PC Pro - December 2012

WorldMags.netprice list for zero-day exploits However, what about the flip secure their products before affecting Internet Explorer,based upon the vendor/product side of the coin, where security the vulnerability in question can Firefox or Chrome browsers,targeted; it ranged from around researchers sell their discoveries to be exploited. The only variable and a remote code execution£1,000 to in excess of £100,000. the vendors whose software is is how much they’re willing vulnerability is worth more thanThe prices required an exclusive vulnerable to attack? Sam to spend.sale (the value of a zero day is Stepanyan, a senior security information disclosure”.immediately and fatally diluted consultant at Integralis, says Zero-day The harsh truth is thatonce the exploit is distributed) and vendors such as Google set a limit valuationa promise that the vendor hadn’t on the reward they’re prepared to the zero-day market is justbeen notified. Some were sold with pay. In the case of the Google Stepanyan believes that – a market, and thatstaggered payments, the balance “Elite” programme, it’s the strange that the zero-day means the product isonly being payable while the figure of $3,133.7 – strange, that valuation isvendor had yet to release a patch. is, until you realise it spells “elite” calculated by taking priced at whatever the in hacker speak. into account three market will bear. That same investigation also factors: difficulty, Vendors have had tospoke with a zero-day exploit However, the Google Pwnium impact and severity. “Finding step up to the plate andbroker, acting as a go-between security challenge earlier this year a vulnerability in Windows is compete with the darkfor the security researchers who offered $1 million in rewards for easier than finding a vulnerabilityuncover these exploits and the people hacking the Chrome in the Apple iOS operating market traders in order to“government hackers” who browser, and the only two entrants system,” he explains, “so the stand any chance of keeping onpurchase them, no questions each picked up $60,000 for their Apple iOS exploits are more top of the security of their ownasked, for big bucks – as much zero-day exploits. valuable.” Likewise, “a wares. The “no more free bugs”as $250,000 in one case. It seems vulnerability affecting OS X is movement has sprung up as athat state-sponsored hacking has The point is that most vendors less valuable than a vulnerability result of researchers putting in thedeep pockets. will pay for the information hours that, in all honesty, vendors required to enable them to themselves should expend in order to find vulnerabilities. Worse still,www.pcpro.co.uk WorldMags.net upon notifying the vendor of PC PRO•DECEMBER 2012 051

FEATUREWBouontry hlundterMs ags.netThe life of a bug bounty hunterAvram Marius Gabriel (aka interest in security research. Cross Site Scripting (XSS) on without any public disclosure@securityshell on Twitter) I enjoy it because it provides a website and exploits for it of what I’ve found, I classis a professional security a good mental challenge for is extremely easy and doesn’t myself as a white hat. I doresearcher and ethical hacker. me personally and we gain require automatic tools; you watch the forums and seeHe has contributed to the experience as a company, can do it manually. what’s going on in my industrydiscovery and remediation which is beneficial for on both sides of the fence, butof many vulnerabilities on RandomStorm too. I sometimes Q How do you get I prefer to help companies topublic web platforms, and is earn money from my research your information? improve their security. Manylisted on the responsible through bounty schemes, Does it start with a people out there can code,disclosure programmes of which is an added bonus. tip-off, or is it all just a matter but not everyone can codeAdobe, eBay, Facebook, of dredging through code securely. It’s interesting andGoogle, Microsoft and Q How volatile and looking for holes? challenging to discover bugs,Twitter. We spoke to him to competitive is and rewarding to be able tofind out what makes a bounty this area? A Sometimes we just help organisations to addresshunter tick. get an idea and test it these vulnerabilities before the A It can be quite out, but other times black hats discover them.Q Is researching, competitive – there we read the hacker forums to finding and is some rivalry and find out what our peers are Q Do you see this as disclosing security pride at stake between different researching, and which new a route into or anvulnerabilities a full-time job researchers. There are many exploits are being developed escape from thefor you? bug hunters for whom this is and put into the wild. This is mainstream IT security their sole occupation. I know why responsible disclosure is business?A No, I have a full-time many guys who earn a lot of so important. If I were to post security job and I’m money via the bounty on a hacker forum about a A I think security very proud of it. I’m programmes. However, vulnerability I’ve discovered research is a passiona web security consultant at security researchers need to be on a particular website, then rather than a jobRandomStorm. I always do aware that we can’t live solely a whole bunch of hackers will – this is why we do it in ourmy research in my free time, on the proceeds of bounty start looking into that site and spare time as well as nineusually after work or at the programmes. You need a day finding other vulnerabilities. to five. It’s intellectuallyweekends. I’ve had a long-term job too. It’s like trophy hunting. It’s challenging and rewarding important to give the relevant when we’re able to help make Q What does company an opportunity to sites safer. There’s a buzz from discovering a tighten up any security holes finding a way around a security zero-day exploit before disclosing your research. system that no-one has consist of? discovered before you, but you Q What circles do you then have a responsibility to A Sometimes move in? White hats, help fix the flaw so that it can’t vulnerabilities black hats or both? be exploited. If you have an are easy to find, interest in coding and security, sometimes it takes a lot more A Since I find and a talent for researching and work. It always depends on vulnerabilities and discovering vulnerabilities, what you’re looking for. then report them then it’s a good route into Finding a vulnerability like to the relevant companies, mainstream IT security.052 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMags.netthe problem, the researchers all if it’s later used maliciously by rewards the most active Marta Janus, a securitytoo often find themselves on the someone else. “In this case, you researchers with free trips to researcher at Kaspersky Lab, alsoend of a lawsuit threat or with could consider it a researcher’s security conferences or expensive comes down on the “no” side. Shenothing more than a “footnote ethical responsibility to report all hardware. Secunia itself takes no points out the glaring flaw in thecredit” for their efforts. issues they find to the vendors,” commission or payments from the “cure” argument as being the“Historically, the greatest he says, “and if this involves time vendors other than the simple fact that “exploitsreturn on investment was not and effort on the researcher’s part, odd hat tip, and there can be sold not only toto sell the discovery to the then it’s appropriate the researcher have been hundreds the vendors of vulnerablevendor to fix,” says Conrad is rewarded for that.” of vulnerabilities products, but to theConstantine, a research engineer Holding a vendor to ransom disclosed since it began cybercriminals as well.at AlienVault, “but to third parties over an implied threat to at the end of last year. We can’t estimate how many such exploits are circulating on the black“Researchers all too often find Snake oil market at the moment.” or cure? Marcus Carey, athemselves on the end of a security researcher at Bit9, This just leaves the question of disagrees. “I believe that if there’s whether this trade in zero-day a market for zero days, it doeslawsuit threat for their efforts” information means that your keep some exploits from being business is less likely to be hit.to weaponise it.” According to maliciously use a vulnerability Dominique Karg, the brilliantly used in the wild,” he explains.Constantine, more often than not, can never be thought of as titled chief hacking officer at “As soon as an exploit is used andthis means governments looking to ethical; in legal terms, it’s more AlienVault, insists the answer is discovered, they’re patched andstockpile cyberweapons. likely to be regarded as blackmail. no. “Several people might discover the value is gone, so people that But what about the shades of grey it at the same time and only one spend large amounts on zero days when it comes to responsible would get the credit and money are less likely to burn them onIs responsible disclosure? Perhaps schemes for it,” he explains, adding that random attacks.”disclosure dead? such as the Secunia Vulnerability “since there’s mixed feelings about Opinions on the matter differ,Whether or not responsible Co-ordination Reward Program this trading, it divides the but there’s one thought on whichdisclosure still has a pulse depends can fill the gap. This passes on researcher community and creates everyone seemingly agrees: thelargely on how it’s defined. The information from security mistrust in a previously very trade in zero days isn’t likely toethical question of whether people researchers to vendors, and tight-knit community of experts.” stop any time soon.trading in zero days are good orbad guys, or somewhere inbetween, is a hot potato. Constantine is adamant that Zero- day protection for businessthey’re just people trying to earn acrust from the skills they have. “Isthe machinist at the firearmsfactory responsible for genocide in What should the business user do to avoid Similarly, in an enterprise, the exploit may be ableAfrica?” he asks, adding that becoming a victim of a zero-day attack? Terry to pass the gateway, but IDS may detect its actions.“blaming the individual for failing Greer-King, UK MD at Check Point, and Chris These layers are crucial for effective security: it’sto take an economic stand against Boyd, senior threat researcher at GFI Software, easy to get around a single security app, but harderthe sinister realities of larger offer some advice on the subject. getting around additional layers.”market forces is the argument of “Uninstalling programs, products and servicesthe coward.” “Having layers of defence is the best way to that you don’t need is a good start,” says Boyd. “IfSutton believes it could mitigate the risks,” says Greer-King. “A zero day a zero day targets your operating system and thereasonably be considered unethical may be able to bypass a user’s AV software, but the vendor has released a patch, assuming you werefor a researcher to not disclose a firewall may inhibit actions such as sending data fortunate enough not to be compromised initially,vulnerability they know about, to a remote user, nullifying the malicious action. then do the decent thing and update your OS.”www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 053

IN DEPTHWDigoitisringlmdedMia ags.netIN DEPTHGET MORE OUT OF YOUR PC WITH OUR COMPREHENSIVE ADVICEHow to… Digitiseyour analogue mediaIf you want to share old photos online, or enjoy your LPs on your iPod,digitisation is the way forward. Dave Stevenson shows you how it’s doneT oday’s cameras and camcorders record digitally – but most of us still have plenty of older analogue media, both stuff we’ve recorded ourselvesand movies and records we bought back in thedays of VHS and vinyl. From albums full ofphotographs and slides, to cupboards packedwith LPs, important memories are gatheringdust and, in some cases, literally fading away. Here, we’ll show you how to convert oldphotographs, records and video, often for free,into formats that will last, and can be sharedeasily for all to see – which, after all, is whyyou pressed the shutter in the first place.Scanning photos Scanned-in photos can be touched up with photo-editing tools, which means the digital versions may end up looking better than the original printsMost all-in-one printers can scan photoprints with a level of quality that’s perfectly sharp originals. For the best quality results, Editing tools can also remove blemishessatisfactory for sharing on Facebook and the consider scanning the negatives your prints such as red-eye or spots on prints. You canlike. Such hardware can be slow, however: were made from: this will require a specialist crop out unwanted details, and with a bitscanning a few hundred prints is likely to be a scanner capable of very high resolutions (see of care even large defects such as rips orgood day’s work. If you have a very large Slides and negatives, opposite). creases can be fixed. Popular editing toolsnumber of photos, it makes sense to use a include Adobe Photoshop Elements and theprofessional scanning service: expect to pay Digitising doesn’t only make it easy to share free Paint.NET: if you’re more ambitiousaround 10p per print. Slides can cost up to 69p. your photos: it also gives you an opportunity to you can invest in professional photo-editing improve them. After scanning your images, you software such as Adobe Photoshop Lightroom Alternatively, consider investing in more can use a variety of photo-editing packages to or the full Adobe Photoshop.capable hardware. We currently recommend correct colour casts and bump up the saturationthe HP Officejet Pro 8500A Plus all-in-one (web to compensate for fading. You may also be able When it comes to archiving your scans, aID: 372043) for its fast and very high-quality to improve overexposed or underexposed good working format is 24-bit PNG: thisphotographic scanning (£246 inc VAT). Epson images, but don’t expect to work miracles: produces larger files than the popular JPEGmakes a series of well-regarded photographic unlike photos taken with a digital camera, format, but it isn’t “lossy” like JPEG, so imagescanners, too, ranging from the £80 Perfection scanned-in prints contain no extra hidden detail quality won’t degrade each time you save theV33 to the £700 Perfection V750 Pro. in the dark or light areas, so all you can do is file. Lightroom doesn’t support PNG files, so in adjust the overall balance. this case the TIFF format is a good alternative, Unless your original prints are of unusuallyhigh quality, a scan resolution of 300dpi willprobably capture all the detail that’s there; ifyour prints are in the common 10 x 15cmformat, this will give you the equivalent of a2.1-megapixel image. Feel free to experimentwith higher resolutions if you have very large or054 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMDiagitigsingsm.endiaetIN DEPTH Contents ● Digitise analogue media...........p54 ● Advanced Windows 8................p58 ● Geolocation technology ..........p62though it takes up even more disk space. Expect Slides and negativesa 2.1-megapixel PNG to occupy around 2.5MBof space; a TIFF might be twice that size. If you still have the negatives of your old much too dark to be of any use. Also, photos, consider digitising these rather than because negatives are much smaller thanCapturing video any prints you may have had made from typical photographic prints, the scanning them. Negatives contain more detail and are head needs to be capable of very highIf you thought scanning still images was a sharper than most prints, and you’ll cut out resolutions to capture the full detail: 2,000dpichore, brace yourself. Capturing video often any colour shifts and fading that have been isn’t an unreasonable level of detail to expect,needs to be done in real time, so digitising an introduced to prints by years of exposure to but is far higher than the default of regularhour of footage may tie up your PC for an the environment. Photographic negatives are print scanners.hour, plus setup time. This is worth doing also likely to have been kept safely tuckedsooner rather than later though: magnetic away in their envelopes, so they’re less likely Once you’ve scanned in your negatives,tape is a volatile medium, and VHS tapes to have been scratched, smudged or creased all you need to do is invert the colours:have a shelf life of around 20 years. Your through handling. Photoshop Elements or Paint.NET make lightkids’ school plays and sports days may already work of this. After that, the process of editingbe on their way out. To scan negatives, however, you’ll need a and storing scans of negatives is just like scanner that can handle transparencies – editing regular prints, with the benefit of The technical process of getting video onto something that’s beyond the abilities of most higher-quality images. As a bonus, becauseyour PC will differ depending on the type of all-in-one devices. For one thing, a negative negatives are normally provided in strips, youcamcorder you have. With recent hard scanner must have a light integrated into the can scan four or five frames at once, saving adisk-based and solid-state camcorders, your lid, as otherwise the image produced will be bit of time.recordings are already stored as digital files,which you can simply copy across to your PC The free VirtualDub video editor is basic to the appropriate format. It may be tempting toover a USB link. If your camcorder didn’t come say the least, but it’s adequate for trimming archive your originals to DVD, but be warned:with any editing software, you can use the free your digitised videos into shape it’s been estimated that optical discs couldVirtualDub application to make edits (www. become unreadable after only a few decades.virtualdub.org) – or treat yourself to our port, recording the incoming video and audiorecommended video editor, Sony Vegas Movie signal as a 640 x 480 H.264 video file. That One post-processing question you mayStudio HD Platinum 11 (web ID: 367906). should capture all the detail in a video cassette, encounter is whether or not to de-interlace the but if you have the option, consider capturing captured media. By default, camcorders that With MiniDV camcorders, the process is at the higher DVD resolution (720 x 576 pixels record in standard-definition UK televisionmore complicated. The data is recorded in PAL regions such as the UK). This way, you formats will produce interlaced 50Hz footage.digitally, but the cassettes can only play it back can later archive your footage to DVD without This means that the first frame recorded (lastingin real-time, so transfers are slow. Many such any further transcoding. 1/50 of a second) contains the odd-numberedcamcorders transfer video over FireWire, so horizontal lines of the image, and the secondyou’ll need a PC with a compatible port, or an It’s best practice to store the full-quality contains even-numbered lines. When interlacedadd-on FireWire PCI Express or ExpressCard captured video somewhere safe on your hard frames are shown at full speed, full-resolutionadapter. You’ll also need DV-specific capture disk. If you want to make edits or apply colour 25fps video is produced.software: one free option is WinDV, which you corrections, work on copies and export them incan download from http://windv.mourek.cz. If you’re going to send out your video on DVD to non-tech savvy relatives, de-interlacing If you want to capture video from an older will be done automatically by the TV or DVDtape format such as Hi8 or VHS-C, you’ll need player, so there’s no need to do it yourself. Ifdedicated video-capture hardware to convert you’re uploading video to YouTube orthe camcorder’s video output to a digital Facebook, though, de-interlacing the footagestream. If you don’t still have the camcorder, or will ensure it displays correctly.you don’t want to make the time investment,you can send your tapes off to be commercially Audiodigitised: services such as www.copymytapes.co.uk will digitise all sorts of formats from £10 Strictly speaking, it isn’t legal to digitise an oldper tape. They’ll even process VHS videos, music collection – in fact, it isn’t even legal toalthough for copyright reasons they won’t rip MP3s from a CD you own. In practice,accept Hollywood blockbusters or sitcoms however, we’ve never heard of anyone beingtaped off the TV – it’s your own footage only. sued or prosecuted for doing so. If you prefer to buy your own hardware, If you want to do it anyway, you’ll need thegood quality capture devices can be bought appropriate playback hardware to get youronline at reasonable prices: the Elgato VideoCapture device costs £66 inc VAT and connectsan S-Video or composite source to any USBwww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 055

IN DEPTHWDigoitisringlmdedMia ags.net The free Audacity package provides everything you need to turn the music from your old Documentsaudio cassettes and vinyl records into convenient MP3 files We’ve focused on archiving audio andmusic into your PC. In the case of vinyl, this recording, press Ctrl-X to cut it, press Ctrl-N visual media, but what about text? Withmeans a turntable and an amplifier, with a to create a new Audacity project, then press OCR (optical character recognition)line-out socket that can be connected to the Ctrl-V to paste it in, and finally select File | software you can scan documents such as3.5mm line-in jack on your PC. If you try Export to save it in your choice of format. letters from a solicitor or your householdconnecting a turntable directly to the line-in Audacity records 44.1KHz stereo tracks by insurance documents into your PC, andsocket on your PC, the output will be so weak it default, which are capable of capturing the with a few clicks turn them into indexed,will be barely audible. If you don’t have such a same level of detail as a CD. This should be searchable PDFs – a vast improvementthing to hand, one option is to invest in a more than enough to reproduce every nuance on rudimentary filing systems. SuchUSB turntable: prices start at around £50, of a cassette or LP recording, but predictably software is sometimes provided withbut if you want the best possible sound and enough it produces very large files, working the scanner, but there are also plentyconstruction quality, you can spend £300 or out at around 9MB per minute of music if of third-party tools such as Abbyy’smore. If you’re digitising music from a tape you export in the industry standard WAV FineReader (http://finereader.abbyy.com)player, life is simpler: you can attach a line-out format. You may prefer to export files in and Dragon OmniPage (www.nuance.or a headphone socket to your PC. FLAC (Free Lossless Audio Codec), a co.uk), plus free options such as FreeOCRWith the hardware (www.paperfile.net).sorted, the nextquestion is which “If you’re digitising music from When you have a lot of documents tosoftware to use. work with, however, the process can beProfessionally mastered a tape player, life is simpler: slow. If you invest in a scanner with anmusic won’t require Automatic Document Feeder (ADF), youany complicated attach a line-out to your PC” can pop in two dozen A4 sheets andpost-production work, leave your PC scanning and convertingso a simple audio recording and editing tool compressed but lossless format that doesn’t documents while you get on with othersuch as the free Audacity (http://audacity. compromise on quality but does offer reduced jobs. Offices with reams of documentssourceforge.net) application will do everything file sizes. It will play on your PC, can be burnt may consider a professional scanner suchyou need. to a CD, and is ideal for archival. as the Fujitsu fi-6140Z (web ID: 375679),The easiest way to proceed is to record The only problem with FLAC is that neither which can scan 60 pages per minute –your LPs or cassettes one side at a time, iTunes nor Windows Media Player can play although you’ll pay a whopping £1,200 inc VAT for that speed. When it comes to saving your scanned text, it’s hard to argue with the PDF. Adobe Reader may not be universally loved, but if you’re looking for a text format that will be accessible in 10 years, the PDF is likely to be it. Besides that, a PDF is searchable, and will retain the original layout of your document. Some documents are impossible to OCR: handwritten pages are the most obvious, but damaged documents are another possibility. There’s still a good argument for digitising them as long as you’re diligent. The PDF format supports a broad range of metadata, so you can store a brief synopsis inside each file you save – “letter from Grandma re: Christmas holidays”, for instance. This way you’ll have a document that can be easily searched for and referred to without having to retype the handwritten original.making sure the volume levels aren’t set too FLAC media. There are plenty of third-partyhigh, as otherwise the sound will distort. Once programs that can be used to listen to FLACyou’ve made your recording, you can boost the audio, but if you want to listen on incompatiblevolume if need be using Audacity’s Normalize devices such as the iPhone, you’ll need to createplugin – you’ll find the option in Audacity lower-quality MP3 copies alongside the FLACunder Effect | Normalize. This will amplify originals. To do this in Audacity, simply selectyour recording to the maximum extent possible MP3 from the “Save as type” dropdown.without causing unpleasant distortion. Whichever format you choose, you’ll haveNext it’s time to split the recording into the option of giving your tracks descriptivetracks. The graphical waveform display names and other information. Take the time tomakes it easy to spot where tracks start and fill this in, as it will make finding your music infinish: click and drag to select a region of the Windows Media Player or iTunes much easier.056 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMags.net WorldMags.net

IN DEPTHWWiondorwls 8dMags.netHANDS ONWindows 8:advanced featuresThe new Windows isn’t only about tablet apps. Darien Graham-Smithlooks at some of the technical enhancements in Microsoft’s latest OST he big news about Windows 8 is, of course, the “modern” tile-based interface (formerly known as Metro) and the system’s newfound focuson touchscreen input. However, Microsoft’slatest OS also brings plenty of technicalenhancements for advanced desktop and serverusers. Amid the buzz surrounding Windows’major new direction, this side of things hasreceived little attention. However, for a hugenumber of users, it’s these features, ratherthan tablet support, that are likely to be thekey considerations when deciding whether ornot to upgrade. We’ve touched on many ofthese features in our full review of the operatingsystem (web ID: 376543), so here’s a moredetailed run-down of some of the advancedtechnical features in Windows 8.Starting up and restartingYou’ll notice the first enhancement to Windows8 as soon as you begin using it: it starts upmuch more quickly than previous OS versions.This is assisted by a new feature called “fast detected. The good news is that in Windows 8, been the bane of desktop users; nowstartup” (internally known as HybridBoot). It both of these scenarios are less frequent and Windows Update will demand a restart onlyworks in a similar way to hibernation; when intrusive than in previous versions. after installing critical security updates, whichyou shut down your PC, Windows logs you off, Disk-checking requirements have been usually means once a month. If other updatesthen writes out a memory dump to disk before reduced thanks to a new “online self-healing” arrive in the interim, they’ll quietly install atswitching off the power. When you turn on approach, which tries wherever possible to fix your next restart.your computer, the dump file is read back into NTFS disk errors in the background whilememory, so in a matter of seconds you’re ready Windows is running, rather than waiting for the You’ll receive more notice of a pendingto log on and start using Windows again. next reboot. What’s more, on those occasions reboot than before, too: update warnings now when a reboot is appear on the login screen three days before a necessary, the disk scan forced restart. If you’re not sitting at your PC“Update warnings now appear now targets only the when the three-day period expires, you’ll parts of the disk where receive a 15-minute warning after your nexton the login screen three days inconsistencies have login, giving you a chance to save your work. been detected, rather This at least is the default behaviour – ifbefore a forced restart” than scanning every companies want to enforce a stricter patch single file as it policy, or disable automatic reboots altogether,Fast startup is switched on by default, did previously. To say that this dramatically it can be customised through group policies.although you can disable it from the Power reduces the amount of checking required hardlyOptions item in Settings (click “Choose what conveys the scale of time saved – Microsoft The new Task Managerthe power buttons do” to access the option). estimates that on a system holding 100 millionSometimes, however, a “real” reboot is files, processing time is cut from around two At first glance, the Task Manager in Windowsrequired – for example, when installing patches hours to less than two seconds. 8 looks much simpler than the old Windows 7downloaded from Windows update or running Windows Update has been streamlined in a version, showing nothing but a list ofa disk check when suspected corruption is similar way. Frequent forced restarts have long applications and a “Not responding” flag next to any programs that appear to have frozen.058 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaWginsdo.wns 8etIN DEPTH For a start, we’re you may quickly come to rely on them. Tabs happy to see an for Computer, HomeGroup, Library Tools and up-arrow icon, Network provide one-click access to common which takes you configuration and troubleshooting tools. unambiguously to Picture, Music and Video Tools tabs appear the parent folder (in with playback and basic editing options when contrast to the Back you select the relevant type of media. button, which leads Of particular interest is the tab that appears to the most recently when you select a disk image in ISO, IMG or viewed directory). VHD format. The Disc Image Tools tab offers Under the Home tab, a Burn icon, and also a new Mount option for the new “Copy path” mounting image files as virtual DVDs and hard button lets you copy disks. This makes it easier to install software the full path of the and browse images for specific files. selected file or folder to the Clipboard (with multiple selections Data integrity and security separated by carriage Professionals and power users often need to returns) – this saves add storage to their systems, and safeguard the time when you’re integrity of their data. Regular backup is part writing a program of that equation (perhaps using Windows 8’s The new Task Manager shows more information than before, as or technical document. File History feature as mentioned above); butwell as having a cleaner interface The History button Windows 8’s new Storage Spaces feature killsIt’s accessed in the same way too: you can gives you direct access to Windows 8’s File two birds with one stone. First, it lets youpress Ctrl-Alt-Delete to open the lockscreen and History feature – a system similar to Apple’s combine any number of drives – regardlessclick on Task Manager, or press Ctrl-Shift- Time Machine that uses external storage to of how they’re connected – into a singleEscape to open its window directly. automatically archive Click “More details”, though, and the previous versionswindow grows into a more powerful console. of files for backup “The upgraded PerformanceThe default tab – Processes – lets you monitor and reference. Forall running processes in a hierarchical view, and more details on File tab gives you a closer graphicalexamine not only each one’s CPU usage, but History, see our fullalso memory, disk and network consumption. review of Windows 8 look at resource usage”This provides a useful insight into what’s (web ID: 376543).gobbling up your resources. There’s a new “invert selection” button, convenient pool, which can be dynamicallyIn the upgraded Performance tab, you can too, which can be helpful if you want to copy extended simply by adding drives at any time.take a closer graphical look at total resource or move a specific selection of files. Under Within this pool, you can configure mirroringusage, and the Startup tab shows you a list of Share, you’ll find a one-click Zip button, as or parity to provide transparent tolerance forprocesses set to load automatically when you well as a simplified interface to Windows’ one or more drive failures. Storage Spaceslog in – a graphical alternative at last to the disc-burning wizard. therefore gives you the peace of mind andantiquated MSConfig tool. It’s a breeze to Other contextual tabs also appear based flexibility of an extensible RAID enclosure withcheck and disable unwanted resource-hogging on your location and selection. These won’t the effective simplicity of using a single externalstartup items; a particularly nice touch is a revolutionise the way you use Windows, but or internal drive. Setup is simple: you’ll find the“Startup impact” estimate that helps you toidentify the most sluggish starters.Other tabs enable you to monitor resourceusage by user and keep an eye on runningservices. This all adds up to a more powerfulmonitoring tool than its forebears.The only disappointment is the “Apphistory” tab, which keeps track of total CPUtime and network usage for each installedapp. The idea of keeping a long-term view ofresource usage is a good one, but unfortunately,only modern apps are counted, not desktopapplications, making this tab fairly useless todesktop users.Explorer updates The new ribbon-based Explorer places file-handling features in logical placesMuch has been made of the new ribbon-based WorldMags.net PC PRO•DECEMBER 2012 059Explorer. For the most part, this merely putsthe features of the classic Explorer into a moreorganised interface, but look closely and you’llspot some useful new features and controlshidden in the interface.www.pcpro.co.uk

IN DEPTHWWiondorwls 8dMags.netnew Storage Spaces manager under Settings, locked out, as theirand creating, extending and repairing pools is a unrecognised bootmatter of a few clicks. loaders would be rejected. In reality, BitLocker in the Professional and Enterprise secure boot can beeditions of Windows 8 now supports hard disks disabled manually bywith hardware FDE (full disk encryption) the user in the BIOSfeatures, making your data unreadable if the settings, so Linux usersdisk is stolen. It’s also now possible to use can simply carry on asBitLocker’s soft-encryption capabilities to before. IT departmentsencrypt a drive before installing Windows 8 on wishing to enforceit. Microsoft has listened to complaints about secure boot canhow long it took to encrypt disks in previous password-protect theBitLocker implementations, so in Windows 8 BIOS to prevent it fromyou’re given the option of encrypting only the being disabled.area that’s in use rather than the entire disk Finally, thecapacity, slashing setup times. AppLocker system has been beefed up in Windows 8 focuses on stability, too. Device Windows 8, sodrivers must now be digitally signed by a administrators canrecognised developer, making it harder for now allow or denydubious code to access your system. This specific packageddoesn’t mean that legacy hardware is shut out applications and– using the Advanced Startup option in Settings, installers, rather thanyou can reboot into a less secure mode in which Windows 8 uses a hibernation-style “fast startup” systemunsigned drivers can be temporarily installed. having to rely on the user accounts. This doesn’t mean every For businesses looking to secure desktop more broad-brush policies supported by theclients, Windows 8 also brings support for Windows 7 version of AppLocker. For more system you use will work identically, butsecure boot on UEFI hardware. This means details on what’s new here, see www.pcpro. cosmetic settings such as wallpaper can bethe hardware will refuse to boot unsigned or co.uk/links/218idw. synchronised automatically across all theunknown OS loaders, closing off an avenue systems you use, as can stored passwords andoften used by rootkit-type malware to credentials. To determine what syncs, you cancompromise a PC. It’s a feature that’s caused Living in a connected world use the “Sync your settings” option.controversy: when Windows 8’s support for Windows 8 is the first version of Windows to If you want to synchronise documents,secure boot was announced, users of Linux- link your identity across multiple PCs, using you can use the built-in SkyDrive feature (or abased operating systems and similar projects Microsoft Accounts by default as connected third-party service such as Dropbox).feared that “homebrew” systems would beRefresh and reinstall to an earlier state. BitLocker keys. It also retains any “modern” tablet-style apps – as these are heavily Under Settings you’ll sandboxed, they’re unlikely to be the cause of now find options to the problem. “Refresh your PC” and These features may sound pedestrian, but “Remove everything they mean PC manufacturers no longer need to produce recovery discs and partitions, and and reinstall Windows”. ensure that everybody running Windows 8 These options are can easily revert to a fresh installation state also found in the without losing their data. Troubleshooting interface that appears Most helpfully, Windows 8 even allows you to customise your Refresh image. For at startup if Windows example, you might choose to take a can’t boot properly. snapshot of your system with your Outlook These two options mail configured and Visual Studio installed, to which you can easily roll back in case of are based on the system failure. You can do this using the new same concept – an recimg command-line tool. To use it, open a automatic, in-place command prompt as Administrator and enter“Refresh your PC” removes the need for system restore discs recimg -CreateImage C:\ (or whichever directory you like). This will make an image reinstallation of of your PC, place it in the root of the C drive, Windows that restores the underlying system and automatically set it as the default RefreshWith the best will in the world, PCs go image. Enter recimg /? to see the full list ofwrong. Microsoft understands this – hence to pristine condition. The difference is in the options for recimg. data and settings that are retained. As you’dthe introduction of System Restore in expect, the “Remove everything” option wipesWindows XP, to enable you to roll backchanges if necessary in order to restore the system completely, including your datayour PC to a previous working state. and settings. “Refresh” keeps copies of yourWindows 8 takes this idea much further, personal files and remembers importantintroducing two new ways to restore your PC settings, such as network connections and saved060 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaWginsdo.wns 8etIN DEPTHThere’s no way of synchronising desktop Client Hyper-Vapplications – this would clog up small devices,not to mention violate licence agreements. again, the Hyper-V Manager willHowever, full-screen “Modern” apps are more be available, ready for you toflexible; if you have the same app installed on create or import virtual machines.multiple systems, its settings and most recently Hyper-V is a professionalused state can be automatically synchronised virtualisation tool that lets youacross them. create any number of virtual machines, each with up to 32 The move to online accounts simplifies cores and 512GB of memory. Youmatters when it comes to managing home can view running virtual machinesnetworks. In the past, when parents wanted in a window, or connect to themto use Windows Family Safety, they had to through Windows’ remotego through a slightly awkward process of desktop service to let them takeassociating each child’s local user account with direct advantage of localan online identity. Now the single sign-on Professional and Enterprise users can enjoy hardware, including multiplesystem manages everything. The Family virtualisation as standard, given the right hardwareSafety system itself has been updated, too, soyou can now restrict not only web pages but monitors, audio devices andalso app downloads from the Windows Store Windows 8 marks the first time Microsoft has USB-connected peripherals. Whether you’reto certain age categories. In addition to the included its Hyper-V virtualisation host in a looking to test a software environment orexisting “permitted hours settings”, parents client OS, although you need a 64-bit edition provide a virtualised service, it will dohave the option of limiting the total time their of Windows 8 Professional or Enterprise and everything you need. You can findoffspring spend online, or just using the at least 4GB of RAM to use it. You’ll also Microsoft’s guide to getting started withcomputer, on a given day. need a processor that supports Second-Level Hyper-V at www.pcpro.co.uk/links/218idw2. Address Translation, which in practice means If your hardware or software doesn’t Windows 8 is also the first version of the support Hyper-V, don’t worry – there are freeoperating system with a built-in awareness that a CPU no more than around two years old.not all networks are created equal. 3G mobile The feature isn’t installed by default – you third-party virtualisation hosts you can use ininternet adapters can now be configured as add it by going into the “Turn Windows much the same way. Two of the most popularmetered connections, which won’t be used are Oracle VirtualBox (www.virtualbox.org)automatically to download apps and drivers. To features on or off” Settings item and ticking and VMware Player (www.pcpro.co.uk/activate this feature, open the Charms menu, the box to download it. Sit through a coupleselect Settings, right-click on the appropriate of reboots and when Windows starts up links/218idw3).connection and select “Set as meteredconnection”. Windows can keep track of performance). The system is designed to tolerate one copy of duplicate data is stored andyour estimated data usage over a metered the accidental removal of the system drive, synchronised, which minimises bandwidthconnection, so you can tell if you’re getting near allowing you to resume by reconnecting the and storage requirements. Extensive newa data cap; you can also assign different costs to disk within 60 seconds. With full-disk configuration options also let administratorsdifferent adapters, enabling Windows to select encryption, any security concerns over losing manage how much information is cachedthe cheapest connection automatically the drive are eliminated. where, and for how long. Visit www.pcpro.(Windows will use this by default in preference Windows To Go has limitations, however – co.uk/links/218idw1 for more details.to any mobile broadband connection if a Wi-Fi once you start using a To Go system, there’s no A final convenience for IT departmentsconnection is available). If you need to shut way of automatically synchronising new is a set of improvements to the way groupdown all your wireless communications, a new documents and desktop applications back to policies are managed. The Group Policy“airplane mode” toggle makes it easy. your primary system. It’s also available in only theBusiness-friendly features Enterprise edition of “Device drivers must now Windows 8 – not theOne novel feature that Microsoft has been Professional edition, be digitally signed by aeagerly showing off in demonstrations of which is a mean decision,Windows 8 is the new Windows To Go system, in our view. recognised developer”which allows you to install the operating system Businesses operatingonto a USB flash drive or external hard disk. over a wide-area network will also be pleased Management Console in Server 2012 nowThe process is fairly automatic – you’re guided by upgrades to the BranchCache feature, which provides a one-click status check, showingthrough it by a wizard called the Windows To manages local caching of remote documents details of all active domain controllers andGo Creator. The volume you create can then be and resources so that they can be opened and the state of policy replication on each one,used to boot any PC it’s plugged into – a boon accessed quickly, even if the master copies so you can easily spot any propagationfor remote workers and hot-deskers. are located at the other end of the country. errors. It’s also now possible to force an When it was introduced in Windows 7 immediate group policy update across any The way it works has been well thought (and its server-side partner, Windows Server Organisation Unit, so that urgent changesout: the first time you start up on new 2008 R2), BranchCache’s capabilities were take effect within ten minutes, rather thanhardware, any necessary drivers are limited. In Windows 8 and Server 2012, having to wait an hour or more for theautomatically downloaded and then integrated BranchCache can support any number of clients to refresh themselves. The ten-minuteinto the image so that subsequent boots take remote branches, and can be silently delay is to avoid a sudden bandwidth crunch onplace at full speed. Memory caching is used enabled on client PCs through a group policy. large networks, but can be overridden using thesensibly, so booting and running over USB 2 is Deduplication is automatically applied, so only new Invoke-GpUpdate PowerShell cmdlet.an impressively smooth experience (althoughUSB 3 is recommended for optimumwww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 061

IN DEPTHWGeoolorcaltiodn Mags.netHANDS ONFind yourself withgeolocation technologyDarien Graham-Smith looks at how GPS and other geolocationtechniques can pinpoint where you are – and share the informationG eolocation means working out The basics of GPS satellites transmits a constant stream of where you’re physically located on information down to Earth, including the Earth – or, as the case may be, the Historically, geolocation technology has been current time and the satellite’s own position in ocean or air. It’s a term that could driven chiefly by military purposes. Better orbit, as determined and maintained by NASAbe applied to all sorts of navigation and geolocation means that navies and air forces ground control stations.orientation techniques, but today it’s mainly can navigate more accurately to unfamiliarused to refer to the capability of mobile devices destinations, and record more reliable These signals can be picked up by any radioand online services to determine the user’s reconnaissance data. Mobile missile launchers receiver that’s programmed to listen on thelocation via technical means. and submarines can then use this information correct frequency, which is 1.57542GHz. – coupled with accurate readings of their own (There’s also a second frequency that’s used There are several ways this can be achieved. locations – to launch precise strikes on targets. for military purposes, as we’ll discuss later).The most reliable and accurate method is via On its own, the information from a singlethe global positioning system (GPS), a network One of the first electronic geolocation satellite isn’t very useful. However, with soof geolocation satellites that’s owned and systems, introduced more than a century ago, many satellites in orbit, it’s usually possible tooperated by the US government. made use of fixed radio transmitters in known receive signals from at least eight different positions. Ships and aircraft could estimate satellites at the same time, provided you have As we’ll discuss in this feature, though, there their location by tracking the strength and a clear view of the sky. Even if you’re just nearare plenty of other approaches that can be used direction of origin of the signals they received. a window, a receiver may well be able to “see”when GPS isn’t available. four or five satellites. The modern GPS system works in a broadly We’ll also look at the implications of similar way. The radio transmitters, however, With information from multiple sites, thegeolocation technologies for personal privacy are now located in space, comprising a network receiver can determine its own location to aand security purposes. of more than 30 satellites. Each of these high degree of accuracy. What’s measured nowadays, however, isn’t the strength of the signal, but the time it takes to reach the receiver. Since radio waves travel at a limited speed (namely, the speed of light), transmissions received from remote satellites will contain slightly earlier timing information than those from closer satellites. By comparing the clock information from different satellites, a GPS receiver can calculate its relative distance from each satellite’s reported location. By analysing the timing data received from four or more satellites – and the known orbital position of each satellite – the receiver can infer its own longitude, latitude and elevation. This can then optionally be plotted on an electronic map to pinpoint a real-world location, or used for navigational purposes. GPS accuracy The accuracy of a GPS reading depends on the accuracy of the satellites’ clocks. Although these are tightly controlled, they can drift by a few nanoseconds between corrections. GPS accuracy is also affected by atmospheric conditions, which can unexpectedly delay radio signals. For these reasons, GPS isn’t perfectly accurate or consistent. However, a receiver can062 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaGgeolsoc.atnionetIN DEPTHusually work out its own location to within you use it (or if you’ve moved a long way since satellite network, it relies on timing andaround 3m, and even in the worst case, should your last fix). Some smartphones work around location data from fixed mobile transmitters.achieve an accuracy of around 8m. this limitation with a system called assisted When the phone is connected to multipleThis degree of accuracy wasn’t always GPS (A-GPS for short), in which almanac transmitters, accuracy can be almost as good asgenerally available. When GPS was developed information is sent to the phone by the GPS. However, as transmitters have a smallerin the 1980s, it was designed to deliberately network provider, so the GPS receiver can start range than satellites, phones may findfudge the transmitted time codes by small, calculating its location as soon as it receives themselves within range of only one or two ephemeris data from transmitters, leading to very low precision. a few satellites. Due to the simplicity of smartphones in“Civilian GPS transmissions 2000, there was also a limit to what could be accomplished with the information gleaned bynow provide the same level Cellular cellular geolocation. Typically, the phone’s userof accuracy as military ones” geolocation couldn’t access this information; it could be tracked by the network, though, so it could The usefulness of GPS help emergency services respond to a 999 call. is also limited by theunpredictable amounts, causing the position need for dedicated receiving and decodingcalculated by the receiver to be out by as hardware. Most modern smartphones includemuch as 50m. This was done to limit the ability this, but it’s a fairly recent development. During IP address-based geolocationof enemy forces to use GPS signals for their the past decade, it’s been more common for When it comes to laptop and desktop PCs,own military targeting, while still providing mobile phones to use cellular geolocation to neither GPS nor cellular geolocation methodssufficient accuracy to help civilian ships and determine their position instead. are widely available. If an application or onlineaircraft to navigate. Cellular geolocation works on the same service wants to work out the location of itsThis intentional degradation was dubbed – principle as GPS, but instead of using the user, it must use less direct methods.in a fine example of military newspeak –Selective Availability. Non-degradedtransmissions were broadcast simultaneouslyon a different frequency, but these were Geolocation in web appsencrypted, so they could be accessed only bythose in possession of the appropriate USgovernment decryption keys.Selective Availability was officially turned offon 1 May 2000, so civilian GPS transmissionsnow provide the same level of accuracy asmilitary ones. Ostensibly, the rationale fordisabling Selective Availability was to support“peaceful civil, commercial and scientificapplications worldwide”.However, by the time the system wasswitched off, it had already been largelydefeated by a method dubbed “differentialGPS”. This involved using static GPS receiversat known locations to analyse the signalsreceived from GPS satellites and deduce whaterrors were being introduced. This informationcould then be used to correct the positionsreported by nearby mobile GPS receivers.Limitations of GPS A web browser must ask before allowing access to information about your locationGPS is the most accurate and widely used Geolocation can add a lot to an online (Strictly speaking, these web-basedgeolocation system we have, but it has service (see “What geolocation can do for geolocation functions aren’t part of HTML5,limitations. It works poorly indoors, as you”, p65), so expect to see it used more and but they’re a companion technology that’swalls and ceilings tend to block satellite more often in the future. Support for almost universally supported.)transmissions. The data rate from the GPS geolocation functions is built into Androidsatellites is also very slow by modern computing and iOS, so apps can identify your location Before a site is allowed to access yourstandards – only 50bits/sec. That may not directly from the OS. location data, you’ll be prompted to givesound like a problem, but when a GPS receiver authorisation. Once you’ve agreed, theis first switched on, it needs to receive a lot of The HTML5 standard – designed to browser will start sending geographicaldata, including what’s called the “almanac” – a support web-based applications – has also information; on a wired desktop, that maydatabase containing the current status and been extended with its own geolocation API, lead to a loose guess at your position, whilerough location of all satellites in the system – as so any remote service running in a recent on a GPS-equipped smartphone it maywell as the more precise timing and orbital data browser can request this information and reveal your full address. It’s therefore best tofrom each satellite, known as the “ephemeris”. feed it into a JavaScript or back-end app. keep this in mind before granting permission. As a result, it can take as long as ten minutes WorldMags.net PC PRO•DECEMBER 2012 063for a GPS receiver to acquire all the informationit needs to work out its location the first timewww.pcpro.co.uk

IN DEPTHWGeoolorcaltiodn Mags.netThe most widely used technique for finding low-rent dating sites commonly promise to connection, and Google Maps will probablythe location of a non-GPS-equipped device is IP hook you up with “single girls in your town” only be able to guess at the city in which youaddress-based geolocation – working out where – but in reality, the town in question may be live, or possibly even just the country.in the world an internet-connected device is many miles from where you live (and, to addlocated based on its external IP address. insult to injury, the girls probably don’t exist). If the idea of a big company sending outThis may sound surprising. If you’re cars to record all this information soundsfamiliar with networking technologies, creepy, it hasn’t been without controversy.you’ll know that an IP address contains no Geolocation by Wi-Fi Regulators in the US and Europe havegeographical information whatsoever – only access point investigated the practice, especially overrouting information for network traffic. For some purposes, the information that can be concerns that individuals’ unencrypted trafficWhat’s more, a given computer’s address gleaned or guessed simply by looking at the IP may have been recorded.is likely to change periodically, as ISPs address of a connecting computer may be gooddynamically reassign addresses. enough – but it still isn’t precise enough for In fact, the cars aren’t even necessary –There are, however, ways of marrying properly targeted marketing, or local services Android devices on which the Location Servicesblocks of IP addresses to real-world such as traffic reports and cinema listings. This feature is enabled periodically check in withinformation. Whenever a block of IP addresses needs a better way to map private network Google to share their GPS location. They alsois assigned to a service provider by one of the connections onto geographical locations. share information about nearby wirelessregional internet registries, the country is And there are ways of achieving this. The networks, keeping the location databasepublicly recorded. key is that, while it’s very difficult to establish updated – and Apple’s iOS devices work inAn online service can easily look up this the location of a wired Ethernet connection, just the same way.information to find the country of origin of an wireless networks are an open book.incoming connection. If you’ve ever visited a In recent years, Google’s StreetView cars Geolocation through have been recording data collation not only street-level“When Google sees that you’re photos but also reams Besides network details, network-based of information that’s geolocation can also be supplemented withconnected to its services, it can broadcast by private data you provide yourself. For example, if and commercial you regularly use a cinema booking servicemake a guess at your location” wireless routers, to look up film showings at the Paignton enabling the search Apollo, it doesn’t take a genius to guessUS website – such as www.amazon.com giant to build up a sophisticated map of where you might live. Online retailers will– and been automatically offered the option Britain’s wireless networks. naturally learn your home address whenof switching to the company’s UK website, Now, with the aid of this database, when you place an order, and services such asyou’ve seen this type of high-level address- Google sees that you’re connected to its Facebook invite you to specify your regionbased geolocation at work. services via a particular wireless router, it can (and all sorts of other information) for socialIt’s possible to obtain a more precise fix if immediately make a strong guess at your networking purposes.you dig a little deeper. Every administrator of location. By factoring in which other wirelessan IP address or domain name is supposed to networks your laptop or smartphone can see, Once you’ve shared this information, itprovide contact information, so they can be your location can be pinpointed to a degree of becomes possible for online services to exploitreached by network administrators, businesses accuracy not far off GPS. it, both for your convenience and perhaps toand even the police. This is commonly referred If you want to see how effective this pester you with targeted marketing.to as WHOIS information, after the protocol approach is, open up a laptop with a wirelessthat’s used for requesting this information from connection – or a smartphone or tablet with Thanks to data-sharing arrangements,an internet address. GPS disabled – browse to Google Maps and information about you from several sourcesFor individuals, a WHOIS query of your IP click on the “locate” button (the small may be collated, using cookies stored on youraddress will usually return the business address unmarked square directly below the directional PC to establish that the person who searchedof your ISP. So if a web service knows nothing scroll pad at the top left of the map window). for a dentist situated close to a certain addresselse about your location, it can use this The map will zoom in to show the street on Monday is the same person who ordered ainformation to make an informed guess at your from which you’re browsing, and may be able taxi to that location on Thursday.own locale. For services such as regional news to identify the building. Try the experiment onand weather, this may well be accurate enough a desktop PC with Needless to say, this approach isn’t limited– a home page for Manchester is a decent no wireless to simply working out your location – it canstarting point even if you live in Bolton. also be used to build up a profile of your job,For greater accuracy, this information can your age, your interests and countless otherbe supplemented with collateral data. For forms of personal information. If you’ve everexample, it may be possible for a remote server been targeted by suspiciously precise adverts,to make guesses about your location by or been surprised to find that the first timeanalysing the route your data packetstake to reach it. If your IP address is you visit a website it already knows whatsimilar to another one whose location you want to look at, this is most likelyis known, it isn’t unreasonable to use how it’s been achieved.that as a clue. If you’re uncomfortable aboutThese techniques can, however, this type of data collation, you’lllead to misidentifications, particularly be pleased to hear that mostwhen advertisers try to use them to try browsers now support an optionto feign a local presence. For example, called Do Not Track, which instructs online services not to collect and combine information about your activities across multiple websites. This isn’t legally enforced at the moment, however, so be warned that many websites may still be tracking your online behaviour.064 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaGgeolsoc.atnionetIN DEPTH What geolocation can do for youGeolocation isn’t an end in itself; admittedly, there’s a certain entertainment factor in walking down the street and watching a dot on yourphone follow your location precisely. However, the real power of geolocation technology is its ability to connect our online lives with our realones. Here’s a selection of the remarkable ways in which geolocation is changing the way we interact with the world.1Finding friends Thanks to mobile phones and text messages, 2 Tracking down lost hardware It’s a sad fact that smartphones, missed connections rarely occur these days. With services such as tablets and laptops attract thieves. The good news is that if you Foursquare, Google Latitude and Apple’s Find My Friends app, you are a victim of crime, it may be possible to recover your stolen can go a step further and see where all your friends are at a glance. hardware, and perhaps even apprehend the perpetrator, thanks to It’s a great, non-intrusive way to keep track of where people are, geolocation technology. Sign up with a free service such as Prey and you can use it to organise impromptu gatherings if your friends (http://preyproject.com) or Apple’s Where’s My Mac/iPhone/iPad, happen to be passing by. It’s an opt-in only service – otherwise, the and if your device is stolen, you can use live geolocation to track potential for stalkers and spies would be too great. down the thief – or to reclaim the device, if it was just mislaid.3 Live driving directions Not many years ago, GPS technology 4 Geolocate your photos As well as phones and tablets, many was most commonly found in the navigation services hardware, cameras (both compacts and DSLRs) also have built-in GPStypically costing hundreds of pounds. Today, thanks to mobile receivers that can automatically record geolocation information intointernet and the ubiquity of geolocation systems, the smartphone the EXIF metadata of each picture. When you upload your imagesin your pocket can do the same job, complete with voice directions to a service such as Flickr, your pictures can then be automaticallyand live traffic information. Choose from the free Google Maps tagged on a map, making it easy to group your shots by subject.Navigation feature on Android, or the official TomTom app for iOS. Be wary of sharing EXIF data on personal photos, though, as youIt’s worth investing in a mobile charger for long trips, though. may be giving away more information than you intend.5 Location-based dating Computer dating has been helping single 6 Geocaching Geocaching is a popular pastime among geeks who people to find partners for years, but we wonder how many like the great outdoors. You simply hide something (in a securerelationships go beyond the point of exchanging emails. Now, container) somewhere in the world, and share its GPS co-ordinates.with the aid of geolocation technology, you can receive an alert Other GPS users can then try to locate your hidden object: if they’rewhen you’re in the same room as someone who matches your successful, they may sign a logbook, and leave or swap a small giftprofile – giving you the perfect opportunity to break the ice. Search for other geocachers. More than five million people in over 200the Apple App Store or Google Play for the OkCupid app – or try a countries participate in geocaching – plus, according to officialservice such as the execrably named MeetMoi (www.meetmoi.com). website www.geocaching.com, at least one in space.www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 065

COVER DWISC oCDr&lDdVDMags.netCOVER DISC £14740OVERTHIS MONTH’S CD & DVD – DECEMBER 2012 PPWWIIRRNNOOOOTTRRDDOOTTUUTTHHCCAAOOTTLLSSFFImprove system performance, O&O Defrag 14.5 Professionalrecord and edit music, and processimages efficientlyON THE CD & DVD: FULL PRODUCTS DCVDD&O&O Defrag 14.5 Professional O&O Defrag includes diagrams showing how data is organised on your hard disks – and how important it is to defragment your filesWhen your hard disk fills up, your computer can’t always save files inperformance-efficient blocks to make the most of the space remaining –instead, they’re often fragmented. This can lead to a slow decline inperformance over time, so it’s worth installing O&O Defrag 14.5Professional to keep your hard disk in tip-top condition. It’s freeon this month’s PC Pro cover disc. Its standard defrag option organises your files into contiguous blockson the hard disk to improve performance, but that isn’t the only tool onoffer. The application can create custom rules for defrag operations,including the ability to store unwanted files in particular folders or sendhigh-priority documents to specified locations. The interface makes complicated procedures simple, and O&O Defrag14.5 Professional also integrates with the rest of Windows. In WindowsExplorer, right-clicking a file or folder reveals defrag options in thecontext menu. There are even laptop-specific optimisations that meandefragging won’t use up precious power when your battery is almost flat;defrag operations can also be run before Windows has loaded. There’s a generous upgrade offer for PC Pro readers this month, too.To save 25% on O&O Defrag 16, head to www.pcpro.co.uk/links/218cdany time in October. It’s a great opportunity to upgrade, too: O&ODefrag 16 is fully compatible with Windows 8, features updated defragalgorithms and includes a new user interface, too.SYSTEM REQUIREMENTS Windows 7/Vista/XP; requires online registration The application’s one-click optimisation engine can zip through your hard disks, making changes to improve system performance W£O3R0TH The drive status screen shows at a glance the state of hard disks and how much of each has been analysed for defragmentation066 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaCDg& sDV.DnCeOtVER DISCTechnical problems?If you have any difficulties with your CD or DVD, check the cover disc forum at www.pcpro.co.uk/forumFor full listing, go to: Disclaimerwww.pcpro.co.uk/links/218disc Dennis Publishing Ltd cannot accept any responsibility [email protected] loss, disruption or damage to your data or your computer system (including hardware) that may occur while using either the WavePad Sound Editor Master’s Edition v5 disc or programs and data on it. If you do not accept the terms and conditions, please do not continue. Full products available to UK DCVDD& readers only. Full product registration closes on 12 January 2012. The waveform interface offers plenty of options, both basic and WavePad Soundadvanced, for recording and editing music Editor Master’s Edition v5 If you’ve ever wanted to record or edit music but haven’t had the specialist software, then look no further – WavePad Sound Editor Master’s Edition v5 includes a wealth of options to get you started. Most of the editing takes place on the waveform screen, and it’s kitted out with many features. It’s possible to select, copy, paste and delete sections of audio with a couple of clicks. Once you’re happy with your work, there are plenty of effects to apply, including fades, volume normalisation and noise removal. A batch converter can be used if you’re working with multiple files, and plenty of popular formats are supported, including MP3, WAV, OGG, FLAC and WMA. With practical and fun effects, widespread format support and an easy- to-navigate interface, WavePad Sound Editor Master’s Edition v5 is ideal for getting started with music recording and audio editing. SYSTEM REQUIREMENTS Windows 7/Vista/XP; requires online registration Ashampoo Photo Converter 2 ON THE DVD: BONUS FULL PRODUCTS ODNVLDY Ashampoo Photo Converter 2 With Ashampoo, it’s possible to process multiple files or entire folders Most phone and camera users have hundreds of snaps stored on theirat the same time for maximum efficiency devices or PCs, so it’s worth installing Ashampoo Photo Converter 2 if you need to process dozens of images at the same time. Its batch-processing options make handling large groups of pictures a doddle. You can rotate and flip pictures, and it’s also possible to resize groups of pictures using the same simple options. A range of colour enhancements includes brightness and contrast, and you can reduce compression artefacts, change gamma levels and apply filters too. There are file-organisation tools on offer: it will delete source files once you’ve saved changes, and insert EXIF data into new pictures. Dozens of file formats are supported, including raw formats, JPEG, TIF and PNG. To register Ashampoo Photo Converter 2, go to the link on our disc and select the registration option from within the application itself. SYSTEM REQUIREMENTS Windows 7/Vista/XP; requires online registration Auslogics BoostSpeed 5 Auslogics BoostSpeed 5 ODNVLDY Computers can become clogged with unnecessary startup applications and spurious Registry entries over time. Auslogics BoostSpeed 5 works hard to BoostSpeed’s one-click scanning sifts through your PC for common reverse the process, returning your PC’s performance to its former glory.problems, fixing them – and improving your PC’s health – in minutes Its Startup Manager can improve boot times by listing which programs and services are running when your PC is turned on, and providing the option to deactivate anything you don’t need. A File Recovery module sifts through your PC to find files you’ve accidentally deleted, and both hard disk and Registry defrag options can reduce clutter and improve performance. If you prefer something more straightforward, the simple System Scan option displays your PC’s status in the main window and from here, BoostSpeed 5 can remove junk, defrag your system and repair Registry errors with a single click. Elsewhere, there’s the Internet Optimizer, the Tweak Manager to fine-tune Windows, the Duplicate File Finder and many more options. SYSTEM REQUIREMENTS Windows 7/Vista/XP; requires online registrationwww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 067

RWC CoWntentos rldMags.net REAL WORLD COMPUTINGEXPERT ADVICE FROM OUR PANEL OF IT PROFESSIONALS Our expert line-up Advanced Windows & Mac 78 Jon Honeyball is impressed by encryption software that generates hardened passwords and manages them in one secure location. Mobile & Wireless 81Business Clinic 70 Paul Ockenden finds a novel way to tidy his music collection, and performs some solar-Steve Cassidy helps a growing design firm to decide where it should go after powered wireless networking.Microsoft’s Small Business Server. Online Business 86 Kevin Partner discovers that marketing mobile apps is a surprisingly familiar process, as long as you do it with enthusiasm. Security & Social Networking 89 Davey Winder warns against buying Twitter followers, and cautiously welcomes Microsoft’s Do Not Track Internet Explorer 10 default.Careers 74 Office Applications 92Mark Newton reveals how to embark on a career building websites, using one of theworld’s most popular content management systems. Simon Jones investigates compatibility issuesBUSINESS CLINIC with the new Office, and isn’t impressed by the ribbon’s 50 shades of grey.FREE BUSINESS ADVICE FROM PC PRO’S EXPERTS Web Apps & Design 95 Do you need help with a As more people access websites from mobile business IT problem? PC devices, it’s important to adapt your approach Pro’s Steve Cassidy and to designing them, says Mark Newton. Davey Winder will visit your company to deliver free Networks 98 advice on your firm’s IT setup. Send details to Ignore the graphs and tables – all you need to [email protected] know about a multi-WAN router is how it and we could pay you a visit! handles load balancing, says Steve Cassidy.068 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMags.nIdeealtog RWCTake note: DICK POUNTAIN has found an alternative use for DropboxIt sometimes feels as though I’ve been while. It’s a whole ecosystem, with add-ons for taking notes all my life. I was doing it drawing sketches and clipping web pages, and in school and during university lectures: it has an attractive user interface. Notes in combination with my photographic handwritten on my phone (using the marvellous memory, it was a great advantage in Graffiti Pro app) just appear on my laptop exams – I could just conjure up the page of my without effort. Then, one day the Evernote notebook where an answer lay. (That memory Windows client just vanished from my PC is now fading – but luckily, computers are without a trace. I hasten to add that no notes improving at a similar rate.) Right from the were lost – they’re all still there in my account start, personal computing for me meant trying on Evernote’s website – but it disconcerted me to find a practical way to take notes. when the same thing happened again weeks after I reinstalled it. The cloud is mighty Of course, for a writer, finding a decent powerful, and this ability to remove things from word processor was the first priority, but that my PC without asking has quite blunted my proved nowhere near as hard to achieve. For enthusiasm for the product. each successive OS since CP/M 2.2, I quickly discovered a word processor or editor that It was around then that PC Pro adopted would serve me well for years – WordStar, Dropbox to deliver Real World Computing PC-Write, TextPad and Microsoft Word – but copy, and the penny dropped that I can now for each OS, I also wasted hours trying out and roll my own cloudy note-taking solution using rejecting inadequate candidates for the role of the excellent Dropbox client for Android. Just note-taker. The top drawer of my grey filing create a directory tree called Notes in the cabinet testifies to my failure, since it’s half full Dropbox folder and bung all the text, pictures of spiral-bound reporter’s pads containing 20 and spreadsheets relating to a project into the years of pencil scribblings. same subdirectory. I stick to a few file formats, such as text, JPEG, DOCX and XLSX (I have It wasn’t until the first Palm Pilot became available in 1996 that things looked up. A The penny dropped that I can now roll my crucial attribute of any note-taking system is own cloudy note-taking solution using portability; ideas pop into my head at all times the excellent Dropbox client for Android and places, even in bed at night, and having to plod to a desktop computer to record them is a Documents To Go on my phone). And TextPad DICK POUNTAIN is the editor of PC Pro’s total no-no. Palm took me to a point where I lets me drag web URLs directly from Firefox Real World Computing section. His goal in life could be sitting anywhere, perhaps reading a into a note and access them by right-clicking. is to be the last person alive who can still write book, with a Pilot at my elbow to scribble notes in Graffiti. using Graffiti handwriting, and have them And what, I hear you mutter, about transfer to my desktop PC whenever I synced. Microsoft’s OneNote? Well, whenever our Blog: www.dickpountain.co.uk Real World Office expert Simon Jones has Soon I discovered Natara Bonsai, a neat demonstrated it to me on his Samsung Slate Email: via http://about.me/dick.pountain outliner that ran on both PC and Palm, and no PC, I’ve been bowled over by its extraordinary fewer than 125 of these Idealog columns were capabilities. But there’s the rub: like almost planned in that program. The fact that Bonsai everyone else, I never bought a Windows Tablet lasted me ten years proves it was workable, but or Slate PC, and Microsoft has never provided it still wasn’t ideal: it couldn’t handle pictures me with a copy of OneNote with any version of or diagrams, and contrary to what you might Office I’ve bought. In fact, so effectively has it expect, folding editors aren’t that much help on kept this killer app away from the public, it a tiny handheld screen. And Palm’s syncing ought to be in charge of Hantavirus quarantine. worked, but only if you remembered to do it. Now Redmond is betting the farm on After Palm went under I moved over to an Windows 8 – and my advice would be to make Android phone, which opened up whole new your Surfaces (or whatever they’re called this cloudy vistas. Bonsai never made the leap, but week) into dynamite OneNote engines, and there are dozens of Android outliner apps and let them easily communicate with your I’ve tried most of them. Many of the free ones competitors’ devices: the iPad currently has work well, but have neither a Windows sync nothing to touch it for note-taking. client nor cloud storage. Then there are big beasts such as Zotero, Evernote and SimpleNote that offer both cloud service and PC sync. I decided to try the free version of Evernote and was very excited for awww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 069

RWC BuWsinessoClrinicldMags.netBUSINESSCLINIC FACT FILE:Steve Cassidy helps a growing designfirm to decide where it should go after NAMEMicrosoft’s Small Business Server Unigraph DesignIlive on the edge of a ghetto. No, really. the whole nature of shared folders, LLOonCdAoTnI,OENC1 However, it isn’t the sort of ghetto you servers and emails that can often elude might be expecting. The area of inner other sectors of industry. SMcHPeoRorimcOwvrpeBotarsoLnoEuyfMpt’s’gssrSeamrdveaeltrlhsBefursoimness London immediately north-east ofSmithfield market is an enclave of reprographics Lee didn’t bat an eyelid at thecompanies, a little printer’s gulch of small to sometimes testy business of co-existingmedium-sized businesses handling print, design, Macs and Windows PCs. Rather like the design and layout team, whosescanning, platemaking (for those who still use efforts ensure PC Pro reaches youthem), and even 24-hour slide transparency every month, for him, the Greatdeveloping. I’ve been passing through this area Divide in Computing is crossedfor decades, and have even made use of places thousands of times a day.such as Joe’s Basement on occasion; however, And if you think I’m incidentally belittling major difficulties in working around theduring all those years I hadn’t noticed Unigraph everybody else, ask yourself how many other impediments presented by the small-businessDesign (www.unigraph-design.com). small-business, part-time network managers server flavour of Windows.That is, until Lee Howard responded to can give you an off-the-cuff estimate of the In fact, this has extended the lifecycle ofmy recent annual Business Clinic roundup by overall network impact of a software its setup by several years. If you want to thinkasking if I could drop in for a visit. Both of us upgrade’s changing file-format requirements. about this in ghetto terms, Unigraph foundwere expecting this to be a long, drawn-out This is a pretty technical group, who have no ways to make life comfortable.arrangement; he had no idea that on thisoccasion, my journey to his office would beno more than a ten-minute walk up the road. BUSINESSDuring a hot and muggy August afternoon,we sat together and Lee poured out his woes. Unigraph, it seems, may be in a geographicghetto suited to the demands arising from itstype of reprographic work and design briefs, Q&Abut that isn’t the only ghetto in which it resides:the firm is also a long-term, highly developeduser of Microsoft Small Business Server. Lee took me through the company’s fairlyintensively used small office LAN, with a richspread of Netgear switches, and a workstationpopulation evenly divided between Macs and Steve Cassidy tackles all your businessPCs. This isn’t the first design and corporatecommunications house I’ve seen. Unigraph was technical support queriesgiving me the vibe that pervades this businesspretty much everywhere – since the work is nolonger possible without involvement in PC and You’ll be astonished to hear my isn’t much clout in the way of negotiatingMac technology, most of the people working in IT budget has been cut by discounts with suppliers. Can you give methe company are more technically minded than around 20% for the year ahead, and any advice? BRON JOHNSONthe general run of office workers. I’m not saying given that many of our desktop PCs arethey’re qualified PC technicians, or that the already three or four years old, they’re It’s very hard to guess what workloadcomparative lack of technicality is a matter of starting to approach the end of their you’re placing on your PCs, which isshame for others; I’m saying that in this world useful lives. I’m now looking for ways the main way to figure out what you shouldof Quark and InDesign (which Lee blames for to cut the cost of new hardware, but buy this year. Most company contract-boughta ten-fold increase in the size of his working when you’re dealing with the purchase PCs have too fast a processor and not enoughdocuments since the migration), of PDF making of only 15 machines every year, there memory, and are provided with the slowestand copy flow, there’s an ease and fluency about070 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMagBussi.nenss eClintic RWCThe problem sense of having overbought starts to creep manage a migration in SBS as pub-talk would up on the directors of the business. have you believe. This is mainly because youLee’s problem is one with which quite a few can, especially in the era of virtualisation,Business Clinic applicants can identify. Having Unigraph is definitely riding the trailing shrivel up an SBS machine like a mummifiedbeen a typical Windows SBS candidate a few edge, trading on its broad base of daily head on a cannibal’s fetish in the jungles ofyears ago, when the spread of features included technical know-how to make that work for the Borneo. Afterwards, there can be nothing leftby Microsoft looked like a reasonable match company. There’s a degree of over-reaction to but the licences, the wizards and basic networkto the spread of wants in even a technical the war stories that have developed around services. Plain Windows Server machines canoperation such as Unigraph, where does he go deeper techies getting the wrong end of the stick be added to an SBS network overseen by such– and how does he get there – with his next about the single-server limitations of the SBS a remnant, performing fewer jobs with morechoice of LAN operating system? licence; it’s never been quite as difficult to There are resources for migrators on theMicrosoft support sites. The MigrationPreparation Tool, at www.pcpro.co.uk/links/218bc1, starts the process if you’reconsidering an in-place software upgrade,and www.pcpro.co.uk/links/218bc2 containsa kick-off guide. At 46 pages, this is for theexperienced domain wrangler – mostcertainly not the busy small-business personwith other things on their mind. In any case, the rationale for taking asmall business directly from one edition ofthe Small Business product family to a laterone seldom stands up to deeper examination.For one thing, SBS has always been a kitchen-sink install: a way of getting a cheap, dip-inexperience with a wide swathe of theMicrosoft server software suite. This hassounded very appealing to smaller businessesfor the best part of two decades now, butnobody manages to make perfect use ofevery last feature. SBS servers provide a fair fit to smallbusinesses when they’re in the start-upphase. However, when it’s time to move on,there’s a period of several years during which a Send questions to: [email protected] Q&Aavailable disks. Perhaps this year, you could I consult on IT for a small design policeman then you need to tell himprice RAM and SSD upgrades for half of your agency, which has bought all of the inherent conflict of interest thisPCs, and a ten-day licence for Paragon Partition its designers iPhones as a gift for involves – when there’s a dataManager to copy your existing configs over to completing a massive contract. Lucky leak, you want those users to feelthe faster SSDs? them. The problem is they’re now all free to come to you and get the accessing their work email, along investigation sorted ASAP, not feel I admit that I’m very much walking my with delicious contract details, on that you’re the bad cop. Smartphoneown path with this type of machine their lovely Apple handsets, yet some security is a gaping hole in everyrefurbishment process, but I find that a faster of them refuse to even safeguard the type of business, and the smallerstorage medium and more room to play can lift devices with a PIN. Is there any way to the business, the harder it is tothe performance of even poverty-processor enforce security on these designers, enforce any kind of policy, bothmodels out of all recognition. For new especially since the phones aren’t technically and interpersonally. Topurchases, don’t ignore Intel’s Atom processor strictly company issue, but personal get you started, you might ask themrange: The last bulk lot of Atom desktop PCs gifts? PAUL FARMAN what they think about Ben theI bought had been left incomplete by the A consultant isn’t the owner of the Bodyguard (www.pcpro.co.uk/manufacturer. When we ran them with data within a company; the CEO is links/218bc3), which certainly isn’t aWindows 7 32-bit, we were amazed to find the owner. It isn’t for you to make policy on corporate lockdown app, but a goodthey were showing four processor threads. A the hoof, and doing so will alienate people way to start a conversation withHyper-Threading, dual-core Atom from 2012 who shouldn’t feel they’re under the thumb bolshy hipsters about what mightis, in my experience, easily a match for a 2008 of a nerd. If the CEO has made you the data happen to their phone after a goodundernourished Core 2 Duo in real-world use night out.– except it draws only 20W.www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 071

RWC BuWsinessoClrinicldMags.netresources on bigger piles of data than can be at this party, the better – a few iSCSI NAS Unigraph is a morereasonably fitted inside the SBS envelope. boxes, running cheaper SATA disks and talking technically capable shop to the guests inside a reasonably recent but than the average office It’s easy to write that; but I can see a kind of not insanely overspecified eight-core desksidecomposite face of the Microsoft techies who’ve server running VMware Free Edition will can be, if they’ve beenlectured to me on the topic of SBS over the past secure the longer-term health of the core SBS ghettoised by the SBSfew years. They’re aghast – the latest release of installation, providing vital breathing space mindset. Early versionsSBS, they’re saying, is better than ever! It’s your for some thinking about whether to adopt had such a reputationown single-box entry into the hybrid public/ the latest version (also in a VM guise), or to for resembling a Limpetprivate cloud! How could anybody turn down discard it altogether. mine, sticking fast tothat capability, especially with the exciting their hardware yetmarch of the speed and efficiency of hardware? It’s surprisingly difficult to convince threatening to explode at(They generally become a little squeaky and people in businesses of any size just how the slightest touch, thatindignant at this point.) transformative a virtual machine approach the early lessons of that experience are hard to forgetSteve’s solution when the owner discovers that they’re the type of smallThe answer – both for Lee at Unigraph and business that grows orthe wider church of SBS aficionados – is in changes in ways thatthe equally inexorable march of data. At the invalidate an initial size orstart of this month’s Business Clinic, I pointed horsepower assessment. Iout that Adobe InDesign had bumped up Lee’s don’t want this story to makestorage requirements by an order of magnitude, it sound like I’d never recommend SBS to theand that smaller businesses tend to work their next new business asking me for advice.servers harder than bigger ones. If you accept However, it unquestionably has a place, and isthe idea that businesses grow in ways that used in situations far larger and more complexdistort the load on the spread of products than is common in UK deployments – especiallyunder the SBS badge, then to my mind it in the US, where company sizes, access toseems natural to respond to that distortion by technical skills, spending and purchasingplacing more grunt where it’s needed, and less processes are very different.where it isn’t. In big data centres, this is called I expect that moving Unigraph to a moreresource planning, or load balancing. It’s only responsive and up-to-date configuration willwhen we get down to “small” businesses that be a similar process to the one I adopted lasteverything is supposed to be wedged into one year with Mill Mead Primary School (see issuesimple RAID, through one processor socket 211, p68): a short period doing a disposableand down one Ethernet cable, just because the demonstration virtualisationheadcount is low. exercise will be enough to get the point across, followed by a For Unigraph, the way forward will involve rather more detailed costing ofmoving the big data to relatively simple storage the Way to Do It Properly.arrays – and my rule is the company is only One last detail, for thoseallowed to run something that isn’t Windows who will be wondering whyif it’s presenting storage via iSCSI. The more I haven’t talked very muchgigabit or better Ethernet ports that gain a seat about cloud or hosted solutions in this Clinic – there’s another A deskside server may provide everything ghetto definition that Unigrapha small business needs and I both inhabit, and that’s the curious postcode lottery of BT’s readiness to supply fast internet links. On the one hand, we’re both inside the “0207” low-tariff area for fast pipes; on the other hand, BT’s approach to selling phone exchanges for their property development potential means that neither of us is close enough to an operational exchange to obtain a fast-link speed. In the super-dense urban crush of Zone 1, neither BT nor its competitors are freely offering to dig up roads or pavements to lay fresh fibre. As such, high-speed access to cloud resources for big data isn’t a reasonably predictable prospect.072 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

With AWPCoBracldk-MUPaSg, yso.unr etdigital life goes on...even when the Keep your electronics up andpower goes off your energy use down!Preserve what’s most important to you ES SeriesReliable power backup for 24/7 availability The ever-popular ES models are priced affordably yet provideWhether DVRing your favourite show, updating your Facebook status, or playing a live enough extended runtime to allow you to work through short andnetwork game, you depend on your home electronics every day, all day. That’s why medium power outages. Some power-saving models have beenAPC™ by Schneider Electric™ has designed battery backup solutions that protect the designed to actively reduce energy costs.constant availability and connectivity you expect… and depend on. The energy-efficient ES SeriesPeace-of-mind protection on two levelsWhen the power goes out, our popular Back-UPS™ units go to work. They instantly The new ES boasts innovative power-saving outlets, whichswitch your home technologies to emergency power, allowing you to work through brief automatically shut off power to unused devices when yourpower outages or safely shut down your systems so you won’t lose valuable files — such electronics are turned off or asleep, eliminating wastefulas digital photos and media libraries. They also feature surge outlets to guard your electricity drains.electronics and data from ‘dirty’ power and damaging power surges — even lightning.So you get two levels of protection in every APC Back-UPS unit! BE 700G-UKEnergy-saving insurance for what matters most • 8 outletsOur Back-UPS units protect your home office, digital living and home media applications, • 405 watts/700 VAnotebook computers, DVRs, and gaming application. And since we now offer • Up to 80 minutes runtimeenergy-efficient models that reduce electricity costs through unique power-saving • Telephone/network protectionoutlets, you can realise true energy savings regardless of the applications you’re backingup. Throughout your home, the APC Back-UPS is the cost-saving insurance you need BE 550G-UKto stay up and running and reliably safeguarded from both unpredictable power andwasteful energy drains. • 8 outlets • 330 watts/550 VA • Up to 55 minutes runtime • Telephone/network protectionRegister today and get a chance to WIN an iPad 2!Visit www.apc.com/promo Key Code 25243pCall 08 45 080 5034 Fax 0118 903 7840©2012 Schneider Electric. All Rights Reserved. Schneider Electric, APC, Legendary Reliability, and Back-UPS are trademarks owned by Schneider Electric Industries SAS or its affiliated companies.All other trademarks are the property of their respective owners. email: [email protected] APC UK - Unit 1, Ground Floor, 250 South Oak Way, Green Park, Reading, RG2 6UG • 998-2542_GB_A WorldMags.net

RWC CaWreersorldMags.netCAREERSSo you want to be a…Drupal developerMark Newton reveals how to embark on a career building websites,using one of the world’s most popular content management systemsG iven that the majority of today’s Two types of If you can cover both these disciplines, you’ll websites are built using a content developer be in high demand. management system (CMS), the job of the traditional webmaster is now There are two main types The more web technologies you understand,as obsolete as that of a bus conductor. But of Drupal developer, but the the better, but it’s fair to say you can achievewhile this way of building sites has relieved boundaries are blurred. The first plenty with just a good understanding of howthe web designer from the tedium of adding is someone who configures Drupal, to use the CMS. It’s when things go wrong orcontent at the behest of their clients, their skills builds templates and style sheets, chooses there’s a conflict between modules (that wereare still very much needed in the creation of the and configures modules, and generally sets up probably written by different people) that ainitial design, while new skills are required for the software so that it has the functionality deeper knowledge is useful. It’s here that thethe selection and installation of the various the client requires, while keeping it easy for online documentation and support forumsmodules that add functionality to the CMS. them to use. The second type is one who help enormously, as with such things you’reIt is, of course, true that the design can be actually writes the modules that aren’t rarely alone with your CMS’s problems. Thecreated either from supplied templates or already available from the considerable list open source community for Drupal is veryusing programs such as Artisteer, but most of current modules, to achieve a particular active and the answer to your problem is oftencompanies will still need a bespoke design and task that’s required by the client. This is only a quick search away; should you not finddatabase – and that requires the skills of a usually done in PHP, and requires high-level an answer, submitting your question to thededicated developer. skills in programming rather than design. forums usually elicits a quick response. We’ve There are many types of CMS outthere, so how do you choose which tospecialise in? Some are designed tobe easy to create a certain typeof website – WordPress forblogging, for example.Others are aimed atintegrating intoan enterprisestructure, suchas Kentico orSharePoint. Thenthere’s the classof CMS that actsas a frameworkfrom which tobuild any type ofwebsite. It’s this lastcategory that Drupalfalls into. The drawback with a frameworksuch as Drupal is that, out of the box, it doesvery little and requires several modules beforeit even starts to look and behave like aconventional CMS. It’s because of this thatmany casual CMS seekers have in the pastoverlooked Drupal – that and the claims thatit’s difficult to get working. The selection ofmodules included in the core of version 7 nowmakes getting started much easier, but don’t tellyour boss that!074 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMags.nCaereters RWCprovided links to a number of online self-teach A day in the life of a PROFILEvideos that help you learn how to use Drupal Drupal developer(see Video courses, below). All these courses arechargeable, but do offer a fast track to finding Name: James Morrishyour way around the framework and securing Job title: Head of development at Catchyour first job as a paid developer. Experience: Web developer working in sports, entertainment and music brands for eight years There are also self-teaching sites such ashttp://drupalize.me, although Jon Hume at Working as a Drupal developer in a digital Even when you work with a framework orLondon-based digital agency Catch warns: agency such as Catch generally starts with a CMS, there are often lots of different ways“If you’re already a developer, it’s easy to start quick meeting or “stand-up” with the producer to achieve the same end goals.building websites in Drupal. [project manager] and the other developers who are working on my current project. We There are often meetings to attend and However, learning to build them the ‘right tend to work in small teams, so it’s important participate in, from meeting clients to hearway’ is more difficult.” There doesn’t seem to that we all know exactly what everyone else is their requirements first-hand to providingbe any industry-recognised qualifications for doing. We identify any immediate problems, training and support to their end users.Drupal developers, although there’s an attempt We also have internal meetings where weto establish some. That said, most employerswill be more impressed with results in aportfolio rather than a paper qualification.Plenty of work “We work closely as a team, sharing knowledge and ensuring that we allThe opportunity for work with Drupal isconsiderable, worldwide and growing. develop to the same standards”There are reportedly more than a millionwebsites that use Drupal, including big distribute tasks and ensure that we have share our experience and continue to grownames such as the Open University, the Law everything we need for the day ahead. our knowledge as a team.Society, NASA, Ubuntu, and 20th Century Fox.However, this flexible CMS is also suitable for Following the meeting we get to work on Developers at Catch are also askedsmaller sites such as www.marwyndance.co.uk, building sites with Drupal. There are lots of to contribute to the creation of userand most web hosts offer packages that carry different tasks associated with building a site, documentation and technical specifications.out the installation and setting up of a basic from general development work to researching Often this involves research and collaborationDrupal 7 CMS with which you can start to modules, putting custom functionality together, with colleagues in the client services teamcreate sites. and building the front-end that the users get to to find the best way to communicate this see. We also spend a lot of time optimising information to our customers. So now you have the skills, how do you our sites to make sure that we get the bestfind work? Freelance or full-time? Most jobs performance from them, so attention to detail Testing and bug fixing also takes time incurrently on offer are contract placements, is a key skill, particularly when working on the day, as we continue to test throughoutwhere you can expect to earn around £300 per bigger sites. our development process to ensure theday – you’ll find a list of vacancies and other integrity of our finished website. This involvesDrupal-related data at www.itjobswatch.co.uk/ We work closely as a team, so parts of testing in various browsers and on differentcontracts/uk/drupal.do. Some of this contract the day are spent helping other developers platforms such as smartphones and tablets.work can be done from home, although as solve problems, sharing knowledge andtempting as it may seem, not everyone has ensuring that we all develop to the same Essentially, every single day is a littlethe discipline to work on that basis. standards. This helps to make sure that we different. A lot of work goes into creating can transfer projects between our team and each website and a wide variety of tasks The rate for a full-time basic Drupal we all understand how everything works. need to be completed before a site is readyplacement ranges from £28,000 to £37,000, to be deployed.according to ITJobsWatch. Catch Digital (www.catchdigital.com) specialises in finding Drupal While lesser content management systems Drupal rather than traditional web-buildingdevelopers, but the more common job-finding may come and go, major players such as software such as Dreamweaver – you’ll besites, such as www.freelancer.com/jobs/Drupal, WordPress and Drupal have been around able to create bigger, better and moreare also a useful resource. Even LinkedIn has a for some time and are widely used, so the advanced websites, and much more quicklydedicated Drupal area at www.pcpro.co.uk/ skills should be in demand for many years too. That’s a distinct advantage in today’slinks/218careers. The demand for Drupal to come. Should jobs for a Drupal climate, when budgets and timescalesdevelopers is high but getting a job is still a developer dry up, your skills in are greatly reduced. Drupalcase of putting your name about. Once you HTML, CSS, PHP and Video courses allows you to match thesehave a few good projects under your belt, JavaScript will be easily Teach yourself Drupal at: requirements, while beingthe task should become easier. transferable to other ● www.pcpro.co.uk/ flexible enough for you to links/218lyndaTransferable skills web-related jobs, and once ● www.pcpro.co.uk/ add your own unique stamp you’ve developed skills links/218axis on a project. Unlike someWeb technologies move at a terrifying pace. in one CMS, the task of other content managementEven new versions of the same CMS can learning a different one ● www.pcpro.co.uk/ systems, it’s no “web sausagevary enormously: version 5 of Drupal is much easier. links/218cm machine”, churning outis very different to the current version 7. clones of itself; instead, itHowever, the principles are similar and the In the current web- ● www.pcpro.co.uk/ allows you to be as creative asassociated skills of web technologies will still development environment, your links/218noblebe useful, so your learning will not be wasted. time would be better spent learning your imagination and skills allow.www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 075

WorldMags.netGet the reliable business PC you need at the right price with Misco.co.uk. Our range of desktop deals include cash back deals and the opportunity to purchase aDESKTOP DEALS Windows® 7 PC today and claim Windows® 8 Professional for just £14.99 ex vat** helping you to future-proof your investment. We have more desktop deals available onlineTHAT MEAN BUSINESS at misco.co.uk/desktops. EOXCFLUFSEIVRE TORFADFEE-RIN*HP Pro 3405 Micro Tower PC HP TouchSmart 7320 All-In-One PCThe HP Pro 3405 micro tower PC is affordable, reliable, and is Bringing speed and power to your everyday tasks, the HP Touchsmarteasily expandable and versatile. This Windows® 7 desktop PC 7320 gives you everything you need in a stylish all-in-one design.will easily fit into any modern workspace. • Intel® Core™ i3-2120 (3.30GHz) processor• AMD Dual-Core E2-3200 APU (2.4GHz) processor• 2GB RAM / 500GB hard drive • 4GB RAM / 500GB hard drive• DVD SuperMulti optical drive• Windows® 7 Professional 64-bit. • 21.5\" diagonal widescreen display with multi-touch capabilities Order: ZKQ449617 • Windows® 7 Professional 64-bit Order: ZKQ449620 • 1 year warranty. £249.99 £535.83 Ex VAT Ex VATFujitsu ESPRIMO E400 Small Form Factor PC Fujitsu ESPRIMO E400 Small Form Factor PCThis Fujitsu Esprimo E400 small form Fujitsu ESPRIMO PCs deliver high-qualityfactor PC offers high performance at an computing for your office applications andaffordable price. Its small form factor chassis projects at a very attractive price point.means it’s great for offices where space isat a premium. • Intel® Core™ i5-2320 processor • 4GB RAM / 500GB hard drive• Intel® Core™ i3-2120 (3.30GHz) processor • DVD-RW optical drive• 2GB RAM / 500GB hard drive • Windows® 7 Professional 32-bit.• DVD-RW optical drive• Windows® 7 Professional 64-bit. Order: ZK197272 Order: ZK197492 £299.99 £399.99 Ex VAT Ex VATLenovo ThinkCentre Edge 72 Small Form Factor PC Lenovo ThinkCentre Edge 72 Tower PCEasy to set up, easy to use and easy The Lenovo ThinkCentre Edge 72 is a stylishon your budget - make your small entry level business desktop PC that boastsbusiness stand out with a sleek, great application performance from thedependable small form factor PC latest Intel® processors and rockthat blends right into your bustling solid reliability.work environment. • Intel® Pentium® Dual-Core™• Intel® Core™ i3-2120 Monitor not Order: ZK194972 G630 processor Monitor not Order: ZK194971 (3.30GHz) processor included included £269.99 • 2GB RAM / 250GB hard drive £269.99• 4GB RAM / 500GB hard drive Ex VAT • DVD±RW dual layer optical drive Ex VAT• DVD±RW dual layer optical drive • Windows® 7 Professional 64-bit• Windows® 7 Professional 64-bit. • 1 year on-site warranty.FREEFONE: 0808 181 6216 EMAIL: [email protected] t VISIT: misco.co.uk/desktops*Claim up to £150 trade-in for your old computer when you buy a qualifying HP PC from 01/05/2012 to 31/10/2012. See website for full details.

WorldMagsF.REEnFONEe: 08t08 181 6216 EMAIL: [email protected] VISIT: misco.co.uk/desktopsZoostorm Pentium Dual-Core G840 Tower PC Zoostorm Core i5-2320 Tower PCThis superb performance Intel® based mATX PC is For a visibly smarter PC experience, look for the 2ndideal for use at home or in the office. generation Intel® Core™ processor family. • Intel® Core™ i5-2320• Intel® Pentium® Dual-Core G840 (2.8GHz) processor (3.0GHz) processor • 8GB RAM / 500GB hard drive• 6GB RAM / 250GB hard drive • SuperMulti DVD±RW• SuperMulti DVD±RW drive • Windows® 7 Professional 64-bit.• No operating system• 1 year warranty. Order: ZK190816 £189.99 Order: ZK190819 Ex VAT £399.99HP LaserJet Pro 400 M401dn Mono Laser Printer HP Officejet 100 Inkjet Portable Printer Ex VATIdeal for business users who need a reliable, networked • Print speeds up to 22ppm mono & 18ppm colour Order: ZKQ320772HP LaserJet Pro mono laser printer for everyday • Built in Bluetooth® lets you printoffice functions at great value for money. £156.99 from anywhere Ex VAT• Print speeds up to 33ppm • Load up to 50 sheets into the• Duplex printing to save paper• Network ready for easy sharing built-in paper tray• Features HP ePrint & AirPrint • Charge with the included HP65W• Monthly duty cycle up to 50k pages. smart AC adapter Order: ZKQ549162 • Lightweight at only 2.3kg. £189.99 Ex VATKensington Desktop & Peripherals Kit Kensington USB 3.0 Docking Station With DVI/HDMI/VGA• 2.4m long and 5.3mm thick cable• Includes an anchor plate for equipment without a Kensington security • 2 front facing USB3.0 ports + 4 rear USB ports • Audio 2.0 for enhanced sound (headphone jack slot, 2 plated K-slot adapters and a cable trap. and microphone input) • DVI/VGA connection, HDMI (Dual Output), Gigabit Ethernet connection. Order: ZKQ221529 Order: ZK198414 £24.99 £139.99 Ex VAT Ex VATMicrosoft Office Home & Microsoft Office Professional 2010 Order: ZK169000Business 2010 Product Key Card Product Key Card £212.80• Create professional reports, • Stay in sync with your Ex VAT charts & presentations customers & calendar• Easily store files & documents online • Access, edit & share your work• New photo, video & text effects • Organise all your information• Includes Word, Excel, in a single place PowerPoint, OneNote & Outlook. • Create dynamic presentations. Order: ZK147998 £140.47 Ex VAT**Offer valid from 02/06/2012 - 31/01/2013. Please see product page for more details.WorldMags.netPrices and offers are correct at time of publication but are subject to change without notice and whilst current stocks last. Please visit Misco.co.uk website or call to get the most up to date price. All prices exclude VAT & delivery. E&OE. Full details of our Terms and Conditions are available onrequest and can be viewed on our website www.misco.co.uk/terms. Misco is a registered trademark of Systemax Inc. All other trademarks mentioned herein are the property of their respective owners. Copyright©2012 Misco. All rights reserved. 24161 - 0912

RWC AdWvanceod WrinlddowsM& Maacgs.netADVANCED WINDOWS & MACUnsafe at any speedJon Honeyball is impressed by encryption software that generateshardened passwords and manages them in one secure locationJON HONEYBALLComputer journalistand consultantspecialising in bothclient/server andoffice automationapplications.Email [email protected] adies and gentlemen, it’s time to face facts – your internet use isn’t safe. I’m not talking about malware, viruses or nasty drive-by websites here (althoughthey might well be a factor in this affair). No,I’m referring to that most humble of things: thepassword. Back in the good old days, we hadbut two passwords to worry about – the first ofwhich logged us into our ISP when weinstructed our modem to dial the service. Thisusername and password wasn’t any big dealbecause it was used only when dialling out. Thesecond username and password was for our purchase and that’s it. I really don’t believe that clever and use a few different passwords, butaccount at CIX – a UK version of COSY, which doing business in this way gives anyone the it’s genuinely rare to find anyone using a trulyalso underpinned The Well in California and right to demand that my information be placed hardened password. There are many reasonsByte’s BIX bulletin board. CIX was (and still is) on their marketing database. for this: first, they’re difficult to remember;a great social medium that predated the World The same thing happens in real life, too, of second, they can be complicated to type,Wide Web by several years, let alone lesser course. Go into PC World, make any purchase especially when you’ve included punctuationupstarts such as Facebook. But I digress. and ask for a VAT receipt. This immediately marks and you find yourself using a non-UKUsernames and passwords used to be simple, makes you a “worth capturing” target, and the keyboard. Worse still, the passwords that arebut today this is no longer the case. In the sales assistant will start demanding all kinds of easiest to remember are also often the easiestmodern internet era, where you go e-shopping information, such as your address, postcode, to crack: dictionary attacks apply the logic of inside leg measurement real words to help guide the crack effort in the and preference in right direction.“It’s quite therapeutic to watch vintage champagne. Their excuse if queried After scouring a dictionary, the cracker willlong and complex passwords is that this is required turn to the more obvious social-engineering for the warranty, but attacks: name of parent, name of house, namebeing pasted into a website” it would be hard to of first-born, first names of first and second imagine a more blatant children, date of birth coupled to name of dog,at a wide range of sites, from Amazon to your misuse of the Sale of Goods Act. It’s tempting and so on. A great deal of this information canlocal specialist butcher, it seems to be necessary to give the company’s own headquarters as be discovered out there on the web, especiallyto log in separately to almost every website. your postal address, and the email address of its if you’re an enthusiastic user of sites such asThis drives me nuts. When I want to purchase managing director as the contact mailbox. Facebook. I’ll confess that I’m rarely surprisedsomething from an e-shop, the only information Anyway, back to the virtual world. Each nowadays at the amount of personal informationI should need to hand over is the shopping website demands its own username and that some people quite happily scatter acrossbasket contents, a delivery address, and my password, although often the username will be their Facebook pages, then allow it to be visiblerelevant credit card information. It’s taking a an email address, but that doesn’t have to be so. not only to friends but to friends of friends, thusliberty to force me into registering on a website, It isn’t too surprising that many of us use the increasing the browsing population by anto which I often have absolutely no desire to same password for these sites: “Who’s going to almost geometric factor.come back to – I went there for one specific know?” goes the thinking. Maybe we’ve been Some sites and services make it easier to use a simple password or phrase. For example, your078 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldAdMvancaed gWinsdo.wns &eMtac RWCApple iTunes account password is one that youhave to type in regularly if you purchase apps,music, movies and so forth online. This can bea real pain to type on small devices such asiPhones, so it isn’t that surprising that manyApple account passwords are really quitesimple: they have to be iPhone-friendly.Unfortunately, though, this password is also thekey to your entire Apple world of online services,and that means there’s a whole new and excitingworld of targets for villains to aim at.What to do then? Well, I’ve given it somethought and taken the advice of friends whohave already considered this. The result isthat I’ve gone headlong into 1Password, anapplication service that you run on yourcomputer (both Mac and Windows), and onmobile devices such as the iPhone. It hooks intoall the major web browsers, and notices whenyou’re filling in a form that looks like ausername and password. It then generates astrong, truly randomised password and storesit in its own heavily encrypted database.Whenever you want to log into that websiteagain, it’s a matter of a quick mouse click to The main user interface of 1Password showing a dummy account being set upunlock 1Password, and get it to fill in the gives you a strong feeling that what it’s doing is choose to use the same password for its site asauthentication fields for you. To be quite clear,you don’t ever see, or need to see, what the good for you and, frankly, it’s quite therapeutic I do for Amazon. Not only can I not expectpassword is for any particular site – 1Password to watch very long and complex passwords Tesco to police this, but in fact I’d be quiteholds that for you. All you need to remember being pasted into a website (even though they’re horrified if it did, as I don’t want Tescois your master password for the 1Password hidden under a row of asterisks). And it’s good knowing my Amazon password, or vice versa.encrypted store. to know that if there were to be a massive and We’re the only ones who can police our ownI accept that it’s a little fiddly to set up terrifying leak of passwords from, say, Amazon, password use, but we need to make acertain websites to work seamlessly with that wouldn’t compromise your eBay account. determined shift toward hardening and truly1Password, and that you need to be careful, Some websites, of course, have already randomising all our passwords. For that towhen changing from a stupidly simple implemented really complex and hopefully happen, we need to break the very emotionalpassword to a complex one, not to lose secure approaches. I bank with Barclays, and bond we’ve had with our old memorablethe complex one in the process. The service I need to enter a whole set of information, usernames and passwords. We have to take adoes clever stuff like ensuring that a including selecting particular characters from a leap of faith and say “I’m not going to managecomplex password doesn’t remain on the complex password, in order to log into online all my passwords any more, but am going toclipboard for very many seconds, to ensure banking. If I want to create a new payee then I trust a piece of software to do that for me”that it can’t leak to another application that have to use a chip-and-pin card reader (and not only to “manage” but “generate”might be reading the clipboard. to authenticate the new payment target, which too). Don’t underestimate the wrench you’llThere’s much to like about 1Password. It gives me reassurance that even if someone did experience in making this move. break into my account If I may quote from 1 Corinthians 13:11: they couldn’t create a “When I was a child, I spake as a child, I new payee – namely, understood as a child, I thought as a child: but themselves – without when I became a man, I put away childish having the chip-and- things.” Trying to remember all your passwords pin card too. But such is thinking like a child. It’s time to embrace a strong solutions, new approach – and 1Password isn’t the only although entirely game in town. Another one is LastPass. Both necessary for online are chargeable, in different ways (anyone who banking, are deemed expects this sort of software service to be free is too complicated and somewhat naive). I chose 1Password, but some intrusive for other service might be better. Whichever you normal e-commerce choose, however, make a determined effort to transactions. ensure that it works. While I have a lot of sympathy for that point of view, it’s Picture-swipe login clearly madness that Microsoft is introducing a new type of login many of the solutions facility for Windows 8. It shows you a picture out there are so weak. you have chosen, and you then draw a pattern Of course, it isn’t the on the picture. The system recognises that fault of, say, Tesco, if I pattern, and if it’s correct, you’re logged in.Control with ease the length and complexity of your passwordwww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 079

RWC AdWvanceod WrinlddowsM& Maacgs.netThis seems like a good idea: take a photo of pin number needs to be entered via Bikers alive. While I might be slightlyyour family and draw a line that runs from this keypad to unlock the drive. impressed by such anyour wife’s feet to your daughter’s nose, then You can’t just take two of ability, I’ll confess that I’ddown to the dog’s tail. Unless you know that Despite the attraction ofpath it would be very hard to break into, so these devices and swap fast local storage combined with probably have handed overgoes the logic. them over either, because cloud-based archiving, there’s still all my passwords to the the encryption key pairs robbers long before Now take a somewhat used and slightly are unique to each chassis something particularly compelling anyone actually cutgrubby touchscreen laptop or tablet. Look hard about holding an LTO tape fullat the screen – can you spot the login trail and drive. But such devices of archives: an old IT saying has my finger off…among the mess of fingermarks that besmirch don’t come cheap. it that nothing, but nothing, can Rumour has it thatit? Perhaps this is a solution best implemented move data from one place toby watching you draw a pattern in the air using My clients wanted another as fast as a motorcycle Apple might be fitting athe forward-facing camera, rather than letting to look at some of the fingerprint reader to theyour grubby finger leave an oily trail on the software encryption and courier with a bag full of next version of the iPhone,screen’s surface. lock/unlock facilities provided tapes! and if so this would be anHard disk security with these external drives, so I excellent move (one that Microsoft looked at one from a very well-known really should have made with theI’ve been looking at external hard disks vendor. The setup program for this feature Windows Phone 7.x specification torecently, because some clients wanted to know looked suspiciously simplistic: in the screen differentiate it from the competition).what would be a good choice to give to their where you enter your encryption password Other services are moving over to two-field salesmen for local backup and extra there was no sign of “best practice” – that is, factor by using the mobile phone itself as anstorage. Their decision to try this out had no visible instructions that your password authentication tool. Personally, I’m reassuredoverruled my loud wailing that it was entirely needs to be ten characters long, mixed case and that a numerical code is sent to my phone viathe wrong way of doing a backup, and that it include some numbers. I entered “bone” and SMS when I try to make a payment throughwas far better to ensure that everything was pressed enter, and that was fine! I undid that PayPal; Google has similar facilities, and it’s innot only taken off the laptop’s hard disk but password, reset the drive and tried again. This final beta for Dropbox, too. The use of suchout of the hotel room, too. At the very least, time I tried “b” – yep, just a single letter. That techniques are to be applauded, and we shouldgive the salesmen a large USB key to keep on was fine too. Upon receiving this information, be encouraged to use combinations that workthe keyring that holds their house and car keys; the clients decided thatbetter still would be to use Dropbox or perhaps such aSkyDrive to move and secure the data into the brain-dead and “I’d hand over all my passwordscloud. Best of all would be to do both. But an simplistic solutionexternal hard disk drive? wasn’t appropriate for to the robbers long before the data in their line Some vendors do make external drives that of business. anyone cut my finger off”have a numeric keypad, because they have hard You might beencryption built into the disk controller and a surprised to know that even the big boys can well for us, such as fingerprint and SMS, or get this wrong. I signed up to the new Outlook. face recognition and fingerprint, or strong With a character limit of 16, Microsoft com, which uses the standard Microsoft login. password and fingerprint.doesn’t support truly strong passwords Here, the minimum length of your case- What’s perfectly clear, though, is that the sensitive password must be eight characters. So good old days when we reused passwords I went over to 1Password and got it to generate with gay abandon are now gone, and it’s time me a 24-character, randomised password, to ensure that our information is kept safe. which is the length required to drive that And that safety requires that a problem in security “fuel gauge” all the way to 100%. one part of my digital life doesn’t become a Such a password looks like this: firestorm that rages through all aspects of fNXmVnjAEBApZW3qjyvxB4PY. But no, this your digital life. wasn’t acceptable to Microsoft, because it seems you can’t have a password longer than 16 characters. Now I accept that 16 is better Future attractions than eight, and very much better than four, but I normally don’t give sneaky peeks at what’s maybe it’s about time that even Microsoft coming up next month, mainly because I’m allowed for truly strong passwords in its one of the last people to know! But I’m authentication systems. working on a couple of things at the moment: following on from this month’s security theme is a comprehensive guide to how to lock your Two-factor authentication iPhone so that it can’t be broken into by a Which brings me on to the subject of two- casual thief. I’ve also had my interest piqued factor authentication. Two-factor means that by the LTFS file format, which allows a large, the system won’t accept just one password or high-speed streaming tape store in the shape authentication token, but needs something of LTO-5 (1.5TB uncompressed, 3TB more. Some vendors have fitted fingerprint compressed) to be mounted and used from readers into their devices, especially laptops, the desktop file system itself; Tandberg has and I must admit that I’m a fan. I know there some interesting devices in this arena, and I are all those ghoulish stories about how the hope to have soak-tested a complete solution more sophisticated fingerprint readers can for reporting next month. And someone has detect whether the finger has a pulse or not, suggested there might be some Windows 8 and rejects anything that isn’t actually still tablets to look at, too.080 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaMgobsile.&nWiereletss RWCMOBILE & WIRELESSA mess of MP3sPaul Ockenden finds a novel way to tidy his music collection, and doessome solar-powered wireless networking PAUL OCKENDEN Owner of one of the UK’s oldest web agencies, Paul works on award-winning sites for many blue- chip clients. Twitter: @PaulOckendenF or many years I’ve had a large and eclectic music collection. Shelves full of vinyl were eventually replaced by CDs, sometimes several times over; I’ve lostcount of how many copies of Mr Bowie’s ZiggyStardust album I have, because he keeps addingunreleased tracks to each re-release so I have tobuy yet another. Like many people I’ve alsostarted buying music in MP3 format, althoughI’m of a generation that tends to prefer“special” music on CD and resorts to MP3only for the more ephemeral stuff.I’ve never really got back into vinyl, and myold LPs are boxed up and slowly decaying in and when I pop one into the PC drive, the I’ve probably bought 30 or 40 such products,the loft. People say they’re attracted to the various online “find the track name” services and have several freebies too, and all suffer“warmer” sound of vinyl, but for me, don’t have a clue!) major limitations. I’ve tried Windows, OS Xconvenience wins every time – I love to listen to Actually, calling my MP3s a “collection” and even Linux-based tools.music, not perform spectrum analysis on it. So isn’t quite right, as they’re all over the place.long as it’s relatively distortion-free, I’m happy. Over the years, I’ve attempted to organise them, Recently I’ve been working my way throughNow, however, I find myself with a but the result is a clutch of folders called the tools available in the Mac App Store; if theysubstantial MP3 collection – some bought, but “cleaned mp3s”, “copy of cleaned mp3s”, turn out to be junk, at least Apple is good atmany ripped from CDs. (Some are from CDs so “properly cleaned mp3s”, “merged mp3 giving refunds. The last abomination I boughtobscure that they barely sold into triple figures, collection” and so on, all containing slightly – TuneUp, which costs £28 – turned out to be different versions, some really buggy, so I emailed Apple for a refund with corrected track and it returned my money within 15 minutes. names, some with That’s impressive customer service, but I’d be updated cover art, but more impressed still if Apple didn’t allow such none of them complete. low-quality apps into its store in the first place. As well as spending a shed-load of money Having said that, I’ve stumbled across an over the years on excellent solution to musical mess. I’d been music, I’ve spent a trying out a few of the “upload your music small fortune on tools collection to the cloud” services: notably and utilities that claim Amazon’s Cloud Player, Apple’s iTunes Match to magically transform and Google Music. Amazon and Apple both my MP3 morass into offer a “scan and match” facility, whereby a neatly structured you don’t need to upload a track if it already and deduplicated exists in the company’s extensive library. At collection, complete the time of writing, Google doesn’t offer such with cover art and a facility, and I’m guessing this is because Not its primary purpose, but iTunes Match is a brilliant way to clean correct track names. Google doesn’t have its own music store (inup a messy music collection the UK), and so has no database to match users’ collections against.www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 081

RWC MoWbile &oWrirellesds Mags.netIt’s Apple’s iTunes Match that came View the output from each solar panelto the rescue of my MP3 collection, for (or pair if using “duo” micro-inverters)although it has some serious limitations using Enecsys’ online monitoring system(mainly a 25,000 track limit per collection,so I’ve had to split mine into a number of knows what Google might add to itssmaller chunks), it has a bigger “master own cloud music player in the future.database” than Amazon and, more Don’t write off Microsoft either, since atimportantly, offers a built-in deduplicate the time of writing, several people withfunction. Where Amazon’s service will MP3 collections that have been uploadedhappily let you upload several copies of to SkyDrive have noticed album artthe same track, iTunes Match will mysteriously appearing in their folders,notice that the song is already in your suggesting that the company might belibrary and prevent you from uploading close to launching its fabled Xbox Musicanother copy. those tracks started with silence and so the service. If leaked accounts are to beAlthough it isn’t intended for this purpose, encoder could drop the bit rate right down to believed, this might combine Spotify-likethe Match deduplication facility provides a save a few bytes; iTunes appears to look at the streaming with iTunes Cloud-like storage – andneat way to organise a music collection: just initial bit rate, and if it’s below 64Kbits/sec, possibly a scan-and-match function too. Therethrow all your tracks at the service from one rejects the whole file. The simple answer is to are exciting times ahead in the cloud musicmachine (a Mac if you have one, or a right-click the affected tracks and select “Create space, but right now Apple is winning.“Hackintosh” running in a VM – iTunes AAC version”, then under Store select “Updateruns like a three-legged dog on Windows), iTunes Match”, at which point the AAC files PV, see?then install a clean copy of iTunes with a will either match or upload.blank database onto another machine and All in all, this is a long-winded way to clean I recently had a roof-full of solar panels up a music collection, installed here at Ockenden Towers – but being but the results are the geek that I am, I paid extra to have“Using iTunes Match is a worth it – on the something a bit different (and it does have second machine you’ll something to do with wireless, so it isn’t reallylong-winded way to clean up find you’ve downloaded off-topic for this column!). First, though, I’d a well-structured music like to explain something about solar panels –your music collection” collection with lots of an issue the sales droid will probably fail to cover art and track mention: the problem of “shading”.download everything. Voila! The Match names. What’s more, many of your grotty, lowservice has turned your horrible mess of files bit-rate files will have been transformed into In a normal configuration solar panels areinto a neat and tidy music collection. beautiful 256Kbits/sec copies. wired in series, so if at certain times of the dayThere are a few gotchas, however. First, I’ve always hated iTunes, especially running you get a little bit of shadow falling across oneiTunes Match isn’t free – it costs £22 a year on a PC – it’s slightly more tolerable on a of them, it will reduce the output of the wholein the UK – but if you’re using it only as a speedy Mac, but still seems to spend minutes at array; if one panel’s output is reduced 50% byclean-up tool, you could cancel after the first a time seemingly locked up before springing shading, the output of all the others will beyear. Second, any files matched (rather than back to life again. I never thought I’d have down 50% too. Even if you have a large,uploaded) will arrive on your second machine anything good to say about it, but iTunes south-facing roof as I do, there’s a good chanceas 256Kbits/sec AAC files rather than MP3s. Match has changed all that. Do keep an eye on that at certain times of the day you’ll getThey’re not DRM-protected, though, so you its competitors, though: Amazon Cloud Player shading from a chimney, tree or perhaps acan easily revert them back to MP3 if you needs only a deduplicate function to bring itself neighbour’s extension – this is the big secret ofwant to, although most modern music players into contention, especially since it’s based on the solar PV (photovoltaics) industry.will work fine with AAC files. Third, if you 256Kbits/sec MP3 rather than AAC, and whohave a large music collection it will take The solution is something called a micro-several days to complete the match/upload/ inverter: rather than have all the panels wireddownload process. in series, delivering a massive – potentiallyIn addition, you may experienceoccasional problems with the lethal – DC voltage to a big “string”matching process itself: in inverter, each solar panel has itsparticular, I found several own DC-to-AC micro-inverterfiles that iTunes showed as strapped to the rear so that it“ineligible” once I’d turned on operates independently ofthe iCloud Status column (it’s the other panels.normally hidden, but you’ll Actually, my ownfind it in iTunes’ column installation useschooser). On closer “duo” micro-inspection it turned inverters, where theout that these were output from twovariable bit-rate panels feeds into eachMP3s that had box, so I need eight duosomehowbeen flagged as micro-inverters for my 16 panels, which is32Kbits/sec, The small white window on the micro- significantly more cost-effective than havingprobably because inverter case allows the low-power wireless one per panel. It means that a late-afternoon signal to pass through its casing shadow from my chimney falling across one panel will take down only that panel pair rather than the whole array. This is only one benefit of micro-inverters, another is their expected life span: they should082 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaMgobsile.&nWiereletss RWClast 25 years; a typical string inverter willneed to be replaced every five to ten years.But it wasn’t their immunity from shadingnor their longevity that grabbed my attention;it was the monitoring system. Each of theEnecsys micro-inverters I have contains asmall 2.4GHz transmitter, and inside myhouse there’s a “gateway” box that receivessignals from the micro-inverters and uploadsthem to a central monitoring system run bythe company.One of the reasons I was keen to useEnecsys micro-inverters in my solar PVinstallation is that the technology wasdeveloped at Cambridge University, wherethe company was spun out from theDepartment of Engineering. Enecsys wasfounded by the department’s professor anda couple of his PhD students, along with abright spark from the adjacent businessschool. Although it’s now a global concern Perhaps it isn’t surprising that people don’t know what’s going on at RIM when the company’s website fails to mention the new devices and enterprise software waiting in the wingswith international backers, its home-grown wireless throughput. ZigBee is capable of Bye-bye BESorigin was an important factor in my I wrote six months ago (see issue 212, p79)buying decision. running in a mesh configuration but, as ICommunication between the micro-inverters understand it, the Enecsys system uses a simple, that it was obvious RIM couldn’t supportand the gateway box is via a ZigBee network dynamic star configuration with all the nodes its new BlackBerry 10 OS devices using its– an interesting, if curiously named, technology. talking directly to the gateway. existing BES infrastructure, and also thatIt’s worth a small detour to examine what it is, It’s a fairly long communication chain: the companies wanting to run OS 6 and OS 7what it does and how it does it. panels feed their output to the micro-inverters; devices would need to keep an older copy ofZigBee uses very low-power radios (0dB, these then send monitoring data to the BES running too. At last RIM has confirmedor 1mW) to transmit data at the relatively gateway; the gateway in turn uploads that data my reports by announcing that production ofslow rate of 250Kbits/sec, and has been to Enecsys’ servers, where it’s made into pretty BES 5 will cease, apart from major securitydesigned from the ground up for use in graphs, tables and dials, then downloaded to updates, and that any company with a my PC or to an app on mixed-phone fleet will need to run both BES 5 my iPhone or iPad. Yet and BES 10. I didn’t imagine this news would“I’m impressed by ZigBee despite this lengthy shock or even surprise ardent BlackBerry datapath, I see the watchers – even Mystic Meg could haveand convinced that it will be graphical representation predicted this one – yet various BlackBerry of my panels updated forums are full of BES admins up in armsimportant in the future ” pretty frequently: if about the change, complaining about the the sun is suddenly new skills they’ll have to learn, with someapplications such as switching, signalling and obscured by a big cloud, both website and app threatening to switch their companies to othersimilar tasks that send small and infrequent generally show the effect within 30 seconds or mobile vendors.bursts of data. so. This makes it easy to optimise the usage of In light of this, now is probably a goodI reckon we’ll be seeing a lot more of ZigBee the generated power, by switching on power- time to perform a review of the whole market,in the future because of its extreme power hungry loads such as dishwashers and washing especially if you’re providing mobiles withinfrugality: its single-chip radios are already machines only when the roof is generating lots a big company. The landscape has changedlow-powered, but what’s clever is the way in of free electricity. considerably in the past 12 months, withwhich they wake up, send their data, then go I’m really impressed by the system, and Windows Phone maturing and BlackBerryback to sleep again. Where a Bluetooth device what started off simply as an exercise in starting to lose some of its lustre. It’smight typically take around two or three getting a return on my investment, also important to try lookingseconds to wake up, a ZigBee system does while also being green and Waggle forward over the next 12it in around 30ms and it doesn’t need to be saving the planet, has months or so: how willbroadcasting all the time – it’s designed so turned into a mini case ZigBee is a curious name for a the patent spat affectthat its transmitters can send data only when wireless networking standard. study on using wireless Apparently, it’s derived from the Apple and Samsung,required without any constant background data and online and will it have anycarrier signal. Its low power usage is important monitoring systems. “Waggle” dance that bees perform knock-on effects when returning to the hive in orderfor a microgeneration project, where the power The more I learn about to communicate to other bees the elsewhere in therequired to control and manage the system ZigBee, the more I’m direction in which they’ve found nectar. Android space? And The marketing folks at the ZigBeeneeds to be kept to a minimum. convinced that it will alliance decided that because, in a what of Windows The system employs the ISM band be important in the Phone 8 – can it(2.4GHz), but because of its low power future, particularly in mesh configuration, data can zig and succeed or will dislikeand the infrequent spurts of data, it works with areas such as home zag, it’s a bit like a Waggle dance.minimal interference alongside other users of automation, wireless And no, I can’t follow that of Windows 8 hamperthat band such as Wi-Fi and Bluetooth – in fact, alarm systems and wireless logic either... the mobile cousin? All I can say is keep readingI haven’t noticed any degradation of my remote controls. this column!www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 083

OVH EGWorldMags.netBestOf server adaptability are ubiquitous, it’s critical to be able to fully manage your server via aDedicated ser ver solution that simple interface.combines f lexibility with total We provide a wide range of operating systemscontrol at a competitive price. installable in 1 click for you to choose from. This range includes either traditional such as Debian, Ubuntu or more specific such as Hadoop, as well as a variety of Windows Server versions. To increase the potential of your server, OVH offers you the ability to geolocate your extra IP addresses (3 for free, up to 256 in total), hardware RAID card, dedicated KVM, NAS storage from 100 GB to 3.6 TB (100% availability and money back guarantee from the first minute of failure), hardware firewall and configurable vlans between your servers. See the website for further details about these additional services. Since 1999, OVH has been deploying its own fiber optic network across Europe. This is a unique infrastructure in this market. Its characteristics are also breathtaking: a bandwidth of 2 Tbps, lossless connection to 31 peering points and three continents as well as operational maintenance 24/7. The many points of connection with the various European providers allow OVH to instantly switch the traffic on its partners networks, in case of technical problem or traffic congestion. This peering policy provides the host the ability to interconnect directly with the ISP of its customers. Result: the access time to contents hosted by OVH isThe EG BestOF server is a precise balance through 2 different uplinks. If you optimised. OVH has also chosen to build itsbetween cost and power. It features cuttingedge Intel processors, Gigabit connection need more flexibility, OVH also offers network fully redundant. Several securityand the latest hardware to deliver themost power hungry projects, for just other servers with 100Mbps or 10Gbps measures have been put in place to eliminateunder £100. connections. any risk of failure. This quality of serviceThe in-house production team fitsthis model with Intel Xeon i7 W3520 Your server protected. does not affect performance. The 2 TbpsCPU, with Hyperthreading and OVH’scustom water cooling system to ensure of bandwidth ensures high speed contentreliability. This is complemented with24GB DDR3 RAM, which can handle even Access is secured by an SSH connection. delivery.the most intensive applications. To protectyour data, the system is equipped with You can manage your SSH keys directly from2 x 2TB SATA hard drives, configured inRAID1 by default (fully customisable if the OVH Manager. The OVH security system The OVH EG BestOF server is a fantastic allyou prefer performance over stability). can detect attacks in less than 3 minutes rounder, a good balance between powerThis server comes with a 1 Gbps Losslessguaranteed connection. The Lossless and safeguard your server immediately. and cost. Whether you need a server to hostnetwork ensures network availability Similarly, OVH datacentres are hyper- your websites, databases, file server or secured and monitored continuously any other application, this server would be (Secure biometric access, anti-fire system, up to the challenge. Additionally, all the Physical surveillance 24/7…). OVH dedicated servers are «cloud ready», so just install the Hypervisor of In addition to the safety aspect, OVH your choice and start virtualising your gives you full control that allows you to projects immediately. re-install your servers unattended, to reboot remotely and use rescue mode at no extra To find out more, please v isit cost, amongst many others functions. In www.ovh.co.uk/DS a work environment where mobility and or call 020 7357 6616 WorldMags.net

WorldMags.net OVH network August 2012DedtoitcheaftuteurdeLooking for a hos ting solutioncombining f lexibility with total control?Whether you are looking for a highly By choosing, from its creation in 1999, servers equipped with the latest state-adaptable configuration to start hosting to control its entire server production of-the-art components as soon as theyyour websites or set up multiple power line, OVH guarantees its customers are announced on the market.consuming projects, choosing the unparalleled responsiveness (serversright hardware brings you the highest available from one hour) and a wide OVH is running a free trial offer forperformance levels for your server. In range of possible configurations: from 1 month for you to test our SP, EGorder to guarantee that your dedicated an Intel Core 2 Duo 2x 2.33+ GHz processor and MG ranges of dedicated serversserver will be able to carry out your with 4GB RAM toan 8 core Intel Bi Xeon completely free of charge and withprojects in an efficient way, it is important E5606 2x4x2.13+ GHz with 24GB RAM and no obligations. Just choose the serverto be able to choose the right chemistry a 6Gb/s MegaRAID card. With a market you want on our website and click onin terms of world class quality processors, leading position in Europe, OVH also «Test your server for 30 days». This offerRAM and storage devices. Your server will benefits from a privileged partnership is limited to UK registered companies.then be perfectly suited for your projects. with Intel and can offer its customers WorldMags.net

RWC OnWline BousirnelssdMags.netONLINE BUSINESSHow to develop apassion for marketingKevin Partner discovers that marketing mobile apps is a surprisinglyfamiliar process, as long as you do it with enthusiasmKEVIN PARTNEROnline businessmanand app developer.Runs MakingYourOwnCandles.co.ukand app firmNlightN.co.uk.Email kev@fixedpricewebsite.co.ukR egular readers will know that I believe in making decisions based on facts rather than guesswork, but those can be hard to come by whenentering a new market. So for the past severalmonths I’ve been conducting research to ensurethat my first apps were valid experiments, andto determine which of many variables areimportant for success. I identified broad themes business developing apps faces exactly the same But I’m frustrated having missed a trick or two,in the advice given by successful app developers, challenges as any other online business. which I wouldn’t have missed in any otheras well as downloading their products to see This may sound obvious, but despite market, and I became painfully aware of thishow they worked in practice – and once I was having entered many new markets over the through watching the “Marketing 101 forconfident my first app wouldn’t be a complete past decade, I still fell for this one. To be frank, Developers” session held at Google I/O in Junehowler, it was time to put it out there. I feel a bit of a fool, because despite chuckling (www.pcpro.co.uk/links/218ob).Perhaps the most important lesson I learned cynically as I read Chris Stevens’ excellent bookis that app development is still just business. Appillionaires, I still fell under the spell and Ironically, this session was under-promoted,There’s a certain geeky coolness to creating believed the rules were different. I didn’t believe yet it contains much essential practical advice the general hype, nor for app developers. For most developers did I think I’d make lots marketing is nothing like as sexy as learning“The idea that your latest of money by cranking about cutting-edge technologies, but the fact is out the next great game. that without marketing your app will wither ongame will succeed by word of I did know that the the vine. The idea that your latest game, packed biggest challenge would chock-full of genius and playability as it is, willmouth is a doomed fantasy” be promoting the apps succeed by word of mouth alone is a doomed to get noticed by fantasy and not a sober way to plan a business.apps in your spare room like some dubstep enough people to make the development effortproducer, for very small investment (almost worthwhile – but even so, somehow I’d Marketing 101 was presented by Patricknone for Android) that can be run on every acquired a subconscious belief that this would Mork – Google’s marketing director for mobilesmartphone and tablet on the planet. However, be accomplished by special fairy dust, whereas apps, formerly of app store GetJar – and ita market can be “cool” without being in fact it’s just as important to get the basics contains more useful information than anyprofitable. The majority of apps make very little right in this market as any other. single book I’ve read. I won’t repeat it all, but Imoney for their developers, and the high-profile I’d created a series of driver training apps for urge you to watch the presentation and takeexceptions to this rule usually succeed due to both Android and iOS devices, to support my notes, if you have any interest in making moneythe large marketing budgets of the games existing PassYourTheory.org.uk web service from apps on any platform. For now I’ll juststudios. The gold rush is over, the market for (PYT). These apps have performed reasonably concentrate on his two most useful nuggets.apps is maturing and smaller prospectors find well and now boost the income from PYT bythemselves increasingly marginalised. An online around 50%, so on that basis they’re a success. First, Mork reported on a survey he’d conducted just prior to the conference, asking people what influenced them to install an app. Perhaps it isn’t surprising to find that, taken086 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMagOnslin.enBuseinetss RWCtogether, user reviews and ratings are by far users want and responding to that. If you don’t will find it, but just remember that the lowestthe most important factors: the quantity and already know the target user inside out, don’t price is unlikely to be the most profitable.quality of such feedback affects both your begin development until you do. Overall, I’m optimistic that I’ll work out aranking in the app stores (which determines Mork also talked about pricing, and this formula for creating a worthwhile app business,how many people see your app in the first was his second nugget to cause me to change but there are more straightforward ways toplace) and the percentage of those who go on direction. I’m familiar with the theories behind make money online (as described in theto download it. choosing the right price for products, and have Magbook How to set up an online business).In my experience even one review makes a written about them in this column, as well as Put it this way, if I were dropped onto a parallelmassive difference to both – but if, say, it takes applying them in my online shop with great Earth with £1,000 seed money and a computer,a thousand paid downloads to achieve that success. When it comes to apps, Stevens makes my first step wouldn’t be to sign up as an Applereview then you’ll end up with an app that it clear in Appillionaires that setting the lowest Developer. I’d recommend looking at the widerbumps along the bottom and never achieves its price is a bad idea, in accord with my belief online business rather than trying to become apotential. In retrospect I shouldn’t be surprised. that a race to the bottom suggests to potential new goldfish in the overcrowded appEvery app will have competitors, and busy users buyers that your product is of poor quality. development pond. On the other hand, if yousimply filter out unrated apps to restrict their However, since I lacked confidence and wanted program for fun I can think of no better outletchoices. I knew reviews were important, but I to maximise sales, I disobeyed this principle for your talents, and who knows, you mighthadn’t realised that they’re essential. and chose bargain-basement prices. The make some money – just don’t imagine your apps sold reasonably involvement ends when you shut down Xcode. well, but in the spirit“Creating a great app of experimentation I Too passionaterequires an understanding decided to increase their prices for a period Here’s a new game to play when you’re and compare total procrastinating: type the words “passionateof your target users” income generated. about” into Google, followed by any business- Mork makes the related verb or noun. I was prompted to do thisThis means that when planning my next excellent point that once you set a base price of when I passed a van with the words “passionateapp, designing a mechanism for encouraging 69p you have nowhere to go, whereas choosing about vending” on the side. Try as I might, Ireviews will be at least as important as issues £1.49, for example, offers leeway for limited- couldn’t visualise how vending-related passionof functionality, look-and-feel or price. This time promotions or dropping the price when would manifest itself. The machine itself can’tdoesn’t necessarily mean building in reminders the product nears the end of its life. So I feel emotionally uplifted by dispensing a soft– there’s a neater way. By moving from two doubled the price of all my apps and the result drink, but perhaps the van driver gets a tingle asversions of each app (free and paid) to a single, was a significant increase in revenue. And guess he anticipates the thrill of the customer sippingfree, version I’ll get more downloads and which app generates the most money? Yep, the their rehydrated chemical concoction. Googletherefore more reviews. But where’s the money? most expensive one. tells me there are also people passionate aboutFrom paid-for extra features added via in-app At the same time I tried reducing the prices concrete, cleaning, conferences and “customerpurchase: I receive the benefit of a single app, on PassYourTheory.org.uk, which resulted in a intimacy”, and I don’t believe a word of it.with more reviews, and a revenue stream that’s few more sales but less income. My conclusion Where did all this fake emotion aboutmore convenient than the old approach. is that, for this market at least, there are just business come from? My first job was withDeveloping the app in the first place becomes a two price points – free and not-free – and NatWest, and although I don’t recall thelittle more complicated with in-app purchasing, though the not-free price has a limit, lowering it application form in any detail, I’m pretty sure itbut that’s a small price to pay and you end up generally won’t entice freeloaders to upgrade didn’t ask for someone who was “passionatehaving to support only one version instead of while raising it, up to a point, won’t put off the about licking envelopes”, which might havetwo. This is the most important practical payers. There will be a sweet spot that attracted entirely the wrong sort of clerk. It’soutcome from my experiment so far, and I’m maximises revenue and only experimentation become a cliché to recommend anyone thinkingfrustrated because, as usual, it feels so obviousin retrospect that ratings are essential. But that’sthe point of experiments – they point out theobvious even when it was hiding in plain view.Accepting that app development is nodifferent from any other business means thatother aspects of general marketing probablyapply. For example, it’s likely that mostindependent app developers do little or nomarketing, but it’s an even bigger mistake tospend time and money promoting a poorproduct. Your position in the search rankingswithin Google Play depends largely on yourdownload count, but it also takes into accountuninstalls, so if you drive downloads to a poorproduct you’ll be penalised – the situation islikely to be similar on Apple’s App Store.Creating a great app requires an understandingof your target users and open communicationwith them, and as luck would have it exactlythe same applies to marketing. So the processbegins and ends with working out what your This little-known gem from Google’s I/O conference is essential viewing for app marketerswww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 087

RWC OnWline BousirnelssdMags.netof starting their own business to “follow theirpassion” (I’ve done it myself), but it can bedangerous advice: being passionate aboutsomething doesn’t necessarily make it the basisof a profitable enterprise.Finding the right idea, particularly foronline businesses, should be much more aboutleft-brain analysis than matters of the heart.The trick is to find a way to use your passionsin the detail of the business. For example,candle making isn’t a passion for me, butexperimentation and analysis are, so my maincontribution to that enterprise is developingnew recipes and handling the marketing.I think passion is overrated. In my view,you don’t need passion to deliver an excellentservice or product, but you do need itsnon-sexy cousin: dedication. Creating abusiness from scratch gives you the opportunityto build in activities that get you excited, butit’s essential to remember that this doesn’t, initself, mean those activities are profitable. Onthe other hand, it’s easier to be dedicated to Want to send up a satellite for $10? With Kickstarter anything is possiblebecoming an expert in something you have apassion for, so you owe it to yourself and your known of these services and includes such amounts of money ($25 at a time) to specificembryonic enterprise to find some profitable ambitious projects as SkyCube, a crowdfunded entrepreneurs – in our case, we supportaspects of your business that you can pour satellite that will go into orbit in March 2013, individual women and female co-operatives.heart and soul into. partly thanks to my $10 donation. In the UK, Wouldn’t it be wonderful if our current CrowdFunder (www.crowdfunder.co.uk) offers economic woes spawned a First World a way for small creative businesses and equivalent of Grameen – in other words, aRaising cash individuals to pitch their ideas and attract bank with an understanding of its societalI saw a report recently suggesting that 90% of funding. Neither service allows you to invest in responsibility as well as its duties tofunding applications by small businesses are the true sense, becausebeing rejected by their banks – a damning you don’t get yourfigure. Even if they’re “generous” enough to money back, but you’re “It may be that the Third Worldlend the money, it’s often done at exorbitant rewarded with perksrates and laced with ludicrous charges. I have a specific to the project. In has something to teach uspolicy of not relying on bank funding, and the case of SkyCube Iindeed it’s one of the factors I use to help me get the opportunity to about lending to small firms”.decide which projects to pursue. I often reject send ten short messagesideas that could be very profitable because I’m from orbit and to commission two images of shareholders? In my view the economy isnot prepared to submit myself to the cack- the Earth. Given this, crowdfunding is currently settling at a new lower “normal” level withhanded vagaries of the remote “relationship likely to attract only altruistic patrons rather only a gentle improvement likely over the nextmanager” and their “computer says no” than more traditional investors. decade, so there’s a gap in the market formachine. Been there, done that – never again. It may be that the Third World has financing. Crowdfunding and microlending areIf you’re prepared to start small and take an something to teach us about lending to small two initiatives that I hope will lead to specificextra year or two to build your company and firms. A few years ago I worked on a project services for innovative startups, sooner ratherits cash flow, you may not need formal for the Grameen Bank, which was set up in the than later. On the other hand, if the best wefinancing. After all, if you raise share capital, 1970s by philanthropist Muhammad Yunus. can do is Wonga.com, which now lends toyou might grow twice as quickly but Grameen lends small amounts of businesses (at eye-watering interest rates) thenend up owning only half as money to the impoverished I truly will despair.much of it. Go gently into Repaid self-employed of Bangladesh, Like many businesspeople, I’ve learned overthe night, dear friend, and When Muhammad Yunus went freeing them from the past few years that banks can’t be reliedavoid the snakes. to traditional banks to ask why upon to understand how online businesses they didn’t lend to the poor, they exploitative middlemen work, nor to exercise the sensitivity and Fortunately, the responded that it was too risky, by providing them with responsibility they claim is so important toenterprising online the money wouldn’t be repaid: 40 capital to buy their own them. If our community learns to cut itscommunity is finding years later this has proven to be raw materials. Since cloth during this tough period, it will emergeways around the false – and my experience confirms then, this microfinance from it stronger and able to thrive withoutlack of bank finance. it. So far we’ve made nine loans and model has become an depending on bank finance. It’s time to proveThe most high each has been repaid on time, and effective way to help that we can employ the same creativity,profile of these is the beauty of the model is that once the poor climb out of stamina and innovation to running our online“crowdfunding” and repaid, I can simply recycle the cash poverty under their own enterprises as we do to developing ourI think this has an steam around the products. A solid business will be in a stronginteresting future if it can by lending to another developing world. Over the position to dictate terms when the banksbe regulated. Kickstarter entrepreneur. past few years, my businesses(www.kickstarter.com) is the best have used Kiva.org to lend tiny finally start lending again.088 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaSgecsuri.tyn& Seoctial RWCSECURITY & SOCIAL NETWORKINGDon’t buy dodgyfollowersDavey Winder warns against buying Twitter followers, and cautiouslywelcomes Microsoft’s Do Not Track Internet Explorer 10 default DAVEY WINDER Award-winning journalist and small- business consultant specialising in privacy and security issues. Email davey@happygeek. com; follow him @happygeek on TwitterI ’ve been on Twitter as @happygeek since also fall into the “banned by TPTB” category, folk who have chosen to follow me and who 12 February 2007 – that’s exactly 2,022 the sad truth is that far too many of them just comprise the basis of my “reality reach” days as I sit writing this column on a wet hang around undetected as what they are, number (this is only a starting point of course, Bank Holiday weekend in August. Find namely Fake Followers. since these followers will retweet some of myout how long you’ve been on Twitter by using postings to their followers, and so on).the tool at http://howlongontwitter.com. There’s an interesting tool that’s worth aDuring that time I’ve tweeted 5,404 times, or look: Fake Follower Check (http://fakers. However, the numbers in which I was morejust over two and half times per day. Talking to statuspeople.com). It’s part of the StatusPeople interested were the 13% of followers who arefriends and business colleagues suggests that resource, but can be used independently. If inactive and the 3% who were flagged as fakes.this makes me a pretty average Twitter user. you’re worried about such apps being able to That inactive number is quite high, but it’s post on your wall and see your posts, simply always likely to be higher the longer you’ve had My averageness – admittedly measured by remove it from your apps section immediately your Twitter account, and given that mine hasmy own unscientific poll of fewer than 100 after using it. I used it and it determined that of been running for more than five and a halfpeople – starts and ends there though, because my 2,412 followers on Twitter, only 84% are years, it’s inevitable that there will be somethe number of people I follow, 562, is distinctly actually “good” followers. That’s 2,026 decent attrition among the accounts following me overbelow the 2,412 who follow me. My followercount is above average but not amazingly so,and perhaps if I were to follow more people myown follower count would rise accordingly, butmy “reality reach” would not. I employ thisphrase for a good reason: I think that plain“reach” is a much overused metric formeasuring the effectiveness of Twitter. Whatgood is an audience of 10,000 accounts if 9,000of them follow you only in the hope that you’llfollow them back, hence inflating their ownperceived social worth? And more especially,when the chances are that of the remainingthousand, many don’t actually exist at all. Inactive Twitter accounts belong to oneof three distinct types: those that have simplybeen dropped by the user, who has either leftTwitter for good or else created a new accountfrom which to tweet; those who have beenkicked off Twitter for breaking the terms of use;and those that never really existed in the firstplace. It’s this last group that I’m mostinterested in – and although some of them maywww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 089

RWC SeWcurityo& Srocliadl Mags.netthat time. That figure of 72 fake followers Growing yourdoesn’t surprise me much either, because I Twitter followersimagine this is a fairly average number for organically over timeanyone actively posting and using hashtags to is the best way topromote their tweets. Spammers and scammers extend your reachuse such fake accounts to follow you in thehope that you’ll get caught in their trap and But you’d be wrong – it’s absolutely huge, andclick their links. If the number were much growing all the time.higher, I’d be worried.It would worry me because I’m quite account holder can do something to keep their Without too much time spent searching, Iproud of my follower conversion rate, which genuine followers engaged, such an account found more than 50 businesses that are builtstands at around one new account every day. will quickly sink back into the sea of social around selling Twitter followers. I alsoNow I appreciate that this means that I’m networking obscurity. discovered, courtesy of research by Barracudanever going to get into the big league of social But it’s actually worse than that, because Labs, that the fake follower market has gotnetwork celebs, but this isn’t my intention. By the other risk you face is that TPTB at Twitter around Twitter’s precautionary cap by movingallowing my follower base to grow entirely also notice that your account has suddenly away from the “zero following” profile, whichorganically, I’m happy that only people who are become popular – or more accurately, the it achieves by setting the fake accounts tointerested in what I post – which is mostly links monitoring software they use notices this – and follow each other and thus build a harder-to-to stories that I’ve written in various places then analyse your followers and spot that spot profile. Indeed, that same research foundonline; links to other stories that have caught they’re mostly made up of fakes. If Twitter that an account that follows 1,800 people but ismy attention; and my personal observations on believes that you’ve been buying in followers followed by 48,000 (mostly inactive) accountslife and work – are going to continue to do so. then you can wave goodbye to your account was becoming par for the course. since it’s against the terms of use. Many of the services that you’ll come across“People engineer a boost to Specifically, attempting online even admit that most of the accounts to sell followers, create sent your way when you buy a batch of a fewthe visibility of their tweets or purchase accounts in thousand followers will be inactive ones. They order to gain followers, argue that these are better, because activeby buying in followers” and using or promoting accounts will just unfollow you fairly quickly, third-party sites that and this sort of high turnover following/This provides me with a valuable network claim to get you more followers, are all reasons unfollowing may itself attract the attentionof followers to reach out to, and hopefully for permanent account suspension. of Twitter’s monitors and get your accountprovides them with a valuable source of suspended as a result. This is simply amazing:information in return. companies are admitting to selling you accountsNot everyone is so content, though, and Spotting the fakes that will never read your tweets, which will notmany people erroneously believe that getting But how could anyone, human or software, improve the reach of your business, which willfollowers fast is the only way to do business spot a fake follower? The Fake Follower not help market your business in anysuccessfully on Twitter. There’s no ignoring Check tool I mentioned does it at the most basic meaningful way – yet they’re happy to sell youthe evidence that a fairly large number of level, by looking for accounts that display a these for pennies per account if you buy in bulk.people manage to engineer a boost in the particular usage profile – namely, following avisibility of their tweets by buying in significant number of people but having very While investigating this market for PC Pro,followers, thus artificially raising their few following them, and issuing few tweets. I was offered one million followers, to beprofile on Twitter and then reaping rewards Twitter actually caps the number of people a drip-fed (if that’s the right phrase when youfrom the sheep who follow them as a result “zero following” account can follow to 2,000, consider the sheer volume involved) over aof seeing an account with rising popularity. in an attempt to prevent this kind of fakery, period of a month for a fee of only £1,000. JustOf course, the trouble is that this rising and you might therefore have thought that the 1p per ten followers might not sound like apopularity is fabricated, and unless the market in fake followers would be pretty small. rip-off, but surely that’s what it is when those accounts are worthless, and could lead to yourFind out how many of your followers, or anyone else’s, are fake Twitter account being banned. Forget those 100% money-back guarantees and assurances of “no rules being broken”, these are just stock phrases from the lexicon of the conman. Or are they? Here’s the real worry: security researchers such as Barracuda Labs have been buying fake followers for a few months now. The accounts they’ve set up have been buying in batches of up to 70,000 followers at a time, yet all of these accounts remain active and unbanned by Twitter at the time of writing. Milo Yiannopoulos, a journalist who exposed the companies dealing in fake Twitter followers, found that someone (allegedly from the fake follower industry) had bought him a batch of the fakes in order to either tarnish his reputation or to get his account closed down. Yiannopoulos’ followers090 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaSgecsuri.tyn& Seoctial RWCwent from around 11,000 before writing his Microsoft appears to have taken theexposé article to more than 30,000 after ethical high road when it comes to20,000 followers were added to his account. privacy: Windows 8 and InternetAfter he wrote another piece about this Explorer 10 users will find that aoccurrence, his account rose again to more than “Do Not Track” (DNT) feature50,000 followers. Currently, it stands at 33,000 hasn’t only been built into the latestfollowers after Milo complained about the incarnation of the browser, but isinflux of fakes. switched on by default.It isn’t only the fake followers that a genuine This makes it the firstperson hoping to build a brand around Twitter mainstream browser I’m awareneeds to avoid, it’s the whole dark marketing of to do this. IE9, you may recall,ecosystem that’s been built up around them. added DNT functionality back atThe people who create and control these dead the start of 2011, but this had to beaccounts have started to appreciate the value of specifically turned on by the user.activating them, or at least some portion of Privacy by default is somethingthem, to create what you might think of as a I’ve been championing for manyTwitbotnet: thousands of fake accounts that years, and it’s fallen on deaf earscan retweet your messages at the push of a among the majority of vendorsbutton. Want a couple of thousand retweets of for most of that time. Optingyour marketing message? No problem, there users out of being tracked byare now companies that will sell that to you for default has to be the way forwardless than £5. What they can’t sell you is a magic from a realistic consumer-privacybullet that will recover your reputation once perspective, rather than leavingyour brand has been tarnished by being them to opt out manuallyassociated with a spam campaign. Fair play to Microsoft for making privacy a default with (assuming they even know they “Do Not Track” technology So what should you be doing to grow Do Not Track have the option). I’m not going toyour followers organically, rather than being get into the argument here about whethertempted down the fake route to ruin? The Attempting to delete your digital footprint is behavioural advertising and the associatedmost obvious answer is simply to start usually dismissed, quite rightly, as something tracking to enable it is a good or bad thing fortweeting, with the very act of participation that isn’t possible any more. Not that you were commerce – that’s something for my colleaguesbecoming a promotional tool in its own right. ever really able to make all traces of your writing in the business pages to address.Being creative with hashtags – but not abusing online travels vanish. My advice, when asked However, informed choice is never a bad thing,them by using ones totally unrelated to your how to remove something online, has always and doubly so when it’s about your privacy.posts – will help get your message noticed been: “If you don’t want the world to know, It’s the informed bit that concerns meand grow your followers as a result. Creating then don’t put it on thea hashtag to associate with your brand, internet in the firstespecially if coupled with some kind of place.” But your digital “100 engaged Twitter followersgiveaway product or service promotion, also footprint consists ofworks well as long as you don’t start more than embarrassing are worth far more thanspamming. And don’t make it all business photographs and– Twitter is a social network after all! thoughtless comments 100,000 unengaged ones”Twitter is great for word-of-mouth – it’s a bit more literalpromotion, and the real followers – the ones than that: your footprint shows where you’ve slightly, though, as I’m not yet convinced thatgenuinely interested in your product – will been and where you’ve come from. DNT itself is anything more than, ironically, acome to you. To reach out to them you have to These two facts are of huge importance to marketing exercise by Microsoft. You see, forlook further afield than just Twitter: posting to those who’d like to sell you stuff, and equally DNT to actually have any meaning in the realother social and business networks, and writing important to those who’d defend your right to world, every website you visit has to knowan informative and regularly updated blog, all privacy online. Regular visitors to the PC Pro what you expect to happen when that DNTlinking back to your Twitter account website may have noticed that, a few signal is received from your browser. Withwill help. But coming back to months ago, there was a notice absolutely no agreement in the online industrywhere I began, interaction Threats asking you to provide consent – or among those who attempt to regulate itand participation are the Kaspersky Lab’s survey of more for cookies to be used and set standards – about how to respond to than 3,300 IT business specialistsmain ways to get people when you visit. This DNT signals, what’s the point?interested in what you reveals that while economic uncertainty came about as a result Microsoft says that it’s lobbying fromhave to say, and from remains the biggest general business risk of the introduction of within the various industry, government andthere it’s only a small at present, within two years people expect standards bodies for browser DNT to beleap to being it to be overtaken by the current number an update to existing respected, as well as committing its Microsoftinterested in what EU cookie laws – Advertising business to recognising DNT asyou have to sell. The tmwfroaorssiu:su4tdkcr1dys,vi%besaateynruoredrhwftbhattiehirhnsnereodgeattfsuhonttesses’obttt.saarfeerTitsiaeihnktstalhhetteeiedardctlesytolpetaapaotcitdoonsttcum.nhfoaaaarimseltcgtteepeeoedrnIoo–Titusphbshteeeuiorncyttfugytrt,hhiNeteyocwooo, rckidnoribeeeenawerPsqrsrutefthpiioonicvarrrlteatebectcbsmeri5yeseau(aexcD3gsykp–ie)ivicldrotnieeochfngocimatttnitihenvleienaseto.a an opt-out of behavioural advertising in akeyword to take self-regulatory fashion (although this isn’t yetaway from all of this happening as far as I’m aware). So DNT is byis engagement: 100 no means a done deal, although it’s a move inengaged followers are the right direction – and, hopefully, a move thatworth far more to your the rest of the industry will come to agree is thebusiness than 100,000 right way to build the trust that consumers needunengaged ones. surprising move to many people, if they’re to continue doing business online.www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 091

RWC OfWfice AopplricaltiodnsMags.netOFFICE APPLICATIONSOffice 2013 file formatsSimon Jones investigates compatibility issues with the new Office, andisn’t so impressed by the ribbon’s 50 shades of grey SIMON JONES the old binary formats of DOC, XLS and PPT. Steering OOXML through An independent Ecma wasn’t too much of a IT consultant problem for Microsoft, but ISO specialising in standardisation was far more Office Automation, difficult. ISO insisted that all the Visual Basic and SQL Server. He lives up a mountain in Wales. Email simon. “legacy” features in OOXML [email protected] – such as the options that said “lay out the document like Word 95”, without definingT hink back to the period 2006-9 what that was – should be and you might remember a corralled together with the great hoo-hah about Office file intention of phasing them out. formats that rumbled on for Thus the Office Open XML file formats became an ISOyears. Microsoft introduced its Office Open standard in two flavours,XML (OOXML) file formats – DOCX, XLSX Transitional and Strict – andand PPTX – with Office 2007 and then neither Office 2007 nor 2010sought to have them ratified as standards, could save in the Strict format Office 2013 can now save and open Strict OOXML documents, and its ODF support moves up to version 1.2first by Ecma (formerly known as the since their internals still relied Providing ODF 1.2 gives better compatibilityEuropean Computer Manufacturers on some of those legacy features. Office 2010Association) and then by the ISO (the could, however, open Strict Open XML files between Microsoft Office and OpenOfficeInternational Standards Organisation). created by other applications, not that there or LibreOffice but, perversely, worse were any mainstream compatibility between Office 2013 and 2010 applications that could or 2007 when using ODF files. Office 2007 and“ISO insisted that all ‘legacy’ write them. But the 2010 can save to only ODF 1.1 and can’t open standard was published ODF 1.2, but Office 2013 can’t save to ODFfeatures in OOXML should so that anyone could 1.1. This makes editing an ODF document in write an application Office 2013 a one-way trip, since once it’s savedeventually be phased out” that would create files in ODF 1.2 format, you can’t then use it in in that format. Office 2007 or 2010.Many people asked why Microsoft Now, with the impending release of Office Microsoft supported ODF 1.2 and itshadn’t just used the existing Open Document 2013, you’ll be able to use Office to open and standardisation through OASIS, particularlyFormat (ODF) instead of inventing its own. save Strict Open XML files as defined in ISO in its definition of the functions used in itsWell, there wasn’t much wrong with ODF – standard 29600. Their file extensions will spreadsheets. Until ODF 1.2, they were left toexcept that it couldn’t represent everything in remain the same – DOCX, XLSX, PPTX and individual companies writing the applicationsMicrosoft Office documents, and back then it so on – and the Strict format will not be the that used the ODF 1 and 1.1 formats, meaningdidn’t even define the functions you could use default format out of the box. That will still that spreadsheets that were nominally saved inin a spreadsheet. Both ODF and OOXML are offer a choice between Transitional Open the same file format were in effect incompatible,based on zipped XML text, making OOXML XML and Open Document Format, but because competing applications could read theirin particular far smaller and more robust than the ODF flavour will now be ODF 1.2. data but none of their formulae. ODF 1 is anWhich Office versions can Open and Save what file formats?File formats Office versionsBinary format Office 97 Office 2000 Office XP Office 2003 Office 2007 Office 2010 Office 2013Transitional Open XML Open/Save Open/Save Open/Save Open/Save Open/SaveStrict Open XML DOC, XLS, PPT Open/Save Open/Save Open*/Save* Open*/Save* Open/Save Open/Save Open/SaveODF 1.1 Open Open/SaveODF 1.2 DOCX, XLSX, PPTX Open*/Save* Open/Save Open/Save OpenPDF Open/Save DOCX, XLSX, PPTX Save Save Open (Convert)/Save ODT, ODS, ODP ODT, ODS, ODP PDF* Requires a free Compatibility Pack092 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMaOfgficesA.ppnlicaetiotns RWCISO standard, but virtually no applications use it to be.) You can get the Compatibility Pack for says “open” it actually means “convert”,it. ODF 1.2 is expected to be put forward for Office 2000, XP and 2003 from www.pcpro. since the PDF file is converted into a WordISO ratification shortly; meanwhile, work on co.uk/links/218oa1. document for editing – sometimes, not allODF continues, including adding change When you use the Compatibility Pack to that successfully. PDF files don’t include alltracking to its specification. open new format documents in older versions the information necessary to accurately of Office, you’ll find that any features recreate an editable document because they introduced in the newer applications will weren’t designed to do that. PDF files justCompatibility Mode usually be gracefully downgraded to work with place characters and images onto the page; theyNew users of Office 2007, 2010 and 2013 are the older version: for instance, Smart Art will be don’t need to worry about how the text flowsoften confused by the words “Compatibility replaced by a simple image of what the Smart from one area to another because they’re notMode” that appear in the application title bar Art should look like. You can reposition or designed to work out what to do if you add,when they open certain documents. A reader resize the image using the earlier application, delete or edit that text. Neither do they need tonamed Bonnie recently emailed me as she’d just but you can’t edit the individual elements that know how to push text from one column to make up the Smart Art. another if text is inserted or deleted, so they Usefully, however, don’t contain any mechanism for describing“PDF files don’t include all when you save your that the text in the first column should be edited document in “followed” by text in the second.the information necessary to OOXML format and When Word 2013 “opens” a PDF file, it open it with Office therefore has to infer plenty of this layout andrecreate an editable document” 2007 and above, that flow information that just isn’t there in the PDF Smart Art will become file. If the PDF contains a relatively simpleupgraded to Office 2010: “Not sure what this is editable in its new position, or at its new size. layout – a couple of columns, a heading and anbut someone mentioned I should change it. I This is one reason for sticking with the image – then it can do a reasonable job. If,don’t know what it is, nor how to get rid of it? I OOXML file formats (DOCX, XLSX, PPTX) however, the layout is more complex – such as adid look on the internet and found something and not downgrading them to the older binary magazine page with pull quotes, boxouts, tablesto try, but it didn’t work. Can you explain to file formats; if you do that, the change from and so on – then while the text and images mayme why I need to change this and if so, how, Smart Art to a static image becomes permanent. convert reasonably well, the layout maysince I’ve seen this in the title bar of some become so messed up that it would take youdocuments when I open them?” a couple of hours to untangle that mess. You’ll see Compatibility Mode whenever Opening PDF files Other, third-party, software such as IRIScanyou open a document that was saved in Word Office 2007 and above have had the native may suffer from the same problems. These97-2003 or Word 2007 format, and it means ability to save PDF files (and Microsoft’s rival products promise that you can “edit” anythat not all the features of your version of Word XPS format) for “final format documents” – PDF file, but they can’t deliver 100% fidelityare available to you in that document since they that is, ones you’ve finished editing and are now because the PDF file format just doesn’tcouldn’t be saved in that format. Compatibility publishing for other people to read. Ever since contain all the necessary information.Mode is used to ensure that new features of the release of Office 2007, Microsoft’s own If you’re going to need to edit a documentlater versions aren’t accidentally introduced into implementation of saving as PDF has been the again, save it in an editable format such asearlier documents, unless you explicitly choose fastest, and yielded the most accurate rendering DOCX. If you only want to publish theto “upgrade” them. This means that documents of your document when compared with any document for other people to read, then savecreated in Word 2007 and before will always add-on from Adobe or third-party utilities. it in a final format such as PDF or XPS. Ifdisplay and print correctly in that version of the Now Office 2013 also includes the ability to you’re not sure whether you’ve finishedapplication, whether or not they’ve been edited “open” PDF files in Word, but when Microsoft editing yet, don’t throw away the DOCXin a later version.If you want to use newer features, ortake advantage of the reduced file size orincreased robustness of a new format, thenclick File | Info | Convert. There may beminor layout changes as part of this process;see www.pcpro.co.uk/links/218oa forinformation on which features aren’t availablein Compatibility Mode.Word 2010 DOCX files can be openedby Word 2007 and by Word 2003, 2002(XP) and 2000 if the user has installed theCompatibility Pack, which has been availablesince late 2006, so there shouldn’t be anyproblems if you do decide to convert adocument to Word 2010 format. Plus, youcan always use File | Save As to downgradethe document to 97-2003 format again later,if necessary. (Again, this may involve minorlayout changes, so it’s best to check thedocument after converting if you’re worried.Just open the original document and theconverted one side by side to do a visual checkthat everything is legible and where you expect A moderately complex PDF file opened in Adobe Reader and for editing in Word. The fonts, spacing and placement of images are all wrongwww.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 093

RWC OfWfice AopplricaltiodnsMags.netfile; you can always create a new PDF or XPSdocument from the DOCX file whenever youneed, but getting back to an editable formatfrom a final format is far more difficult andcan be a time-consuming process.Office 2013 feature updateLast month, in my rant about things I didn’tlike about Office 2013, I mentioned that youcouldn’t separately adjust the Theme colours,fonts and effects in PowerPoint. Well, itturns out you can, but only by editing theSlide Master in the PowerPoint 2013 Preview.Click View | Master Views | Slide Master andthe Colors, Fonts and Effects controls arethere in the Slide Master | Backgroundgroup. Why they’ve been placed here isanyone’s guess, since they don’t only affectthe background, but the foreground text andgraphics too.In a posting on the PowerPoint blog,Christopher Maloney said that Microsoft hasadded these controls to the dropdown on theDesign | Variants gallery for the final version ofPowerPoint, so you can control these Themeelements without having to edit the Slide Some of the Themes in PowerPoint 2013 have wacky backgrounds, but you can edit them if you go to the Slide Master viewMaster. He also points out that you can are gathered into balloons down the right click the Next/Previous Change buttons,right-click the Theme Variants in the galleryand apply a variant to only the selected slides, of the page. Simple Markup view indicates depriving you of much-needed context.rather than all slides in the presentation, giving changes with a red line in the left margin, Even after six weeks of using the Officeyou flexibility to vary the Theme for some slides and you can click this line to view the details; 2013 Preview I can’t say that I like it. Despitewhile staying with a general look within your click the markup line again to hide the detail. there being a few good new features, if Ipresentation. There are only eight Themes This is equivalent to changing in Review | didn’t have to learn about it for my job I’dincluded in the PowerPoint 2013 Preview, but Tracking to All Markup and back to Simple happily go back to Office 2010. Outlook inwe’re promised “many more” for the release Markup. The display of comments has also particular is a bit of a mess: it’s difficult to useversion, and still more to come after the suite been simplified with fewer boxes and lines with confidence on either a big desktop systemships since the start screen and the Design tab and more muted colours for different reviewers. or a small tablet. There just isn’t any rapid The overall impression is much positive feedback when you do something: cleaner. Two further very welcome mark a folder as read and the unread count new features are the ability to will take a second or longer to fade away. reply to a comment and to mark Even tasks as simple as just finding the a comment as Done – this collapses right button to click can take some time, since a comment to only one line and all the icons and their labels are quite washed fades it to a light grey so that it’s out. There’s hardly any black in the button less intrusive. text any more; everything is just a different Simple Markup view is easier shade of grey. on the eye, but you can still hit When Microsoft made similar changes to problems with documents that are Visual Studio 2012, it claimed that it was so densely packed with changes. The your content would stand out from the There’s nothing black on the ribbon apart from the font red line in the margin can end up application’s borders and menus. In Officename and size. The rest is grey being the height of the entire 2013, the Themes have also changed socan be dynamically updated with new Themes. paragraph, and in All Markup that they employ more mutedI have to say that none of the new Themes mode, clicking the down arrow colours and fonts with thinnerreleased so far are to my taste, being too in a collapsed balloon LOOK AT ME! strokes, such as Calibri Lightwashed out, too bold or too wacky, so I think summarising many edits (the new default font forI’ll continue to use our custom corporate theme, doesn’t expand the balloon In Office 2013, where the headings and titles),which uses our choice of fonts, colours and as you might expect but page of your document is white, which make yoursubtle effects. turns on the Reviewing the ribbon is white and the area documents look pane on the opposite side around your document is a very washed out too: in A new feature in Word 2013 that didn’t of the window. What’s Office 2010, particularlymake it into last month’s column is Simple more, this pane (now light grey, the only thing that when you use theMarkup, which applies to Tracked Changes called “Revisions” in its stands out is the status bar – aand comments. When there are lots of changes caption) doesn’t highlight bright line of colour with wordsto a document or comments, they can in white capitals on it. In effect it’s screaming application’s Blue colour scheme, you could quiteoverwhelm the user with coloured lines and changes at the same time as the “LOOK AT ME!”all easily distinguish your the time.boxes, even when those changes and comments main document pane when you document from the application.094 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMWaegb Aspp.sn& Deesitgn RWCWEB APPS & DESIGNResponsive site designAs more and more people access websites from mobile devices, it'simportant to adapt your approach to designing them, says Mark Newton MARK NEWTON whose current site wasn’t working well AddType video/ogg .ogv on mobile devices, among other faults: a AddType video/mp4 .mp4 MD of the internet complete redesign in HTML5 and CSS3 was AddType video/webm .webm company ECats suggested. First, all its animated Flash objects Ltd (Electronic were replaced with HTML5 movies, which Let’s hope that once the HTML5 CATalogueS), meant producing three different formats for specification is finalised, we’ll be able to use a specialising in each movie to handle different browsers. A single file type; at the moment, it’s a mess. internet-based useful site that helps to convert files to other solutions. Email formats is the free service offered at www. Once the layout of the site’s desktop version [email protected] online-convert.com. Once you have your had been decided, the next question was what video in these three formats, at least one of to do about a version for mobiles. Currently,I’m writing this column on my annual which will play in each of the major browsers, sentiment in the web design community is in outing to the World Bridge you need to add some HTML code, such as favour of a single site design that’s responsive Championships, where I’m always the following: to the device it’s being viewed on. interested to see what must-have gadgetpeople bring with them. Once it was the <video id=\"sampleMovie\" width=\"640\" Responsive designUSB pen drive, then it was the netbook; this height=\"360\" preload controls>year it’s the iPad. I’ve done my duty helping So what exactly is a responsive site design?misbehaving tablets connect to Wi-Fi, and this <source src=\"mymovieH264.mov\" The idea came from the concept of responsivemorning an elderly senior official asked me type='video/mp4; codecs=\"avc1.42E01E, architecture, where buildings and spaces arewhich make of iPad to buy – the Apple one, or mp4a.40.2\"' /> made to adapt to the needs of the people usingwas there a better brand, such as Samsung... them. For example, an exhibition hall might <source src=\"mymovieOgg.ogv\" have internal walls that are movable and can This year the Championships are in Lille, type='video/ogg; codecs=\"theora, be added to, dividing its space according to theFrance, and they’re now being run as part of vorbis\"' /> requirements of the user.the International Mind Sports Association(IMSA), an organisation that hopes to <source src=\"mymovieWebM.webm\" In a similar way, a responsive web designestablish an Olympic mind sports event type='video/webm; codecs=\"vp8, vorbis\"' is one that changes to accommodate therecognised by the IOC. Perhaps one day /> limitations of the device it’s being used on,some of us less-than-athletic code-slingers </video> mainly (but not exclusively) to the screenmay get to be Olympians! dimensions. As more users access the web Hardly slick, and you must also make sure through a variety of devices, the issue of how I’ve spent the past month redesigning a your web server has the correct Mime types set websites will look on each one becomeswebsite for a baby-clothing manufacturer, so it knows what to do with the different file increasingly important. According to data types. Do this by editing HTTPD.CONF in IIS or from www.pcpro.co.uk/links/218wa, whilewww.pcpro.co.uk .HTACCESS in Apache to add the following lines: mobile browsing is growing, it represents less than 10% of browsing overall, although in certain countries such as India and Egypt, mobile web users may represent 70% of the total – and even China is as high as 30%. You might argue the exact figures and whether or not they include tablet users, but what’s certain is that more and more people are using devices other than desktop PCs and laptops to access the web, so it becomes ever more important to take this into account when building a website. Whether you build a special dedicated site for mobile devices, as we used to do for WML, or follow the more popular, modern path of building a responsive site usable on all devices, it’s up to you or your client – but there are two main routes you can follow. Obviously, it’s important that your site looks good on devices with smaller screens, and WorldMags.net PC PRO•DECEMBER 2012 095

RWC WeWb Apops &rDlesdignMags.neta good way to ensure that this is the case is toadd the following line to the <head> section ofyour website pages:<meta name=\"viewport\"content=\"width=device-width\" > This will prevent the browser on the mobiledevice from scaling down the web page to fitthe width of its own screen, and instead willkeep the web page font at a readable size andmake the user scroll horizontally to read it all.When asked, many users prefer to see a site ontheir mobile as they would see it on a desktopscreen, rather than a different version aimed atdevices with smaller screens. However, there are occasions when such acustomised version of your site ought to bepresented to mobile users. Obviously, this is To serve different-sized images to mobile users, use Adaptive Images’ server-side controldown to your personal preference or that of how many categories you include will depend work by detecting the device-size parameteryour client, but one consideration might be on the design of your site. of the browsing device – not the width of theto serve a lower bandwidth version for I suggest starting with only one media browser – so resizing the browser on yourmobile users. In the bad old days, you query category and testing it thoroughly: desktop device won’t prompt the server-sidemight have done this by detecting different I’ve found it can be tricky debugging multiple component to create and send a smallerbrowser agent types, which was always queries, as the various styles cascade down image; only when browsed with a devicetricky, and with the increased number of through the sequence. It’s important to with a smaller screen such as a phone (or adevices now available almost impossible. define each style that changes in each of mobile-phone emulator on your desktopBetter to configure your site to change its the media query categories you use. machine) will the magic occur. One use of such It’s a far better solution to use such queries is to turn off or server-side components to generate reduced“It‘s better to use such server- resize graphics as the images on the fly, rather than using JavaScript screen area shrinks, and to manipulate the src field of the <img> tagside components to generate it’s tempting here to to send a large or small version of the image. “switch off” adverts This isn’t because of the additional effortreduced images on the fly” when browsed on involved in storing more than one size of mobile devices to save every image (which could also be a problem),design depending on the screen resolution – and bandwidth and speed up browsing. However, but a bigger problem concerning the orderCSS3 comes to your aid here: its media queries since adverts are an important source of income in which browsers render pages. As theenable you to declare conditional areas in your for most sites, this isn’t a move that should be HTML is being downloaded, any <img> tagstyle sheet depending on the screen resolution of taken lightly. There are two alternatives. One is encountered will fire off a request for thatthe rendering device. to replace the advert’s graphic with text, using image from the server, and only once all the To show how this might work, let’s build a style sheet media queries to make either the HTML has downloaded – together with anysimple web page with a navigation bar down graphic or the text advert visible according to script it contains – does the JavaScript run,the left-hand side and body text to the right of what CSS class they’re assigned: which would rewrite the <img> tags to perhapsit, so that it looks something like this: access a different image for the current device. This would fire off another request from the .graphicad{display: inline;}<p class=\"sidebar\">[Navigation .textad{display:none} server for the other image, without cancellingSidebar]</p> @media screen and (max-width:320px) { the previous request, and would greatly prolong<p class=\"maintext\">Main Body Text</p> .graphicad{display: none;} the HTTP request. An inelegant solution; using .textad{display:inline} a server-side component to send the correctly Then build a style sheet like the following: } sized image to the browser in the first place is a far better one..sidebar{display: inline;} <img src='advert.jpg' class='graphicad'.maintext{display: inline;} /><span class='textad'>Buy Me </span> Getting user input @media screen and (max-width:320px) {.sidebar { display: none } The other approach is to use a server-side An area that shouldn’t be overlooked when} component that reduces and serves a smaller designing for mobile devices is user input. In graphic to mobile devices. There are several those instances that you’re asking a user to This will cause any areas that have a class of such components from which to choose, enter data into an input box, remember that“sidebar” not to display on devices that have a obviously depending on the application they’ll be doing so with a less extensivescreen width of less than 320 pixels (even in a platform your server employs. A few that keyboard, and so specifying the correctdesktop browser, if you resize the window to seem to work well are Adaptive Images (http:// “type” with the <input> tag is important toless than 320 pixels, you’ll see your sidebar adaptive-images.com/) for PHP, and Image ensure the correct virtual keyboard isdisappear). I’ve kept this code simple just to Adaptivezr.NET (www.pcpro.co.uk/links/ presented to them. By now, all tablet usersillustrate how it can work, but obviously, to 218wa1) for ASP.NET. When testing with will have experienced the irritation of webcope with devices with different-sized screens, these it’s important to remember that they pages that ask for an email address, but096 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMWaegb Aspp.sn& Deesitgn RWCwhich fail to present a virtual keyboard <table> Error! a lot of uses you want to take athat has the @ symbol. As a result, they <tr> video source and publish it tomust press Shift to find the character, thenswitch back to the default for the rest of <td> Even when using Azure in a simple and quickthe address. Expression Encoder to publish Some Text a video file, I found that the way. For this you’re told to Another area that’s tricky to manage onmobile devices is the dropdown selection </td> system would sometimes use Microsoft Expressionsbox, because trying to select from a tinydropdown with your finger can be frustrating. </tr> throw a cryptic error message Encoder 3 or 4, and you’llOne way around this problem is to use also need to install thetechniques such as the jQuery Mobile select What’s wrong with: that prevented publishing. Azure Media servicesmenu (www.pcpro.co.uk/links/218wa2) This turned out to be causedto present a form that’s easier to use on a <div class='mystyle'> by Expression Encoder not plugin from www.pcpro.small touchscreen. Some text generating two of the files co.uk/links/218wa5. Once you’ve done this, you can If you search the web for adaptive </div> necessary for correct take a video file and encodedesigns, you’ll see many references to various streaming. and publish it on your Azureframeworks that claim to make the task easier,together with plenty of talk about creating a I wait to be convinced otherwise. media area.grid with CSS that will allow your content to Google has officially recommended What I wanted to do while at theflow correctly when browsed in a variety of responsive web design as its preferred method World Bridge Championships was a simpledevices. I must confess that currently I’m for building mobile websites (www.pcpro.co. live streaming broadcast, but it seems thatmore than a little sceptical about this uk/links/218wa3). I have a big issue with a you can’t currently take a live source andapproach, since it introduces extra <div> tags software company that builds an internet publish to Azure via Expressions Encoder inthat make the layout more difficult to read. As search engine and then tries to enforce ways of the same way that you can with IIS smoothsomeone who’s been building websites right designing sites so that its own engine can index streaming services. I have to say thatfrom those early days when we had to them properly. Microsoft US has been very helpful in tryinguse tables to implement all but the simplest In a perfect world the search engines should to sort out this issue, but to no avail. I’ll beand most linear of designs, my relief at finally do the job properly and correctly index any returning to this in a future column once itbeing able to place objects where we wanted site, irrespective of how its HTML is becomes more usable; at present it’s a hugeto and have them flow and resize through structured. But as we all know, this is an disappointment that really spoils the usefulnessthe means of a common style sheet was imperfect world, with the world of web design of this new service.considerable. It also meant that HTML more imperfect thanpages lost unnecessary code and implementing many other areas of it,site-wide style changes became easier. so if we want to be “If you want mobile users toThis move towards finding the ideal CSS found we’re stuck withimplementation of a grid seems to be reverting having to fettle our code access your site, responsiveto the bad old days. so as to help the search engines to do their stuff. design is the way forward” The current HTML <table> tags are So if you’re planning forgreat for the purpose they were designed for – mobile users to access your site, then responsive More and more we’re seeing extremelydisplaying tabular data. Using a table or a grid design is the way forward. clever back-end technologies from Microsoftto control the display layout seems like a being let down by incomplete or unreliableretrograde step to me, and I’m sure it will end front-end tools. The view seems to be thatin tears. If you take a look at the Foundation Azure Media Services because it’s possible to use a technology fromFramework, for example, a small sample of the In a previous column I wrote about the code, then that’s all that’s required. I’d takeHTML on its own website shows how it’s imminent release of Microsoft’s Azure Media issue with this: give us ways to deploy theseimplemented. The grid is built using <div> tags Services, which promised to offer full live technologies easily and we can save thesuch as the following: streaming from the cloud. This could be of coding to produce our custom solutions if interest to anyone who has a need to deliver necessary. Sorry, Microsoft, but if you intend<div class=\"row\"> video streaming, but who doesn’t want the to charge for this service, then you need to <div class=\"tablet-padding\"> expense of building and configuring their own get it working first. <div class=\"three columns streaming servers (to say nothing of payingproperty\" id=\"zurbApps\"> for large amounts ofSome text bandwidth that will probably get used on <div class=\"row\"> only a few occasions). <div class=\"six columns\"> This new service fromA list Microsoft could be </div> very useful. <div class=\"six columns\"> I say could be,Another list because before </div> anything else it has to </div> work, and work easily.</div> Sure, you can develop your own code to And so it goes on until it starts to look a access the SDK inbit like the sort of unreadable mess that we Visual Studio 2010 (seeused to see: www.pcpro.co.uk/ links/218wa4), but forwww.pcpro.co.uk Expression Encoder for Azure Media Services: must try harder WorldMags.net PC PRO•DECEMBER 2012 097

RWC NeWtworkos rldMags.netNETWORKSThis is not a reviewIgnore the graphs and tables, says Steve Cassidy. All you need toknow about a multi-WAN router is how it handles load balancing STEVE CASSIDY That’s why my investigations into multi- Failover was originally designed when there WAN connected routers don’t end up as was a sharp difference between the main link Steve mixes network massive 20-page special supplements stuffed and the backup – for example, an ISDN line as technologies with with comparison charts and tables. Actually, the main and a plain dial-up phone line as human resources what’s important about this section of the backup or, for the rich, a leased KiloStream line. consultancy work. networks market isn’t really captured by With such a setup nobody was in any doubt Read his blog at comparison tables and graphs, because the when failover happened because traffic would www.pcpro.co.uk/ key to the multi-WAN router business lies crawl almost completely to a stop; failover was blogs/stevecassidy. in a single feature: how does it manage a last-ditch concept, intended only for a passing Email cassidys@cix. load balancing? and occasional role as your net connection. And compulink.co.uk I hated it even then. To begin with, let’s nail down someY ou may have noticed that we terminology. Almost all router and firewall Failover flaw Real Worlders don’t do reviews. specifications you’ll see will employ the term My voicemail isn’t packed with “failover” to describe handling more than one A rarely used link of any kind is something invitations to unbox new products link to the internet – you may also possibly see telcos treat with suspicion, which may manifestfor comparison and testing. I’m not unhappy references to “active/active” or “active/passive” as an engineer disconnecting the link, thenabout this, as I’m terribly bad at keeping track (often in the middle of a long and painful waiting for you to make contact and ask what’sof all the bits – cellophane slipcases, registration exploration of the nature of multiple happened to your connection. That’s hardly thecards, and incomprehensible multilingual safety connections). Let’s look at “failover” first: the behaviour you want when the link in questioninformation leaflets. I’m particularly distracted idea of failover is that, if you have several is only there as a backup for something biggerby the latter: how green is it to ship wodges of different links to the internet (whether ADSL, and busier. So, having sold your MD on thepaper that everyone instantly discards, rather SDSL, ISDN, Fibre or whatever), you’ll want to idea of failover, the first time it’s called on inthan a one-shot CD, a USB key or perhaps send all your normal traffic over one of them, action, it falls flat on its face. I’ve wasted a lotjust a URL, to tell you what to do if you flipping over to a second only in the event that of time over the years trying to fix the failoveraccidentally eat the contents of a toner the first has a problem. That’s a strategy that line when I should have been finding out (thatcartridge (or whatever else they’re for)? appeals greatly in sales meetings with harassed is, screaming down the phone about) why the entrepreneurs, because who wouldn’t like such main connection had died in the first place. an insurance policy, a bit of slack for those bad days when the light goes off on your router? There ought to be a simple software fix for But, do you know what? I hate failover – in this flaw in the failover concept – periodically fact, the art department won’t let me use a trying out the failover link to keep it alive font big, bold and scarlet enough to fully shouldn’t be that hard. Or should it? Failover express the depth of my hatred. It’s a was conceived long before widespread, crackbrained idea, the refuge of the ignorant competitive internet access was available, which against the indifference of the uncaring. meant that it was almost always a same- provider process. When I first enquired about genuine multi-WAN routers, almost every firm simply took it as read that I wanted to manage multiple lines from the same ISP. But in fact what almost everyone wants is the opposite: multi-WAN connection to different providers. Where sets of lines of various performance all lead to the same provider, failover is implemented by some brutally stupid software at either end of the link. There’s a small-but- dim CPU in your local router and something rather smarter but more heavily loaded in a rack at your ISP. The two ends of this kind of failover architecture must collaborate to keep traffic moving, so even the simple trick of making periodic test connections of the failover pipe will create disproportionate confusion by being interpreted as actual emergencies.098 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk

WorldMags.Nnetweotrks RWC over several months, written by exasperated techies, claim that the old network-device foible of failing to perform what the GUI/management interface tells you you’re doing continues to thrive in load-balance land. Close, but no cigar Dammit, I’ll break my silence by identifying one particularly egregious culprit: the Linksys/Cisco RV082. This is a load-balancing-capable, small-business-sector router, and I’m singling it out only because it otherwise comes tragically close to meeting the required brief. If you flip an RV082 from failover to load-balance mode, don’t assume that clicking the button in the web form has done the job, and don’t assume either that “reset to factory standard” does what it says, because it will preserve various altered settings through what should be a cold restart. I like the way the RV082 and its sister devices handle traffic-sharing across two (or in other models, up to seven) physical connections, but I certainly don’t like the way certain config changes can’t be applied without dancing a jig to wipe out all the preceding settings, before restarting the entire config from scratch. That’s just laziness on the part of its developers andI’d like to be able to say that this state of I’m not going to list all the sins along with testers: sticking some graphic buttons andaffairs has improved with the onward march of the brands and models that commit them – sliders into the control interface, but just leavingtechnology, but it hasn’t – once a feature has there just isn’t enough room – but that list them disconnected when it comes to actuallycome to occupy a column in those massive would be long and painful. There are devices doing what they say they do.market-spanning comparison tables, it’s that load balance onto a slower secondary line Despite that aggravation, the round-robinincredibly hard to declare it useless and get all the time, leaving the primary idle. There are traffic allocation algorithm used by the RVpeople to remove it. Hence we have a whole those that split traffic evenly across both lines, series is a breath of fresh air in this end of therange of devices that have a tick for “supports regardless of whether orfailover”, but very little idea of what actually not the traffic type ishappens when a failover condition is declared splittable. There are “I hate failover. It’s the refugeby the router’s software. In fact, what we’d all those that mistakelike to happen, I believe, is something rather connection speed for of the ignorant against thedifferent from this scenario, which is frequently line speed, despite themisdescribed as “active/passive” in the white fact that almost every indifference of the uncaring”papers and design documents on this topic. connection from a load balancer to a router is over Ethernet or USB marketplace. Each user connection request is these days, so fast and slow lines look identical. assigned a relationship with a physical externalA balanced approach? There are those that layer multiple subnets and pipeline, and once that pipeline is fully occupiedWhat we actually want is load balancing. In addresses over the top of single (or multiple!) traffic goes to a less busy link, which means youthe second decade of the 21st century we’re no ports, so that while its designer may have get to use all the connections you’re paying forlonger dealing with an expensive main pipe and imagined a clear distinction between public and it’s no big deal if one of them goes down.a cheap demand-dialled backup – instead we and private traffic, there’s no such distinction Of course, you’ll have to manage yourhave several lines of differing performance from for the poor sod who has to configure or incoming traffic a little carefully, either bydifferent providers, requiring a different debug the thing. updating a Dynamic DNS service out on thesoftware approach from old-time Oh, and almost none of them web, or by writing lots of incoming portfailover. This should be where I Expensive will present anything so helpful redirection rules and matching the round-robinsay how much I love load Proper load balancing needn’t as a pop-up dialog box or logic of outbound traffic with some incomingbalancing, and plug a meaningful log entry to round-robin DNS entries of your own. This endvariety of small business be beyond reach: if you’re help you figure out of the operation is more consistently thought prepared to spend some money to through and handled by all the devices I’vedevices that neatly and get an enterprise-grade device, then where you’ve goneunobtrusively balance wrong. Almost every been fiddling with.traffic across a the world is your oyster. However, configuration you might I believe that load balancing is going to prices are often more than most ofdiverse selection of us pay for our entire LAN setup. mistakenly choose has become increasingly important as the natureunderperforming DSL At £5k for a traffic splitter, it isn’t some legitimate use case, of our modern, fully connected societylinks. I have to be honest, worth the expense if you somewhere, so nothing is becomes more apparent. You can’t demand that only need to join twothough: even devices that ADSL lines. forbidden. Nothing, that is, people live connected, online 21st-century livesclaim to work this way make except consistency: several while most of them are connecting througha spectacularly bad job of it. forum threads I’ve been following 20th-century technologies.www.pcpro.co.uk WorldMags.net PC PRO•DECEMBER 2012 099

RWC NeWtworkos rldMags.netThe switch is inThis month I experienced a failure of firstprinciples so grossly humiliating that Ishould say straight away that it happened onmy home network, not a client’s. Try not towake your fellow commuters with raucouslaughter at my misfortune. It all started with afibre Ethernet card.Some of Intel’s early PCI Gigabit fibrecards are still compatible with WindowsServer 2008 R2, provided they’re present ina slot when the OS is installed. Putting thecard in later will lead you down a trail oftears on Intel’s website, which doesn’tquite tell you that if you’re looking fordownloadable, installable drivers for thesecards, you’re out of luck. You’ll read a lot of My 24-port switch with four GBIC slots perches precariously in my basementmealy-mouthed nonsense about “in box” right-hand end of the bottom row”, ratherdrivers, and come away with the feeling that compatibility and interoperability, beforeIntel thinks you’re crazy for trying to use such imperiously waggling my mouse through the than “the last two ports on both the top andold technology in a new server build. This bottom rows”. For about three days the link browser favourites menu and expecting it all tokind of casual insolence only makes me more just work – which it almost did. jumped in and out of connectivity becausestubborn, to the point of stupidity, so for my the 3Com couldn’t read the status of the fibrenext trick I not only failed to make the card Some sites worked but others didn’t. Not all GBICs I’d plugged into a port, as I’d foolishly the machines on the LAN reappeared in thework under Server 2008, but crashed a browse list either, and some of the more left it with two jobs to do at once.vSphere 5.1 Free server too. Second, the patch lead from the VM host complicated websites would only partly display, with my DNS server on it had been down inYou might assume that it was a dud card, or display after a long and irritating pause.but it had been working fine in an ancient Streaming video didn’t do too well either. The the basement since at least 1998, and itmachine for some years, and I have five more 2924 is a managed switch, which means its wasn’t even new when it arrived. That’s 14of the same model waiting to be put into years sitting in a socket on a switch in a dark,service. Surely it couldn’t simply be firmware can be configured to do all sorts of dryish, warmish space. Nobody really knows useful things, but they’re only useful if you knowdisastrously unsupported, no matter what I they’re there and you’ve set up the device the limits of the humble network lead’sput it in? So I tried it in a FreeNAS machine I properly beforehand. Mine was (as you may endurance, and nobody can really say how you tell a good one from a bad one. In my have guessed) a case, taking a ham-fisted approach to a second-hand unit, so switch upgrade exposed a weakness in this“Nobody really knows the I started wondering single humble lead. Whereas all the others whether all the odd sank home with a reassuring click, this onelimits of the humble network behaviour was due mustered only a flaccid thud. Over those 14 to some VLAN config, years its retaining clip had lost its springiness,lead’s endurance” or an unhelpful turning the connection into a superbly configuration of awas building to run as an iSCSI resource. helpful feature, such as DHCP relay status. So I sensitive seismometer, so that the faintest had to crack the device password, which meant vibration or waft of breeze would make orThe result was instant compatibility, perfect break the connection.autoconfiguration and performance that was finding a Cisco-style RJ-45-ended serial lead, abetter than respectable once I’d set up all the laptop with a DB9 serial port, and a Swiss Army Naturally I ignored all my own advice and checked the system from the top down,kit to support a fibre connection. There’s only knife with a fine-toothed wood saw to shaveone problem with fibre: I don’t have much of worrying first about firmware, the state of the down the serial lead shroud so that it didn’t foul config, whether I’d overlapped any ports, theit when it comes to switch ports. the edge of the laptop.Small switches don’t provide many GBIC presence of any VLANs left by the previous Having found the appropriate resetslots, which is consistent with the notion that owner and the state of the ARP cache on my instructions on the web – very slowly and minusthey should only be used to link back into many picture icons after two or three attempts to DNS server (note to self: if typing “ARP -d”some howling head-height enterprise fibre into a command line doesn’t fix it the first download the PDF, having tried about 20 times time, typing it half a dozen times more won’tbackbone concentrator smothered in blinking because the keystroke detection interval waslights. So I started hunting for the at about 1/20th of a second and the menu work either). It was only when I’d almostcomparatively rare beast that is a 24-port disappeared if you repeated the keystroke too given up and put the old Netgear back in that I realised all was not well with that lead.switch with four GBIC slots and, as you can often – I found out two interesting snippets At least you can benefit from my wastedsee from the picture above, I found one – a concerning this device and my hot basement. weekend of self-recrimination, head-banging3Com Baseline Switch 2924. As you mayalso see, this was rudely slapped into the First, the 2924 combines its fibre ports so that, and mad, half-cocked solutions, because as with almost every other GBIC-ported smalluntidy, overheated equipment hell-hole that is switch, you can’t use the last four regular copper from now on I’ll be amending my defaultmy basement. I unceremoniously hauled the ports if you want to use the GBICs. However, advice: by all means buy yourself a newGBICs from my Netgear GS724TR and threw unlike all the other switches, the 3Com unit treats switch, but make sure you renew all thethem straight into it, without any thought for cables when you do. “last four” as meaning “the four ports at the100 PC PRO•DECEMBER 2012 WorldMags.net www.pcpro.co.uk