July 31, 2008

Vista for a day

Strangely enough, right after I wrote the previous entry about the lack of a up folder button in Windows Vista I came across Mavis Up Button. I wasn't even looking for it, since I gave up looking for a solution long ago. It was a completely random thing.

So I re-installed Vista on my ThinkPad on a spare 320 GB hard drive.

My ThinkPad actually came with Vista Business pre-installed, but I downgraded to XP when I first bought it because of the missing up folder button, and also because it was slow at the time due to lack of RAM. (The ThinkPad came with 512 MB installed, which I immediately upgrade to 2 GB. Now it has 4 GB installed, although only 3 GB can be used due to chipset limitation.)

The installation from the Vista restore discs followed by Service Pack 1 followed by driver updates took nearly three hours. After installation was complete I disabled all the useless animations and reconfigured the desktop the way I like it, and immediately ran into a new annoyance: Vista insisted on remembering each folder's view settings even when the option is disabled. Hmm, I remember hearing about this problem but I never paid much attention since I wasn't using Vista, but a quick web search turned out the problem most people were having was Vista refusing to remember each folder's view setting, and I was having the exact opposite problem!

After some tinkering I figured out the relatively simple solution: folders in Vista have default view setting which Vista will use even when the "remember each folder's view settings" option is disabled. So after disabling the option, I also had to apply the view setting to all folders.

After that I installed the trial version of Mavis Up Button and started using Vista, and like I said in the previous entry, I do like Vista a lot, and it runs very fast on my notebook.

But then I ran into a yet another new annoyance: there doesn't appear to be any way to disable smooth scrolling in Windows Explorer when the view setting is set to List. I came across this Neowin forum post that suggests that there is no solution. Smooth scrolling is fine for typical users or if there are very few files in a folder, but I have folders with thousands of files, and scrolling smoothly across thousands of files takes a long time.

Bah. Back to XP for me.

July 30, 2008

Why I don't use Vista

Reading about the Microsoft Mojave Experiment made me write this. I actually like Windows Vista a lot. But the only reason I don't use it is because it lacks the "up folder" button in Explorer. The up folder button is not like the back button, and the new breadcrumbs bar can not replace the simple up folder button.

The breadcrumbs bar is much harder to use than the simple up folder button is because the breadcrumbs bar changes in length depending on the length of the current path. If you're many folder levels deep, the breadcrumbs bar could take up the entire width of the Explorer window, so to go up one folder, you need to mouse over to the right side of the window. But if you're only one or two levels deep and the path is short, you need to mouse over to the left side of the window. This gets worse if you have a large Explorer window, since the breadcrumbs bar would be random in length.

The location of the up folder button never changes.

This is very important because I don't want to have to look at the folder names and move the pointer to the right place just to go up one folder level. What if I'm going up more like one level? Some people argue that the breadcrumbs bar is faster if you're moving up more than one folder level because you can click to that folder directly. But in reality, I would then need to look at the breadcrumbs bar to see exactly where I should click to go up that many folders, instead of just moving the pointer to the up folder button and click click click.

It's strange that Vista actually introduced a new shortcut key to replace the missing button: Alt-Up arrow. Alt-Up arrow is exactly the same as the up folder button, but why take away the button, and add a keyboard shortcut?

One reason I can think of why Vista doesn't have the up folder button is because users can't tell the difference between up and back. I look at my users and none of them ever uses the up folder button because they usually navigate into a folder from the previous folder, and going back is the same as going up. This is probably a lot like those windows animations and sounds. My users need them to see where they've clicked and what actions last took place, but they just slow me down. The animations can be disabled for advanced users, and I imagine the Alt-Up arrow shortcut was added for advanced users, but why was the up folder button taken away?

Adobe Photoshop Lightroom 2 released

Adobe Photoshop Lightroom 2 has just been released. Maybe it's really time to buy a good professional LCD monitor instead of doing everything on my notebook all the time.

July 29, 2008

Happy SysAdminDay!

Last Friday (July 25) was System Administrator Appreciation Day (SysAdminDay). No one showed up to give me any presents or called me up to thank me, and it completely slipped my mind too until early this morning.

Let me see, last Friday some user's computer got infected by a virus that could not be cleaned unless the hard drive is connected to a clean computer and scanned from that computer. Another user's monitor was having problems and sent in a request for a new monitor which we didn't have on hand. The company's inkjet printers are using way too much ink and I had to figure out a plan to reduce ink usage. A programmer's Visual Basic suddenly failed and I helped him fix it. The CCTV system crashed and I had to fix that. The 1.5 Terabyte Buffalo TeraStation used for backups ran out of disk space because the backup software keeps crashing so it keeps doing full backups instead of incremental backups. The SOX consultants requested a complete list of all programs developed by our programmers. Boss wanted to burn some CD's but can't remember which program to use. Someone called me up to do a telephone survey about our network infrastructure and I had to spell out Google and Cisco for her. Right after that the local Kerio Winroute Firewall dealer called me up to remind me that my subscription is expiring. A friend dropped her notebook by accident and the screen cracked and wanted my advice about buying a new notebook. (We made an appointment and went out to buy it on Sunday.) Another friend wanted to have a website redone and I went to check out the website and turned out it was infected by an iframe virus. Another friend was starting a web business and wanted to know about link exchange and SEO. Yet another friend was having problems with her company's Internet link and I had to talk to their service provider about it. Still another friend was installing Windows XP on his Acer notebook and was having problems with the display driver. The driver turned out to be corrupted on many Acer sites and I managed to find an uncorrupted copy on the Chinese Acer site. My domain controller had been having an issue where every single day after 5 PM and before 8 AM the server's dual port LAN card would stop working as a team and then the server would complain about duplicate IP on the LAN. Since the problem only happens after 5, I worked late trying to fix it. (It's still unfixed.)

In other words, a completely typical day.

July 22, 2008

Flying GPS

Last week I took a whole week off and went on a much needed R&R trip to China. I've always wondered if GPS devices could work in a commercial flight, and this was the perfect opportunity to find out for myself.

My GPS is a Garmin Forerunner 205 which actually a sports GPS, but it could be used as a general purpose GPS for tracking, but not for navigation.

The flight was between Bangkok and Beijing. The distance from take off to landing was 3,511 km and the total flight time was 4.5 hours. Max airspeed was 905 km/h. The yellow line in the image is the actual flight path taken from the Garmin software.

July 12, 2008

Router boards

So, just buying home routers and flashing them with third-party open source firmware wasn't enough, I started looking at "router boards". Router boards are low-cost power efficient computers usually with multiple network interfaces suitable for being used as firewalls or routers.

After some research, I decided to buy some alix2c0 boards directly from PC Engines. The alix2c0 is a basic router board model with two onboard network interfaces and two empty mini PCI slots suitable for wireless network cards. Other models of the ALIX boards have different combinations of network interfaces, onboard USB ports, and even form factors.

I also bought bright red cases designed just for the alix2c0, as well as wireless cards and CF cards. The red box at the left of the picture shows a fully assembled alix2c0 with one wireless LAN card (it's internal) and one external antenna connector (with no antenna attached). The board at the right of the picture is the plain alix2c0 board with nothing attached.

My OS of choice for the alix is m0n0wall. m0n0wall turns the ALIX box into a full feature firewall suitable for small businesses. One other thing that I use m0n0wall for is the hotspot voucher support, which turns an ALIX box into a standalone hotspot for use in Internet caf├ęs or hotels. m0n0wall's internal hotspot support is still too primitive to support long term usage such as in an apartment complex, where the users may want to buy a ticket and use it for days or even weeks, and the hotspot would need to keep track of the usage.

July 11, 2008

ThinkPad Ultrabay Hard Drive Adapters

One of the things I like most about my ThinkPad is the Ultrabay. The Ultrabay is by default occupied by the optical drive, but the optical drive can be removed and replaced with a hard drive adapter, a battery, or a serial/parallel port adapter.

I have both the IDE and the SATA Hard Drive Adapters for my ThinkPad. I used the IDE adapter with an 80 GB drive for years with my older ThinkPads. When I upgraded to a T60 last year I upgraded to a SATA adapter with a 250 GB drive.

There has always been questions about whether a drive caddy is needed to use the Hard Drive Adapter. It's actually not required, but the drive will be held more securely if you do have the caddy. If you don't use a caddy, the drive will not be fixed inside the adapter. So if you subject the adapter to a lot of movement, especially if you use it with an R series ThinkPad that has a larger Ultrabay, the drive connector can easily get damaged. The picture shows the drive hanging by the SATA connector alone when the adapter is turned upside down. A drive caddy (or Scotch tape) is highly recommended. (Warning: Don't cover the drive breathing hole if you use Scotch tape!)

Click on the image to see the larger version, the hard drives pictured at the top are SATA with caddy, SATA without caddy, IDE with caddy, and IDE without caddy.

July 10, 2008

U Can't Touch This

At work we have some Siemens SIMATIC Touch Panels. They are really nice looking touch screen panels that run Windows CE. The interface programs can be programmed in Windows using WinCC or other SIMATIC tools in Windows, then downloaded onto the panels to be used during production. It all looks really nice on paper (or in the website, rather).

The website describes them as rugged and stable. But in real life, we found out that the touch screens broke easily during actual use in an oily and humid environment. So to protect the screens, we installed thick Plexiglass panels in front of the touch screens and forced the operators to use USB mice to control the panel instead.

Unfortunately, the single onboard USB port seems to have been designed to have a device plugged in permanently. Because the mice also get damaged easily in the dirty environment, they need to be replaced constantly, sometimes even weekly, and so the USB port gets damaged quite often. And when the supply of mice run out or damaged USB ports don't get fixed in time, the operators start pressing down really hard on the Plexiglass in order to press on the screen. The result? Damaged touch screens, again.

The panels save data in standard CompactFlash cards. But Siemens wants us to believe that they use Special Cards (tm) and our purchasing department got tricked into buying them directly from Siemens. They paid something insane like $500 each and received standard SanDisk 128 MB cards. (We have about 50 of those panels.) I complained to Siemens about the price, but they want me to believe that the cards only looked like standard SanDisk cards, but actually were produced specifically for use in industrial settings (no, they were not SanDisk Extreme cards), and that they were formatted specifically for use with the panels. They even threatened that if I used other CF cards, I would void the warranty on the panels.

Anyway, after like a year of daily use, the SanDisk cards started failing one by one. Luckily, this time I stopped the purchasing department in time and helped them buy standard CF cards. I had found a supplier of small sized CF cards earlier, and I managed to get Lexar 128 MB cards for $1 each. $24,950 saved!

What warranty?

July 8, 2008

Router hacking (part 3)

Last time I mentioned using a Buffalo WHR-HP-G54 loaded with Tomato firmware in a business setting, but I forgot to mention that it's being used in place of a router that costs ten times more. The expensive router has a lot more features, but in this particular installation, they were all disabled in the first place for some strange reason. I tried using it for bandwidth control, but it wasn't fast or stable enough. The Buffalo router loaded with Tomato turned out to be more stable, faster, and uses far less power.

This is a picture of the WHR-HP-G54 sitting next to the Cisco router and the expensive Nusoft router. Above the two rackmount routers are the G.SHDSL modem and a backup ADSL modem. Above the G. modem is a Linksys WRT310N that I'll talk about another time.

July 6, 2008

Death, taxes, and Sarbanes-Oxley

My company is part of a group of companies that jointly form a very large corporation that's a leader in our manufacturing field here in Asia. So of course the shareholders decided to take the company public in the United States to make even more money.

All that probably wouldn't have make any difference to us little ants^H^H^H^Hemployees, but then the American law dictates that foreign companies must follow the Sarbanes-Oxley Act (better known as SOX) if they are to be listed in the United States. One day early this year, I got an e-mail telling me to be prepared for Sox audits that are to be completed before the middle of the year.

How hard could it be? I mean, there's even a Sarbanes-Oxley For Dummies book and I've read all about SOX after Enron and Worldcom happened. But when the SOX consultants actually came in and started asking for documentations and evidence of everything we do, I realized how much trouble I was in. The consultants didn't seem to have any idea about the workings of manufacturing plants as opposed to banking or financial institutions, and they expected us to change our working ways within weeks. The SOX consultants are also hired by the corporate headquarters and had trouble communicating with our non-English speaking employees (all of them).

Eventhough SOX is mostly about finance and accounting, IT also plays a major part in these modern days where everything is computerized. The biggest hurdle for my little IT team was that programmers must not talk to users (only system analysts can) or touch the database (only database admins can), and there has to be a separate IT manager who is not the sysadmin to approve everything that everyone is doing what they're supposed to do. This all sounds nice and secure for very large corporations with infinite manpower, but we only have a very small team handling a very large number of users and projects, and of course, I'm the sysadmin slash IT manager slash Mr. Fix-it-all.

The second hurdle was that they expected all of my users to have individual accounts for every user. This again sounds nice and secure in theory, but in our manufacturing plant where users have to key in the manufacturing data, how are we supposed to expect every user to log off after every data entry?! And we have subcontractors (temp workers) that come in and go on a day's notice. How can the IT Dept. possibly keep up with them to generate accounts when even the HR Dept. has trouble keeping up with the temp workers?

The third hurdle was that they wanted a fully computerized helpdesk system where the users have to describe in detail their IT service request including the scope, definition, reason, and detail of the request. Most of my users are computer illiterate!

This article (which is also the title of this post) sums up my feelings nicely.

Strangely enough, the best thing that I got out of all this was that the local SOX consultant we hired was a babe.

July 5, 2008

Router hacking (part 2)

I've been using the Tomato firmware for almost a year so far for both home and work. It's a wonder that little home routers can be made much more capable by using free open source firmware, and can be used in a business setting requiring 24/7 uptime and true stability.

Right now I have two ASUS WL-500g Premium's running Tomato with the VPN mod. The WL-500gP's were specifically bought to run Tomato and site-to-site VPN and I've been very happy with them so far. The VPN link is up 24/7 and will reconnect automatically when disconnected. Each side has an ADSL 5 Mb / 512 Kb connection shared by about 50 users. The users are not heavy Internet users except during non-working hours (company policy forbids playing during working hours) but they depend on the link for email (Google Apps). There are also SQL Servers on both sides of the link, and the users constantly need to access data from the other side. The VPN tunnel isn't very fast because my outgoing speed is only 512 Kb, but the users aren't complaining.

I also have a Buffalo WHR-HP-G54 running Tomato with Victek's mod. The WHR-HP-54 was bought as a test unit to see if the signal booster actually works in real life, and as a backup unit in case I run out of routers. Currently, the WHR-HP-54 is running behind a commercial G.SHDSL 2/2 Mb link serving about 50 users. The users are very heavy Internet users (no company policy regarding Internet usage) and the link is almost constantly used at maximum capacity. Besides downloading music and nudie pics, the users also depend on the link for lesser important things like the company's email (residing on the ISP's POP3 server) and shared calendar (Google Calendar). Victek's mod is used to attempt to limit the users' bandwidth usage. Before using Tomato, the link is saturated at 2/2 Mb every day from 8 to 5.

I still have the Linksys WRT54GL units that I bought for testing originally. One is running plain Tomato at home. The rest are being used as test/backup units or as plain access points with the WAN port disabled.

More to follow...

July 4, 2008

Router hacking (part 1)

I've been a loyal customer of Kerio Winroute Firewall for many years, since back when it was called WinRoute Pro. KWF is a great product, easy to setup and configure, and the tech support people were great. I ran into a problem a few years ago where if the site-to-site VPN got disconnected, it would not reconnect correctly unless I manually disconnect the VPN tunnel, then manually connect it after five minutes had passed. The tech support guys walked me through possible scenarios for months until we finally figured out the problem. (The problem was that the ISP supplied routers that I was using didn't pass the real IP address, I solved the problem by buying cheap USB ADSL modems.)
After a few years of using KWF, I started looking for alternatives simply due to cost. KWF has a yearly subscription cost based on the number of Internet users. By then hardware routers had come down in price, and various open source software routers had been released in stable form. I also heard about loading third-party firmware onto home routers, so I bought a few Linksys WRT54GL's for testing.

The KWF systems probably knew that I was phasing them out, so one day they suddenly broke down and would not let me access Google Apps correctly, while all other websites worked. Since my company's mail was hosted on Google Apps, I had to come up with a solution very quickly.
Since I had the WRT54GL's on hand, I replaced the KWF systems with them. I installed DD-WRT/VPN on the routers, and quickly got everything to work. Unfortunately, DD-WRT would sometimes randomly reset and I would lose all configurations.

After googling for a solution, I came upon Tomato Firmware. Tomato looked great and was even easier to setup than DD-WRT. It also didn't have the random reset and losing all configuration problem. Unfortunately, there was no VPN version. After more googling, I found someone had modified Tomato and added OpenVPN to it. Wow!
I tested Tomato with site-to-site VPN for a few days using the WRT54GL's and decided to go with Tomato, so I bought two ASUS WL-500g Premium's and installed Tomato on them. The ASUS routers have faster CPU and more RAM than the WRT54GL's, and also has two USB ports for connectings things like printers or webcams. Eventhough Tomato can't make use of the two USB ports, but my main use is Internet connectivity and site-to-site VPN, and the faster CPU and additional RAM helped.
I won't be renewing my KWF subscription this year.

July 3, 2008

AMD 780G vs. AHCI

I really like ASUS boards, but recently, ASUS boards for AMD CPU's become pretty hard to find locally, so on our most recently mainboard purchase we ended up getting some Gigabyte GA-MA78GM-S2H (rev. 1.0) boards. Gigabyte isn't too bad, but who can remember a name like GA-MA78GM-S2H (rev. 1.0)? That's one of the reasons I've always liked ASUS boards. We also got some relatively cheap Phenom X3 8450 to go with the boards.

I've never used AMD chipsets with SATA/AHCI before, and I thought it would be easy like on Intel chipsets, where you just set the drive controller type in the BIOS to IDE mode, then install Windows XP, then install the SATA/AHCI drivers after first boot, and then set the BIOS to AHCI mode.Obviously that's what I tried first, but since the SATA device didn't exist, the driver can't get installed, and there's no special install program like for Intel chipsets, and if I set the BIOS to AHCI, it either blue screened as expected, or rebooted immediately without any warning.

Fine, I'll just create a boot floppy, and press F6 during setup to install the driver... but that didn't work either, there's an error copying ahcix86.inf and ahcix86.sys, and then the install fails.

The next thing I tried was creating my own Windows XP with the AHCI drivers slipstreamed. Didn't work either, can't even find the hard drive eventhough the driver is loaded. Tried slipstreaming again, with different drivers, still didn't work. Tried a few more times. More coasters. Nothing worked.

So I tried googling for a solution, and it seems that others were having the exact problem I was having, and the people offering solutions apparently don't actually have the board, and only suggested stuff like using F6 floppy or creating a slipstream installation disc. All of which I've already tried without success. It seems others just gave up on using AHCI mode, or argued that there's no difference between AHCI and IDE mode.

Anyway, after much headbanging and trying random things, I figured out a way to do it. This may not work on other AMD 780G boards and may not even be very smart, but it worked for me. The Gigabyte board has a BIOS setting that can separate the 6 onboard SATA ports into independent 4 SATA plus 2 IDE ports. (The setting is in the Integrated Peripherals page: OnChip SATA Type=AHCI and OnChip SATA Port4/5 Type=IDE.) First plug the SATA drive into port 4, which is mapped as IDE, then install Windows. This lets the installation use the drive as an IDE drive, but since the SATA device exists, the SATA/AHCI driver can be installed successfully. After Windows installation is done, either move the drive back to one of the SATA ports, or disable IDE mode entirely.

Oh, just to prove that this method works even if Windows is already installed, I tried installing Windows XP again with all the SATA ports set to IDE mode, then move the drive to port 4 after installation, set the BIOS to the SATA+IDE mode, then boot into Windows again to install the SATA/AHCI drivers. It all works as expected.

July 2, 2008

Free hard drives

Couple of weeks ago I was looking for a simple backup solution and saw that Buffalo now has the TeraStation Pro II Rackmount available locally. The base model (1 terabyte) wasn't that expensive, but prices increased exponentially for the models with more storage, and the top model was 4 TB.

After some googling, I found that the drives can be replaced with your own without much difficulty if there's no data on the drives. I did some calculations and noticed that if I get the 1 TB model and four 500 GB drives, the cost is exactly the same as buying the 2 TB model. So it would be like buying the 2 TB model, and getting four 250 GB hard drives for free! So I immediately placed an order for two TeraStations, and eight 500 GB drives.

The drive replacement process was simple. The drives were mounted in rails that can be pulled out without any tools, so I replaced the drives one by one, and after each drive replacement, I booted up the TeraStations and let it detect each new drive. After all drives have been replaced (4 reboots per TS), just rebuild the RAID. I would've had to rebuild the RAID anyway, since the 1 TB model came as RAID0 by default, and I wanted to use RAID5. (A friend had bought a 2 TB model, and the 2 TB model came pre-configured as RAID5 by default.)

Each TeraStations came with four Samsung HD250HJ 250 GB drives, and they were replaced them with Western Digital RE2 500 GB drives, turning the base 1 TB (4x250) model into the 2 TB (4x500) model.

Unfortunately, when it was time to put the new drives into the TeraStations, I noticed the screws locking the drives into the drive trays have little tamper-proof warranty stickers on them.

Looks like my TeraStations won't be warrantied for three years.

The Samsung drives pulled from the two TeraStations.

Building the RAID after installing the new Western Digital drives.

July 1, 2008

Does this work?

I always get asked why I don't have a blog. So, to celebrate (?) the cessation of the sales of Windows XP and the retirement of Bill, here we go.