Horse Sense #96

Your Software May Be Older Than You Think

In this issue of Horse Sense:

-Use the Off Button for Security
-Your Software May Be Older Than You Think
-USB Is Better and Worse Than You Think
-Solid State Disks Are Already Here!


Use the Off Button for Security

The best and easiest way to protect your wireless laptop or phone in what might be a hostile environment is to turn the wireless connection off.  It not only protects you from anyone who might try to exploit you, but it also increases your battery life.  Using the off switch is a wonderfully cheap and easy way to be more secure and save a little money.  Use this trick at work if you have plugged your laptop into the wired network.  It will offer more protection to your PC and the network and your battery will charge faster.  Most modern laptops either have a hardware switch on the case, a key combination, and/or a software program to shut down the radio.

Are you afraid of digital hijackers on your home wireless network?  Shut off the wireless radio or pull the plug on the router.  This is not just a trick to use at home.  To improve your security at work and at home, do not load up programs or operating features you do not need.  Turn off or deny access to equipment during unneeded periods.  This lowers your "attack surface."  With less points of attack and periods of attack available you are safer.  Take a look at what you are running on your network and the information you are storing on it.  Uninstall programs you do not need.  Remove equipment that is not serving a purpose. Removing old data as well will make your system run better.  Old data might still be valuable to an attacker.  Old programs and data on your machine can help an attacker compromise your machine.

Your Software May Be Older Than You Think

You have antivirus software.  You get automatic updates, but still have problems.  What is wrong?  It turns out that you probably do not understand how the software updates work.  Take Symantec as an example.  They only recently updated their corporate Symantec EndPoint Protection (SEP) product to version 12.1, but the old 11 product was out there for 3 years!  I heard a lot of serious bitching about version 11.  It was not keeping up with the times.  It was incompatible with software.  There was a bug in the software.  Without exception, I found that these clients were running a non-current release of the software. As of this writing, Symantec has issued more than 6 major updates to that software and all of those clients could get that software with a free download.  They could even get the new 12.1 version for free.  So what was the disconnect?  Users thought that they were automatically getting the newest software.  Software manufacturers often will not automatically update software, especially antivirus software or software intended for corporate use.  That is because there may be a corporate standard, because people are only trained on a particular version, a new version may need to be tested for compatibility with existing corporate software, etcetera.  Even if you are not a corporation, you can understand that there are always risks in downloading and updating software on your personal machine so the "if it ain't broke, don't fix it" rule seems to apply here.  Users thought the definition updates were also upgrading the program as well.  They were wrong.

In general, there is no warning that your software is not up to date. Apple consumer software, Java, and Adobe Reader all offer automatic updating capabilities for their software, but they stay in memory full time and have been known to cause issues like a broken updater that repeatedly downloaded the same code over and over forever starving my network of bandwidth and never upgrading my machine.  For this reason, I usually only leave Microsoft's Windows Update software running for automatic updates.  For many shareware and freeware programs, you can use the free and easy version checker at to check for updates from multiple software vendors.  But, especially for the paid programs, you will have to be a little more diligent about checking for program updates and upgrades yourself.  Most paid software does not automatically update or run a background updating program.  With paid software, the way to check for updates differs from program to program.  Sometimes you will see the update in the file menu, other times in the edit menu, and others in the help menu.  Some programs do not even have a way to check from inside the program at all.

For example, with Symantec System Recovery, Symantec's business continuity backup program, you can run LiveUpdate within the program and it will update the software.  Once you do it, you must reboot to use the new software, which is another reason program updates may not be done automatically.  LiveUpdate is the program that automatically updates your antivirus signatures.  But, it will not update other programs unless you specifically have it do so.  The SEP program itself cannot be updated with LiveUpdate.  It requires you to go to a web page and download and install the new code manually.  Unfortunately, it is not unusual for a software vendor to have multiple mechanisms of updating different lines of its software.  New SEP versions provide huge performance, manageability, and compatibility improvements as well as better malware detection, prevention, and disinfection.  Diskeeper, another software manufacturer, has a check for update button in the program that will check your software version and send you to a web page which will tell you if the product is current or if there is an update or new version available.  Update methods vary from manufacturer to manufacturer, but almost all upgrade (new version) software requires a manual download from a web or FTP site and a manual installation.

Another gotcha is that the brand new software you just bought at the store may not be the latest version.  The computer, switch, router, or the firewall you just got may not be running the latest and greatest software.  The first thing you should do when you get something new is make sure you are running the latest software.  In a troubleshooting situation, one of the first things a technician will do is check to see whether you are running the current version.  People often forget to upgrade their operating systems, switches, and routers.  If you want a more secure and trouble free environment, check to see whether you are running the latest version you are entitled to every so often.

USB Is Better and Worse Than You Think

The new USB 3 standard is here.  At 5Gbps it is twelve times faster than the older USB 2 connections.  A USB 3 device can connect to a USB 2 port, but it operates at only USB 2 speeds.  USB 3 also has a lot of other nice things like better power management, but I want to talk about speed today.  The fastest hard drive interconnection for desktop use today is SATA III at 6Gbps.  For the first time, USB 3 offers a plug and play external connection that is as fast as the internal hard drive connection.  And, with capacities of USB sticks now commonly topping 64GB, you can easily take your entire "computer system" around with you in your pocket as long as you can plug it in somewhere.  Or can you? The answer is....not quite.  Unless you are using USB 3, and most machines do not have USB 3 ports yet, you have to settle for USB 2 at 480Mbps.  Even worse, you will not get close to those advertised speeds.

USB 2 memory sticks are not as fast or reliable as you might think. Although they are often warranted for a long period of time, these drives often cannot sustain a large number of writes.  Or they may lose their data over a period of time.  They are designed to be cheap and allow you to move data around.  They are often not bootable, which means you cannot use them to take your system with you and boot clean to your "machine."  And, most of the inexpensive USB sticks have no security on them at all.  A new Barracuda XT 2GB desktop drive can hit almost 140MBps (1.1Gbps) in sustained throughput.  A premium grade IronKey USB 2 stick can get 24-27MBps, though the sustained transfer is slower. Most low end and older USB sticks are in the 2-6MBps range, though you usually will not see their miserably slow transfer rate in their specification sheets.

A fairly typical USB 3 stick is a different matter.  The USB 3 Corsair 32GB stick can be read at up to 135MBps and written to at up to 41MBps.  The much more expensive OCZ Enyo 128GB USB 3 solid state drive has a read speed of up to 260MBps and write speed of up to 200MBps (150MBps sustained).  The Enyo actually exceeds the performance available from a single SATA drive.  I call it a drive rather than a USB stick because it is physically much bigger than a typical USB stick, it has more reliability features built in, and it is faster.

If you want your experience to be PC like, you will need to have a USB 3 port to plug into and something that performs at least as well as a USB 3 stick, but preferably as well as a USB 3 drive to carry about with you.  We are not able to carry our PCs in our pockets quite yet, but we will be in the next year or two.  High quality solid state memory and controller pricing has been decreasing quickly and hard drive prices seem to be increasing which will cause solid state technologies to be adopted even faster.  Also working in the favor of USB 3 is the public thirst for portable storage space, specifically USB sticks.  As people start moving around larger and larger volumes of data, they will find using USB 2 devices too slow and unreliable for their tastes.  Imagine waiting twenty to thirty minutes for a transfer that would only take one if you upgraded to a USB 3 stick.


Solid State Disks Are Already Here!

I have been predicting a shift to solid state storage for some time now.  Not only is it happening, but it is accelerating both external and internal to the PC.  CD, DVD, and Blu-Ray drives and disks have not been able to keep up with the cost, capacity, durability, performance, and convenience of USB sticks.  Many laptops leave out optical drives because they add weight, are not used much, and break fairly frequently.  Even the large hard drive manufacturers like Seagate and WD are starting to produce their own solid state disks or buy companies that do make them.  PC and other manufacturers are rapidly shifting production to designs using solid state drives.  Intel is fairly blunt.  If you want to get the best performance out of their newest chips, you need a solid state drive to feed them.

Of course, as I write this, I am writing on a laptop with a solid state disk from Kingston I have been using for over a year without issue. Both my wife and 6 year old son covet the speed and smooth performance of my solid state equipped laptop....

©2011 Tony Stirk, Iron Horse