swap in another device. That means that using the bay as a 2nd battery isn't an option, but I think that's also what was intended. While water resistant, a battery compartment needs to be really, really waterproof. I think that was part of the design decision that locks you into a single optical drive. A 9-pin serial port is retained as is a 4-pin, non-powered Firewire port.

For power and accessories, standard D-series accessories work. The
power adapter is a standard 90-watt. Worth noting if you have a >90w unit floating around from a Precision-- the housing on those are too wide, and won't fit into the recessed power port on the back of the XFR. Those of course do work fine on the garden variety D630, but because the port isn't recessed.

Beyond looking things over, I didn't have a chance to test the anti-shock mounted hard drive, the ability to take the computer to a hose and hose it off, etc. Sorry in advance if you were looking for a torture test. With these things priced the way they are, it's comforting to know they are rugged, but I'm not going to put it to the test needlessly. I like my job and don't want to lose it. Lemme know if you have any questions.

Sunday, January 4, 2009

Abit: Not Dead Yet?

Well, perhaps the rumors aren't exactly on target. Abit's website still indicates that they'll return to normal business on 1/5/2009, or basically "now" with the wonder of time zones. I guess we'll see what the future holds for Abit. They're certainly not a powerhouse anymore, but 12/31/2008 came and went... Best of luck to Abit, and as more news happens, I'll try to keep on top of it. Apologies to Abit, if this is an unbstantiated rumor.