Windows optimize

10 cool tools in Windows 7

The changes to the Windows 7 interface have gotten a lot of play, but some of the new built-in tools are just as compelling. Deb Shinder runs through some of the most impressive enhancements, from the ISO burner to the Biometric Framework to PowerShell v2.

The changes to the Windows 7 interface have gotten a lot of play, but some of the new built-in tools are just as compelling. Deb Shinder runs through some of the most impressive enhancements, from the ISO burner to the Biometric Framework to PowerShell v2.


Windows 7 has received plenty of attention from the tech press, but much of the focus has been on interface changes, such as the redesigned taskbar, and new file management features, such as libraries. Some improvements are less obvious -- like the new or enhanced tools that are included with the OS. Here we discuss 10 of these cool tools that make the computing experience easier.

Note: This article is also available as a PDF download and as a photo gallery.

1: Action Center

Centralized management is the name of the game today, and Windows 7 gives you a one-stop shopping location where you can go to deal with security issues, troubleshooting, and recovery, instead of searching out separate applets for each. It's all combined in an easy-to-use Control Panel applet, where you get maintenance and security messages and can view performance information, change UAC settings, and more, as shown in Figure A.

Figure A

The Windows 7 Action Center provides a centralized location for dealing with security and system problems.
This is an outgrowth of the Security Center in Windows Vista. It made sense to combine security settings and actions with system maintenance and recovery issues. The Action Center also shows up as an icon in the system tray, which displays a red X if there are problems you need to address, as shown in Figure B.

Figure B

The Action Center is represented by an icon in the System Tray to alert you when a message needs your attention.
A nice touch is that Microsoft makes it easy for you to turn the various types of notifications on or off, as shown in Figure C. Thus, if you have an antivirus program installed that Windows doesn't recognize, you don't have to deal with constant messages urging you to install one -- just turn off virus protection messages.

Figure C

You can turn the various types of notifications on or off as you wish.

2: Problem Steps Recorder

One of the coolest new tools in Windows 7 is the Problem Steps Recorder (PSR) -- especially for those of us who provide tech support to Windows users. No matter how hard they try, users often have problems accurately describing the problem they're experiencing or the steps they took before or after experiencing it. Sure, Remote Assistance can be a godsend in those situations. But you can't always connect to the user's computer in real time. That's when the PSR comes in handy.

It's really a type of screen capture software that records all actions -- keystrokes, mouse clicks, etc. -- and saves the sequence of events in an MHTML page that documents every step the user took, along with screenshots. You start the PSR by entering psr.exe in the Start menu Search box or at the command prompt. The interface is shown in Figure D.

Figure D

The Problem Steps Recorder provides an accurate record of a user's actions, along with screenshots.
You can view the recorded steps in IE by double-clicking the saved zipped MHTML file, as shown in Figure E.

Figure E

You can view the recorded steps in Internet Explorer.

3: ISO burner

An ISO image is a type of archive file that is often used to distribute software. In Windows 7, Microsoft addressed something that's been on the wish list of many users for a long time: Now you don't have to download and install a third-party program to burn an ISO file to disc.

It's a simple process: After you download an .ISO to your hard drive, just double-click it and Windows 7 will open the Burn Disc Image dialog box, shown in Figure F.

Figure F

Now you can burn an ISO image to disc easily without installing third-party software.

This also works for images with the .IMG file extension.

4: Biometric device management

In earlier versions of Windows, biometric authentication and management of biometric devices (fingerprint sensors) required third-party software that might or might not integrate well with the OS. Now it's built in. Windows 7 includes the Windows Biometric Framework, which gives developers an API they can use to build biometrics into applications. Makers of fingerprint sensor hardware, such as UPEK and AuthenTec, worked with Microsoft on the development of the Framework. Biometric devices are managed through a Control Panel applet, shown in Figure G.

Figure G

You can change biometric settings and manage devices through a Control Panel applet.

5: Credential Manager

The Credential Manager is another new feature in Windows 7. It is similar in some ways to the password management feature in Vista's User Accounts applet but is more sophisticated. You can manage Windows credentials for various computers that you sign onto, certificate-based credentials, and other generic credentials (for e-mail accounts, Web accounts, etc.). These are all stored, by default, in the Windows Vault, as shown in Figure H.

Figure H

Windows 7's Credential Manager can store passwords and certificates in a central location.

Perhaps the best new feature in Credential Manager is the ability to back up and restore the Vault. Microsoft recommends that you back up your credentials to a removable drive, such as a flash drive, to make it easier to restore them if you have a hardware failure.

For more details, see Windows 7: Exploring Credential Manager and Windows Vault.

6: Display projection and Windows Mobility Center

If you give lots of presentations, you'll welcome a new tool in Windows 7 that makes it easy for you to display your Windows 7 portable computer's desktop on a projector. Just press the Windows logo key + P and you'll see the pop-up box shown in Figure I.

Figure I

The Display Switch settings box lets you quickly change how you want your desktop displayed.

The first setting is the default and displays on the computer screen only. The second setting clones the display on the computer screen to the projector. The third setting extends the desktop across both the computer screen and the projector, and the fourth setting displays via the projector only and turns off the computer screen.

Pressing the Windows logo key + X opens up the Windows Mobility Center. Through this interface, shown in Figure J, you can turn on presentation mode. This disables your screensaver, sets your wallpaper to a neutral one and even puts your IM client on "do not disturb" status.

Figure J

When you're presenting, you can set your laptop to Presentation mode.

7: Text tuning and color calibration

Your computer does the work, but your monitor is what you look at all day. If it doesn't look good, you don't get the most out of your computing experience, and you can even strain your eyes. Windows 7 includes two great tools for adjusting your display to fit your preferences.

You can access the ClearType Text Tuner from Control Panel or from the command line (cttune.exe). If you have multiple monitors, you can tune the type on each of them individually, as shown in Figure K.

Figure K

You can tune the ClearType text on each of your monitors to suit your preferences.
The tuning tool works somewhat like those eye charts at the optometrist's office: You select the one that looks best to you, as shown in Figure L.

Figure L

To tune the text display, you pick the text that looks best to you.
In addition to the text tuner, Windows 7 provides a color calibration tool. It's accessible from the Control Panel or from the command line (dccw.exe). It helps you to adjust the gamma, brightness, contrast, and color rendition on your monitors for the best display, as shown in Figure M.

Figure M

The Windows 7 Color Calibration tools helps you optimize your display.

8: System Repair Disc

The Vista Service Pack 1 betas included a new feature that let you easily create a system repair disc with a friendly graphical interface, but it was removed in the final release of SP1. Windows 7 restores this functionality. Just click Start and type System Repair in the Search box. Click on Create A System Repair Disc. This opens the dialog box shown in Figure N.

Figure N

Windows 7 makes it easy to create a system repair disc.

To use the disc, put it in your drive and reboot the computer from the disc. (You may have to set the CD/DVD drive as the primary boot device in your BIOS.) Then, you'll get a list of system recovery options, which include:

  • Startup repair
  • System restore
  • System image recovery
  • Windows memory diagnostic
  • Command prompt

9: Better backup utility

Of course, previous versions of Windows included a backup utility, but this tool has been significantly improved in Windows 7. Vista's backup program was user friendly but not very flexible. Windows 7 gives you more granular control over what you want to back up.

You can invoke the Backup And Restore applet from Control Panel or by typing Backup in the Search box on the Start menu. You can back up your files to a local hard disk, a removable disk, a DVD, or another computer on the network. (You may need to provide credentials to access a network location.) Then, you can choose to back up libraries or individual folders, as shown in Figure O.

Figure O

The Windows 7 Backup utility lets you back up the folders you choose.

You can also exclude specified folders from the backup.

10: PowerShell v2

Windows PowerShell (Figure P) is a command-line shell interface and scripting tool that makes it easier for Windows administrators to automate tasks using cmdlets, which are commands that perform single tasks, and scripts, which are made up of multiple cmdlets to perform more complex, multi-step tasks.

Figure P

Previous versions of Windows include a command-line interpreter (command.com or cmd.exe), but PowerShell is much more powerful, providing a UNIX-like command environment that can automate almost every GUI functionality.

PowerShell can be downloaded to run on Windows XP or Vista, but Windows 7 is the first client operating system that comes with it built in. (It is also installed by default in Windows Server 2008 R2.) PowerShell v2 adds about 240 new cmdlets, as well as new APIs and features, such as the ability to invoke PowerShell scripts and cmdlets on a remote computer. You can find out more about PowerShell on the Microsoft Web site.

About

Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 add...

68 comments
xobpaos
xobpaos

this credential manager looks like the stupidest thing in the world. microsoft windows certainly does NOT have the reputation of creating SECURE software. I would just as soon paint the names of the webisites i use and their passwords on the side of my house in giant neon colored letters and scatter signed blank checks all over the yard than use something as ridiculous as this idea. Passwords and private information need to be stored in a SAFE place. For the lazy man who just can't bear to type in passwords too many times cause its just toooo bothersome and happens sooo often and he's in suchhhhh a hurry to logon ten seconds sooner though, this is the right place for him to stash this stuff. Its as safe as that key to the truck hidden in that key box under the hood and that key hidden up under that spot in the yard alongside the house nobody can step in cause its a flowerbed. Yeah, right, burglers won't want to bruise any daffodils on their way in to steal your stuff.

JimWillette
JimWillette

Although burning an ISO to media is nice, why not just be able to mount it as a file system and use it directly. Daemon tools can. Better integration of zip files as a legitimate files system would be nice too.

Mikepp
Mikepp

Will windows 7 have a program that will open a WindowsImageBackup that I performed with Vista? I have never been able to access files that I need and wonder if I will with Windows 7.

Deadly Ernest
Deadly Ernest

Gee, almost up to Unix and Linux now - took long enough. OK, they've been missing and are good to have around, which is why third party people have been making a fortune selling them, but not enough improvements to make me switch to Win 7, and the issues with drivers only makes it worse.

mad steve
mad steve

These things are really not going to persuade me to shell out more money on yet another Microsoft attempt at an operating system. It'd be better if they made stuff that works properly rather than spending effort writing better tools to submit problem reports. They've had enough chances already. If they wrote something halfway decent they could extend it, develop it, make enhancements as time goes on, rather than re-inventing fantastic new ideas that nobody wants and building in loads of stuff to force users along specific paths. Almost everything I want can be found in really decent open-source. Web browser - I'll make my own choice thanks. Email - I'll make my own choice thanks. Office - MS office is fine, but others might prefer Open Office, or something else. Burning images - plenty of choice for free. Security software - I'll choose. What I really want from an o/s is solid basic functionality. Networking, device support, a decent filing system with file-sharing, and a good user interface. I'll add anything else I want. At least then I know how it works, where it is, what it depends on, and how to change it/get rid of it if I don't like it. I'm sure Windows 7 will be ok, but it takes years to learn the intricacies of a new system to the extent that you can make it how you want and maintain it. I want to spend my time using my computer, not re-learning it every two years. Enough! No more messing about. XP until it dies and then re-learn something designed with a vision for the future.

darpoke
darpoke

to the release of W7 since a friend showed me some of the cool things in the RC, such as the homegroups functionality. But, I have to say, only Microsoft could incorporate a keylogger into their OS, and cite it as a 'feature'. It's a positive thing! Yeah, great. What user does it run as? Now malware doesn't even have to snoop on a user. Just activate Windows' inbuilt functionality and get the OS to do it for you. Now that's progress. MS really are the cracker's best friend...

dogknees
dogknees

I was thinking about this and it occurred to me that there is nothing here that lets you create content. A PC, to me at least, is primarily a tool for creating things or collecting things others have made. Why don't we see new tools in our new OS's that are used to create things rather than simply look at what others do? We've have a bitmap editor for quite a few versions of Windows now. Why hasn't it grown to rival Photoshop? Why don't we now have 3D modelling tools and renderers? Obviously there are a lot of freeware, shareware and open source alternatives, but why not as part of the system? Why are there no programming tools in the OS? We used to get GW Basic at least. Why haven't we got a language that is as far in advance of GWB as Win7 is to Windows 2? Who decided we don't want more functionality in our OS? Why?? I understand the anti-trust and monopoly issues, but having a basic application as part of the OS doesn't stop others providing more capable apps. Which is what they should be doing if they want to make money. If you're not innovating, you don't deserve to survive! If you don't offer something others don't, you have no place in the market. Any thoughts?

vinnyboy3
vinnyboy3

Does it have XP defragment format?

Migration Expert Zone
Migration Expert Zone

Excellent list! The Problem Steps Recorder in particular sounds like an outstanding solution for enterprise support staffs.

hastypete
hastypete

The problem step recorder looks like a great tool.... for identity theives. Let's hope it is something that can be removed from the system.

DHCDBD
DHCDBD

I have the RC installed in a VMWare. Prior to this I had all the beta's installed in a VM. The auto resize no longer works when I resize W7's VM. Makes me wonder if there is a deliberate effort to eliminate the competition for Hypervisor. The smooth fast operation is now gone into cyberspace. I have lost ASIO compatibly, which the beta's had. The install utility corrupts files. I could name a few more issue's in less than a few minutes testing, why bother. I would have recommended W7 to others when released; based on the breaking of functionality that I have seen, I no longer can do so in good conscious.

dhamilt01
dhamilt01

Another backup program? All I want to do is select what I want to backup, where I want to back it up to and how to back it up - compressed, encrypted, complete disc image or just data etc. DOS was the last OS that alowed me to do at least the first two needs WITHOUT a third party backup program. Nothing in Microsoft Windows backup has ever worked. The backup didn't do what I needed or the retore failed to put my system back to EXACTLY where it was when backed up. I have ziltch confidence Windows 7 will be any better. When Microsoft puts all it's money on crap like Areo, what makes you think they will spend any on such important things like a good backup program?

jerry
jerry

I've installed Windows 7 on my desktop PC that is a new loaded computer and also on a 2 yr. old Compag Laptop 1.6 Mhz 1 MB RAM and both went without a glitch. I did install the latest ATI drivers for the desktop even though it installed an ATI driver thatworked. On the notebook, which is a wide-screen, it didn't have the wide-screen resolution and all I could find for the notebook was the old XP video drivers which installed and seems to work perfectly. It will not run Aero though but who needs it on a notebook. I'm impressed, very impressed with Windows 7 and plan on buying the final release whenever it comes out. In the meantime I'll transfer all my files and programs and start using it as my main OS on both machines. It's such a relief from Vista's constant nagging screens and slowness it's like having a brand new computer with the latest hardware, especially on the old notebook.

dogknees
dogknees

These all look good, but ultimately, I don't spend my day tuning my monitor settings or managing my passwords. What new tools exist that affect normal usage? Things that make it faster or take less keystrokes/clicks to locate and launch an app for example. Or, a way to stop applications stealing focus. I like to launch several apps and while they're starting up, do other things. Every time IE steals the focus I curse Steve! I used to curse Bill, but now it's Steves turn. There doesn't really seem to have been the same effort and intelligence applied to the basic interface as has been spent on the system level stuff in the last few versions of Windows. The change to Office has been immense in comparison. Or look at how IDE's have changed in the last 5-10 years. Why hasn't the OS and the whole interface metaphor and richness changed at least as much?

darpoke
darpoke

can Windows machines honestly not do this? I am mainly a Mac user at work, though I am trying a few Linux distros atm, and I use a FreeBSD install at work as well. OS X can mount them, no problems. It seems trivial to take a virtual filesystem and mount it at an arbitrary point - it never occurred to me that Windows couldn't do this.

tonycopp
tonycopp

I like reading the comments, but like Win 7, they say more about the author's needs than the subject or the customer's needs. Seriously , daspoke and neon samurai should get a room and write about how they can use mirrors to see under the skirts and on 'stealing the rich kid's lunch money' might be better to learn what the smart kid learned overnight. So now I know that Win 7 was built as a proctology tool to see what's up with the custies. Cool, yes; but maybe too cool.

freaknout
freaknout

sounds like you really would be happier with dos 3.1

darpoke
darpoke

of provoking a tirade (for which I wouldn't blame you, fwiw), might I suggest that perhaps you're not the sort of person at whom Microsoft products are directed? The mere fact you're prepared to spend just the smallest amount of time understanding how your machine works was, for me, the giveaway that you'd be better off with just about any of the alternatives, including (but not limited to) OS X, FreeBSD, Solaris, or any of the many other *nix distros or myriad Linuxen. I myself have used Windows for two decades (including in school) and learned little to nothing about it. By contrast, I started at my current job in a Mac office four years ago and have managed to learn the OS inside out, and even ventured into FreeBSD and now a few Linux distros. Just installed Ubuntu on a beat-up old box last night and it's faster and more responsive than the XP install that was there previously. Windows always struck me as the operating system targeted at people who neither know nor care whether the little glowing box in there desk is mechanical, organic or magical. If you half expect to see pixies darting around when you open the case, Microsoft have a (mostly) working software solution for you. If, on the other hand, you have the slightest interest in how it works, even just so you can make it work better *for you*, then perhaps you're better off elsewhere...?

Neon Samurai
Neon Samurai

The winNT kernel would be the OS. The actual part that sits between hardware and user applications. The distributions would be WindwosXP which includes the OS and some basic applications. Other OS distributions include more software, some include less. In terms of Windows specifically, it's primary goal is to generate profit for a company by itself being a retail product. Including a full featured image editor like Photoshop would be against that primary goal when that can be sold as a second product. Putting the development time into MS Paint also wouldn't sell more units to justify including it with the OS distribution. There is also an anti-trust issue with Microsoft due to it's size within the software market. If they included a better image editor, it may cause more issues through anti-trust law; Adobe would definitely scream about it as Opera is doing about IE over in Europe. My guess is that the reason's MS Pain hasn't evolved much; business practices and legal concerns. I just drop Portable GIMP on a flashdrive with the rest of my portable apps. I'm not working with images enough to justify a hard drive install and not professionally enough to afford Adobe's license costs.

The 'G-Man.'
The 'G-Man.'

Operating System. Primary use is to let you run other applications for which you create content with.

Neon Samurai
Neon Samurai

Vista gave up the graphic interface for defrag but the utility is still there and in Win7 also. If you need the graphic display (I like it myself), you can look at something like jkDefrag which will do the job very nicely even as a screensaver and present a progress display beyond a data table. Diskeeper would be the way to go if you want the GUI and defrag engine that winXP's included version is based on. Idealy, NTFS and FAT partition formats should be fixed so that they don't require seporate defrag utilities. Partitions like ZFS and EXT# are self defragging as a partition format should be.

LongOfTooth
LongOfTooth

My best guess is it was one or more of the 3 letter government agencies. Big bro wants to know what you're typing.

The Scummy One
The Scummy One

I tried backing up a specific folder and there is no option. Instead I had to create a batch file to open a network drive, copy the folder and contents, and disconnect the network drive. Then I had to setup the schedule for when to do it. Apparently MS thinks that they know more about what I want than I do -- huh! Nice to know that they added this functionality back.

Neon Samurai
Neon Samurai

I had a machine where the owner got locked out of her own files. Backup from ntfs then restore to fat32; problem solved. (yeah, I know.. two days later I realized I should have just enabled the explorer advanced view and flipped the file ownership. It's always the expert that checks everything but the power cord first though.)

The Scummy One
The Scummy One

I am not all that keen on it. I dislike some aspects of the file system -- especially if the window is full of folders, and I need to create several new ones. I can create 1 no prob, but then it is highlighted and I have to back out and go back in to create a second -- yeah, that's more productive!

jvp@CTFolk.com
jvp@CTFolk.com

My top wishlist item is for Windows and IE to interact with MS Office and other apps so that customizations to toolbars and other personalization features (but especially toolbars) would be portable. Log in using your Windows Live (or whatever it's going to be called) password, and your customizations would get downloaded on the spot. Why this isn't an obvious need, I don't get. The other thing is to establish a standard UI for all Windows apps (at least MS Office apps!) so that things like centering use the same keyboard shortcuts, etc., are the same between Word, Outlook, Excel, PowerPoint, etc.

Neon Samurai
Neon Samurai

I thought of something after posting. If your a gamer then software compatibility may fit into your question. I've heard rumour that Vista can run Longbow2 which is pretty much a lost love for some of us flightsim junkies since early win98. If Win7 will run LB2, I'll have to put some effort into getting hands on a legal license. If it can run LB2 which has graphics support and ram>128 issues then it's worth looking at what else it may run better for you.

Neon Samurai
Neon Samurai

It may seem superficial or unimportant to other's but I can't tell you the number of times I've had a slow opening program or it's usless splash logo decide that I didn't want to continue with my previous task while I wait. Just the other day I looked back at the screen to find half my comment in a new program's input field and an error about not liking the enter key. After win3 through Vista, why on earth is there yet no way to tell programs opening in the background to stay in the background until I, the user of the system, chooses to actually use them?

CharlieSpencer
CharlieSpencer

Windows doesn't use the concepts of 'mounting' and 'mount points', at least not in terms of user interaction. There may be something similar going on deep in the bowels, but if it is it isn't visible. 'Mapping a network drive' may be the closest corresponding action. Regardless, there was no native .ISO functionality in previous versions of Windows. I won't load W7 until next week, so I don't know if it will allow opening an ISO like a folder. As to Jim W's other comment, I haven't had any problems opening .ZIP files in XP or Vista using Windows Explorer without any third-party compression apps.

matt-the-cat
matt-the-cat

I can see your point about MS and it's shielding people from learning the OS but you did start out by saying you work in a MAC house and learned the OS inside out. MAC's OS is even more transparent to the user than Windows so I'm making a jump and assuming you meant the other OS's you mentioned. FreeBSD/Linux. Otherwise your comment was spot on. But MAC and Windows are both OS's for people that don't want to know...and MAC is even more so than MS.

Fionnmaccumhailus
Fionnmaccumhailus

Do a search for this, it's out there. I've done it a couple of times. Works as a fairly simple alternative to a purchased backup.

mmatchen
mmatchen

JVP, I recently saw some screen shots of Office 2010 that standardize some of the UI. I think it's a gallery post on Tech Republic somewhere.

dogknees
dogknees

Sounds like I might be able to get Flight Unlimited 1 working. It's still the best sim for the pure fun of flying that I've ever seen. I can spend hours soaring along the hills and catching thermals. The hoops courses are also huge fun and a real challenge. Regards

The 'G-Man.'
The 'G-Man.'

Just fix it yourself. There are loads of ways to stop this.

The Scummy One
The Scummy One

it happens with me all of the time. I also hate while something is opening, it needs to make sure every network connection is perfect, or it hangs longer. Yeah -- open a Word doc on your desktop -- a mapped drive is down -- now Word waits almost a minute while trying to make the drive available. I just want my f**king document from my desktop!!!

Neon Samurai
Neon Samurai

I've run into a few cases where a true link could have done what I had to instead do with duplication of data. It may be one of those things you have to use once to really get though. In my Windows only days it would not have occurred to me but having gotten used to benefits from multiple OS, it's something I've missed more than twice.

CharlieSpencer
CharlieSpencer

"Imagine what file management options open up to you when a shortcut becomes a real object in the file system..." I can't imagine any uses for this, at least as far as applies to me personally. I work with .ISOs maybe twice year and only at work. I hadn't heard of Truecrypt or .VHD files before this discussion. Apparently all my apps are defaulting to My Documents, as I prefer. I'm sure it's an improvement for those who know how to take advantage of it.

Neon Samurai
Neon Samurai

It's a text file that says "if someone clicks on me, go here and run this instead" like a detour sign on your drive home. It's also a detour sign that is only read in specific cases. The program has to recognize what to do with a shortcut. If I open explorer and dig through the directories, I see c:\program files\crysis\saved with a little arror over \saved telling me it's a shortcut to another place. Explorer happens to know that *.lnk need to be considered in a special way. If I open cmd and dig through I'll see c:\program files\crysis\saved.lnk (ironic that the shortcut ext is "link"). I can no more "cd saved.lnk" than I can "cd readme.txt". I actually have to "type saved.lnk" then "cd" to where it's actually pointing. Similarily, Crysis is expecting a directory; it won't make use of saved.lnk any more than change directory will. Imagine what file management options open up to you when a shortcut becomes a real object in the file system not a text file which some applications interpret. With mounting, Windows simply doesn't clarify the distinction. When you insert an flashdrive, Windows automatically mounts the device and assigns a drive letter. When you boot up, the hard drive partitions are mounted to assigned drive letters. The "make this useful" step after inserting the storage media is purposefully hidden from the user. You already mount .zip files making them appear as directories (though, only under explorer). Mounting Truecrypt volume files and ISO (via virtual cdrom utilities) where previously mentioned. With network shares, mounting is more obvious because a user can "map" a share to a drive letter. They tell Windows that F: should be \\storageserver\stuff and can choose to unmount the share later and/or have it automatically mounted next time they log in. It may not be referred to as "mounting" but the act of mounting a storage location for the purpose of having it appear as part of your local file system is still there. Libraries seem to be predefined file searches with a little extra ketchup. If I open a file search I can say "all .mp3" and I'm looking at a list of all found mp3 files rather than digging through directories to multiple locations. The extra bit seems to be including remote locations along with the local machine. The "Library" is simply a directory that auto-runs the search as needed. The feature doesn't get me excited either. I don't see what it does beyond my existing good file structure and use of file search. It seems to be more about separating me from how my files are stored but I'll have to muck with the feature to be sure. I'm more interested in finally having true links. Mounting VHD files is interesting too but would be more interesting if it included more storage container types.

darpoke
darpoke

I'm a Linux n00b, but I have had some experience in configuring the latest version of the Mozilla suite to run in a Puppy Linux distro I've been playing with (it's awesome, by the way). The installation needed by the new version required a different structure of files than the previous one - different binaries needed to be in different places. What is in some OSes a critical incompatibility was trivial to resolve in this case by simply creating the requisite filenames, symbolically linked to the existing file structure. Basically I redirected the app's expectations to what my filesystem actually provides. Think of it like modding an engine to fit a different car than the manufacturers designed it for - trivially achievable and with no performance loss. As Neon says, there are many eventualities when you are given *no* choice as to the structure of files placed on your system by installed software. With symbolic linking you are able to place these physically wherever you like, and the software is none the wiser. Shortcuts in Windows are a different, higher-level way of achieving this for the user, but this can't be used by software. I'm a Linux n00b but I'm sort of old-school OS X (4 years+) and I can categorically state, even to the small extent I've personally used them, that symlinks rock.

CharlieSpencer
CharlieSpencer

I guess I'm not understanding the advantages of this, or of the libraries either. Libraries sound like another tool for the "file management challenged". Since it appears to require some configuration and discipline, it probably will be misused or ignored by the masses. I haven't seen anything 'mounted' in Windows and been aware that's what I was looking at, or heard it referred to as 'mounting', but I'm not going to say you're wrong. I've been mistaken before. I can't get a mental picture of what your describing as 'links' in Linux, or how a link differs from a Windows shortcut. Maybe it's a case of not missing something I've never had. What will having this capability in Windows do for me?

Neon Samurai
Neon Samurai

So the *nix folks have been using ln for ever. ln creates links in the file system; one files data literally has two pointer entries on the platter. One file literally in two different places at the same time. The win7 folks will discover mklink.exe (think that's it) which, finally, creates true links within the file system rather than a text file listing of a path and file "shortcut". On example given was a game that forces save files into a specific location. A user can simply link that hard coded save directory to the actual desired location (eg. not on the programs drive). Mounting has existed in the winNT world since at least XP if not previous to it. One can mount a partition to a directory location rather than drive letter. Drive letters have remained in place to support older programs and badly written newer programs that require the drive letter pointer. Mounting files is where it becomes a little more interesting as one needs more specific software. TC files can be mounted to a drive letter but you have to have Truecrypt installed to do it. ISO can be mounted to a drive letter but it's again a specific "virtual CD reader" type app. The big thing being pushed right now is win7 being able to natively mount .VHD files. They seem to be more a portable container for drive formatted data rather than simply containing drive data for an associated virtual machine. By contrast, the *nix folks benefit from the ages old mount command and whatever file system is recognized by the kernel. ISO is just a Juliet file system in a binary image so mounting an ISO is no different than mounting a CDrom and DVD reader. Devices are also viewed more like any other file or directory on the drive. For example, VLC can read from the CDrom device directly (not shocking). It can also be pointed at /path/file.iso instead of /dev/cdrom because it cares about the content data it finds not the directory/file path is's fund by. File System in User Space; FUSE is also an option. It's a more recent development that runs within the user's account. It's also more of a framework accepting plugins for various source locations. My primary use is mounting SSH or CIFS shares to a local directory. I believe it can mount a database into a directory type view. I've seen plugins to mount webdav and other crazy combination. In both cases, the mounting layer takes care of the connection (to device, to file or to remote system) leaving a simple directory structure for non-network apps make use of the data through. Sticking specifically to Windows and ISO. The virtual cdrom app will mount the ISO image and partitions can be mounted to directory locations instead of letters. (still no confirmation if admin console chatter is encrypted between client app and server nor is there a native SSH implementation though I am looking at a third party ssh server to provide some functionality)

tonycopp
tonycopp

That is a great explanation of comparative OSology and more kudos for using the word "fecund"..you just don't get to hear fecundity so much in SV.

darpoke
darpoke

if I'm being completely fair, I would have to admit that my learning had more to do with the period of my life that occupied those four years than with the OS in question. I started my first office job that depended on my ability to use a computer. I am now the system administrator for the company, the vast majority of my skillset being what I have learned on the job. I also take responsibility for my lack of similar understanding of Windows - it makes little to no sense to me but I've spent little to no time trying to learn it. I also concede that OS X does behave as you suggest and the Luddite user can if they wish learn bugger all about their computer while using it. I think it's fair to say this is the experience Apple and MS both mean to cultivate - things that 'just work'. Don't forget though, that while Windows was built mostly from the ground up - additional functionality grafted clumsily on as needed, adding to the legacy bloat that plagues them to this day - the Apple OS has the benefit of a Unix core. This essentially classes it in the same familial line of the other *Nix OSes, who take what I would consider the opposite approach: the original OS used to power the so-called 'supercomputers' of their day has been progressively dumbed-down and simplified to make it palatable, first to non-PhD academics and eventually to the layperson. By this stage you have one of the distant cousins, OS X, which is so bland and superficial that children can and do routinely use it. Believe it or not, this is actually progress. It enables people to enjoy the benefits of computation without needing to crosstrain substantially to understand how to do it - I believe this is the trend computing will continue to take for quite some time. Look at the proliferation of calculators. The implications of a Unix core are that OS X has more under the hood than its colleague from Redmond - well, similar bloat, but more of it is engine. You can step into the commandline and actually get things done. You can script actions using AppleScript or use the shell directly. Because large parts of OS X are either based on or actual open source, there are a large number of actions that can be passed to and from native applications. This makes for both a powerful OS and a fecund learning environment. [edit: finished train of thought in 3rd para]

Fionnmaccumhailus
Fionnmaccumhailus

"The Scummy One" as a suggestion. I've not had that much trouble with customers using it for some low importance things. The hard part is getting them to actually read the reports and look at file stamps of any backup and trying a restore to an alternate location as test. It's dull and tedious looking for trouble till the backup hiccups (usually due to failing media). If we have serious data to back up, then I usually go with commercial software for it (and still have trouble getting someone to be responsible for checking it out). And I don't generally try to work with restore-able mirror copies, but take the attitude of re-install OS and restore data. The restorer then thinks about each data item to be put back. This causes a house cleaning which is usually a good thing to do anyway. All in all it's crude, but I'm used to it :)

dhamilt01
dhamilt01

Thanks for the tip. But like I said in the original post, even XP's backup program didn't back up everything or didn't restore everything. After several restore attempts with XP, my system wouldn't work, or was altered enough to have to do a clean install. Third party disc images where the only backup/restore I could count on. NTFS' basic design is OK but fails miserably when it comes to backups and restores. Hopefully, the next File System Microsoft comes out with will finally end their long career of backup failure in Windows OSs.

Neon Samurai
Neon Samurai

It was a great sim that I spent hours in with that tear-drop. Thermalling was a little harder than the real thing and I always did fly the toe up rather than jumping to an altitude. After getting licensed, it filled my need for soaring as affording the real thing on weekends wasn't easy for a highschool kid. These days I have a lovely feedback Logitech stick without a good glider sim. I'm trying to curb my Windows addiction but I may have to buy MS Flight before it goes DX10 only. I'd prefer to stick with Flightgear if it could get reasonable FPS counts as it even has the glider I learned on among the extensive library (AH64 also which is a different sim addiction). That's between Nvidia and the Flightgear devs to figure out though.

dogknees
dogknees

It focuses on aerobatics and has no radio, control tower, other traffic, or anything that distracts from the flying.

Neon Samurai
Neon Samurai

Is that one of the early ones that focused on the environment more than the plane? If I remember, it has a glider and a few power planes. If it's the same one, I've also spent a lot of time in it soaring. Sadly, I can count the number of times I managed to stay in a thermal.

Neon Samurai
Neon Samurai

Actually, I would like to fix that myself on a few systems if you've utilities or links to recommend. I'd be even more interested if it managed splash screens for third party apps also but just having programs not take focus by default would be worth a look.

darpoke
darpoke

what amuses me more - that someone would attempt to 'shut up' posts on a forum they aren't being forced to read, or that after describing the original topic as 'a basic article about Windoze 7', they express disbelief that the conversation would wander OT. If STFU is the language you're happy using then you should have no problem grasping epic FAIL.

Neon Samurai
Neon Samurai

.. a true credit to all those who call themselves IT consultants.

CharlieSpencer
CharlieSpencer

Maybe if you'd been more active you would have realized that off-topic discussions are not just tolerated but often welcome here.

matt-the-cat
matt-the-cat

You morons! This is a basic article about Windoze 7. Why go rambling on about something not related? Can you read? Do you have a brain. STFU!!!

Neon Samurai
Neon Samurai

" Port 445 provides SMB over TCP. From Microsoft "Windows supports file and printer sharing traffic by using the Server Message Block (SMB) protocol directly hosted on TCP. This differs from earlier operating systems, in which SMB traffic requires the NetBIOS over TCP (NBT) protocol to work on a TCP/IP transport." " http://isc.sans.org/diary.html?storyid=7210 I thought it a nice clear description of SMB/CIFS and NetBIOS related to TCP/IP. The SMB/CIFS/Samba service does manage it's own name/address relationships based on a Master SMB and client SMBs. Basically, the first SMB service to make noise will find no master to it assumes the role. At home this could be whatever machine boots faster based on the Workgroup it was set to join. If the network is instead setup with a domain server (LDAP; normally MS Active Domain branded) then the workstations join the domain which provided the CIFS/SMB Master role. That's my understanding now that some of the other cobwebs clear away.

darpoke
darpoke

but I'll let you know my findings, Neon. Thanks, it's great to have someone to butt heads with over network topology as I'm literally the only computer tech in my company. We're a small production company so all the other people with any technical experience have it in video editing and camera standards. With the sysadmin stuff I'm an island :-( I take your point on the security through obscurity, I think there are definitely pros and cons to both approaches. I will say though, on the dynamic side the obscurity is perpetual. It's not quite the same as moving http to port 81 - it's more like moving it to port 81 for this session, then port 87 for the next session, and another port after that*. A scan might reveal the port used (or in this case the network toplogy) but that information would expire with the session. I like to think of it like a school classroom. Every day the kids come in and sit in the same seats. If you wanted to run in and steal the lunch money of the rich kid you could just check where he sits and wait for him to come in. Alternatively if the seating was random, you might still catch him - but you'd have to do the same prep work every day. It's not much but it's a layer of protection, however thin. On the subject of Bonjour, it's a LAN protocol. It doesn't traverse networks. We have VPNs to our two satellite offices for connectivity but Bonjour doesn't cross that either. I think it's a wider limitation of mDNS specifically, actually. I've little experience with packet sniffing or attacking a network though, so I'm not sure whether an outside snooper would be able to intercept them. It is something I would like to develop a wider knowledge actually, I have a book on network security assessment but as with all things, it's finding the time... My conclusion of Bonjour is that it provides little (though still a tangible something) that a properly configured network can't already have - but the same could be said of DNS. A truly committed sysadmin could certainly provide up-to-date hosts file to map the local network, and simply rely on DNS to communicate with the outer world. They're both simply tools to reduce that workload so other things can be accomplished in the same time... such as security precautions! *Obviously, if a protocol was really moving it would have to avoid the well-known ports.

Neon Samurai
Neon Samurai

If Bonjour is broadcasting that much information about my systems all one has to do is suck up the traffic and they get a pretty comprehensive picture of my network and systems during the reconnaissance stage. It seems like walking up to a border guard and announcing everything you have on you versus just asking the questions asked of you. My preference would be the machines validating and answering requests for service listings. I can also see an nmap scan where I can't see who is capturing my Bonjour announcements. I'll have to think on Zeroconf more and see what's been written about it by the security researchers. At home my router does dhcp with static IP and hostnames placing unknowns into a guest range of IPs so I can see them by address or name very easily. It doesn't provide the flexability of name changes for the static ones but it does pull the hostname from guests. "security to keep a static network topology..." I've been considering this recently and I'm still a little devided. Static topoligy + machines are easy to find by IP or hostname + ip remains static for firewall rules and similar - someone running a long scan has more time to complete it stealthily since machines leaving and joining do so with the same host/ip - someone finished a long scan can use that same topology list when the return a second or third time Dynamic topology - hostname does not always map to same IP - IP based rules have to be updated with the new IP + someone running a long slow scan gets jumbled results as machines join and leave the network + someone finished a scan has to rerun the scan again as the current topology list becomes outdated Does the obfuscation provide any real defensive advantage or is it the very definition of obscurity in that it feels safer without providing any real security increase. This like obscuring http by moving it to port 81 which is only effective briefly until people discover it versus applying a true security mechanism infront of it. "I'd really like to know if anyone has any experience with Bonjour in a Windows environment. If Windows really has rejected zero-config in favour of the DNS route then it sounds like Bonjour offers something for which there is no common equivalent in a Windows network." I know Windows does have a zero-conf service so I wouldn't say it's rejecting it in favor or DNS. I'd have to do a bit of reading and confirm exactly what the difference between NetBIOS and the new aproach is. I think Windows will work by hostname even if on a local network without dns/dhcp dedicated machine so the hostname/address relationships must get discovered somehow. I know my Windows environment at work is getting noisy because of the Bonjour packet broadcasts. I've not set my IDS rules to ignore yet. At home, my wife's Apple doesn't generate the same constant network noise so there is something different in the two system setups. Bonjour may offer something more than the similar services in Windows to still. I'd be interested to hear what you find when you do compare them.

darpoke
darpoke

thanks for that. So I guess that NetBIOS is an analogue for Bonjour, and CIFS/SMB are 2 versions of the analogue for AFP. DNS is fine for resolving hostnames, but what I like about Bonjour is that it can broadcast much more than that - if you want to you can advertise what machines are sharing what, be it file sharepoints, print services, screen sharing. What's great is that it's zero config - you don't need to wait for your sysadmin to update DNS when you change hostname or add a machine. Just set your Sharing prefs, plug in the patchcable/connect to wi-fi and you're in. Everyone sees your hostname and what you're offering. Even more importantly, Bonjour allows you to bypass DNS on networks that use DHCP to allocate dynamic IPs - you really need to statically map them for machines running services such as fileshares that need to be accessed or printservers. It's not a big suck if you're prepared to stay on top of it or never change these, but if you want to provide outside access it can reduce your security to keep a static network topology... I'd really like to know if anyone has any experience with Bonjour in a Windows environment. If Windows really has rejected zero-config in favour of the DNS route then it sounds like Bonjour offers something for which there is no common equivalent in a Windows network. When I get my XP box repaired (lost some DLLs when preboot scanning the filesystem with Avast!) I'll have a play with it and see if I can get it to talk to my GF's MacBook...

Neon Samurai
Neon Samurai

They are related but separate. CIFS, formerly SMB is the actual software that shares your folder to the network and connects to folders shared on other machines. Windows uses it to connect to your network shared printer for example. In older Windows networks, it would use NetBIOS to locate the address of the network machine name you gave it. Modern Windows systems simply use DNS. Samba is the FOSS project focused on providing CIFS(SMB) connectivity for non-Windows systems. http://en.wikipedia.org/wiki/Netbios http://en.wikipedia.org/wiki/CIFS http://en.wikipedia.org/wiki/Samba_software

darpoke
darpoke

Each machine broadcasts (well, technically multicasts, obviously) its own hostname/IP - having got the IP from DHCP - and what services are active on it. These are set in the Sharing pane of System Preferences, the OS X equivalent of the MS Control Panel. So looking at my machine, I have Screen Sharing (vnc), File Sharing (afp/smb/nfs), web sharing (http) and remote login (ssh) set 'on'. They're just checkboxes in a list with basic options configurable in a sidepanel to the right, when applicable. The services I've set 'off' are DVD or CD sharing which allows for remote access to the contents of your optical drive/s, printer sharing since we don't use any USB printers in this office any more (except mine which is specialised), remote management which enables ARD, another Apple product (essentially merging vnc and ssh afaik), remote Apple events which can be generated using AppleScript among other things, Xgrid sharing which enables cluster-based processing for Compressor, and Internet sharing. For more info on Bonjour and Mac networking in general, check out this PDF - it's more detailed than Apple literature tends to be and is actually rather useful. Page 168 onwards spells out Bonjour, what it can do for you, and how you can manage it. I think there is still space for zeroconf in a modern networking setting. DHCP for example, runs on our server - it broadcasts what IP is the gateway, what subnet mask to use, who to query for DNS or LDAP lookups, and so on. Basically it tells you what it does and where to find the basic services. With machines running, for example, Bonjour, however - it's like *every* machine is broadcasting their service list. In fact that's the literal paradigm. It's only really advisable on a LAN but that makes it perfect for single-office or home use. I can pick any machine from the /Network directory in Finder and see the Public folders of every account in /Users on that machine (if file sharing is on). By default that's drop boxes only but for file propagation that's fine. I can also share their screen if activated, either by authenticating as a known administrator or requesting it from the currently logged in user. And it takes no setting up whatsoever other than each user deciding what they want to make available to others. Thanks for both those links btw - when I'm back on my XP box I'll be sure to lock it down tighter and have a browse of the BV site. I'm pretty keen to get my head around XP as I have OS X pretty well understood so far and it's great to diversify. So if I understand you correctly, NetBIOS is old school and CIFS is the new kid in town, right? CIFS is what Samba is emulating iirc, last time I networked a Vista machine to our Leopard server I had to tweak its SecPol utility to allow Samba connections as they're off by default...

Neon Samurai
Neon Samurai

Thus I have a short but mildly secure password on my 'new' box. I'd suggest using a strong password. At minimum, it maintains a good habit, at maximum, it can provide a security mechanism should your machine get jacked. Make it longer than 15 characters or disable LM Hash passwords in your local policy. LM hash is very easy to break as is separates the password into seven character chunks which are quickly found with easily downloaded rainbow tables. http://support.microsoft.com/kb/299656 I'm not completely clear on what Bonjour does but NetBIOS is a win95/win98 era thing that allows your computers to connect by host name. You can probably disable it and retain the same connectivity with TCP/IP since your home router's dhcp will manage it if the local system doesn't. It's also not noisy like Bonjour so it won't generate constant packets. CIFS is your new risk. It's very convenient for connecting shared directories or printers but is a cleartext protocol or at least clear enough that your password hash can be sucked out of the network traffic. This probably only applies within your network though unless you decide to play with any of the public WINS name servers; it's not worth it just to extend Network Neighborhood outside your own LAN. I've not looked at zero-conf since dhcp seems to do all I need. I thought that was more of an instant "setup my wifi" type function but I should probably give it a closer look. Screensharing equivalent is remote desktop. You can configure it to accept incoming connections from specific user accounts and/or accept requested "help" connections from the local user. There is a Remote Desktop client for osX which will bridge your platforms though I don't know about the Windows -> osX desktop direction. Also, take some time to visit blackviper.com (black background, lots of white text) which will give you a good idea of what services do what and which can be disabled.

darpoke
darpoke

- I'm the only user on a Windows box I 'inherited' (it was being thrown out). The previous users hadn't bothered with passwords. Why indeed? They trust each other. They also clearly trusted the entire world, which feasibly had access to their Windows box over the internet, not to execute code when remotely attacking their machine. Again, why not. I'm quite sure Internet Explorer is quite capable of handling any threats :-) Thus I have a short but mildly secure password on my 'new' box. Out of interest, being relatively new to Windows (I've not used it much in the 4 years or so that it's taken me to learn Mac admin), is there a Windows equivalent to Bonjour? Is that what 'NetBIOS' is? I know mDNS can be annoying, especially when a machine doesn't respect its network and starts spamming indiscriminately, but zero-config is a very useful networking tool in networks where machines are popping on and off the network. Various freelancers are in now and then and they often bring their own machine with them. I'm also running NetAppleTalk on my iPhone so it pops up on the network too. The Finder SideBar constantly refreshes to show local machines with any services running, whether it's filesharing, screensharing or remote login. It brings networking to a level where normal users can perform what is quite a sophisticated operation, without needing help...

Neon Samurai
Neon Samurai

I was trying to remember that app name yesterday on another site. Good old Quicktime install suggests (opt-out method) iTunes and Bonjour when all you want is the quicktime core app for Windows. And now, it'll also suggest (opt-out method) the iPhone manager ragardless of if you have an iPhone to pair with your Windows machine. I'd say that the sudoer's prompt is much better than a more broken approach to security. I have a su.cmd command on my Windows box and welcome the prompt for admin password. I'll have to try disabling bonjour and see if it stops the constant network noise broadcast out. The few Apple machines don't need iChat within the office.

darpoke
darpoke

Redmond, but the Final Cut suite of edit software, by Apple, uses the mDNS packets - Bonjour - to broadcast and check serial number details. Hence conflicting (i.e. identical) serials can be run concurrently if one of the machines has the mDNS daemon disabled. The line to enter in terminal is: launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist Naturally, to reverse this simply change 'unload' above to 'load'. And they need to be run as sudo. Of course, this breaks Bonjour, and anything else that relies on it such as Bonjour messaging in iChat. But if it's the only Mac machine around and you have a fairly solidly mapped network topology then it should cause no unresolvable problems. I have the two commands scripted as apps - the only problem is that running them prompts a Terminal window asking for the user p/w to authenticate against the sudoers list. I don't know any way around that, sadly...

Neon Samurai
Neon Samurai

Word is using IE as it's base to include the actual Word objects into. Since IE is the system explorer, it sees the drives including network mount points. Because it's IE and it's seeing the drives, it has to scan them. This means hanging for the time out limit on network mounted letters with poor connectivity. That's a random guess though so it would have to be confirmed or corrected by one of the developers. My office gripe to add is regarding Office for osX. It seems Office for mac constantly broadcasts looking for other Office on osX installations. This may be to provide some Office to Office benefits but was listed as "to confirm that other Office for osX installs are not using the same serial number" according to the searches I've had time to run. Whatever the reason, I'm getting about a thousand (literally, four digits ####) alerts daily out of my Snort and it's all 255.255.255.255 from the osX box in the office. I could have Snort ignore it but the fact that a machine is broadcasting twice every second indicates a problem for me not something to be ignored. I'd offer more details but it's also not the top of my work list so I keep reading the IDS notices and running searches when I have time on the side.