I gave up paid computer consulting a year or so ago when the last company I was working with was sold. I still do some unpaid consulting, including for a doctor who gives away more medical care than he charges for. Some years ago I bought, with his money, a Computer Associates (CA) perpetual license for their antivirus product. All was well for five years. Yesterday I uninstalled one license from one of the practice's three computers to move it to a new one. When I installed it on the new computer, it immediately reported that it was expired!
Well, I'm careful when I spend other people's money, so I had the order number, license keys, etc. all at hand. "This won't be a problem," says I, "I'll just call customer service and they'll tell me how to fix it."
Didn't work. I reached a woman with a barely-understandable Indian accent who pretended not to understand the meaning of "perpetual." When I insisted that they look up the original order using the order number I had right in front of me, I was told that technical support could not do that, but they'd transfer me to customer service. OK. There was an interminable wait, then a man with Yet Another thick Indian accent insisted over and over that I "just have to pay the renewal fee." This man also pretended not to understand "perpetual," even after looking up the order. He also completely ignored my many requests to talk with a supervisor. I finally, after 23 minutes of this, hung up in frustration rather than saying what I thought of this treatment, which, of course, is exactly what they wanted me to do. (Yes, I am tough enough to be polite even in circumstances like this one.)
Bottom line: the people at Total Defense, "a former division of CA" will not help you when things go wrong.
The good news is that Microsoft Security Essentials seems, from all reviews, to be an effective AV product. It has had time to mature. (It was introduced in fall of 2009.) And it's free for home and small business use! It works with 32 bit XP and both 32 and 64 bit Windows 7. http://windows.microsoft.com/en-US/windows/products/security-essentials
Bye, Total Defense! See you around!
Saturday, January 7, 2012
Tuesday, November 22, 2011
Did the ISP Supply a Bridge or a Router?
This week I helped two friends configure wireless devices and get them working. In both cases, the root of the problem was understanding what services were provided by the ISP's device and what services should be provided by the wireless device. In one of the problematic cases, a cable connection, the ISP supplied a transparent bridge that allowed a single device to be configured using DHCP and provided a registered IP address. In the other case, a DSL connection, the ISP supplied a consumer-grade router with network address translation, DNS forwarding, and the ability to configure clients using DHCP. Configuring the wireless device properly required an understanding of the ISP's device.
Although I've misused the term router slightly, my use here is consistent with industry practice and shouldn't confuse anyone. Strictly speaking, a "router" connects different networks, i.e. networks where the network part of the IP addresses are different. A consumer-grade wireless device does that, but also provides the other services listed above.
Connect a device running Microsoft Windows to a port on the ISP device, open a command window, and issue the command ipconfig /all
Find the section of output labeled Ethernet adapter Local Area Connection and record the following:
IP address: ___________________________
Subnet mask: _________________________
Default gateway: ______________________
DHCP server: _________________________
DNS servers: ________________________
If there’s only a single port, establish a configuration like this:
If both clients work and report different IP addresses within the ranges listed in step 3 above to ipconfig /all then the ISP device is a router with probability one. Otherwise, it’s almost certainly a bridge.
Definitions:
For the purposes of this document, bridge and router, when applied to the device supplied by the ISP, have the following meanings.Bridge
A bridge supports a single IP address and serves to translate (bridge) between one transmission medium and another, for example, between TV cable and Ethernet, between DSL and Ethernet, or between Ethernet and WiFi.Router
The term router is misused slightly here to mean a consumer product that requires a single IP address on its outside (wide area network, or WAN) port and supports multiple client devices, each with its own IP address, on its LAN ports. To support multiple “inside” IP addresses, a consumer router necessarily implements network address translation, or NAT. It generally also provides DHCP configuration of clients and DNS forwarding. It could optionally provide a bridge between media types. It might provide other services, such as NTP relaying.Although I've misused the term router slightly, my use here is consistent with industry practice and shouldn't confuse anyone. Strictly speaking, a "router" connects different networks, i.e. networks where the network part of the IP addresses are different. A consumer-grade wireless device does that, but also provides the other services listed above.
Algorithm:
IF the ISP device operates in bridge mode
then set up the wireless device as a router
ELSE
// The ISP device is a router, so
Set up the wireless device as a bridge So, the key question becomes, "Did the ISP supply a bridge or a router?"
Is the ISP device a bridge or a router?
Data Collection
Record any manufacturer information or model numbers on the physical device. Google is your friend.Connect a device running Microsoft Windows to a port on the ISP device, open a command window, and issue the command ipconfig /all
Find the section of output labeled Ethernet adapter Local Area Connection and record the following:
IP address: ___________________________
Subnet mask: _________________________
Default gateway: ______________________
DHCP server: _________________________
DNS servers: ________________________
Testing and Inference
Assumption: a device such as a laptop that’s plugged directly into the ISP device “just works,” so it was configured using DHCP and there’s a DHCP server someplace in the ISP's infrastructure.- If there are two ISP boxen, the one connected to the TV cable or DSL line is almost certainly a bridge and the “inner” one a router. Consider the pair together to be a router.
- If there’s only one Ethernet connector on the ISP box, it’s probably a bridge. If there are multiple connectors, it’s probably a router.
- If the IP address from the data collection step is not one of the following, it’s almost certainly a bridge:
10.x.x.x
172.16.x.x to 172.31.x.x
192.168.x.x - If the default gateway and DHCP server are not the same IP address, it’s almost certainly a bridge.
Acid Test
If there are multiple Ethernet ports on the ISP box, connect two client devices to two of the ports. If both clients work and report different IP addresses within the ranges listed in step 3 above to ipconfig /all then the ISP device is a router with probability one. Otherwise, it’s almost certainly a bridge.If there’s only a single port, establish a configuration like this:
If both clients work and report different IP addresses within the ranges listed in step 3 above to ipconfig /all then the ISP device is a router with probability one. Otherwise, it’s almost certainly a bridge.
Of Course, It Could Be a Duck
Most consumer grade routers can be configured to operate in bridge mode. Unless you can get access to the configuration mode of the ISP device, if it acts like a bridge, treat it as a bridge. If it acts like a router, treat it as a router.Wednesday, June 8, 2011
Turn Off Facial Recognition on Facebook
Facebook has quietly (silently!) rolled out a feature that attempts to identify your face in pictures your friends upload, and then suggests that they "tag" you in such pictures.
Your first reaction might be, "So what? They're my friends... they're going to tag me anyway." Well, maybe, but maybe not. It depends upon what's in the picture, why it was uploaded, and how much value your friends put on your privacy. Imagine, say, a wedding reception. The bride and groom are the center of attention, looking beautiful and handsome, respectively. But, in the background, is me, or maybe you, with a death grip on a beer and chatting animatedly with the bride's little sister. In the ordinary scheme of things, the guy with the beer probably wouldn't get tagged, but if Facebook suggests it... well, have you ever clicked "OK" without thinking?
"So what? Everybody drinks at wedding receptions." Well, maybe, but do you really want to be the guy with the beer in more than perhaps one picture? Or something equally innocent that could be misinterpreted?
Then there's the question of accuracy. Maybe all overweight white guys with grey beards look alike to Facebook's software. "Surely my friends would notice the mistake and fix it." Well, maybe... have you ever clicked "OK" without thinking.
Don't forget Mark Zuckerberg's dream of world conquest. After enough pictures get tagged, Facebook's facial recognition software will know what you look like. When will "they" decide to turn on automatic recognition? And for the huge volume of pictures that have already been uploaded?
Am I paranoid? Facebook's history of stepping on privacy says not.
Convinced? OK... here's how you turn this "feature" off. This stuff is well hidden, so stay with me. If the screen shots are hard to read, click on them to expand them.
Your first reaction might be, "So what? They're my friends... they're going to tag me anyway." Well, maybe, but maybe not. It depends upon what's in the picture, why it was uploaded, and how much value your friends put on your privacy. Imagine, say, a wedding reception. The bride and groom are the center of attention, looking beautiful and handsome, respectively. But, in the background, is me, or maybe you, with a death grip on a beer and chatting animatedly with the bride's little sister. In the ordinary scheme of things, the guy with the beer probably wouldn't get tagged, but if Facebook suggests it... well, have you ever clicked "OK" without thinking?
"So what? Everybody drinks at wedding receptions." Well, maybe, but do you really want to be the guy with the beer in more than perhaps one picture? Or something equally innocent that could be misinterpreted?
Then there's the question of accuracy. Maybe all overweight white guys with grey beards look alike to Facebook's software. "Surely my friends would notice the mistake and fix it." Well, maybe... have you ever clicked "OK" without thinking.
Don't forget Mark Zuckerberg's dream of world conquest. After enough pictures get tagged, Facebook's facial recognition software will know what you look like. When will "they" decide to turn on automatic recognition? And for the huge volume of pictures that have already been uploaded?
Am I paranoid? Facebook's history of stepping on privacy says not.
Convinced? OK... here's how you turn this "feature" off. This stuff is well hidden, so stay with me. If the screen shots are hard to read, click on them to expand them.
In the upper right of your Facebook page, click "Account" and select "Privacy Settings." (Notice that I've blurred the images of others that appear in this screen shot.)
Within "Privacy Settings" find the "Sharing on Facebook" section and click on "Customize Settings." (Told you it was hidden!)
Finally, next to "Suggest photos of me to friends," click the "Edit Settings" button and change the setting to "Disabled." Click "Okay" to save your changes.
Whew! That was a lot of trouble. However, you've turned off automatic recognition of your mug. For now.
However, don't forget that Facebook's software can still learn what you look like because your friends have probably already tagged pictures of you by hand and will probably do so again in the future. EEeeww!
However, don't forget that Facebook's software can still learn what you look like because your friends have probably already tagged pictures of you by hand and will probably do so again in the future. EEeeww!
Friday, January 8, 2010
Rescuing a Dead PC
Three times in the past week colleagues and I have been confronted with computers where the hardware was OK, but the software had been compromised to the point that the computer wouldn't boot. In one case, a re-installation of the operating system fixed the problem, but at a loss of some irreplaceable data.
Having had my fingers in all three of these, it seemed like a good time to make some notes. There are numerous other ways of dealing with this problem, but what I've written here is likely to work in a majority of cases, and is likely to preserve one's data in most cases. This method also uses tools that are accessible to almost everybody. (I guess I have to add that, while this has worked for me, these suggestions are presented without warranty; if any of these steps don't make sense to you, it is probably time to get help.)
I've added a couple of notes at the end about recovering from a lost Windows password, and what to do if a system screen, like "Help and Support," either won't open at all or opens to a blank screen.
Before trouble strikes...
Assemble a Crash Kit
Your "crash kit" should include:
Get a little satchel for this stuff and keep it all together in one place. A plastic tackle or tool box from a hardware store is ideal. You will also want a "CD wallet" to hold the CDs so they don't rattle around loose in the box.
You are going to use the USB drive to make backup copies of data, so it needs to be about twice as big as the biggest hard drive you have. I've had good luck with Buffalo Drivestation brand drives, and colleague recently bought a 1 TB Drivestation for $114.
PING is a partition imaging program available here: http://ping.windowsdream.com/ It is free, but there's a way to make a donation. I encourage you to do so since this will be a part of your operational kit. I suggest 40 Euros, about $60. Make a PING disk and save the ISO image on your USB drive. (Make a "tools" directory for this stuff.")
It is easy to find instructions for making a rescue CD. One that I have tested, but not rigorously, is here: http://www.howtohaven.com/system/live-windows-rescue-cd.shtml Substitute "SP3" for "SP2" in the instructions. Test the disk that you make. Save an ISO image of it on your USB drive in the Tools directory.
Kaspersky, F-Secure, and BitDefender all provide free, bootable anti-virus rescue disks. You might want at least one, and maybe all three, in your crash kit. (Trouble is, something that gets by your own anti-virus might slip past those, too.)
I'm pretty sure you want a copy of Malwarebytes' Anti-Malware. There is a free license for personal use, and also technician and corporate licenses. I urge you to pay the appropriate license fee if it becomes a part of your regular procedures. Even if you use it only once, pay the $25 for the personal license and help keep these people in business.
You should get a copy of Secunia's Software Inspector. There's a free Personal Software Inspector for personal use and licensed versions for corporate use.
"Rip" ISOs of the manufacturers' disks onto your USB drive so that you have one for each flavor of machine you support, and also include physical CDs. (You make the Tools directory so that you can reproduce the CDs if something happens to one, not to use directly.)
Using the Crash Kit
When faced with a machine that won't boot, or won't operate as intended because of some kind of software problem, including virus or spyware infections, do these things:
1. Free up space on the USB drive: If you have used the USB drive previously, you may need to delete subdirectories from previous rescue operations to make space on the drive. You need about twice as much space as the space used on the drive being rescued.
2. Make a copy of the failed machine's disk: From a working computer, create a subdirectory to identify the computer being repaired. Example: for a Dell computer, create a subdirectory using the service tag number as the name. Make an "image" subdirectory below that. With the failed machine turned off, connect the USB drive and boot from the PING CD. (Having the machine off when you connect the USB drive guards your USB drive against malicious software on the failed machine.) Use PING to make a copy of the failed partition, usually C: in the new "image" subdirectory on your USB drive. Now you can get back to the starting point no matter what else happens.
PING can copy about 30 GB an hour, so allow some time for this step. The result is a series of binary files, each sized to fit on a CD. However, you can also use a working PC to restore the image files to a second USB drive. Now you can copy data files, etc. However, a USB-to-USB transfer will be very time-consuming, and it isn't time to do that yet. The PING copy is only for backup purposes at the moment.
Some people might prefer to make a "direct image copy" of the disk in the failed machine, and there are software products that do that, too. You'll have to use your USB disk a little differently if you go that route. You'll probably have to set up a "recovery" partition onto which to load the image.
3. Try to repair the boot records: If the computer won't boot at all, it may be as simple as a corrupt boot record. Boot from the manufacturer's Windows install disk, type R to get to the recovery console, provide the administrator password, select the proper partition, and type fixboot c: You might also attempt to repair the master boot record with fixmbr. Microsoft warns that one might corrupt the partition table if the MBR is infected with a virus and suggests running a virus scan before attempting to repair the MBR. You can list the partition table with the map command of the recovery console. Take some notes!
There is more information about the recovery console here: http://support.microsoft.com/kb/314058
If you can boot after repairing the boot records and everyting "looks OK," go to step 8.
4. Run anti-virus software: If the problem is known or suspected to be malicious software, you can run one (or more) of the bootable scanners. These take many hours (allow overnight) to run and may not really help because a virus that escaped the installed anti-virus program (you do have an installed anti-virus program, right?) may escape the bootable scanner, too. The good news is, that if one of these works, you're nearly through!
If running anti-virus corrects the problem and you are reasonably certain that any malicious software has been eradicated, go to step 8.
5. A. Boot from the rescue disk: After making the image, shut down the machine and boot from the rescue disk with the USB drive still attached. You can now "rescue" files by copying them to the USB drive in the directory for the machine being serviced. If the problem is malicious software, be careful not to copy executable-type files. See http://antivirus.about.com/od/securitytips/a/fileextview.htm for a list of files to worry about.
5. B. Copy files: Copy the files to be rescued to corresponding subdirectory names on the USB drive. You may want to copy the entire Documents and Settings subdirectory. Be sure you get the user.id file for Lotus Notes users. Talk to the user of the machine in trouble about what other files may need to be saved. (Remember, you still have an image of the whole disk. You can "back up" as long as that image exists on your USB drive, so a missing file isn't a disaster until you finally erase the image.)
6. Do a Windows upgrade/repair install: Boot from the manufacturer's Windows install disk and choose "install windows." The installer should detect the presence of the current Windows installation on the hard disk and ask whether you want to "upgrade" or perhaps "repair" the installation. That's the right answer unless you're trying to eradicate stubborn malicious software. The Windows repair/upgrade installation will replace Windows files and registry entries as necessary to get a bootable system, but will (try to) preserve data and installed programs, along with their registry entries.
If you can boot after the upgrade/repair install, go to step 8.
7. Do a fresh install of Windows: This has the effect of driving a stake through the heart of everything on the disk, good or bad, and burying it at a crossroads at midnight. This is a last-resort kinda thing to do. But, if the hardware is healthy, this is almost certain to get you back to a working machine. The possible exceptions are malicious software that has written to the computer's flash memory or to reserved areas on the disk. Those problems are beyond the scope of this article.
8. Update, virus scan, restore point: You're almost there! Run Windows Update repeatedly until it finds no high priority updates. Install and run F-Secure's Blacklight rootkit eliminator from here: http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/index.html Install and run Secunia's Personal Software Inspector from here: http://secunia.com/vulnerability_scanning/personal/ or use the appropriate commercial version. Update any out-of-date software found by the PSI scan. Make sure virus definitions are up to date and run a full anti-virus scan. This will probably take overnight to complete. Create a system restore point and return the machine to service.
Blank "Help and Support" (or other) Screen
If you try to run Windows Update or System Restore from the Help and Support link, you may find that Help and Support will not start, or that it displays a blank screen. Several Microsoft (and other) programs use the Internet Explorer rendering engine to manage their displays. Remove IE using Add/Remove programs and reinstall it. Alternatively, just re-installing IE 8 from the Microsoft download page may fix this problem.
Lost Windows Password
PING can blank the local administrator password on a computer, allowing you to reset both administrator and user passwords.
No Network Access
If a computer is otherwise working as it should, but has either no network access at all or no Internet access, a possible problem is a failed uninstall of a Norton security product. This sympton can show up months or years after removing a Norton product if a remaining module is "tickled" by some other software change. If you are not currently using Norton products, download and run Symantec's Norton Removal Tool. Be sure you read the warnings, especially about ACT! and WinFax before you do this.
Having had my fingers in all three of these, it seemed like a good time to make some notes. There are numerous other ways of dealing with this problem, but what I've written here is likely to work in a majority of cases, and is likely to preserve one's data in most cases. This method also uses tools that are accessible to almost everybody. (I guess I have to add that, while this has worked for me, these suggestions are presented without warranty; if any of these steps don't make sense to you, it is probably time to get help.)
I've added a couple of notes at the end about recovering from a lost Windows password, and what to do if a system screen, like "Help and Support," either won't open at all or opens to a blank screen.
Before trouble strikes...
Assemble a Crash Kit
Your "crash kit" should include:
- A USB-attached external hard drive
- A copy of the PING software or other partition image software
- A bootable Windows rescue disk
- The hardware manufacturer's Windows install disk, plus drivers, etc.
Get a little satchel for this stuff and keep it all together in one place. A plastic tackle or tool box from a hardware store is ideal. You will also want a "CD wallet" to hold the CDs so they don't rattle around loose in the box.
You are going to use the USB drive to make backup copies of data, so it needs to be about twice as big as the biggest hard drive you have. I've had good luck with Buffalo Drivestation brand drives, and colleague recently bought a 1 TB Drivestation for $114.
PING is a partition imaging program available here: http://ping.windowsdream.com/ It is free, but there's a way to make a donation. I encourage you to do so since this will be a part of your operational kit. I suggest 40 Euros, about $60. Make a PING disk and save the ISO image on your USB drive. (Make a "tools" directory for this stuff.")
It is easy to find instructions for making a rescue CD. One that I have tested, but not rigorously, is here: http://www.howtohaven.com/system/live-windows-rescue-cd.shtml Substitute "SP3" for "SP2" in the instructions. Test the disk that you make. Save an ISO image of it on your USB drive in the Tools directory.
Kaspersky, F-Secure, and BitDefender all provide free, bootable anti-virus rescue disks. You might want at least one, and maybe all three, in your crash kit. (Trouble is, something that gets by your own anti-virus might slip past those, too.)
I'm pretty sure you want a copy of Malwarebytes' Anti-Malware. There is a free license for personal use, and also technician and corporate licenses. I urge you to pay the appropriate license fee if it becomes a part of your regular procedures. Even if you use it only once, pay the $25 for the personal license and help keep these people in business.
You should get a copy of Secunia's Software Inspector. There's a free Personal Software Inspector for personal use and licensed versions for corporate use.
"Rip" ISOs of the manufacturers' disks onto your USB drive so that you have one for each flavor of machine you support, and also include physical CDs. (You make the Tools directory so that you can reproduce the CDs if something happens to one, not to use directly.)
Using the Crash Kit
When faced with a machine that won't boot, or won't operate as intended because of some kind of software problem, including virus or spyware infections, do these things:
1. Free up space on the USB drive: If you have used the USB drive previously, you may need to delete subdirectories from previous rescue operations to make space on the drive. You need about twice as much space as the space used on the drive being rescued.
2. Make a copy of the failed machine's disk: From a working computer, create a subdirectory to identify the computer being repaired. Example: for a Dell computer, create a subdirectory using the service tag number as the name. Make an "image" subdirectory below that. With the failed machine turned off, connect the USB drive and boot from the PING CD. (Having the machine off when you connect the USB drive guards your USB drive against malicious software on the failed machine.) Use PING to make a copy of the failed partition, usually C: in the new "image" subdirectory on your USB drive. Now you can get back to the starting point no matter what else happens.
PING can copy about 30 GB an hour, so allow some time for this step. The result is a series of binary files, each sized to fit on a CD. However, you can also use a working PC to restore the image files to a second USB drive. Now you can copy data files, etc. However, a USB-to-USB transfer will be very time-consuming, and it isn't time to do that yet. The PING copy is only for backup purposes at the moment.
Some people might prefer to make a "direct image copy" of the disk in the failed machine, and there are software products that do that, too. You'll have to use your USB disk a little differently if you go that route. You'll probably have to set up a "recovery" partition onto which to load the image.
3. Try to repair the boot records: If the computer won't boot at all, it may be as simple as a corrupt boot record. Boot from the manufacturer's Windows install disk, type R to get to the recovery console, provide the administrator password, select the proper partition, and type fixboot c: You might also attempt to repair the master boot record with fixmbr. Microsoft warns that one might corrupt the partition table if the MBR is infected with a virus and suggests running a virus scan before attempting to repair the MBR. You can list the partition table with the map command of the recovery console. Take some notes!
There is more information about the recovery console here: http://support.microsoft.com/kb/314058
If you can boot after repairing the boot records and everyting "looks OK," go to step 8.
4. Run anti-virus software: If the problem is known or suspected to be malicious software, you can run one (or more) of the bootable scanners. These take many hours (allow overnight) to run and may not really help because a virus that escaped the installed anti-virus program (you do have an installed anti-virus program, right?) may escape the bootable scanner, too. The good news is, that if one of these works, you're nearly through!
If running anti-virus corrects the problem and you are reasonably certain that any malicious software has been eradicated, go to step 8.
5. A. Boot from the rescue disk: After making the image, shut down the machine and boot from the rescue disk with the USB drive still attached. You can now "rescue" files by copying them to the USB drive in the directory for the machine being serviced. If the problem is malicious software, be careful not to copy executable-type files. See http://antivirus.about.com/od/securitytips/a/fileextview.htm for a list of files to worry about.
5. B. Copy files: Copy the files to be rescued to corresponding subdirectory names on the USB drive. You may want to copy the entire Documents and Settings subdirectory. Be sure you get the user.id file for Lotus Notes users. Talk to the user of the machine in trouble about what other files may need to be saved. (Remember, you still have an image of the whole disk. You can "back up" as long as that image exists on your USB drive, so a missing file isn't a disaster until you finally erase the image.)
6. Do a Windows upgrade/repair install: Boot from the manufacturer's Windows install disk and choose "install windows." The installer should detect the presence of the current Windows installation on the hard disk and ask whether you want to "upgrade" or perhaps "repair" the installation. That's the right answer unless you're trying to eradicate stubborn malicious software. The Windows repair/upgrade installation will replace Windows files and registry entries as necessary to get a bootable system, but will (try to) preserve data and installed programs, along with their registry entries.
If you can boot after the upgrade/repair install, go to step 8.
7. Do a fresh install of Windows: This has the effect of driving a stake through the heart of everything on the disk, good or bad, and burying it at a crossroads at midnight. This is a last-resort kinda thing to do. But, if the hardware is healthy, this is almost certain to get you back to a working machine. The possible exceptions are malicious software that has written to the computer's flash memory or to reserved areas on the disk. Those problems are beyond the scope of this article.
8. Update, virus scan, restore point: You're almost there! Run Windows Update repeatedly until it finds no high priority updates. Install and run F-Secure's Blacklight rootkit eliminator from here: http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/index.html Install and run Secunia's Personal Software Inspector from here: http://secunia.com/vulnerability_scanning/personal/ or use the appropriate commercial version. Update any out-of-date software found by the PSI scan. Make sure virus definitions are up to date and run a full anti-virus scan. This will probably take overnight to complete. Create a system restore point and return the machine to service.
Blank "Help and Support" (or other) Screen
If you try to run Windows Update or System Restore from the Help and Support link, you may find that Help and Support will not start, or that it displays a blank screen. Several Microsoft (and other) programs use the Internet Explorer rendering engine to manage their displays. Remove IE using Add/Remove programs and reinstall it. Alternatively, just re-installing IE 8 from the Microsoft download page may fix this problem.
Lost Windows Password
PING can blank the local administrator password on a computer, allowing you to reset both administrator and user passwords.
No Network Access
If a computer is otherwise working as it should, but has either no network access at all or no Internet access, a possible problem is a failed uninstall of a Norton security product. This sympton can show up months or years after removing a Norton product if a remaining module is "tickled" by some other software change. If you are not currently using Norton products, download and run Symantec's Norton Removal Tool. Be sure you read the warnings, especially about ACT! and WinFax before you do this.
Wednesday, November 18, 2009
CLEAR Internet
I really-really-really wanted to fire AT&T on Sunday after their automated troubleshooting system told me there was no problem and hung up in my ear.
So, I went to CLEAR.com and gave them my credit card number. (Big mistake.)
They have a cute application that will take the MAC address of your laptop's wireless modem and tell you whether it will do WiMAX. I typed mine in and it said, "Yea, verily, you can do WiMAX." Unhappily, it lied to me. More on that in a moment.
In the meantime, my CLEAR home modem came today. Oh, boy! I'll set that sucker up and fire AT&T! Revenge is nigh. (Wrong again, dog breath!)
Before decomposing my whole home network, I connected the CLEAR modem to a ThinkPad and fired it up. Two bars on the signal strength scale; only one bar if I stand close by. {Sigh.} But maybe it will be OK... I'll run the Speakeasy Speed Test and See What Happens (tm);. Maybe it'll be OK.
Too bad... you can't run anything on CLEAR without accepting their on line agreement. They present the agreement in a scrolling text box that's about five lines high, but they do provide a link to a printable version. If you are signing up with CLEAR, print it! And read it! You really need to read this. Among other things, you agree to binding arbitration. You might also be agreeing to termination fees, too. The text of the agreement is ambiguous. Since it was written by lawyers, I have to believe that was purposeful. {Sigh} Since it was written by CLEAR's lawyers, I have to believe it is to CLEAR's advantage. And so, I worry about it.
The binding arbitration clause means you give up your right to sue and your right to trial by jury. If I were pretty sure CLEAR was going to work, and/or I were pretty sure I knew what my financial exposure was, that would be OK. However, you have to accept the onerous click-wrap agreement before you can test, and that is not OK. Don't do it!
I mucked around with the modem's Web interface before I fired CLEAR. You can turn DHCP off, but I couldn't figure out how to set the "inside" address for the modem. (The outside address is determined by CLEAR.) Not being able to set the inside address is a problem if you have a non-trivial home network, as I do.
CLEAR doesn't have an email support option. (Don't want a written record?) The on-line chat support was responsive (time-wise) but not helpful. ("You have to accept the agreement before you can use the service." Well, I knew that! That's the crux of the problem.) They did give me a toll-free number to cancel service, and that appears to have worked. They're supposed to be sending me a return label for the modem. We sh'll see.
And then there's that cute app that determines whether one's laptop speaks WiMAX. As I mentioned earlier, it lies. So, I found out about the lie after I ordered (for $$$) a suitable WiMAX modem for my laptop. It hasn't arrived yet, and I won't be able to use it when it does. Too bad for me. I should have kept my pants on and tested CLEAR before I ordered the modem for the laptop. (Not from CLEAR.) Oh, well. One lives and learns If one is lucky.
Bottom line: CLEAR has an onerous contract to which you'd be a fool to agree. Their lawyers think we're fools. Time to prove them wrong. Don't buy anything from these turkeys! You cannot tell (because the document is ambiguous) what you're agreeing to, and you have agreed to binding arbitration. Don't do it!
On December 12, 2009...
Clear did send a return shipping label, and they sent it promptly. They went up a couple of notches in my estimation because of that. Unhappily, the increased estimation was temporary.
It took a couple of weeks before they posted a credit to my credit card account. I shouldn't have been surprised when they held back $25.00. In other words, my "refund" was only a partial refund.
I filed a dispute with my credit card company. Still waiting to see how that turns out, but the bottom line remains, you can't believe what CLEAR tells you.
On December 16, 2009...
I disputed Clear's hold-back and my credit card company agreed with me. (I've been their customer for 25 years and only disputed one other charge. YMMV.)
Instead of challenging the dispute, Clear just charged me another $25 on a new charge. Turkeys!
And then they did it again! As of this morning, I was $50 in the hole.
I'll dispute those and eventually get my money back. What this means to you, dear readers, is that it is not safe to give Clear a credit card number because they have shown they will make unauthorized charges to your account.
So, I went to CLEAR.com and gave them my credit card number. (Big mistake.)
They have a cute application that will take the MAC address of your laptop's wireless modem and tell you whether it will do WiMAX. I typed mine in and it said, "Yea, verily, you can do WiMAX." Unhappily, it lied to me. More on that in a moment.
In the meantime, my CLEAR home modem came today. Oh, boy! I'll set that sucker up and fire AT&T! Revenge is nigh. (Wrong again, dog breath!)
Before decomposing my whole home network, I connected the CLEAR modem to a ThinkPad and fired it up. Two bars on the signal strength scale; only one bar if I stand close by. {Sigh.} But maybe it will be OK... I'll run the Speakeasy Speed Test and See What Happens (tm);. Maybe it'll be OK.
Too bad... you can't run anything on CLEAR without accepting their on line agreement. They present the agreement in a scrolling text box that's about five lines high, but they do provide a link to a printable version. If you are signing up with CLEAR, print it! And read it! You really need to read this. Among other things, you agree to binding arbitration. You might also be agreeing to termination fees, too. The text of the agreement is ambiguous. Since it was written by lawyers, I have to believe that was purposeful. {Sigh} Since it was written by CLEAR's lawyers, I have to believe it is to CLEAR's advantage. And so, I worry about it.
The binding arbitration clause means you give up your right to sue and your right to trial by jury. If I were pretty sure CLEAR was going to work, and/or I were pretty sure I knew what my financial exposure was, that would be OK. However, you have to accept the onerous click-wrap agreement before you can test, and that is not OK. Don't do it!
I mucked around with the modem's Web interface before I fired CLEAR. You can turn DHCP off, but I couldn't figure out how to set the "inside" address for the modem. (The outside address is determined by CLEAR.) Not being able to set the inside address is a problem if you have a non-trivial home network, as I do.
CLEAR doesn't have an email support option. (Don't want a written record?) The on-line chat support was responsive (time-wise) but not helpful. ("You have to accept the agreement before you can use the service." Well, I knew that! That's the crux of the problem.) They did give me a toll-free number to cancel service, and that appears to have worked. They're supposed to be sending me a return label for the modem. We sh'll see.
And then there's that cute app that determines whether one's laptop speaks WiMAX. As I mentioned earlier, it lies. So, I found out about the lie after I ordered (for $$$) a suitable WiMAX modem for my laptop. It hasn't arrived yet, and I won't be able to use it when it does. Too bad for me. I should have kept my pants on and tested CLEAR before I ordered the modem for the laptop. (Not from CLEAR.) Oh, well. One lives and learns If one is lucky.
Bottom line: CLEAR has an onerous contract to which you'd be a fool to agree. Their lawyers think we're fools. Time to prove them wrong. Don't buy anything from these turkeys! You cannot tell (because the document is ambiguous) what you're agreeing to, and you have agreed to binding arbitration. Don't do it!
On December 12, 2009...
Clear did send a return shipping label, and they sent it promptly. They went up a couple of notches in my estimation because of that. Unhappily, the increased estimation was temporary.
It took a couple of weeks before they posted a credit to my credit card account. I shouldn't have been surprised when they held back $25.00. In other words, my "refund" was only a partial refund.
I filed a dispute with my credit card company. Still waiting to see how that turns out, but the bottom line remains, you can't believe what CLEAR tells you.
On December 16, 2009...
I disputed Clear's hold-back and my credit card company agreed with me. (I've been their customer for 25 years and only disputed one other charge. YMMV.)
Instead of challenging the dispute, Clear just charged me another $25 on a new charge. Turkeys!
And then they did it again! As of this morning, I was $50 in the hole.
I'll dispute those and eventually get my money back. What this means to you, dear readers, is that it is not safe to give Clear a credit card number because they have shown they will make unauthorized charges to your account.
Wednesday, November 4, 2009
Windows 7 on a ThinkPad
I'm going to be Mister Never Had Vista, and I think I'm not going to be alone!
Now that Windows 7 is officially available, I decided I'd better start learning something about it. I have an IBM ThinkPad T-43 with one gig of memory and a tiny 30G hard disk. I decided to put Windows 7 Professional on it to See What Happens (tm).
I was using a "generic" Windows 7 install, and not one customized for the ThinkPad, and that made me worry that things like the eraserhead pointing stick might not work. However, the installation worked like a champ and all was well at the end. Apparently Lenovo (or IBM) provided Microsoft with at least a basic driver kit. Good.
I downloaded ThinkVantage System Update (TVSU). It took several iterations before I had everything up to date. Apparently TVSU understands prerequisites, but makes one iterate over them. That doesn't seem too bad as it only has to happen once. TVSU for Windows 7 can be downloaded here.
The only real problem I had is that TVSU tried to install an unsupported External Controller flash on my 1871-type T-43. I had to borrow a USB floppy and do a flash from diskette to get over that. Happily, it didn't brick my T-43.
I wish I had not installed ThinkVantage Access Connections. Windows 7 does a lot of what one needed Access Connections for. That's OK, too, because installing Windows 7 was an experiment. I intend to blow the installation away and start over in a month or so. (And yes, I did keep good notes.)
In summary, Windows 7 works even on older Thinkpads, and, with enough updates, you will get the drivers you need. (But please don't try this with a mission-critical machine, OK?)
Now that Windows 7 is officially available, I decided I'd better start learning something about it. I have an IBM ThinkPad T-43 with one gig of memory and a tiny 30G hard disk. I decided to put Windows 7 Professional on it to See What Happens (tm).
I was using a "generic" Windows 7 install, and not one customized for the ThinkPad, and that made me worry that things like the eraserhead pointing stick might not work. However, the installation worked like a champ and all was well at the end. Apparently Lenovo (or IBM) provided Microsoft with at least a basic driver kit. Good.
I downloaded ThinkVantage System Update (TVSU). It took several iterations before I had everything up to date. Apparently TVSU understands prerequisites, but makes one iterate over them. That doesn't seem too bad as it only has to happen once. TVSU for Windows 7 can be downloaded here.
The only real problem I had is that TVSU tried to install an unsupported External Controller flash on my 1871-type T-43. I had to borrow a USB floppy and do a flash from diskette to get over that. Happily, it didn't brick my T-43.
I wish I had not installed ThinkVantage Access Connections. Windows 7 does a lot of what one needed Access Connections for. That's OK, too, because installing Windows 7 was an experiment. I intend to blow the installation away and start over in a month or so. (And yes, I did keep good notes.)
In summary, Windows 7 works even on older Thinkpads, and, with enough updates, you will get the drivers you need. (But please don't try this with a mission-critical machine, OK?)
Friday, July 10, 2009
ThinkVantage Access Connections
I like my ThinkPad and I appreciate the flexibility I get from managing network connectivity using ThinkVantage Access Connections. However, the ThinkPad got into a state where any change to a wired or WAN Miniport profile caused the Ethernet connection to fail with error "DHCP server not responding." Wireless connectivity continued to work, although it took me a long time to figure that out.
Similarly, any change to the Access Connections (like trying to upgrade to the current version) caused wired connectivity to fail.
For a long while, the only solution I found was to revert changes using Windows system restore. Last weekend I decided I had had enough, and spent the time to out-stubborn the problem.
It turns out that deleting and re-adding the Ethernet NIC using Windows Device Manager and Add New Hardware did the trick. I could now change profiles, upgrade software, etc. without breaking my wired connection. Good!
However, deleting and re-adding the NIC broke all my WAN Miniport connections. VPN access and even dial-up no longer worked. Happily for me, "harrisb" had posted a solution for this one on a Lenovo forum: http://forums.lenovo.com/lnv/board/message?board.id=Special_Interest_Windows&thread.id=398 It's one I would never have figured out on my own!
So, I am back to being a happy ThinkPad camper.
Similarly, any change to the Access Connections (like trying to upgrade to the current version) caused wired connectivity to fail.
For a long while, the only solution I found was to revert changes using Windows system restore. Last weekend I decided I had had enough, and spent the time to out-stubborn the problem.
It turns out that deleting and re-adding the Ethernet NIC using Windows Device Manager and Add New Hardware did the trick. I could now change profiles, upgrade software, etc. without breaking my wired connection. Good!
However, deleting and re-adding the NIC broke all my WAN Miniport connections. VPN access and even dial-up no longer worked. Happily for me, "harrisb" had posted a solution for this one on a Lenovo forum: http://forums.lenovo.com/lnv/board/message?board.id=Special_Interest_Windows&thread.id=398 It's one I would never have figured out on my own!
So, I am back to being a happy ThinkPad camper.
Subscribe to:
Posts (Atom)
