February 2004 - Posts

About two weeks ago (on my birthday :-)), Mobistar has released the SPV (Sound-Photo-Video) E200 SmartPhone on the Belgian market. Last week, I acquired this device and it's working pretty well. A first review for all of you who're interested in this device.

Technical specs:

  • Running Microsoft Windows Mobile 2003
  • Integrated camera (640x480 pixels, 4x zoom)
  • 32 MB of RAM; SD slot available for extension of storage
  • Screen of 176x200 pixels with high resolution (65K colors)
  • USB, Bluetooth and infra-red ports
  • Tri-band (900/1800/1900 MHz)
  • GPRS-enabled (class 8)

First impressions:

It's great to see the Windows Mobile operating system running om those little devices. The software available on the device can be compared with the software on Pocket PC devices but since the device has less RAM and a limited form factor, it's not possible to run apps such as Pocket Word and Excel. Windows Media Player, Internet Explorer and MSN Messenger are out there on the SmartPhone OS which is a great thing (e.g. with the hands-free set and an SD-card you can take your music with you). ActiveSync makes the synchronisation of contacts, calendar, mails, etc really simple to do (in comparison with classic mobile phones). The GPRS connection works fine, so if you want to check mail when you're on the road or you want to look for something on the net, just go ahead and connect (of course it's still rather slow). MSN Messenger is also useful in my opinion but unfortunately it has not all the options of the desktop edition (note: I installed MS Portrait on my Qtek 1010 phone a few weeks ago which is really worth to check out if you have such a device, it can be used as a light-weight Netmeeting tool for low bandwidths).

I'm new to MMS in fact, so it took a bit time for me to find out how this thing works but it's relatively simple to kick off with. The integrated camera for pictures and video has a nice quality and is useful as an alternative for digital cameras if you don't want to carry a bunch of devices with you. Thanks to a button on the left side of the phone, you can make photos or videos without having to navigate through the menu. The synchronisation of the images to the pc is fairly easy as well using the ActiveSync software (included with the device and available as a free download on-line) with the file explorer that connects to the device (note: a USB-cradle is included with the phone).

Advantages:

  • Light-weight device and relatively small (really pocket-sized device)
  • Great resolution on the screen, great colors
  • Good sound
  • Customizable device with a lot of multimedia features
  • It's running the Windows Mobile 2003 operating system which works fine
  • Synchronisation with the desktop pc using ActiveSync
  • A lot of advantages of the Windows Mobile 2003 OS are in there
  • Communication over bluetooth and infrared did not cause any problems
  • GPRS connection can be handy and thanks to tools such as Internet Explorer, mail, MSN Messenger you can get the power of such a connection
  • Development using Visual Studio .NET 2003 works relatively well (although the .NET Compact Framework for SmartPhone has some limitations due to the limited amount of RAM)

Disadvantages:

  • Limited form factor in comparison with Pocket PC Phone Edition devices
  • 32 MB RAM is limited (don't try to play music when you're using ActiveSync for example); although for 'normal use' this is enough
  • Input using the numeric buttons (the "SMS-way of working")
  • Navigation with the scroll-button can be annoying sometimes (not 100% flexible button but it has improved a bit already)
  • Rather low battery life if you're using the device intensively
  • Startup time is rather long (> 30 secs)
  • Some of the software (such as the camera software) is not written by Microsoft which has some disadvantages in the field of integration (e.g. beam a photo from the 'Multimedia Album' via infrared is not possible)
  • The control of the sound volume is not completely clear: the sound icon in the 'system tray' displays the status of the phone sound but other apps are still producing sound (such as Windows Media Player or games); this sound volume can be adjusted using the buttons on the left side (I have to admit that everything has become clear right now)
  • Pure Mobistar-device currently (but that's the same with Proximus Qtek for example)

In my opinion, this is a great device in comparison with earlier releases of SmartPhones on the market (thanks to the new Windows Mobile 2003 OS). I like it!

Alternatives:

If you want to have a device with the format of a classic mobile phone but with the advantages of Windows powered pocket devices, this device is what you're looking for. But if you don't want to do a lot of input when you're on the road and don't like the SMS-way of working to input text using the numeric keys, a phone such as the Qtek will be a better choice since it's a Pocket PC with phone support (and not a phone with Pocket PC advantages as the SmartPhone). The input with the stylus is easier if you like the "PDA style" and Pocket PC Phone Edition devices have all of the advantages of Pocket PCs. Being a developer experimenting with a lot of technologies and mobile devices right now, I have tested both devices (Qtek 1010 and SPV E200). The SmartPhone has limitations for the development due to the limited form factor and the reduced amount of RAM (e.g. no support for datagrids). I didn't play around with Qtek 2020 (http://www.pdashop.nl/product/2739) already which was released recently by Proximus, so I can't compare Qtek 1010 with Qtek 2020 right now.

Link to Mobistar: http://www.mobistar.be/nl/discover/index.html (look for the SPV link)

Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Syskey.exe is a tool available in Windows Server 2003 (also available on Windows 2000 and XP) to encrypt the contents of the SAM Accounts Database. Why would you use this tool? Well, actually Windows (from Windows 2000 on) requires the encryption of password hashes when those are stored on the machine. However, the encryption key (which is randomly generated by the system) is stored locally on the machine, so if a hacker can take over the machine it will be possible to get the SAM database and the corresponding key which are somewhere on the filesystem. Syskey.exe enables you to move the key off the machine by storing it on a floppy disk or by setting a startup password which is required to boot the machine (appears right after the boot logo, before services are started etc).

Although this is a great feature to enhance the security of your server boxes even more, you should pay extra attention for the next points:

  • If you store the key on a floppy disk, be sure to have backups available! Without the key, you won't be able to boot the machine anymore. This can be a disaster because you'll need to re-setup the server and when you're using for example EFS (encrypted file system) you can forget to recover that data... If you loose the floppy, don't hesitate and disable the syskey immediately (a power failure which causes the machine to reboot can be a real disaster).
  • Terminal Services are not started yet when the floppy is asked or the password input prompt is displayed on the console. So, there is not way to reboot the machine remotely without having KVM-access or physical access to the machine. Be careful if you're using this feature on web servers which you're administering remotely because you don't have 24/24 - 7/7 physical access to the data center. When stored on a floppy, you need to press enter to continue with the startup, so having the disk inserted in the drive is no solution (and of course it is ridiculous to insert the key floppy in the machine :-)))).

My opinion, use those advanced features if you really need it but be sure to know exactly what you're doing! More info can be found on http://support.microsoft.com/default.aspx?kbid=310105.

Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Messing around with the setup of the 2082 build of Windows XP SP2 :-(. Seems to have some issues in my Virtual PC setup since it's spitting blue on me during the reboot after the installation of the SP interim build. Maybe it's my own fault, because I installed the Virtual PC additions first without a reboot and then started the setup of the SP2 build immediately (express setup) without reboot first for the Virtual PC additions setup to complete... I'll check it out tomorrow again (fortunately, I have an external disk of 80 GB containing a bunch of basic installations of all flavors of Windows, going from 98/NT4 to XP/2003/SBS and Longhorn). Bug reporting now...

For those who're interested in XP SP2, take a look at the MSDN Subscriptions downloads where it's available right now. The interim build (which is not beta-quality as mentioned on the WinBeta site) is only available if you're enrolled in the beta program of XP SP2.

Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Finally found the time to finish my first reading of Writing Secure Code - Second Edition by Michael Howard and David LeBlanc. Great eye-opening book and a real recommendation for developers who want to know everything about security in (network-based) apps. I think this book is one of the proofs that Microsoft is really devoted to deliver products and technologies that are very secure (by default) in the context of "Trusthworthy Computing". Most of the code is in C++ - one of my favorite languages in fact - but everything you learn from those things can be used in many fields which are development-related: what kind of attacks exist?, how are those exploited by attackers?, what really is malicious code?, etc. Don't worry if you're not a C++-nerd or a hardcore developer, this book can be read by anyone who is involved in the development process of an application in some way.

More info can be found on http://www.microsoft.com/mspress/books/5957.asp. The book costs about $49.99, which is really nothing in comparison with the huge cost of unsecure software (patches, management of apps, etc). Did you know what the cost is of one single security fix that requires a security bulletin? The answer is on page 11 in the book :-) About $100,000, that 10^5 indeed (no spelling mistake)!!!. Be sure to check this out!

Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Working again on the Microsoft SchoolServer development, this time in the field of internet blocking tools which can be used by teachers to lock certain students, a whole class for example, from the internet just by performing a few mouse clicks on the teacher's computer. Not that simple at all, but a great challenge again :-). The main problem is that we can't really do a central blocking since the infrastructure in the targeted schools is different in quite a lot scenarios, so we can't rely on some unified infrastructure. I also has to be really easy to install and to use by teachers. To do this, we're currently working on a client-based approach with the central SchoolServer as a "blocking server/dispatcher". The other difficulty to deal with is the fact that blocking will be applied on a user-basis, not on a computer-basis. All kinds of scenarios are taken in account for the moment: roaming students, students being logged on on multiple machines, etc. Secure by default, you know :-).

Okay, back to work now developing the server-components and the client-tools used to map users on computers (where those people are logged on to), to do the blocking and to have secure communication between the client and server. Still working on the Windows 9x client for older systems (which are still out there in many schools). It was a welcome present to have a Virtual PC solution for Microsoft to test all flavors of clients on my machine (my main OS is Windows 2003, running Windows 98, Me, 2003 and XP in Virtual PCs for the moment). Let's ALT-TAB to C++ for another few hours.

Cheers!

Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Maybe some of you wonder why I've been off the blog for a while. There are several reasons why, one of those being the development of SchoolServer (working on Internet-blocking) and my brand new setup of Longhorn build 4051 on my laptop :-) in "dual"-boot with Windows XP and Windows Server 2003 (yeah, I trust Longhorn to run it on my pc outside a Virtual PC sandbox).Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Recently, I heard some concerns of people about the "gap between Windows XP and Longhorn". Being released back in October 2001, Windows XP is now 'older than' 2 years. Longhorn, the next major Windows release for client-side use, has been delayed to 'somewhere in 2006' which is still 2 years to go. First of all, Windows XP SP2 (note: a beta is available for MSDN Subscribers and an interim release is available for the beta testers of XP SP2 on betaplace) will contain a lot of new features which make the service pack more than just a "collection of bug fixes":

  • The Windows Firewall has been extended quite a lot. In XP pre-SP2, the firewall was just some little checkbox to enable or disable the firewall on an internet connection and was disabled by default. Windows Server 2003 will know the "secure by default" principle and that's exactly one of the things which Microsoft is going to do in SP2: the firewall will be enabled by default. Beside of this, the firewall software (formerly known as Internet Connection Firewall or ICF) has now been extended to support exceptions (things which are available and can pass the firewall) which can be extended by adding "trusted programs" and "open ports". The Windows Firewall will bring up notifications as well (if turned on) to notify the user of security issues.
  • Wireless networking has been improved as well. There's a new dialog box to display the available WLANs where the user can change the preferred networks, settings of connections, etc.
  • Internet Explorer 6.05 contains updates to support pop-up blocking (finally!), browser add-on management, etc. The principle of 'zones' has been redesigned as well and the scripting capabilities of IE have been reduced (for example, it will no longer be possible to hide the title bar, address bar, status bar of IE or to move the browser window off-screen).
  • Outlook Express has inherited some of the features of "big brother" Office Outlook 2003 such as the isolation of potentially dangerous attachments and the prevent-from-downloading-images-by-default feature (if you wonder why this is necessairy, it's just another protection against spam: if you're downloading images from the internet in a spam mail, the spam server can record this image download and thus knows - with some tricks - that you've read that e-mail).
  • Messenger now contains an Attachment Excution Services API to prevent the user from opening files sent to him by a contact that may contain malicious code.
  • Windows Update has been extended to "Microsoft Update" which is a wider patch-management system that involves all Microsoft products (e.g. Office software). After the SP2 upgrade the user will be encouraged (during the boot phase as you may have seen Scandisk or convert /fs:ntfs appear on your screen during the boot of Windows XP) to enable the auto update feature to patch the system automatically whenever updates are available.
  • For newer hardware, Windows XP contains memory protection as well. This is a technology that will protect your pc from buffer overrun attacks and is available on systems with NX-technology (Execution Protection) such as the AMD 64 bit processors and Intel Itanium as well as upcoming releases of Intel's Pentium 4 and Xeon. Windows XP binaries will be recompiled using the /GS flag as well to prevent buffer overruns to occur in critical system components and to find such leaks faster.
  • Windows XP SP2 will contain an anti-virus scanner by default that will protect your pc from viruses if you decide to use this technology (it's not mandatory, it can be turned off!).
  • Last but not least, RCP and DCOM have been locked down to reduce network-based attacks (remember MSBlast?).

A great review on XP SP 2 can be found on http://www.winsupersite.com/reviews/windowsxp_sp2_preview2.asp.

A few days ago, Microsoft announced an interim release of Windows beween Windows XP and Longhorn (something as Windows XP Reloaded or Windows XP Second Edition). More info can be found on http://www.winnetmag.com/windowspaulthurrott/Article/ArticleID/41858/windowspaulthurrott_41858.html. The release will contain all the features of XP SP2, Windows Media Player 10 and other features which are not known right now.

Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

Microsoft has announced the Caller ID technology to reduce spam on the internet. Currently, my mailbox has a spam-regular mail ratio of 82:14 (that's less than 20 percent of the mail is 'valid mail', believe it or not but the document on Microsoft's spam site mentions the spam rate on Hotmail which was identical to the spam rate I have on my machine right now: "As of mid-2003, about 83% of the e-mail messages received by Microsoft® Hotmail® on a typical day are spam"). Microsoft has built spam-technology already which is included in Exchange 2003 and Office 2003. For example, thanks to the SmartScreen technology built in into Office Outlook 2003 that 82 junk mail messages in my mailbox were filtered out on my machine. The SmartScreen technology works with statistical analysis of mails on Hotmail and those stats are used to calculate the probability that a mail is 'junk mail' (this check is done for every mail which is not in the trusted senders list). However, spam has a huge impact on the overall traffic on the internet and should be reduced for this reason as well. The Caller ID technology checks - this is only a simplified summary - whether a mail that arrives on a mail server with some specific domain name was sent from a server which is legible to send mail for that domain. By doing such a check, spoofing can be reduced dramatically (being  a solution in the fight against spam). The whole technical spec is on-line for two weeks now and can be found on www.microsoft.com/spam. The first tests of this pilot technology will be done on Microsoft's Hotmail mail service and will become available later as a plug-in to Exchange mail servers. Anti-spam is also on the feature list of upcoming products such as Longhorn - which is the next major release of the Windows operating system on the client-side.Del.icio.us | Digg It | Technorati | Blinklist | Furl | reddit | DotNetKicks

More Posts