The Story of David Kaspar

The latest critical Windows update from Microsoft (KB941644) is a fix to TCP/IP to prevent possible remote code execution.

The Microsoft Security Bulletin MS08-001 explains that there are two reported vulnerabilities in TCP/IP and that an attacker could take complete control of an affected system and install programs and view data.

The bad news is that the critical update will replace your TCPIP.SYS and thus reset the amount of half-open connections back to 10.

The good news is that the LlvLord patch will work on this new version of TCPIP.SYS and you can yet again increase the half-open connections (I recommend a value of 100-500).

Read more about the limited half-open connections and how it can slow down your network applications (especially BitTorrent).

Clickety-clickety-clickety-krrzz-krrrrrrrz-clickety-clickety was the sound that started coming out my wife's laptop the other day.

If you hear this sound from your laptop's hard drive then I am afraid it's end is near. It is time for a full back-up and hard drive replacement.

1. Copying data files to an external HD or another PC
This turned out to be the most time consuming part of the hard drive replacement.

I had made regular backups but wanted the latest data so chose to copy everything important manually.

Windows Explorer copy is very poor as it does not support resume, nor does it show a detailed progress. Since you are copying from a defect hard drive there are bound to be several file errors and you will need all the help you can get.

Secure Copy 2 from Pineda Networks is a better tool for the job. It is a bit unstable but free, allows resuming of file transfers and gives detailed progress information.

2. Purchase a spare identical or similar HD
To find out what hard drive model your laptop is using right-click on "My Compyter", select properties, then Hardware, then Device Manager and check the drive(s) under Disk drives.

Google for the drive model and see if it is for sale.

In my case the drive was a 40GB Toshiba MK4004. I was not able to find that exact model but a MK4006 seemed to be a replacement. There were 60GB drives available. While that would have been a nice upgrade I could not gurantee that the larger drive would work with the VAIO system restore disks.

Cost of drive: £85.

3. Install the new HD
Do not attempt at opening your laptop if you are not comfortable with screwdrivers, fiddly electronic contacts and the possibility of destroying the laptop.

With the replacement hard drive in hand you should be able to take the laptop and drive to a back alley computer shop and have it replaced for a bargain price.

If you attempt at replacing the drive yourself I recommend you to do a dry run even before purchasing the replacement drive.

Start with the laptop closed and with the bottom side up. Unscrew all 13 screws and note the sizes and locations as there are 2 different sizes.

Two of the screws are hidden under the (top) rubber pads. Peel them off with a screwdriver. When you put them back they will stick to the case just as before.

Turn the case around and open it. You should be able to lift the top of the bottom part. If it doesn't it means you have forgotten one or more screws.

Don't attempt to take of the top completly because the keyboard is attached to the bottom part and you don't want to mess with those connectors. Just lifting it will be enough to get at the drive.

Unscrew one last screw which holds the frame around the frame (see arrow above).

Take away the frame and disconect the hard drive connector (see arrow above).

The drive is now free to be lifted away. It is surrounded by four little rubber pads which you need to move to the new drive.

It is a bit tricky placing in the new drive with the rubber pads on the sides so have patience and be careful. Replace the frame around the drive and the screw that holds it down.

You can now close the case and put all the screws back.

4. Restore the data
With a VAIO laptop you should have restoration disks which are a quick way of putting back the operating system and any proprietary software.

I chose not to install any of the VAIO extras as I believe they only slow down the computer.

Continue with installing any previous software and finally replace the backed up data.

Don't forget to run Windows Update as soon as you can. Installing Service Pack 2 and 95 other critical Windows updates was quite the exercise.

If you at a later point need to restore data from the removed HD then have a look at external 1.8" or 2.5" USB hard drive enclosures.

Connecting via USB 2.0 very convinient as it doesn't require the opening of your PC case to connect the hard drive via a HD adapter.

External enclosures are only £10 on eBay, shipping included!

PS I have one spare screw after replacing the drive so please do a better job than me and let me know which screw is missing from the photos above!

London's Leicester Square is getting free WiFi courtesy of the PR firm Four Communications.

It is an 8Mbps service whose only restriction is that you use it "fairly". The SSID (network ID) is Four's Free Hotspot.

London, welcome to the 21st century and let this be the first of many free Internet access points.

[Via Shiny Shiny]

At first I was grandiosely excited about the shiny new dual core AMD 64 X2 4800 processor I was about to upgrade my system with. Then I was bombastically disappointed when the computer did not start up after I had fitted the new processor on the motherboard.

After checking that all kinds of sockets, cables, wires and buttons were in place I removed the CPU to see if it had possibly been inserted inadequately.

To my horror I noticed that one of the minisculus processor pins had been bent all the way down to the surface of the processor.

In my 10 years of building custom computers and therefore fitting aplenty of CPUs, this was the first time something had gone as horribly wrong.

I accredit it to the fact that it was late in the night, I had had a double (single malt) scotch and I was too lazy to move the PC to a flat surface so I was fitting the CPU in a 45% angle.

Not giving up instantly, I tried straightening the pin with a tiny screwdriver but it snapped like only a dry stick could do.

For a brief moment I suspected that maybe the CPU had come like this from the shop but realised that no warranty return was possible after having further mutilated the CPU myself.

I decided to cut my losses and put the CPU up for auction on eBay clearly stating that it was not working. Then I proceeded to ordering a second AMD 64 X2 4800 from the same shop.

The following day I started looking into ways of repairing a broken pin on a processor. Just out of curiosity because a) the replacement processor was on the way and b) I didn't really think it was possible.

Almighty Google came up with a few possible solutions:

• give it to a gold smith; he might give it a go if he is brave enough (or silly enough I thought)
• break of a pin from an old VGA cable and drop it into the socket in exact position where the CPU is missing the pin
• try super-gluing the pin back on the processor
• there is a myth of some guy in the USA that fixes broken pins for $50
• the missing pin may not be used by the system so try the processor again

Only the last suggestion sounded like any fun so off I went to the AMD website for detailed specifications on the socket 939.

Figuring out the name of the missing pin was a bit confusing due to the orientation of the CPU but at last I had a position; AF-12 aka [STRAP_HI_AF12].

Looking up the functionality of that position I struck gold.

The specification said "Not used by the system" for that location. Two other locations said the same thing so this seemed to be a 0.5% (1 in 200) chance.

So I attempted a second, careful, insertion of the processor and the PC booted up like a champ. I ran a few tests and benchmarks and all indicated that the processor was working just fine.

Then there was the dilemma of the replacement processor being on the way and the auction stating non-functional processor whereas it was now seemingly fully working.

Luckily enough the shop had a "7 day cooling off" period within which you could return items without any hassle (still waiting for the refund though).

The auction was won by an Italian buyer who insisted that I tested the CPU before he would pay.

It did not matter how many times I wrote in poor Italian that the auction specifically said the item was not working so I could not give any guarantees.

I guess it worked out for the best that we decided not to trade since the handicapped CPU is now running my PC and doing well. I am getting quite attached to it actually.

So the moral of the story is twofold:

Don't be a meat head when inserting a new processor and if things go wrong, don't despair until you have Googled it!

I had this idea of trying to resurrect an old Sony VAIO laptop (PCG-Z600TEK) with a free distribution of Linux OS. The laptop is to be used as a wireless picture frame if all goes well.

The laptop had previously suffered from intermittent HD crashes and had been collecting dust in a cupboard for a good 2 years.

Weighing in at just 700Mhz and 256 MB of RAM, it is fairly weak by today's standards and I had a feeling that the original Windows 2000 was too much for it.

Ubuntu is a very popular Linux distribution at the moment so I decided to follow the masses and give it a try.

The download was easy as can be but the problems started shortly afterwards because no matter what I did I was not able to burn a single distribution properly.

All in all I tried 4 distributions (AMD64 server/desktop and i386 server/desktop), 3 Cd/DVD authoring software packages, 2 CD-RW drives on two different PCs and about 10 different CDs (two different brands). None was successful!

If you are planning on giving Ubuntu a try, the first thing to check is the check sum of the distribution after the download. This is to ensure that the download was 100% successful.

On Windows you can use the free digestIT or MD5Sum . If you are using Firefox there is a MD Hash Tool extension available.

Compare the generated MD5 check sum with the official Ubuntu MD5 check sums. If there is a discrepancy re-download.

Second step is to burn the ISO distribution to an empty CD. Various CD/DVD authoring can do this, e.g. Nero burning Rom, Alcohol 120% and the free CDBurnerXP Pro.

Using slower burning speed (1-8x) should help towards a successful burn but it didn't in my case.

Once burned, pop the CD in your CD drive, make sure to enable booting from CD/DVD (optical drive) in your BIOS and restart you computer.

Make sure to select "Check CD integrity" in the Ubuntu menu as a first thing. This is where it was reported over and over that my CD was corrupted.

I have posted a few questions on the Ubuntu forums and maybe there will appear a workaround at some point. Until then the Sony VAIO laptop will be collecting some more dust.

Heard on Slashdot: Ubuntu is an ancient African word, meaning "can't configure Debian".

Update
One more disc burned and tested on a third PC (Dell Latitude D505) and Ubuntu booted up properly. It appears that the Ubuntu 6.06 is very sensitive about hard ware being used.

From a quick tour of Ubuntu 6.06, Linux on the desktop has come a long way. It was responsive, esthetically pleasing and with all that Unix goodness.

Short lasting experience though. The Dell Wireless TrueMobile 1350 WiFi card is not supported natively and I was not in a mood making it work with the ndis wrapper.

A memory test on the VAIO showed severe problems so no wonders Ubuntu did not boot up on it.

Update 10 April 2007
It looks as if Windows Vista comes with similar half-open outbound connections limit as Windows XP SP2 did. In fact Vista Home Basic is even more limited with only 2 connections allowed!

Torrentfreak has a great write up on how to patch Windows Vista (32/64-bit) to increase the TCP connections and improve your BitTorrent (p2p) experience.

If you are using Windows XP, you must have noticed all the fuss about Service Pack 2. It introduced an array of security "enhancements": dual direction firewall, several long overdue IE improvements, memory protection and the crippling of the TCP/IP stack.

Hang on, how is crippling of the TCP/IP stack a security enhancement?

Windows XP SP2 limits half-open connections (SYN) to a maximum of 10 (the previous limit was over 65,000). This is supposed to slow down certain viruses because their spreading strategy is to try to connect to a high amount of random IP numbers.

The drawback with this connection limit is that other legitimate network intensive applications can be slowed down as well. Applications like security network scanners, peer-to-peer (P2P) applications or a combination of network applications that a power user may be using (VPN, FTP, p2p, RDP, SSH, "Firefox on steroids" and more).

To me it sounds awfully lot like treating the symptoms instead of the cause which would have been to tighten up Windows security to prevent virus infections in the first place.

#PAGEBREAK#

There is a way to tell whether your daily networking activities are being affected by the patch. Each time your computer tries to establish more than 10 half-open connection, a system event will be logged in Windows. It looks something like this:

EventID 4226: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts

Access the event viewer by Start / Control Panel / Administrative Tools / Event Viewer / System. Sort by Event and scroll down to 4226. If you only have a few occurrences, I would not worry about it but if you see many daily occurrences it's time to look into why they are appearing.

There are two scenarios:
1. You computer may be infected with a virus/worm that is trying to spread
2. You are a networking power users and your applications are being stalled by the XP SP2

If you have anti virus software running and you scan your computer regularl ywith anti-spyware software like AdAware then case 1 is not likely.

#PAGEBREAK#

You can find out which process is responsible for the many half-open connections with the command 'netstat -no | find "SYN"'. Half-open connections will have a state of other than ESTABLISHED. Note the PID (process id), open Task Manager and locate the process and application responsible for the half-open connections.

The second case means that SP2 is stalling your work. An unofficial patch will modify the locked tcpip.sys and let you set the limit to whatever you wish. 50 half-open connections is a reasonable limit or you can set the limit back to 65,535 which it was before the SP2. The patch is called EventID 4226 Patcher and can be found on LVL Lord's web site: LVLlord downloads.

Certain Microsoft updates may replace the TCPIP.SYS with a new locked version but LVLLord has been quick on updating the patch. When you run the patch, it will tell you how many connections are currently allowed.

Last year I noticed a Mac OS application that looked very sleek and I wished it would run on Windows. This month my wish came through.

Konfabulator is an engine that runs in the background and updates various widgets placed on your desktop. These widgets display information about your computer or information fetched from the Internet.

The installation comes with 15 default widgets to update you about the weather, time, WiFi strength, CPU usage, photo frame and more. On the Konfabulator gallery page you will see that people from around the world have contributed with hundreds if not thousands of widgets to perform all kinds of tasks.

One common characteristic of the widgets is their design. It is pure eye candy combined with high functionality. Fancy transparencies, docking to the side of your desktop, eye popping icons and much more previously only seen on Mac OS.

My current favourite widget is the standard digital clock in float mode and very high transparency. What is your favourite widget?