What to do with an old laptop?

Пост доступен на русском языке via Восстановление на Softdroid: Как вернуть к работе старый ноутбук.

After five long years using my trusted (and now extremely out of date) laptop, I’ve finally moved along to something better.

Old Laptop

Dell Latitude D610, Intel Pentium-M 750 (1.86GHz), 2GB RAM, 60GB HDD (using Truecrypt software FDE), 14.1″ 1400×1050 LCD, Windows XP Professional 32-bit SP3.

New Laptop

Dell Latitude E6510, Intel Core i7-820QM (1.73GHz, with Turbo Boost to 3.06GHz), 8GB RAM, 250GB HDD (using Seagate hardware-based FDE), 15.6″ 1920×1080 LCD, built in 3G HSPA modem for use when travelling, backlit keyboard, Windows 7 Ultimate 64-bit.

Mini Review of Dell Latitude Series

I’m not one to replace my laptop hardware often, but it was time, as I had less than a month of my 5 year warranty remaining and I was out of hard disk space. Plus, the old laptop was breaking down a bit too often for my liking. Motherboard replaced 4 times, LCD replaced 3 times, keyboard replaced 2 times, and HDD replaced once. To Dell’s credit, they never made any fuss and always promptly sent out replacement parts without making me run irrelevant diagnostic tests, but it was all getting a bit too much. I think the main reason I had so many problems was the poor placement of the exhaust vent on the Latitude D-Series chassis, which was on the back and always blocked by the port replicator, causing constant overheating. I was happy to see that on the E-Series chassis, the exhaust vent has been moved to the side instead.

I have yet to try out all of the new features of my new laptop, but I will say that it’s Fast (with a capital F). Especially compared to what I was using before. The screen is amazing and the backlit keyboard is icing on the cake, because these days I use the computer with the lights off a lot, due to having small kids around. Not that I need to look at the keyboard whilst typing, but it’s still cool to have nonetheless.

A Dilemma

However, I now have an old laptop in working condition which is sitting idle, and I don’t know what to do with it. First, I considered repurposing it as a training computer for my 3 year old daughter and installing a netbook OS as those should in theory be pretty basic and easy to use.

First I tried Jolicloud (PreFinal release), a netbook OS that seems to be getting generally good reviews in the blogosphere. I tried the LiveCD and was disappointed to find that the Intel wifi card in my laptop did not work (nor was I able to find any information online about making it work). So I just gave it a look-through offline, enough to get a feel about what it offers.

Then I tried Ubuntu Netbook Edition (version 10.04), where the wifi did work on the LiveCD. Overall a pretty similar experience to Jolicloud, which was not a huge surprise given they share the same foundations. Jolicloud seemed to offer a better out of the box experience (rather it would have, had wifi been working), but Ubuntu’s UI polish was much better.

However, finally, both options seemed somewhat underwhelming and I kept on thinking to myself, “What if I just put XP back on this thing?” After all, XP is now almost a decade old, very stable due to years of bugfixes and patching, and pretty snappy too. Jolicloud and Ubuntu, as netbook-optimised OS’, stand out when dealing with real netbooks which have very limited vertical real estate. However, with 1050 pixels on the Y-axis, the appeal of screen real estate saving features was pretty minimal.

After all this, I also gave up on the idea about using my old laptop as a training machine for my daughter. Makes more sense just to use the home desktop with Windows 7 and a regular keyboard and mouse rather than using Windows XP with a relatively confusing trackpad.

I think most likely, I probably will install Windows XP on the old laptop. The alternatives are underwhelming. Though, I still have no idea what I’ll do with it.

UK Government says “No Evidence” IE is Less Secure

A couple days ago I had mentioned that Lord Avebury had asked the UK Government about their usage of IE. The UK Government has now answered and I am reproducing the full text of the question and answer below:

Asked by Lord Avebury

To ask Her Majesty’s Government what discussions they have had with the governments of France and Germany about security risks of using Internet Explorer; and whether they will encourage public sector users to use another web browser. [HL1420]

The Parliamentary Under-Secretary of State, Home Office (Lord West of Spithead): UK government officials and subject matter experts are in regular contact with their counterparts in France, Germany and other countries on both a bilateral and multilateral basis to exchange technical information and opinions on many aspects of cyber security, including software vulnerabilities. For example, the UK’s Government Computer Emergency Response Team (GovCertUK) and Combined Security Incident Response Team (CSIRTUK) are members of the group of European Government CERTS (EGG), as are their French and German equivalents.

Complex software will always have vulnerabilities and motivated adversaries will always work to discover and take advantage of them. We take internet security very seriously and we have worked with Microsoft and other suppliers over many years to understand the security of the products used by HMG, including Internet Explorer. There is no evidence that moving from the latest fully patched versions of Internet Explorer to other browsers will make users more secure. Regular software patching and updating will help defend against the latest threats.

Microsoft issued a patch to fix the recent Internet Explorer vulnerability on 21 January. Prior to this, government departments had been issued with a GovCertUK alert on how to deal with this particular incident and to mitigate vulnerabilities in relation to particular versions of IE.

A government user, operating on government systems, such as the Government Secure Intranet (GSi), will benefit from additional security measures, unlikely to be available to the average home computer user. These include tools which actively monitor for evidence of any malicious attacks.

Source: Lords Hansard text for 26 Jan 2010

While the UK government contends that “there is no evidence that moving from the latest fully patched versions of Internet Explorer to other browsers will make users more secure”, there are many others who would disagree.

Also, although IE8 has significantly improved security models as compared to IE6 and IE7, there is still evidence that IE6 is being heavily used by UK government departments, including the armed forces. I think most people would agree that a “fully patched” IE6 is still relatively more vulnerable to attacks.

Lord Avebury asks UK Government to review use of IE in the Public Sector

Lord Avebury (blog, bio) has tabled a written question in the United Kingdom House of Lords yesterday, which reads as under:

Lord Avebury to ask Her Majesty’s Government whether, in the light of the recent announcement by Microsoft that Internet Explorer was used to carry out the cyber attacks which prompted Google to say it will withdraw from China, they will review the use of Internet Explorer throughout the public sector. HL1505

Source: House of Lords Business (26 January 2010) and Eric Avebury: Internet vulernability

Lord Avebury mentions that the Parliamentary IT authorities are actively discouraging the use of alternative browsers such as Chrome so it is great to see that he is holding the government accountable for their policies.

According to UK parliamentary procedure, the government is obliged to provide a written response to his question on or before 8 February 2010. I think it will be interesting to see what they have to say.

Lord Avebury is an active campaigner for the rights of ethnic minorities in the UK and also those who are British nationals living abroad. He is also a member of the EU Select Committee which considers EU policy on protecting Europe from large-scale cyber attacks.

ATI Mobility Radeon Drivers from Dell

A couple of days ago I wrote about some headaches upgrading to Windows XP SP3. This was related to my ability to rotate my screen being scuttled by the SP3 update. Microsoft said I needed a driver update to restore this functionality but Dell did not seem to provide one, so I tried to get some publicly available drivers from the ATI website which didn’t work for me, because they didn’t contain any definitions for the Mobility Radeon series, only the desktop versions. This meant that although my monitor rotation worked, I couldn’t get my LCD to display at the native 1400×1050 resolution that it usually displays at, which was a deal breaker and I had to revert to SP2 and install the Windows Service Pack Blocker Tool Kit to stop it from automatically upgrading again.

A couple of comments later, people pointed out that the problem is really Dell’s rather than Microsoft’s because Dell hadn’t bothered to release a driver update in years despite ATI continually updating their reference drivers. What’s worse, Dell has a deal with ATI where Dell users can’t download drivers directly from the ATI website. So users are supposedly stuck with the broken old Dell drivers that Dell couldn’t be bothered to update.

I did some researching on the Dell forums and found two entries that gave me the correct information so that I could find drivers that worked with SP3, even though they were unsupported by Dell. There is a “hidden” link on the ATI website that allows you to download the drivers for Mobility Radeon series bypassing the compatibility check that usually stops Dell users from accessing the drivers:

http://www.ati.com/online/mobilecatalyst/

After I got the drivers from this site, everything worked like a charm and I was able to use my video card rotation function correctly with SP3. One small gotcha regarding the latest ATI drivers is that you must have the Microsoft .NET Framework Version 2.0 installed in order to use them.

All of this would have been a lot simpler if Dell just kept their drivers up to date! I have a Dell Latitude D610, which is widely deployed at enterprises worldwide. It’s surprising that their enterprise customers haven’t made a bigger fuss about this.

Windows XP SP3 Update Gotchas

I took the plunge and updated my machine to Windows XP SP3 today, a good month after general release. I don’t like to install Microsoft software when it’s first released, because more often than not, there are too many unknown bugs and I like my workhorse machine to work well.

After installing SP3, everything (so far) seemed to work fine except that the monitor rotation feature of my ATI Radeon X300 stopped working, so I could no longer orient my monitor in a vertical position rather than the standard horizontal. I like vertical because it’s better for the office as more email headers and text info can be viewed on a single screen.

After tinkering around and getting new drivers from the Dell website (I have a Latitude D610), it still doesn’t work. I then do a bit of Googling and find Microsoft KB 947309 (euphemistically titled Some third-party programs may experience a change in functionality after you install Windows XP Service Pack 3), which explains that this feature requires an updated driver to work with SP3.

Dell’s newest driver didn’t work (go figure), so I tried the one from ATI. When I tried to install it, it said that I didn’t have any cards that were supported by the driver (which cannot be true). In the end I had to use XP’s manual driver update interface and use the “Have disk” button to force it to install drivers that it warned me would not be compatible. I chose the ATI Radeon X300/X550/X1050 Series driver that came with version 8.5 of the ATI Catalyst software.

That seemed to do the trick after a reboot, but it did leave me wondering how any Joe Average computer user is supposed to figure this out and why this kind of stuff needs to break with a service pack upgrade in the first place.

This is also precisely why I never let any of my friends do OS upgrades with Windows, because it’s less headache to start fresh and reinstall apps then it is to try to troubleshoot the shortcomings of Microsoft’s upgrade paths.

UPDATE: I had to revert back to SP2 and the old Dell drivers. More details later (and a fix).

Windows Vista Readiness

We’re buying some new PCs for a couple of new hires at work. We buy through Dell and for the first time we’re buying PCs sold with Windows XP preinstalled but under the Windows Vista Downgrade plan. The way it works is that the PCs have XP SP2 preinstalled but we get OEM media and OEM license keys for both XP Professional and Vista Business. This way when we want to upgrade OS we can do so without paying for a new license.

I’m guessing in another year or so this option may disappear and we’ll be stuck with Vista only. So to prepare I asked our office IT technician to call Microsoft and ask them to send us a 180-day eval copy of Windows Vista Business so that we can install and smoketest all of our office software and make sure it works.

Turns out that Microsoft stopped giving out 180-day eval copies of Vista last year. Doesn’t make a lot of sense to me. Seems like they’d want businesses to move to Vista and would want to make it easy by providing time-limited eval licenses for testing. Car dealers let you test drive the car before you purchase. Why not with an OS too?

They suggested using the Windows Vista Upgrade Advisor. Hardly a substitute for a real world test, though.

Is Windows XP x64’s IE relatively secure (for now)?

After reading CNET’s review of Windows XP x64, it looks like this might be the case, if only temporarily. CNET notes that although Windows XP x64 defaults to the 64-bit version of IE, Microsoft’s does not yet have a 64-bit version of Windows Update for IE, so one has to run the 32-bit version of IE (both 32-bit and 64-bit IE are included) to get Windows Update functionality.

I’m not familiar with the internals of IE, but based on my understanding of the above, it looks like if someone was running the 64-bit version of Internet Explorer, a 32-bit BHO would probably not be able to execute, thereby thwarting the current crop of [ad|spy|mal]ware targeted at IE users.

Certainly as people begin to write malicious software targeted at 64-bit systems this “advantage” will disappear, but early adopters of Windows XP x64 might get a bit of a free ride, at least with respect to IE’s security.

Now that Windows XP x64 has been released, we should decide when we will begin supporting it by providing official 64-bit builds of Firefox/Thunderbird. Plugins will probably be an issue, but since extensions are not compiled, they should have no problems running. Work has started on this front and is being tracked in bug 237202. Third party Windows x64 Firefox builds are already available.

Gates brands IPR opponents Communists

CNET’s News.com was able to interview Bill Gates at the Consumer Electronics Show in Las Vegas. It’s a pretty interesting read, if for no other reason than it gives a window into the software industry’s most well known individual.

However, in a not so subtle way, Gates likens IPR opponents to communists. I think this is very much a misnomer. Here it is in his own words:

Q: In recent years, there’s been a lot of people clamoring to reform and restrict intellectual-property rights. It started out with just a few people, but now there are a bunch of advocates saying, “We’ve got to look at patents, we’ve got to look at copyrights.” What’s driving this, and do you think intellectual-property laws need to be reformed?

A: No, I’d say that of the world’s economies, there’s more that believe in intellectual property today than ever. There are fewer communists in the world today than there were. There are some new modern-day sort of communists who want to get rid of the incentive for musicians and moviemakers and software makers under various guises. They don’t think that those incentives should exist.

Make of that what you will, but I think his usage of the word communist here is pretty misleading, and is just trying to play upon the general public’s ignorance of what communism actually is and their misconception that communism is inherently evil.

There’s also the obligatory quote marginalising Firefox, but we’ve heard all that stuff before, so I’m not going to reproduce it.

view ads, get owned?

If you were browsing The Register on Saturday using Internet Explorer, and weren’t using Windows XP with Service Pack 2 installed, chances are your computer has been infected with a virus. One of their ad providers, Falk AG was compromised, and the ads they served exploited the Bofra/iFrame set of vulnerabilities in Windows/IE to install a viral payload on viewers’ machines. Slashdot is also running a story on it.

The Register is apologising for the incident, and recommending that all their visitors who used Internet Explorer but were not using Windows XP with SP2 perform a full virus scan on their system and install SP2 immediately. They’ve also suspended Falk AG from their ad rotation system pending an explanation.

How’s that for security, Microsoft? If you aren’t using Windows XP with SP2, protect yourself by using Firefox 1.0 instead of Internet Explorer. Even if you are using SP2, it’s still a good idea. You never know what other exploits are lurking out there waiting to infect you.

Microsoft has made life too easy for would-be hackers. It used to be that they had to convince you to do something stupid. These days, even that’s not necessary. You can get infected just by visiting random websites that you trust. Imagine the impact if one of CNN’s ad partners had been involved here.

If you haven’t yet installed SP2, the best way to get it is by filling out this form. Microsoft will ship you a Windows XP SP2 update CD at no cost, to almost anywhere in the world.

Thanks to yusufg for letting me know about this.

UPDATE: Falk has issued a statement regarding the above incident. Apparently it was caused by a flaw in one of their load balancers that was exploited to redirect ad requests to search.comedycentral.com, which served the malicious ads.