What Is That Program Doing? Or, Why Is This System Using So Much Memory!?

First, let's get a quick concept out of the way. When dealing with computers, new sysadmins have to understand that when it comes to a system compromise (a computer gets hacked), the system cannot be trusted. It's like asking a person to objectively assess their mental state; when you ask a person's brain to evaluate itself, it's going to be biased and distorted. Similarly, when a person cracks a computer system, they can alter the programs and filesystem so that if you run utilities to show network connections, running programs, etc., the altered files will hide the unauthorized activity.

Pretty simple, yeah?

So how do you see unauthorized activity? If your computer was hacked and is now sending spam email...which is network activity...but if you run utilities everything is showing up as normal (because the altered files are hiding the unauthorized network activity), the computer can hide what's going on, but a second system on the network that is monitoring network activity will see all the activity. In other words, your hacked computer may have its fingers in its ears yelling, "LA LA LA LA LA" but a third party system will still see what that computer is doing.

You add a layer of abstraction to watch what's going on, and in the process you can learn a bit about what is actually going on with your computer.

Now...the topic of of the post.

I have been working with a technology called virtualization for some projects at work. It's really great stuff...it lets you create computers that exist only in software, letting you install and configure multiple computers that run on just one system. Schizophrenic, but very very handy for people like me that have to run print servers, web servers, and file sharing servers in an organization among other things because I can consolidate those systems onto one or two actual physical systems (with tons of RAM and disk space).

In the process of running tests to migrate some of our physical systems to virtual software systems we moved a printer server. This is a Windows computer whose entire job on our network is to spool print jobs and dole them out to our many many printers scattered around several buildings. Not uncommon in businesses to have printer servers configured in their network for easier management.

Normally we'd think that this isn't a huge task, either. Most of the time a server like this would sit largely unused; I mean, it just sits waiting for someone to send a print job, render it then send it to the appropriate printer. It's not crunching numbers to predict the weather.

"But Barry," you ask, "What does this have to do with hackers and second computers to watch what a system is doing?" Glad you asked. See, when you run a full-on virtual server system...in this case what's called a type 1 hypervisor...you get an abstracted view of a computer; memory use, disk use, network use...and so you can get a quick overview of what the computer is doing that ordinarily you wouldn't get to see with a physical computer.

What I saw was that out of (more than five, fewer than ten systems) on our virtualization server the printer server was taking up nearly 800 meg of memory and shooting between first and second place for CPU usage and network usage, depending on what the other systems virtualized on the testbed were doing at that point. What in blazes is it doing?

I logged into the machine and ran a wonderful tool from the sysinternals suite called Process Explorer (free download...I highly recommend the sysinternals suite of software to ANY system administrator or troubleshooter). From there I could monitor process (program) names, the command line from which they were running, memory and CPU usage, etc.

I found a couple things of note. First, the converter program I used to automagically convert the physical machine to a virtual machine runs a service that carries a large footprint of memory; now that the system was virtual, the converter program isn't needed. So I removed that program from add/remove programs and memory use for that virtual image dropped over 100 megabytes.

Second, the computer is running a database program as well as a Bash shell spawning Java. Huh?

In case you didn't know, Bash is a shell program that runs normally under a Unix system (like Linux), not Windows.

Process Explorer told me that both the database and the Bash shell (and in turn the Java system) was tied to a Dell utility tied to Openmanage. Many mental scars remind me that OpenManage is a set of utilities made by Dell for managing their servers...usually it has functions for things like monitoring fans and CPU temps, rebuilding RAID arrays, etc. etc...generally a headache to sort everything out and get working in the proper combination for your system. At least, that's my experience with it.

So I go into add/remove programs to remove the OpenManage software, since now that the system is virtual there really wasn't any Dell hardware for it to manage.

Surprise! I was wrong. Apparently at some point someone installed an OpenManage component for managing printers! It wasn't small either. In the add/remove programs there was a listing for "Dell Printer Software" and for "OpenManage Printer Manager", each of which was taking 1.6 gigabytes in storage space on the hard disk. Each. Not both together.

But since some departments wanted Dell multifunction printers on the network and I didn't install it I don't know if these software packages are something that are needed so I can't really just tear through and uninstall those programs without dealing with the possibility of Nasty Consequences(tm).

Apparently Dell tries to cut some corners to make their software more portable between Linux and Windows by using Java (I'm speculating since I'm not too thrilled with OpenManage software, so I don't install it on my Linux systems on Dell hardware). Part of their software workflow involves using a program called Cygwin to do something with logging or some management task; Cygwin is a port of Unix utilities to run on Windows (that's why I saw Bash running). You can run tools like Secure Shell or awk or sed or ls...many many many scripting and administration utilities...on Windows that normally you'd only see on Linux. Process Explorer popped up lines in the process list as some of these scheduled tasks were periodically popping up thn disappearing, no doubt adding to the memory and resource use of the virtual machine. To be clear, Cygwin has it's place and I think it's great when properly used. I've also seen it installed on systems that suddenly start spiking CPU usage because of one of the programs using Cygwin libraries (in that case, SSHD running on Windows as a service).

What lessons can we learn from this little educational field trip?

• Generic is good. Addon software is bad. Backed up by anecdotes on the StackOverflow podcast, that CD that came with your camera/printer/device should not be installed unless you have no other choice but to use it to get the device to work. Many modern operating systems include drivers to work various media devices, or for devices like HP printers, you often can go right to the website and download just the driver, without all the addon crap that will bog down your computer with extra programs that you don't need (or know what they're really doing).
• Virtualization can give you tools that will both teach you about using your system and open your eyes to some things your computer(s) may be doing in the background without your knowledge. There's no reason that a printer server should be sucking down resources like this one was except that it had some poorly optimized software installed that it probably doesn't need.
• Third party utilities like the Sysinternals Suite can help you track down oddball activity on your system (or insights on how things work) for free. There are tools that tell you what's connected to the system over the network, which program is writing and reading the hard disk, which program is hitting what part of the registry, and many other useful tools. Try it out if you run Windows.
• Audit your system once in awhile to see what's actually installed and what it's doing. If it's not needed, free up the drive space by uninstalling that program. Use Google to figure out what the programs are. Part of what contributes to your computer slowing down over time is having programs running in the background that take up space in memory and access the network and you probably don't need them. Become familiar with your system and it can help save you aggravation down the road...also it'll help you later on when you notice something that should not be in that process list running, so you can tell when something is out of the ordinary on your computer. Process Explorer even includes tools for you to Google process names from a menu, making it even easier to learn about what your system is doing!

Windows isn't the only platform to suffer from bloated, inefficient and/or poorly designed software, but since Windows has the majority of users who are non-technical in interest and nature it is the platform with developers who get away with creating shovelware much more often. Fight it by not using it. I'm not referring specifically to Windows, although I encourage not using that too...but rather don't use the bloated crap that comes as trinkets and addons that only serve to bog down your computer. Don't install software from CD's that came with your new tech toys unless you must; try plugging it into the computer first to see if Windows or Linux or the Mac recognizes the hardware and installs the necessary drivers for you first. Then you're using native tools and not someone else's idea of how you should use their tools (and sometimes screw up your system in the process). Check your computer and screen it for odd behavior and find out what those processes in the background of your system are doing so you can get rid of software that is slowing your computer without justified cause.

Anyone have any stories they'd like to share?

The iPhone Vs. LG Voyager

It's official. The iPhone 3GS has smashed records for AT&T and Apple.

I would love to have an iPhone but the only carrier in the US is AT&T and I'm already quite invested with Verizon. Every carrier has horror stories associated with them, but in our relations with Verizon we've had good luck with customer service as well as technical service.

AT&T didn't come into our area with coverage until late in the game and when they finally did put in tower coverage the coverage was unreliable and spotty.

In other words, they left a bad taste in my mouth after seeing how they ran their business. If you followed my blog you know how I feel about businesses that seem incompetent with their customer relations.

I'm told that they're better today. I don't particularly care. There's a similar effect for restaurants. It's quite common for a restaurant to work long and hard at building a loyal number of regulars, but it takes only one bad experience to lose a customer forever.

That doesn't mean I don't wish I had an iPhone. I have an iPod Touch, the iPhone's close cousin, and I owned a Verizon LG Voyager. The iPod gives a pretty close experience to what an iPhone is like in most areas other than actually calling and texting (and a couple other features like taking photos and GPS, since the hardware isn't available on an iPod). The iPod does give the computer integration, music, podcast, and touchscreen as well as close form factor to the iPhone as well as the app store integration. It runs the same operating system as well.

Having used both the iPod Touch and Voyager, I can tell you that the interface to the iPod is light years beyond the Voyager and it's Verizon technology kin.

The touch interface on the iPod is responsive and probably three to four times more accurate than the Voyager's.

The app store on Apple is convenient and makes the iPod more flexible. Yes, Apple acts as the gatekeeper for all applications on the iPod and you won't (intentionally) find porn-based applications on the iPod/iPhone, but overall there are a simply huge number of various applications to choose from and they aren't tying you directly to Apple's brand overtly. Verizon requires you to do everything through Verizon and they're quite limiting in what I could and couldn't do on their phone.

The iPod allows for wifi access. Not so sure about Verizon's phones. It's not on the Voyager.

The iPod/iPhone was integrated with my computer. I could back it up and sync data easily with my computer, without having to find some kind of accessory kit with the proper cable for use with my particular phone. There are even applications to allow you to explore and navigate your iPhone/iPod from your computer. My Verizon phone was very much a separate accessory; it is as if Verizon is afraid of diluting their brand by allowing the customer to have any control over the product.

The only place I preferred my Voyager was the tactile keyboard. I could type significantly more quickly than on my iPod. However I could learn to work the iPhone's key display in a pinch (on the Voyager you almost had to get proficient with the full keyboard; the touchscreen was horribly inaccurate and lagged, making it nearly impossible to use.)

The Voyager was barely usable with the touch screen. For anything more complicated than viewing text messages I often had to drop to using the keyboard to get anything done; I can't count the number of times my phone thought I wanted to edit or view a contact entry when I was trying to get the damn thing to scroll. The iPod? No problem. If anything the iPod was almost too responsive, the screen just begged to be touched. The Voyager was so finicky and glitchy that it was just the opposite.

I don't know if it's a problem with Verizon just not "getting it" or if they're so stuck in some paranoid business model of controlling the brand rather than creating a great customer experience that limits them so much. Verizon has a great network, I've had excellent luck with coverage. The services offered by their website have worked well for us.

Now I just wish they had good products to match those services. I'm hoping that at some point Apple will cut their exclusivity with AT&T and create a product with Verizon...so far Verizon has show zero ability to "get it".

MyLife.com : Be Careful Who You Sign Up With Online

I had an email arrive from a friend recently that raised an eyebrow. It said that my friend wanted me to confirm that I knew him to a site called MyLife.com.

Hmm...

This isn't the first time I've seen emails like this before, and the're almost always trouble. Usually the person named as the sender doesn't even know that "they" sent it to me...and like most of these sites, my suspicions were quickly confirmed.

Check it out:
"Just Say No To Mylife.Com"
"MyLife.Com: A New Tool for Bargain-Seeking Stalkers."

Things are rarely really "free"; in this case, these sites take it to a new extreme in order to invade your privacy. This website downloads your contact information on your email and social networking sites then contacts people in your name to try getting them hooked into their snare to further marketing efforts; and once you're in, good luck getting back out.

Much like urban legends perpetuated with emails by everyone and their grandma, these underhanded websites spring up all the time with various names and never seem to go away. By the time people realize what they're really up to it's too late. Your information is out there, and everyone you have in your email has been spammed. It's not like there's one or two of these...they change tactics periodically to escape having their tarnished name hinder profits; the articles I linked above reference a few other names that website company is associated with, for example.

The lesson here is to double and triple check the fine print of sites you're looking at signing up with. Do a Google search for the name of the site and the word "spam" or "scam" to see what, if anything, pops up...before you click that ok button. You may not know what you're actually allowing and all the security in the world won't protect your computer when you give permission to install or upload their weaselware. It should became a second nature just like verifying your emailed "I can't believe this outrageous claim" should be verified on Snopes before you help pass it on with the forward button.

I'm not mad at him. If anything I'm mad at the company for using such weasel tactics to take advantage of people on the Internet. Those web weasels are no better than spammers clogging our junk filters and choking our bandwidth with attempted hijacking of our computers and emails attempting to evade filters.

Facebook and Other Social Networking Value

I have a Facebook account. I was curious about just who I might know on the network; thought maybe I could find out some interesting things my classmates are up to now after so many years.

Small confession...if there's a Barry Atric there, it's not me. I'm techy, and occasionally techie, but not like here.

Anyway the primary reason I made the plunge was because I was looking for a few specific people from my college alma mater; I didn't find him there, but I did find many others that I thought had disappeared.

The web has plenty of tools available for people to use for expressing themselves in various ways (no, not talking about porn...although I guess there's venues for that too). Twitter, Facebook, Myspace, YouTube, even Blogger...all wonderful sites for stroking your virtual ego to no end.

I lately have questioned the value of using Facebook. I occasionally see something interesting, like finding out about an old aquaintance being attacked by a dog or someone else getting lost on a hike in the woods and having to spend an extra day in the wilderness with her husband until finding their way out the next day.

Far more often, however, I see updates about how Billy wants me to join a mafia war (what the hell is that?), or some other bulb managed to get a high score playing a virtual gardener. Worse are the quizzes; I think they're originating from some dimwitted kindergarten class. I took one quiz off Facebook when I first saw an interesting one about Star Trek; one of the questions had an answer that was one-hundred percent wrong. Wrong wrong wrong.

I was rather curious about this. That's when I discovered that other people write the quizzes. You don't need to be qualified in any way, shape, or form. Any idiot that can type can create some "wunderful" quiz for others to take and pass on like a meme-virus on Facebook.

So people are spending tons of time into a black hole of playing crappy games (get a Pogo account, people) and taking quizzes that are as meaningful as what any 12-year-old could come up with when they're not sharing small tidbits of their lives to their "friends". At least, I think they are friends. Apparently there's a group of people that make it their mission to "Friend" as many people as possible. I think it's like some form of virtual street cred or electronic Viagra for them to be able to say they can share the fact that Furball went poop on a pile of clean clothes (hee hee!) with 984 seemingly random individuals.

It's getting harder and harder to cull useful material out of Facebook. I went there hoping to reconnect with old friends. I did that to a degree. I found one person who I was remembering from old albums by finding a mutual friend. The person I was originally looking for? Again, friend of a friend, finally. I found out that the mutual friend was still in touch with him when I saw him post pictures of my lost aquaintences' second wedding on the website.

Yeah. He got married again. He was my best man at my wedding...and I wasn't invited to the second wedding.

Another friend I reconnected with acted like kind of a jerk to a ribbing I commented on. He deleted the whole thing and replied as if nothing had happened, but I was rather offended that he'd have said what he said. Well, written. Rather than make it worse I just didn't say much of anything other than, "Man,...that was harsh, don't you think?"

He erased that with his other comments, but still...it bugged me.

Really. What good is Facebook?

I contacted a few people, but they rarely say anything. It's a cacophy of people advertising themselves or some small highlight of the day, and once in awhile making comments about what someone else does. The little blurbs take on a life of their own for a few minutes before being drowned out by the latest game score someone managed to achieve in VeggiePatch or on some meaningless quiz.

Meanwhile I'm sinking time into Facebook that I could have used to write a story or try getting some time in learning a programming language. It's my own fault, I acknowledge that. But I think that maybe I should cut some of that time on Facebook.

I've noticed that most of the people populating it seem to be more concerned with themselves more than what their friends are up to. Maybe I'm just imagining it, but really, what do I accomplish by using it? Most people don't say much of anything about what I'm up to. Most probably don't even care. Once in awhile I'll get something from someone as feedback, and I try commenting on other active status updates, but most of the time...nada.

Lately I've just been posting song lyrics and whatever music video I happen to be listening to as a YouTube link. I don't bother investing energy in trying to use it as a conduit for keeping up with people's lives or having them keep up with mine. If it were something they were intersted in I think they'd have emailed me.

Or they'd already know about this blog. The only one that knows more about what's in my head is my insurance-mandated psychologist with my journal (yeah, I keep a journal...it's easier than running through things in-session most of the time and I don't think he spends enough time on the Webbertubes to read my blog. I'm not so sure even my doctors at the baritric office still read it at all, to tell the truth...)

So do you use Facebook or Myspace or the other sites? Why? I mean, do you get any benefits from using the site? Feel free to share...

Anyone Else Worked on a Commodore 64?

I am listening to The Ultimate Commodore 64 Talk. It was a talk given at the 25th Chaos Communication Conference last year; it was 64 minutes long with 256 slides (which if you're a geek you already can see the in-humor of that).

What was so great about the C64? It was no doubt one of the most flexible, hackable systems created for home users. That's probably the single biggest driver in creating a fanbase for the machine that persists today (don't believe me? The thing was released in 1982, and if you click here you can go to a website that is reportedly hosted on a Commodore 64. Yes, hosted. It's a web server running on a Commodore 64.

My first personal computer was a Commodore 128. I remember typing in my own BASIC programs (the built-in ROM booted straight to a BASIC interpreter), loading applications from five and a quarter inch floppies, and with the right key combination, booting to a Commodore 64 mode. My first introduction to the early incarnation of the Internet was by connecting an external modem...which really is just a device for modulating a digital signal to an analog signal, not necessarily something that connects to a phone line even though that's the most common use...and connecting it to a 2-meter amateur radio transceiver so I could hop from node to node on the digital amateur radio network, exchanging messages with other amateur radio enthusiasts and using a terminal to "chat" with people. Messages could also be passed through special gateways into different wired networks of bulletin boards and what was back then the fledgling Internet! At the time this was pretty exciting!

Listening to this talk and watching the slides brought back some memories...

Commodore will always probably be known as the company that screwed up a great platform, the Amiga, which again was used beyond what most systems would have lasted in the industry. Anyone remember the show Babylon 5? Seaquest? Max Headroom? The computer effects were rendered on Commodore Amiga systems. It also was ahead of its time for giving home users advanced (but affordable) sound, graphics, and multitasking abilities; this was a continuation of the tradition started with the C64, except for the multitasking ability.

The talk itself is all about the C64; it's in-depth at times, other times humorous, and the information covers a variety of topics from bugs in the processor to comparisons of how graphics looked in the beginning (with a Christmas graphics demo released in '82) to what advanced graphics were appearing years later to a humorous dig at Microsoft's Bill Gates ("If he can program the 6502, so can you." Apparently Gates included an Easter Egg in the code for the version of BASIC encoded on the C64.)

Parts of it will go over the heads of the majority of people out there (you see some assembly code, some diagrams of chips used on the C64...) but other parts will appeal to anyone with fond memories of this old but venerable technology. If you have an hour to spend reminiscing then check out this video!

Windows 2008: I Hate You

I recently had the joy of installing Windows 2008 Server at work in preparation to migrate an older server application to it. I put off moving to or using the latest versions of Windows because I read of many of the headaches for sysadmins that lay in store (in case you want to relate a little, ever use Vista? Well, 2008 is Vista with server capabilities, and a few consumer interface items stripped out...but keeping most of the security problems).

In my two days using it, I ran into this short list of things that truly annoyed the bejebus out of me.

I ran a chkdsk (check disk) on the drives to repair any potential damage after a power outage that outlasted the UPS (I know, what were the odds?). Ordinarily, you run chkdsk at bootup, you can check the results by looking in the logs for messages from WinLogon. I searched for five minutes through the list without finding it...because now it was under something called WinInit. In a way this was funny, since I wondered "Wininit gonna work right for a change??"...say it out loud if you don't get it.
Almost every site, including Windows Updates, including innocuous sites that I've visited for years, including common sites for additional software...required me to add it to a "trusted sites" list. Sometimes it wouldn't even tell me it needed it, some redirect or addon simply wouldn't work. It's an additional step that I don't need when I'm under pressure to get the server working and get things configured.
VNC doesn't work. It's a neat program from www.realvnc.com (which has a free edition) that allows you to remotely view and control your desktop console. It's a convenient way to get to the console, whoever's logged in...we often use it for remote troubleshooting. It has its own password mechanism so it's not reliant on the password for a particular Windows user. "But Barry, why use that when you can use Remote Desktop? You get two client licenses included!"-easy. If Administrator is logged into the console downloading something, and then I RDP in and log in administrator, due to idiot licensing restrictions my login will kill the other session. So if something is being worked on at the same time...poof! Gone. VNC just brings up the remote console because it's remote control, not remote access. Anyway, VNC comes up with an error that Windows won't allow it to run because it's an interactive process. Nice. Really nice.
They changed the Management Console. I used to be able to right click on "my computer", go to manage, then from the top of the tree right click on the "local computer" and from there enter the address of another Windows system on our network so I could view services, system logs, etc...well, no more! Windows 2008 uses the "Server Management Console". And I can't connect to other systems from it! How handy is that?! Well, it's not. Thanks to some other people who were annoyed at this they already solved the problem...I just created a batch file on the desktop that contains the line, "start compmgmt.msc", launching the old fashioned management console from which I can actually manage other systems.
The system logs on the server like logging a message about licenses being validated by WinLogon. Um...who or what is it validating against? Why...? I'm always a bit skittish about software "phoning home". We are using a server, with potentially sensitive data on it. Maybe it's just validating against something on itself, maybe to one of our Active Directory servers, I don't know. But it's annoying me.
Creating a share seems to get more of a burden with each release of Windows. I had to use a wizard now to create a simple share; Wizards are supposed to be a good idea for helping new users with tasks that may be unfamiliar. But wow..."provision share"? I wasn't sure what it wanted me to do with that at first. The familiar route...right click the folder I want to share and select sharing...now takes you to a mini-wizard that would not let me change the name of the share, which I needed to do. I believe I ended up going through a submenu in the server manager to create the share I wanted...through a bigger wizard. All I would like is to right click the folder, have a list of tabbed options, and go from there. Why is that so !@#% difficult? This is Windows Server, sharing is a very basic and common task for server admins. Why must it be a topic for a wizard, without a choice to not suffer through a @#$$ wizard interface? Or worse, an inconsistent interface, since there is more than one wizard to go through for sharing?

Maybe these are just initial impressions and I have to adjust to it. But my first impression was that it was a pain in the arse. VNC didn't work on it. Security notifications keep popping up, even for Windows Update! And common tasks have to be relearned. This is progress? You must seriously have to love the Microsoft Kool-Aid to embrace newer versions of Windows. I find it to be an giant pain to deal with...

Anyone else have similar experiences? Or reasons I should love this version of Windows? Please?

Windows Security Identifiers

This is another edition of Fun With System Administration.

Of course, by "fun" I mean I want to choke myself with a SATA cable.

See, much of my day job involves interacting with Windows systems, and there is never any shortage of reasons for me to pull my hair out.

The latest issue involves the Security ID, or SID. See, Windows, unlike Linux, identifies users and machines with a really long string of numbers and letter called the SID. Even though you might have a friendly username (like, say, your name...) when you go to use the computer in the background Windows knows you by a really long string of numbers. Your human-readable name is an alias of sorts.

Remember, I said users and machines have a unique ID associated with them.

The problem is that we have situations where we have to clone machines to go out to different offices. We take a machine out of a batch of identical systems; we install Windows, configure special software options and printers and various drivers, then we create an image of that machine that we then can copy down to all the other machines in hopes of saving time not having to remember every Windows and Office update and special software package.

Part of that procedure involves running NewSID, a free utility that will change the name of the computer and the SID so the machine gets a unique ID associated with it.

In the Wikipedia article it said:
Now the truth is that when the computers are joined into a domain (Active Directory or NT domain for instance), each computer has a unique Domain SID which is recomputed each time a computer enters a domain. Thus there are usually no real problems with Duplicated SIDs when the computers are members of a domain, especially if local user accounts are not used. If local user accounts are used, there is a potential security issue that is the same as the one described above when the computers are members of a Workgroup but that affects only the files and resources protected by local users, not by domain users.

Now...our users are on a domain! Maybe we don't have to worry about it!

I made note of it and had cloned several machines before remembering to actually test it. The latest NewSID will tell you the current SID for the machine; I looked at two systems on the domain and they both matched. Joining the Active Directory domain doesn't alter the machine's identifier as I thought.

Apparently the Access Control List that controls file ownership and such is associated with the user's SID, and in theory there shouldn't be an issue with this. But on reflection I didn't want to risk it.

Nuts.

So it was my own fault for not testing more thoroughly but it is one more reason to hate Windows...Linux doesn't use machine-specific ID's on the network outside of their name. Windows lets you change names but hides the fact that the name is just a superficial shell over a long string of gibberish (okay, it actually means something as the article tells you, but still...) and it's that string of gibberish that is actually significant; plus you need a special tool to alter it.

Another annoyance with Windows...it doesn't include the tool to alter these sort of fundamental parts of the operating system that can cause problems. You can get NewSID for free but it was actually a third party tool written by Mark Russinovich, hired by Microsoft after he released a lot of useful tools for Windows.

The lessons to be learned?

1. Don't assume. Test. Even if it takes more time which results in becoming less popular with your boss because you're taking that extra time...because it's going to save you the time it takes to fix your time-saving shortcut.
2. With Windows, even though you'd think changing names and ID's and such would make the machine unique on the network, it might not. There are underlying functions that Microsoft actually had the brains to abstract away from the users since they didn't need to know about it...only they didn't put any obvious ways to check on or monitor those abstracted functions until it's too late and you have a new mess to try fixing.
3. Don't assume that just because there's some fundamental part of Windows that needs administration you'll have the tools included to fix those fundamental parts. Find a tool and save it somewhere that you can access that tool later on.
4. Windows is a major pain in the rear.

I think that pretty much covers it...

I Love My Mac

I recently acquired an old PowerPC Powermac G5 slated for a scrapheap. I thought I'd use it for my son; he's four, but he loves playing little flash games and watching DVD's, so to keep our own systems intact I get old systems that are barely adequate for use but have enough oomph to still do the job. At this point he was using a secondhand eMac; an all-in-one unit that had the monitor/CPU in one gumdrop-shaped unit (actually it reminds me of the nose of the space shuttle) that had an 80 gig drive and 512 meg of RAM and a G4 processor.

This unit was a G5 with 512 meg of RAM and a slightly new OS as well as a DVD burner instead of just a reader. I stripped the RAM from the G4 and upped the Powermac to 1 Gig of RAM. I then spent some time doing updates and installing items like NeoOffice and FireFox, then fended my little guy off while running Carbon Copy Cloner to an external LaCIE 160 gig external drive with combination USB/Firewire interface.

He loved it. His games no longer stuttered! Sure, the thing was running on the now-largely-unsupported PowerPC platform, but as long as his web stuff ran he was in heaven.

I was reminded of just why I loved the Mac for home users. I created an account for my son with the "simplified" Finder interface and limited the applications on the menus to just a few of the necessities, as well as creating an account for my daughter to use when she needed a desktop instead of her EEE PC for schoolwork (or more likely her iPod Nano). Simple for him to use, very very few exploits for the Mac, and far fewer worries on my part that he'd get into something he shouldn't.

Today I saw my wife had been doing something on it and left it logged in as the administrator user (I'm not really locking this down, just trying to keep it running for my little guy, so it's the only computer that everyone but my son has the admin password for in case it needed updates and to install a printer). At logoff it locked up tight.

Weird, I thought to myself. I hard-killed the CPU with the power switch and booted it back up. After sitting for quite awhile the dreaded folder icon appeared mid-screen. It couldn't find the Finder folder.

Crap.

Reboot with the mouse button down, opening the CD tray. Insert an old OS X CD, power up holding the C key to boot from that drive. Exit the installer and run Disk Utility. It found several errors before telling me it couldn't fix the drive.

I did some research and found that holding the option key will bring up a boot disk selection manager. Plugging in the external drive via firewire, I booted with option held down...must waiting yielded just the CD ROM drive to boot from.

Power down, plug in the drive via USB, try again. Same result.

I found some information on zapping PRAM and resetting NVRAM and OpenFirmware to get the external drive to appear. I didn't feel like trying that one next...I decided to try my favorite tool, Firewire Target Disk Mode. I love that ability of the Macintosh! It's saved my bacon on a couple occasions. If you're unfamiliar with that ability, it allows the Mac to boot into a mode where it appears to be a Firewire hard drive, and you can hook it up to other computers like any other external hard disk. In that mode you can run repair utilities, copy files from one system to another, or install a newer version of OS X if, for example, you want to install on a system that doesn't have a working DVD drive but have another Mac that does.

I found the key to hold...T...and rebooted the Mac, hoping that the old PowerPC G5 wasn't too old to have that ability. A wave of hope hit me when on the monitor a giant Firewire icon started dancing around. It worked.

I took out an Intel Macbook and connected my LaCie external drive to the USB port, then my dual Firewire cable to the G5 and MacBook. Oddly enough just the DVD-ROM with the bootable install disk showed up on my MacBook (it was in the PowerMac). I opened Disk Utility on the MacBook, and after some chugging it showed the hard drive (and CD drive) on the PowerMac. At this point I was fairly certain that if the drive wasn't bad, hardwarewise, that the filesystem was toasted on it so I wiped the partition with a new one. Then I fired up Carbon Copy Cloner, set the source to the external LaCIE drive and the target to the new partition I created on the PowerMac, and let it go with a bit-by-bit copy.

As I type this it has been running for 35 minutes and copies 2.4 gig of data. It should restore most of the data from when I first got it, which wasn't that long ago.

Hopefully it will be done in a couple hours and I'll be able to try rebooting the PowerMac to see if it was successful. If not I'll probably end up trying to get a new SATA drive to install in the PowerMac.

Either way...this is a wonderful lesson in having a working backup. There are many cases where I have saved my own bacon using Linux but there are times I truly wish I could get a PC to boot into a "target disk mode" like the Mac, or even having easy to use drive utilities like CarbonCopyCloner. The closest I can come to it is a system requiring a bootable CD to image partitions to an external disk. Slightly easier is doing work in a virtual machine because then I just power down the machine and copy the virtual machine's disk drive file to another drive or directory. It's nice to have the ability built right into hardware.

But this approach does underscore a couple issues...similar to information rot on the Internet (as I posted about recently, see the archives or use search) I needed to know if the machine even supported these features. Some Macs use IDE drives, some use SATA, some support booting from external disks and some didn't. You can't just use a Mac and expect this to work.

Similarly, in order to really use these features you probably need at least two Macs handy, which is of course rather expensive. I haven't tested it but the Mac in Firewire Target Disk Mode should allow it to connect as a Firewire drive to any machine that supports external Firewire drives; but I doubt you could easily perform certain functions like actually installing OS X from the host to the target Mac or using the target Mac as a bootable disk. And of course the host has to understand the HFS+ filesystem in order to actually see the data on the drive.

On the other hand it is nice to be able to use an iPod as a backup drive (or bootable disk) for times like this when you're stuck in a bind.

I love my Mac. I have issues with it, but I can't recommend them enough for home users, and I certainly wouldn't balk at being forced to use them as my main machine. I can only hope that Linux eventually gets the user-friendly features OS X has now...or that OS X gains the flexibility and power of Linux tools.

Anyone out there have stories relating when they realized that they had a definite preference for a given platform, Linux, Windows, or OS X? Amiga? :-)

Edit: The drive is, indeed, toast. It's a hardware failure. I ordered a new SATA drive, but unfortunately it won't be here until Tuesday. Then I'll get it installed and start the re-clone from the backup drive so Matthew can have his machine back. On the plus side, I removed the existing drive to see how much of a problem it was going to be...can I say again that working on the PowerMac's hardware is a joy compared to so many other machines I've been sliced open on or had to fight with? I popped off a panel (no tools), removed an airflow panel of some lexan-like transparent plastic (no tools), disconnected the SATA power and drive cables from the drive, and slid it out on the rails. At first I thought it was stuck...turned out the rails have an innovative dual-rail system in it so that the front of the drive naturally slides at an angle as you remove the drive so it doesn't catch on the edge of the case or cables. I'll need the screwdriver only to screw in the screws that allow the drive to sit on the guiderails. I think the Mac is the first system I've had hardware failure and I'm actually consoled because the fix isn't quite as much of a pain in the arse that I thought it would be!

Edit 2: The new hard drive arrived...hooked up the backup drive via USB to the MacBook, then the MacBook to the PowerMac via FireWire cable, and fired up Carbon Copy Cloner to re-image again.

The MacBook first burped an error when connecting the PowerMac (with the new blank drive installed) saying that the disk wasn't usable; I opened Disk Utility and told it to partition the drive then erase it. Carbon Copy Cloner then saw the drive, and in about an hour (the previous attempt took around 5 hours as I recall...then it failed) the copy and verify were done.

Eject both drives, put everything away, crossed my fingers and rebooted the PowerMac. It booted, good as new! My boy is very happy to have his machine back again!

Information Rot on the Webbertubes

One of the roughest parts of working on the Internet is dealing with information rot.

I've been recently digging through what it would take to create a high-availability cluster of Linux systems; essentially a way of taking two or more systems and configuring them to provide a service (like a web site, for example) that appears to be one computer but in reality when one computer fails...motherboard bursts into flames...the other computer takes over and continues to provide the service in a nearly uninterrupted manner, enough that most users aren't aware there's been a problem.

Putting it like that makes it sound simple but it's not.

Information rot is the name I coined for the issue I ran into when researching the task. I've come to see it as a reason for techies to be a little more understanding when they spew vitriol at newbies who don't RTFM or Google for a solution before asking mailing lists for the answer to an issue that has already been answered three times in the past two weeks (to be fair, though, it seems many still don't do that first).

Here's an example of what I ran into. Some people set up clusters and put information into what's called a HOWTO. Just as the name implies, it is a document that tells you HOW TO do what they did. A recipe for setting up a cluster similar to what they did, in this case.

In order for computer B to know that computer A has had a problem (and so computer B must take over A's role), there is a bit of software called Heartbeat whose job it is to periodically check the other machine's health by answering a network query.

Since the first heartbeat software was released for the project it has since had a series of changes made; there was a version one, then a major second version, then it became another program called Pacemaker.

Now when you're trying to create a cluster to meet your own set of needs it means finding information on bringing a lot of related-but-not-tied-togther programs to work towards a common goal (your project needs). It means going through a lot of HOWTOs and home pages and program man pages.

But clusters aren't found in everyone's basement; of all the people who do create a cluster only a fraction of them bother sharing their experiences and information as tutorials, and then they often don't update them anymore. Many of the documents...instructions, HOWTOs, mailing list anecdotes...will have instructions with disclaimers saying, "This is how you do it with version one...version two has this ability built in, so click on this link to see how to configure that. Note that with Pacemaker you should disregard these and go to this link telling you how to do it the "right" way with Pacemaker, unless you're running in compatibility mode with version one Heartbeat..."

That's if you're lucky.

Sometimes you find instructions that refer to software that is just plain out of date so the author doesn't put any notes about versions in it at all, leaving you scratching your head why the commands aren't working for you the way they worked for the author of the document.

It's not just with trying to configure a cluster that I've run into this. I had the same issues with setting up proxy servers (speeding up and filtering web browsing for a large site) and mail filtering for a large number of users (sending email through a filter that decided what was spam and what wasn't while blocking certain senders and blocking certain attachments). The technology behind filtering and even the mechanisms for rerouting networks in Linux changed over time and so I had to puzzle out what documentation was relevant to the version of software, and the mix of software, I was trying to use for the task! Part of the problem with working in technology is that this shift occurs constantly and we're expected to change with it.

It's gaining not just knowledge of what is available as an option but the need to gain an understanding of each component so you can truly apply that solution to meet the needs of the client, whether that client is yourself or another business or department. Often it seems as if users think that tech people just have a store of knowledge that can be tapped into like a human Google and it simply doesn't work like that.

Ever ask a tech person a question that seems very simple on the surface, but in reality is far more complicated? My favorite one is when someone asks me what computer they should get. Seems simple, like asking what their favorite color is. But I can't give them a simple answer if I'm being honest.

I'd need to know what you're going to use the computer for, what your experience level is, what kind of software you really think you absolutely have to use. Are you a gamer? Just an Internet browser? And your budget? All of those are factors in the decision. A Mac can't be beat for people doing audio and video editing at home or just web browsing and email. Windows systems are cheaper (in price and quality, usually). Would your use include a lot of travel? Or do you just like commuting from home to the local book shop with wifi? A netbook might fit...or do you need a true desktop replacement class notebook? Data redundancy or backup?

While this seems like veering away from the concept of information rot, it is related in that both reflect the difficulty in gaining in-depth comprehension of the solution you're seeking.

Google can only point you to knowledge. It's up to you to find wisdom.

I Go to the Movies Apparently to Watch TV

My wife and I went to see the movie Hangover a few weeks ago. It was a pretty good movie, by the way.

The problem is that we paid quite a bit of money to get in; anyone who has been to the theater lately knows what I'm talking about. We didn't see the matinee time. We went in at a late-night showing. It was a multi-cinema theater, not a small town 2-screen theater; a major name place who shares its name with an adjective for a monarchy.

We sat down around 8:00 in our seats. The lights dim.

We watched over 20 minutes of commercials and previews.

Previews I don't mind so much. I sometimes enjoy seeing peeks of what's coming up soon. But commercials?

This theater already shows a loop of some trivia and information before the movie starts...I don't count that since if you're ten minutes early, you're going to have 10 minutes of that loop. I do get slightly irked at the whole, "this movie trivia is brought to you by Coca-Cola" thing they have going on, but hey...I have some control over how much of that I'm exposed to.

But when the movie is supposed to start it would be nice if the movie started.

Worse, they're showing commercials. Actual commercials. For cars and trucks. And soda.

WHY?

I don't want any of that crap just because they're ticking me off when I came here to see a @#$ movie. I associate their products with being annoying crap now.

Because they're actual commercials. Like what I see on TV. As in the reason we're paying a big bundle of cash to sit in the theater and get away from them in the first place.

In a time when people are literally turning their living rooms into small theaters with surround sound and projectors or ginormous LCD televisions, why would theaters go out of their way to try turning their theaters into giant living rooms by creating a crappy viewing experience? I could pay a boatload of money to watch pay per view in my underwear at home. I'm paying a quite a bit more to sit in your theater and be forced to sit through you trying to push the same commercials on me that I get already at home.

Basically it's a reason I don't go to the theater unless it's a movie I really want to see. Otherwise I wait for it to come out on DVD. I am simply too irritated at the onslaught of ads that waste my time and worse, I'm paying them to irritate me. It's a personal pet peeve.

Incompetent fast food restaurants led me to simply stop going to them and tell other people how crappy they are. If I keep getting this from theaters I think I'm going to add them to my craplist as well. I'm very close to sending a letter to the CEO asking he or she to pull his or her head from his or her butt and stop showing me the same crap I already get on my TV at home.