Hey folks, I just found this video that I did at Worldwide Partner Conference 2009. Aaron Booker stopped by the booth with his VarVid camera and captured about 2 minutes of time with me. I’ve been waiting to see this video, and I guess I just found it. Pretty late.
Most recently, Dileep appeared back on the Home Server blog with how to extend the launchpad, and when you should extend the Launchpad. You can read that blog post here.
If you haven’t been on the forums already, I did a forum post on why we created the Launchpad, with feedback from you, the customer. Dileep extended on this, copied here for your reading convenience.
Launchpad is a light weight and extensible client-based user interface that we built for Vail. It was born out of a couple of pain points that our customers experienced from Home Server v1. While Home Server v1 provided the ability for developers to add what we call ‘administrative’ or ‘server management’ tasks to the Admin console, it did not provide any means by which a day-to-day or non-administrative task could be presented to users in a coherent manner that resonates its association with Home Server. As a result we started seeing add-ins for day-to-day consumption of home server capabilities that were deployed to Admin Console, but did not belong there since they were not administrative tasks. We realized that there is a need for providing a coherent and consistent grouping as well as entry point for home server related tasks that everyone in the household can perform from their client PCs. This was the first pain point.
The second one, and perhaps the more significant one of the two, was the limitation around having matching usernames and passwords on the server and the PCs. If you recall, in Home Server v1 we require users to create user accounts on the server that had the same username and password as that of the client PCs so that they can seamlessly access the shared folders on the server as soon as they login to their PCs. This generated lot of confusion with consumers, as was evident from the feedback that we got. With Vail, Launchpad acts as the login UI for signing the user onto the server, thereby granting them access to the Server shares and other platform services exposed via the SDK. We no longer have the requirement to have the user accounts matching on server and client, instead users can use Launchpad to ‘sign-in’ to the server with any user account and password combination that was set up in Dashboard!
In short, Launchpad serves the following purposes:
It is the entry point for the day-to-day tasks related to Windows Home Server from the client PCs.
It eliminates the need for matching usernames and passwords setup between server and client, and eliminates the password sync dialogs.
It Provides a logical and centralized location where all home server related tasks are exposed, resulting in much better awareness of home server and its capabilities.
It allows everyone in the household to have visibility to developers' add-ins, than just home server administrators.
So, if you’re a developer, head on over to Dileep’s full post, and start coding up some cool apps that will make users love your add-in, and increase the value of Vail. I know I’ll appreciate it when we ship!
Back in January I made a post, which I called Part 1 of Understanding Certificates. In this post I talked primarily about how the server is authenticated to the client by using a “root” certificate that the client already trusts, thus establishing a trust relationship with a website you are at without actually having been there before. If you haven’t read it, it’s a good overview on how that works.
In this Part 2, I want to talk about the encryption between client and server.
Part 1 was all about authentication of the server, this part (2) is going to talk about the encryption portion. Encryption is important on many networks to prevent prying eyes from seeing the data being sent. The larger and/or more un-trusted the network, the greater the need for encryption. The Internet of course being the largest of all public and un-trusted networks.
First the easy stuff, when you go to an SSL based website, you’re using the prefix of HTTPS in your browser. Additionally, many mainstream browsers such as Internet Explorer or Firefox will show a “Lock” symbol to show that your connection is locked, and safe:
(Internet Explorer)
(Fire Fox)
Each browser will show it differently, but I think most of the mainstream one will use a little lock icon. You might also see different colours (Red means bad, white or Green mean good). While we’re on the subject of colours. Some SSL certificate providers will provide you with extra security and extra validation, which will make the address bar go green. In the captures above it’s important to note that Firefox and Internet Explorer use a completely different certificate store. Internet Explorer uses the built-in Windows Certificate store, while Firefox manages its own. There are pros and cons to each approach, but both are just as secure.
So how secure are you?
Well, in the details of the certificate, you can check out the encryption level of the certificate by looking at the public key:
This certificate used here for passport is a 1024-bit encryption level. This means that the keys used to encrypt or decrypt this traffic uses a 1,024 character key length. That means that in order to decrypt this network traffic, you need 1,024 ASCII based characters in exactly the right order. That’s a tall order to boot!! Anything less than 1024 at the time of this printing is not considered industry standard encryption. Hackers have horse-power to crack 512-bit certificates in just a few weeks, this isn’t new news, this has been done back in 2002! It also states that even 1024 can be cracked, but it would take a lot longer, given the cracking method used is “Brute Force”. It would take a large number of years to crack this, and you’ll notice if you review your certificates, they are only used for 1 year, and then the key is changed with a new certificate, forcing your hacker to start over.
However, with the introduction of this, 2048-bit certificates are already shipping today. The bigger the number, the harder it will be to decrypt. What’s the hold up? Processor power. Not necessarily in your PC, but on your phone, in your router, even on the server processor!!. Using higher-level encryption, means that each packet sent over the internet needs to be encrypted on one side, and decrypted on the other. Does your phone have the processor to deal with higher level of encryption? what about servers that process millions of requests per second, that would double the CPU load for decryption/encryption! So don’t be surprised if you see 1024-bit for a while longer: it’s still considered industry standard.
You may notice that root or chaining certificates last longer. This is because their public key is typically not out in the open for all to see, and potentially use to hack. So it’s generally accepted for these higher certificates to have a longer lifespan.
But how does it work Technically?
Let’s dive into how it works. When you buy a certificate from a 3rd party, they ask for a CSR (Certificate Signing Request). The website generating the CSR generates two pieces of information:
The public key is encoded in this request, along with the final public public certificate. The certificate provider validates that this is in fact the server it’s issuing a certificate for (the more expensive the certificate, the more validation is done). The private key NEVER EVER leaves the website generating the certificate. Think of a mailbox that the post office runs that sites outside the convenience store. the public key is the slot in the top. Anyone can get access to that to send stuff into the post office, but the key to open and get access to all this sent mail, only the post office has, and never leaves around anywhere.
Once the certificate request is signed, the public key is placed right on the website for all the world to see, and the private key is kept safe inside the certificate store, hidden from view and access only to administrators!
The private key is used to decrypt everything encrypted with the public key, and vice versa. Additionally, a per-session key is established and everything is encrypted using that as well. This prevents when the server sends something to the client encrypted with the private key, any listening clients from decrypting it with the very public “public key”. If you want to go deeper, you can dive into the nitty-gritty details over on Wikipedia on Transport Layer Security.
What if something goes wrong?
If something goes wrong, or something changes, a certificate is revoked. A client will check the CRL (Certificate Revoke List) embedded in the certificate to see if the current one is still valid. If a website cert has been compromised, or a name changed, or anything changed, the certificate is revoked and another one issued. Clients will know which one to use simply by checking the CRL distribution point.
Here we see that Verisign has their CRL hosted up online that anyone can go and see if this cert is revoked or not. Clients will known not to trust or use a revoked certificate.
Be careful out there, look for the lock icon (
Over on the Home Server blog, Dileep, our Development Lead talks about how to jump in and get engaged. Keep your eye on the official blog for updates as it is a planned series to help you get involved. If you want to jump straight to the SDK, you can download the complete set of information here (You will have to sign in to Microsoft Connect site). Any questions can be posted in the developer forum.
Mark Vayman, a lead program manager on the Home and Small Business Server team just tossed out all the new features in Windows Home Server Drive Extender, version 2. The information and discussion can be found in the Microsoft Forums, and I urge you to surf on over there and jump into the conversation with questions and comments.
Drive Extender is a storage technology first introduced in Windows Home Server's first release. The 1st generation of the technology was file based, and worked on top of "vanilla" NTFS volumes using reparse points. To address the customer feedback we have received and improve the system's resiliency to partial drive failures (seen many times by our support), the Drive Extender technology was updated to use block based storage below the file system similar to software RAID systems.
The following isn't an exhaustive list, but does try to enumerate the major new features as well as features which are no longer supported in the “Vail” version of Drive Extender:
Features carried over from the previous release:
New/Improved features:
Deprecated features:
Known inter-op/support issues with the Beta
Today is an exciting day for me. As you know, one of the products I work on is Windows Home Server. Today we’re excited to announce that the next version of Windows Home Server (codename “Vail”) is available for you to try. This is a BETA release, and while it may seem like you want to switch to it as your actual home server, we want to remind you that it’s still not sanctioned for production usage, because it just hasn’t gone through the hours of testing needed for us to feel confident that it’s rock solid. Plus we’re still adding features!
What we do want to do with the Beta release, is get the public pounding away on all of our features, but most importanly our PC Backup and our new version of Drive Extender! We invite everyone to check it out by downloading the software from the Microsoft Connect site. (English language builds are available now). If you don’t have extra hardware, Vail installs flawlessly into Hyper-V based environments and one of our MVPS already has a blog post on how to install it into VMWare.
What’s new?
Before we go too much further, however, we want to pass along a couple of very important hardware-related tips on installing the Vail Beta:
Also, if you are a developer, this beta includes a new software development kit (SDK) that gives developers and partners even more ways to customize the OS and add new functionality and services to Windows Home Servers. Download the SDK here.
Finally, before you start filing bugs, some features yet to come are:
Please refer to the official home server blog for the official announcement.
We look forward to hearing your feedback. Please open issues and discuss on the Connect Website.
McAfee corporate customers across the globe using Windows XP experienced massive shutdowns today as an update to McAfee's security suite deleted svchost.exe—a very common Windows process—causing machines to reboot continuously. McAfee has confirmed the problem and removed the faulty virus definition file from the update. Only McAfee's corporate users were affected.
If you or your workplace were affected, Twitter user scratchfury offers this (unverified) tip:
boot to safe mode, rename mcshield.exe, reboot, run Virus Console, pick Tools -> Rollback DAT, name back to mcshield, reboot
We don't have a machine to test it on, so follow his tip at your own risk, and only if you know what you're doing. If you've fixed it already, let's hear how you did it in the comments.
Wow, it’s hard to believe that Office 2010 is here already. I’ve been running different forms of beta for just shy of a year! In fact, I can’t even consider running Outlook 2007 anymore, as the new Outlook 2010 makes me sooo productive. The new Outlook ribbon, the detailed calendar views, the ability to import my Facebook internet calendar directly into Outlook (2007 did it, but one-time only, 2010 will continuously do it, keeping me up to date).
I’ve been using it exclusively for work, and the features are amazing, but I hear (and can’t wait to try) that it has some social connectivity for personal use. Can’t wait to get it on my home PC!
Join Microsoft & Steven Elop at the virtual launch!
Click the graphic above, to add to your calendar, then watch Stephen Elop, President of the Microsoft Business Division, announce the launch of Office 2010 and SharePoint 2010 on May 12, 2010 at 11 a.m. EST. The live Microsoft keynote focuses on the next wave of productivity that delivers:
Join the virtual launch event with Microsoft executives, product developers, partners and customers to:
View on-demand breakout sessions showing how Office 2010 and SharePoint 2010 meet the unique challenges people and businesses are faced with today, and provide the solutions they need for tomorrow.
I found this awesome tip on LifeHacker, one of my favorite blogs… Shift your fingers one key for easy to remember, super complex passwords!
You're constantly told how easy it would be to hack your weak passwords, but complicated passwords just aren't something our brains get excited about memorizing.
His clever solution: Stick with your weak, dictionary password if you must; just move your fingers over a space on the keyboard.
If you want a secure password without having to remember anything complex, try shifting your fingers one set of keys to the right. It will make your password look like gibberish, will often add in punctuation marks, and is quick and simple.
When John Pozadzides showed us how he'd hack our weak passwords, he listed his top 10 choices for getting started hacking away at your weak passwords. Let's take a look at how a few of those popular passwords fare when finger shifting to the right:
Something longer but still really lame, like, say, "topsecretpassword", becomes "yp[drvtry[sddeptf". These may not be perfect compared to secure password generators, but they're likely orders of magnitude better than a lot of people's go-to passwords.
Here's a new one to us: Linking your Windows Live ID to Windows Media Player 12 in Windows 7 allows you to stream your entire music library to any computer. Even better: no need to install third-party software with this method.
There are many, many ways to stream your music collection over the internet—but there's something appealing about using the built-in software that Microsoft bundled with Windows 7. If you're already using Windows Media Player 12, you can listen to your home music collection from any Windows computer through the internet. What's more, it actually should work with all your media, not just your music.
In order to use this feature, you'll need a Windows Live ID then you've got to link your Windows Live ID to your media collection. In Windows Media Player, navigate to the Stream menu and choose "Allow Internet access to home media." You'll want to "Link an online ID." If you see "Add an online ID provider" in the next box, click it because you'll need to download some software depending what version of Windows 7 you're running.
Enter your Windows Live email address and password to link your media collection. Go back to the Stream menu, and click "Allow Internet access to home media." In order to enable another Windows 7 PC access, you'll need to repeat these steps. After you're finished, your library will show up in the Other Libraries category of the left-side pane in Windows Media 7.
We don't know a lot of people who actually use Windows Media Player, but this awesome feature could convince some—and it's something that would be great to see in more tight-fisted media players. (Ahem, iTunes, we're looking at you.)
Are you on Windows 7 and like the Bing homepage images? You can have the best of them as wallpapers for your desktop! The first Bing’s Best theme pack was so popular, the team decided to release a second Bing theme pack: Bing’s Best 2.
In case you missed out on number one, I’ve listed them both below:
You can also download both of them from here. Enjoy!
Post courtesy of Liveside.net
We’ve created a place where you can easily find video overviews of products and technologies, information on opportunities for prospecting, interact with Microsoft and HP product managers, and talk with your peers in the Coffee Coaching community.
Go to the source! Hear about Windows Small Business Server 2008 directly from the product group at Microsoft. Learn about HP’s Small business offerings directly from the engineers at HP. We have a collection of short videos on all of the Windows Server family of products and HP hardware solutions.
Click here to become a Fan of Microsoft and HP Coffee Coaching!
· Throughout the day on March 8th, as you explore the site, we will have Microsoft and HP experts available for online discussions.
Grab a cup of coffee and join us for a session of Coffee Coaching.
Brought to you by:
Two weeks ago, Microsoft hosted the worlds MVP’s at our 2010 Summit. SBS and Home Server MVPs are the best MVPs at Microsoft (I may be biased, but that’s what I think), followed of course only by EBS MVPs (who are mostly ex-SBS MVPs anyways!). Ok, who am I kidding. All MVPs are awesome, I just happen to have many of the SBS and Home Server ones as my buddies.
Microsoft does it’s best to make the MVPs welcome in the Seattle area, which includes dinners, parties, get-togethers, lunches, coffee breaks, etc. All in the name of geek speak between MVPs and Microsoft!
If you’re not familiar with what a Microsoft MVP is, they are community voted professionals that go above and beyond the normal to help out the general public with their issues with specific products. Most MVPs dedicated a lot of time and energy to this cause, and as such we reward them.
In this particular instance, the tables were turned. The MVPs rewarded us!! Taking advantage of the fact they were on campus they decided to dress up my mascot in appropriate attire.
%5B8%5D.jpg "Ask Chico about Windows Small Business Server!")
Now, I’m not normally into dressing my dog, primarily because we are both men and we don’t do that. In addition to that fact, if you put anything on Chico, he freezes. But, for this blog, he’s willing to don the clothing and answer your questions. Simply click in the search box and type your search. I’m sure Chico will have a blog post for you. If you don’t find it here, you can also check over at the official SBS blog. If you don’t find it there, shoot me an email and I’ll see what I can do to write one up for you (no promises on timing though, Steve Balmer keeps us pretty busy over here.
Last and most importantly, I want to publicly thank all of the MVPs for their support and the wonderful gift they gave me. I don’t have to email this to them, because being MVPs, they are so plugged in, they will find it.
Being a photographer, I get pretty worried about losing my photos. Not only the ones that I publish to my website, but the family photos that are never made public, they are priceless to me. I naturally have a built in backup set up to back up to a 1TB USB hard drive. And I’m super diligent about manually running this at least once or twice per month. This of course covers me against any hardware failure in my Media Smart server. Thankfully I haven’t had any yet, even though hard drive failure is the leading cause of data loss:
So, as it turns out, I’m not at all worried about disk failure, I’m totally covered there with duplicate through Home Server’s Drive Extender, and my bi-monthly backup. What I am worried about is natural disaster and theft (not that I live in a scary neighborhood in New York City or anything). The idea of natural disaster protection was made even more prevalent when my uncle’s home burnt to the ground early January, 2010 and he lost all of his memories in the fire. Sure insurance is taking care of the house and replaceable items, but what about the photos, or the trophy’s my cousin’s won on his mantel?
Luckily for digital data, it’s easy to move around and easy to store. Cloud based backup and storage can provide peace of mind and insurance against such loss. While I’m not an expert in cloud storage, I was looking for a few key things:
Enter CloudBerry Labs Backup. CloudBerry is an interesting solution to the cloud backup story. They provide the software that adds the simplicity, automation and client-side piece, while Amazon S3 provides the back-end storage. This means you pay a 1-time up-front cost for CloudBerry, and the recurring cost goes directly to Amazon S3. Amazon brings #1 to the game, global replication and they are BIG (so big that discounts are given in TB instead of GB!). Amazon EXPECTS a LOT of data! I can’t say that AmazonS3 is the cheapest solution, at $0.15/GB (until you get to 10TB), they end up costing me about $20/month (~130GB of data). That’s a total of $240/year. There are cheaper solutions out there, but are they as functional as Amazon S3? Will they be in business in 2 months or 2 years? Also, Amazon has a lot of bandwidth so your uploads and downloads are fast. I’ve seen some backup solutions take upwards of 2-3 months to get a photo collection similar to mine uploaded. My 130GB of data took little over 1 week to upload, and my recovery’s are even faster. The limitation as far as I can tell, is my own bandwidth.
CloudBerry backup homepage
CloudBerry backup has a Winodws Home Server add-in, which makes management very very simple. Loading the add-in shows CloudBerry in a new tab; which opens with an extremely simple design for start-up. However, after using CloudBerry for a month, I’d like to see more status on the home page: meaning I have my backup plans in place, I’d rather see some status on the last backup(s) to ensure that I’m safe. But no one can argue the design is simple, and targeted towards backup and the most important piece, the restore. Additionally, you can get to status with a simple click on the Backup Plans sub-tab. I do enjoy a big bold number of how many GB I’m using, as it helps me understand what my monthly bill would be. A dollar value would be nice to see here too, but that would depend on querying Amazon, as I’m sure Amazon reserves the right to adjust prices as they see fit (hopefully down!)
Once setup, CloudBerry is a totally simple solution. Unfortunately, much of the complexity for the setup comes from AmazonS3 requirements. Before even using the CloudBerry software, you must setup your AmazonS3 service. CloudBerry has provided a handy instruction set exactly for that, clearly indicating they know it’s a troublesome point and are probably working on it, given the simplicity seen through the rest of the product. The setup involves creating an AmazonS3 account, and identifying your personal access Key, so Amazon can bucket the data in your personal storage space up on their service.
Because of the cost of the AmazonS3 service, CloudBerry has allowed you to be as specific as you want for backup of your data. The Windows Home Server version can even handle drive extender and show you just the data that you care about.
Further filtering on what you chose allows you to choose what TYPES of files to backup… so you can get to the heart of the data. This means you can choose your photo directory, but only backup your negatives (ie. RAW files) simply by choosing to backup .raw or .cr2, if that’s what you want to do.
One of the nice features was a compression feature. CloudBerry will compress your data, again, focusing on saving you coin with Amazon S3, as well as choose the type of encryption you want. Notice how you get to choose the password and encryption type. If you do end up using encryption CloudBerry will be pretty CPU intensive as encrypting files takes some time and CPU. It does happen in the background seemingly at a lower priority as I noticed minimal slow-downs across the rest of the product.
Finally, the wizard lets you choose your backup schedule (yes! There is that automation!) and you can setup CloudBerry to email you when the backups complete, successfully and/or with failure! Once you’re finished setting up the backup, and you launch it, you get some nice progress when viewing the backup plans sub-tab:
The plan page provides a lot of the detail that I would have expected to see on the home page, but the data is all readily available for you to see. The plans first appear compressed, so you have to expand them. I’m happy to report that they do remember that you wish to have the plans expanded, and that’s not something you have to do every time to view the details of each plan. As you can also see, I have multiple plans running. Right now I have them both backing up weekly, but I could easily sku that to be monthly for music, and daily for photos. You’ll have to assess your own comfort for data loss (more often backups tend to lead to less data loss as the deltas between backups are smaller).
The backups are incremental, meaning CloudBerry does the work to figure out what’s up at Amazon and what’s not, and sends only the new stuff and what’s changed since the last backup. Thus minimizing the bandwidth usage for your home and your storage usage up at Amazon!
Recovery
The most important part of the backup is actually the recovery. Because of the size, I didn’t recover all of my data, but I did a few spot checks here and there with some music and some photos. Simply launching the restore wizard allows you to choose when in time you want to recover your files. Naturally the default is the latest, but if you managed to mess up one of your photos, you can jump back to a space in time, provided that the backup of that file is there of course.
CloudBerry again shows you what you have on Amazon and allowing you to pick and choose entire directories, or individual files, allowing you to recover these files to the same location, or choose a new location if you don’t want to overwrite the original. Additionally, to prevent overwrites, you have to explicitly choose to overwrite the files if you’re going to the original location. Nice safety feature there.
The page that threw me for a loop was the password page. The default is of course not to require a password. If you skip over this page, and you had set a password on the backup, you’re recovery will fail, and you’ll have to start over. I wish CloudBerry was smart enough here to know that I set passwords beforehand and default this to checked, at least prompting you for a password before you continue. It would be great if they validated that password against Amazon prior to continuing as well, to prevent you going through the rest of the wizard, only to have it fail on restore.
The recovery is much the same as the backup, you get a progress bar, and the files slowly pop onto the server (dependent of course on your own bandwidth).
As a final note, the history sub-tab of CloudBerry will show you exactly what’s going on, backups and restores. As you can see, here is a test recovery that I did, where I messed up the password dialog I called out before. Running the restore again, with the password, it succeeded with no problems
All in all, CloudBerry provides a solid backup solution. There are very few bumps on the road, mostly imposed by AmazonS3, including the cumbersome setup process, and the actual cost of storing the data. However, don’t forget that you *can* do wonderful things with AmazonS3, such as (if your data is not encrypted, and your account is setup this way), you can send links to your data around, saving your home bandwidth for your family to see your data. And because Amazon is so huge, you know that one day, they aren’t going to up and disappear.
Online backup is an insurance policy, think of it as such. $240/year is a small price to pay if you’re my uncle and your house burned down.
Subscribe
![image[5]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi244C62Y48oUizvI5zOvcMrRn7JcH3wxFwxiE7RPlbXYuTOcdVDZx-VyES0H_Mxdch4QvlKCRC2rj0oUHjQ75se3TalBi1ZBmCfGQRUoUoPX-Q9ogCOb_P9iopSB4mpQneQQ4XA/?imgmax=800 "image[5]")
