Greg Merideth

http://www.theverge.com/2013/4/22/4251610/windows-8-1-start-button

Microsoft is preparing to revive the traditional Start button it killed with Windows 8. Sources familiar with Microsoft's plans have revealed to The Verge that Windows 8.1 will include the return of the Start button. We understand that the button will act as a method to simply access the Start Screen, and will not include the traditional Start Menu. The button is said to look near-identical to the existing Windows flag used in the Charm bar.

Adding a button to the Windows bar that brings a user to the same Start Screen Windows already has, is not bringing back the start button. Giving your users a choice to have the new look or the "old" Windows 95 through Windows 7 Start menu would be the right choice. This is simply a shortcut.

For those looking to install the CU1 update to Microsoft Exchange (found here) who also have Lync 2013 in their organization, beware. After installing the update we found that we could not sign into Instant Messaging in Outlook Web Access (OWA). A quick check discovered that the CU1 update overwrote the web.config file responsible for OWA client access.

There are two keys in that are essential to get Lync to work with Exchange 2013 and in their rush to get things out the door, decided that any changes you've made to the web.config file aren't that important and are just going to be overwritten during the update.

The two keys in the web.config file are:

 <add key="IMCertificateThumbprint" value="EA5A332496CC05DA69B75B66111C0F78A110D22d"></add>
 <add key="IMServerName" value="atl-cs-001.litwareinc.com"></add>

Update:

Apparently this is mentioned in the release notes and due to a late night update we totally missed the warning so this was all our fault.

Recently I have been trying to recover data from customer’s failed hard drives in an attempt to get access to protected password files important to the customers. While it is good that a user decided to use a program to store their important passwords on their computers, most users stop at that point and do not think about the files location. Should the computer crash or stop working, all of those passwords could potentially be lost.

At the office, we use cloud storage from FileLocker to store our password data files so all changes are implemented automatically to external storage which is then synchronized to our laptops, tablets and cell phones.

While I recommend the use of a password protected password storing program such as KeePass (I prefer not to use browser based password remembering systems) I also strongly recommend storing your password files to thumb-drives or cloud storage where your changes can be synchronized instantly.

KeePass
http://keepass.info/ - store your passwords in a master, encrypted password file.

FileLocker
http://www.filelocker.com – cloud storage collaborative framework.

While looking for a way to map different drives based on a user who logs in at various network segments (different IP addresses) I found a lot of scripts and/or GPO solutions when it seems to me a simple .NET program could resolve this easily.

The program shown below, looks for an address that contains a subset (or even the entire IP) in the list of IP addresses of the machine. So by using 'route 192.168.2' I can get a specific DOS ERRORLEVEL if the machines IP list contains an IP that starts with 192.168.2.

using System;
using System.Collections.Generic;
using System.Text;
using System.Net;

namespace route
{
    class Program
    {
        static void Main(string[] args)
        {
            if (args.Length < 1)
            {
                Console.WriteLine("route.exe [ipaddress]");
                return;
            }
            IPHostEntry machine = Dns.GetHostEntry(Dns.GetHostName());
            foreach (IPAddress ip in machine.AddressList)
            {
                if (ip.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
                {
                    if (ip.ToString().Contains(args[0]))
                        Environment.Exit(1);
                }
            }
            Environment.Exit(0);
        }
    }
}
​

Then using a login script similar to this will allow you to map drives based on the match of the machines IP address.

echo Mapping Drives
route %1
IF %ERRORLEVEL% == 1 GOTO IPMATCH
rem NO MATCH
net use x: \\some\server
goto END
:IPMATCH
rem MATCH
net use x: \\some\otherserver
:END
echo Mapped Drive X:
​

Ohh Microsoft, your're not even trying anymore to not be made fun of. Are you really not even looking at these dialog boxes anymore?

Exchange 2013 failed dialog box

Dear Microsoft, I have been showing my customers what they can expect in the upcoming Windows 8 platform and they are not impressed. The general impression is that this is an unnecessary attempt to implement a tablet interface to the desktop. Many clients are very happy with the choices they have in Windows 7 and to a lesser extent those in Windows XP. Most feel (and this is the basis of this message) that their choice has been taken away in Windows 8.

Over the years Microsoft has made many choices under the guise of “our customers have asked us” that have removed choices when there easily should have been, simply, an option. Options that need not be there seem to be on the rise though.

With Windows 8, your development team can, and should have, implemented a choice. The Metro interface should (and still can) be an option for those with tablets while electing a “boot to desktop” approach with a standardized start-menu as they have in the various versions of Windows up to this point.

Various stories¹ have appeared that your team is working furiously to remove any API calls that would allow the older desktop formats to be used via aftermarket products. You’re removing our choice on how we would like to use your product.

Customers testing Windows 8 have elected to cover their desktops in as many application icons as they can get their hands on just to stay away from the Metro “boxes.” One enterprising user created folders on his desktop to group his application icons together in a vain attempt to mimic his old start menu.

Gone are folders to group applications together, opting instead for the “spread everything across your desktop” approach. Gone is a link to a start button, now support staff will have to guide users to the corners of the screen to bring up settings, recent apps and of course, the Metro Start. Searching for an application by typing its name is however, not a feature that anyone that I have demonstrated Metro too is interested in.

Gone, is choice.

I did not intend for this to be a rant on the UI changes but instead a rant on Microsoft’s poor decision to remove our choices over the years. It’s not too late though to look back on your ways and decide that yes, giving customers choice is a good thing, and implement the Metro and classic Windows XP/7 desktops for users.

Choice is good.

1. http://www.winsupersite.com/article/windows8/microsoft-windows-8-businesses-143238 [↩]

Over the past few weeks I have been inundated with questions regarding the non-delivery of e-mail messages and I would like to make a few suggestions.

First, a primer on spam. Three-hundred thousand spam messages a month are tracked going through my client filtering systems. That is three-hundred thousand e-mail messages not in various in-boxes. A piece of highly tuned software is making decisions as to the validity of the sender, the body of the message and the various attempts and sending viruses/spyware and phishing attempts.

It’s not perfect, and occasionally, valid e-mail is sent to the land of never-read messages.

There are ways to make this easier.

One, common domain names, that is, domains that you work with on an ongoing basis, can, and should, be added to what is called a whitelist. This is a list of domains that you never want to be checked against spam filters. If you are working with John Smith at Acme (jsmith@acme.com) – I can add the domain acme.com to the pre-filter white-list and never, ever, will John Smith be blocked by the mail filtering system.

However.

There is more than just on filtering system in place. Filtering can occur at pre-filtering sites such as Securence and Postini, filtering on Exchange, filtering in Outlook (yes, it is different than Exchange), filtering in the firewall and some antivirus packages include mail-filtering as well.

All of these need to be told whom you do not want to be considered spam.

Two, tell your customers, contacts, friends and family to white-list you. Yes, the people on the other end have filtering systems in place similar to what you are behind.

People that you communicate with on an on-going basis need to follow the same procedure you have. Ideally, your domain should be added to their white-list, at a minimum, your e-mail address should be white-listed. But it’s not just white-listing in one system. All parts of the spam filtering chain need to be told who you are. Skipping one link in the chain can send you to e-mail jail.

Third, check spam quarantine. This not only applies to you but to your clients/customers. Everyone needs to spend one-minute per day checking spam quarantine for messages sent to spam by accident. Messages routed as spam should immediately be flagged as non-spam by whatever flagged it to begin with. Should you not have access to the filtering system such as firewall or Exchange SCL blocking, your administrator should be contacted to either white-list the email address or domain.

Finally, make sure when you initially begin the conversation, ask to be added to the contact list of the person you are e-mailing and ask that the domain be white-listed on your and their end. Adding a simple statement in your e-mail footer as:

“Adding my email address, xxx@yyy.com to your safe senders list will help reduce the chance you will not receive my email message in the future” - can help reduce the chances you get routed to spam.

While not perfect, spam filtering is getting better, following these steps can help reduce your e-mail headaches.

Discovered March 2nd, 2012

Reported March 2nd, 2012

Status: Not Resolved

The beta SiriusXM web player stores the username and password in plain-text in the file "username.sol" located under the Macromedia flash settings folder located in your Application Data/Roaming folder.

The file is found in the flash local settings directory located at (via a Windows 7 profile path):

C:%HOMEPATH%\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\[profile]\www.siriusxm.com\
player\beta\siriusXMPlayer\siriusXM.swf\username.sol

As an administrator with access to users' desktops, I was able to scan for and find multiple credential files on our client's desktops. After discovering, I contacted SiriusXM, who replied application security is taken seriously and would pass on this information to the developers. One month later, nothing has changed. The username and password for a users' SiriusXM account are still stored in plain-text in this file.

If you listen to SiriusXM online I would recommend that do you not store your credential information locally using the "remember me" feature and, until resolved, do not use the beta player.

Storing the username and password in plain-text is basic programming failure. The number of instances of data theft is staggering yet developers are still making these egregious mistakes during development.

Another month, another set of browser updates. Now that the players have decided to follow the Google "let's update every 42 minutes" approach it was either update this post every other day or just wait a few months to some real changes appear.

In this test I am going to use the same 400x400 grid of images. I should explain that this is a grid of the *same* two images (black.gif/white.gif). There are just two images referenced 160,000 times. In reality, the way the different browsers handle this is staggering.

Since starting these tests, Internet Explorer went from the bottom to the top in performance in rendering the test page. Chrome improved and as usual, Firefox is the worst. As Firefox gets "better" this test page gets "worser" (yes, I know.)

The Results

The Test Page

Firefox 7.0 533.2MB 3 Minutes 11 Seconds
Internet Explorer 9.0 255.9MB 12 Seconds
Chrome (it updated when I checked) 317.3MB 27 Seconds

Over five years, multiple emails, apparently nobody at Microsoft even cares anymore that their "advanced browser" cannot handle simple malformed table tags.

Want to have every single IE user lockup when they visit your site? Put an iframe in and link it to the malformed table page. Regardless if anyone would ever come across this page in the wild, it is still a glaring bug in their rendering system that Microsoft chose to ignore all these years. We're I on the IE team I'd be ashamed at this point.

Here's the original page
http://www.gregmerideth.net/?p=87

Here's the page that will cause your IE to lockup.
http://www.gregmerideth.net/html/iecrash.html