Google plans to use Chrome as a tool to reform the Web by encouraging use of a technology the company says will reduce data-transfer delays.
The technology, called False Start, has the potential to reduce one round of back-and-forth communications between a browser and a Web server when establishing an encrypted connection. That's a significant time savings--about 7 hundredths of a second for communication across the United States and 1.5 tenths of a second from California to Europe.
Even better, unlike many protocol improvements that could improve communications, it doesn't even require changes on both sides of the network connection. Only the browser needs to be changed, according to False Start co-author Adam Langley. Naturally, Google has begun building False Start into its Chrome browser, judging by a Chrome command-line switch that lets Chrome users disable it.
Great, right? Free speed for everyone! Well, actually, there's a catch.
"We are aware that this change will cause issues with about 0.05 percent of Web sites on the Internet," Langley said in a blog post.
That may not sound like a lot, but according to NetCraft's measurements, there were 227 million Web sites in September. Proportionally, the problem is small, but in absolute terms False Start wouldn't work with about 114,000 sites by NetCraft's tally.
Google, undeterred, sees this as an opportunity to fix what it sees as wrong with the Web.
"Chrome still carries an idealism that means that we're going to try to make low-level changes and try to make them work," not just try to gloss over them with higher-level interfaces, he said.
Accordingly, Chrome will be endowed with a blacklist to disable the False Start acceleration feature for sites where it wouldn't work, and Google will try to reach those sites to encourage upgrades, he said.
Google can use the approach to discourage new Web sites from following predecessors' footsteps that lead to the problem, Langley said:
Blacklisting gives us two advantages. Firstly, it limits the accumulation of new problematic websites. Sites which have never worked are a very different case from sites which used to work.
Secondly, we can contact the problematic sites in question. We already have a good idea of where the problem lies with many of them and we're in contact with the stakeholders to plan a way forward.
It's possible Google's plan might ruffle some feathers, but the company is only trying to get Web sites to catch up with browser communication encryption technology that was standardized nearly 12 years ago, he said.
Specifically, the problem stems from the transition from an encryption technology called Transport Layer Security (TLS), formerly known as Secure Sockets Layer (SSL). This is the technology that's used to curtail snooping of communications with banks and e-commerce sites
During the transition to TLS 1.0, Web browsers were set up to fall back to the earlier SSL 3.0 standard for Web sites that weren't upgraded. But it turns out that old technology lingers on, and the fallback is what causes problems with False Start TLS.
"It was assumed that the problematic Web servers could be fixed in a few years and the fallback could be removed," Langley said. "Twelve years later, the fallback is in robust health and still adding complexity. A security update to TLS earlier this year was made much more complex by the need to account for SSLv3 fallback. The operators of the problematic Web servers are largely unaware of the problems that they are causing and have no incentive to change in any case."
Being blacklisted by Chrome could be that very incentive.
"Blacklists require effort to maintain, and we'll have to be responsive to make it work," but the fast-moving Chrome team is up to the challenge, said Langley. "With our near-weekly dev channel and even more frequently updated Canary channel, we think that we can do it."
Monday, October 04, 2010
Ten Things IT Professionals Should Know About Windows 7
Every year, we get hit with a long drumbeat of “top 10 lists”—whether it’s the 10 worst-dressed celebrities at the Academy Awards, the 10 best ways to get in shape before spring, the 10 best ways to annoy the person in the office next to you.
At the Springboard Series, we pretty much have a one-track mind—what is in store for IT professionals responsible for desktop administration. While we might be tempted to share a couple of those weight-loss tips, it’s probably best we stick to what we know best—the top 10 things you need to know about the Windows 7 operating system.
With the Release Candidate of Windows 7 now available, we encourage you to download a version to your lab machine and begin testing your applications and devices to get to know what’s in it for you. As you begin testing, we offer this guide to the key features and capabilities in this new desktop operating system.
Here are the top 10 things to know about Windows 7:
1 - Application compatibility
The Windows Vista operating system introduced architectural changes down to the kernel level that made the OS inherently more secure than Windows XP. However, this came at a cost; many applications needed modification to function properly in a Windows Vista environment. While at this point in the lifecycle of Windows Vista (post Service Pack 1) most applications are now compatible, deploying Windows Vista into the desktop environment early on required some “heavy lifting” and creative shimming—not to mention a few late nights.
Windows 7 is built on the same basic architecture as Windows Vista, so most applications will retain their compatibility between these operating systems. This alone will make adopting Windows 7 much less challenging than migrating from Windows XP to Windows Vista. If your organization is like many that are still standardized on Windows XP, you will need to transition to updated versions of your key applications, but the availability of Windows Vista–compatible versions and well-proven shims will make this task more manageable.
2 - Hardware compatibility and requirements
Much like the application compatibility issues, adopting Windows Vista early-on was a challenge because of the higher system requirements—such as RAM and graphics. On the flip side, Windows Vista provides manageability and security that just isn’t available on Windows XP, and with more capable hardware, Windows Vista is able to perform a number of useful functions that improve productivity (such as Windows Search 4 and the Windows Aero desktop experience) and increase PC responsiveness (the ReadyBoost technology launches applications more quickly by maintaining a portion of frequently used applications in memory).
Windows 7 was designed to perform well on the same hardware that runs Windows Vista well, while delivering additional performance and reliability improvements. The design team for Windows 7 had a specific focus on the fundamentals—as well as maintaining compatibility with existing applications and hardware. In operation, you will find that Windows 7 boots faster and has a smaller memory footprint than Windows Vista.
3 - Better Together with Windows Server 2008
One of the key benefits of the modern operating system is that Windows 7 and the Windows Server 2008 operating system share a common code base, and are maintained with a single servicing model. This servicing model means updates and security updates are shared across both client PCs and servers, simplifying the process of maintaining an up-to-date infrastructure.
In addition, environments with both Windows Server 2008 and Windows 7 unlock capabilities that extend functionality and help ensure a more secure environment. One example is DirectAccess, which allows management and updating of remote mobile PCs that are connected to the Internet, even when they are not connected to the corporate network. This capability helps ensure that remote users receive security patches on a timely basis, and allows IT to update configuration setting via Group Policy. For the end user, DirectAccess allows access to locations on the corporate network without using a virtual private network (VPN) connection. (In addition to Windows Server 2008 R2, DirectAccess requires IPSec and IPv6 implementation.)
4 - Extend data encryption to removable media
News reports are rife with stories about companies losing control over sensitive information. In some industries, this is an issue with grave legal implications, while in other situations the issue is inconvenience. Regardless, smart compliance policy dictates that sensitive information be safeguarded in the event of a lost or stolen laptop. Further, preventing sensitive information from being removed from corporate resources is a pillar of effective compliance management.
Windows 7 includes BitLocker technology, first implemented in Windows Vista, which now provides full encryption of all boot volumes on a PC; along with introducing BitLocker To Go that offers data protection on portable storage, such as USB flash drives. In addition, BitLocker Drive Encryption and BitLocker To Go can be managed via Group Policy, placing more control over sensitive information in the hands of the professionals.
5 - Control the application portfolio available to end users
Windows 7 features AppLocker, a new capability that allows IT administrators to specify which applications are permitted to run on a laptop or desktop PC. This capability helps you manage license compliance and control access to sensitive programs, but also importantly, it helps reduce the opportunity for malware to run on client PCs. AppLocker provides a powerful rule-based structure for specifying which applications can run, and includes “publisher rules” that keeps the rules intact though version updates.
To see how AppLocker is set up and managed, click here for a screencast demonstration.
6 - Automate routine tasks with powerful scripting
To help IT administrators better maintain a consistent environment and improve personal productivity, Windows 7 includes an updated graphical scripting editor, Windows PowerShell 2.0—a powerful, complete scripting language that supports branching, looping, functions, debugging, exception handling, and internationalization.
• PowerShell 2.0 has an intuitive, graphical user interface that helps make script generation easier, especially for administrators who are not comfortable in command-line environments.
• PowerShell 2.0 supports two types of remoting—fan-out, which delivers management scripts on a one-to-many basis, and one-to-one interactive remoting to support troubleshooting of a specific machine. You can also use the PowerShell Restricted Shell to limit commands and command parameters to system administrators, and to restrict scripts to those who have been granted rights.
• PowerShell 2.0, with the Group Policy Management Console (available as a separate download), allows IT professionals to use scripting to manage Group Policy Objects and to create or edit registry-based group policy settings in Windows 7. Similarly, you can use PowerShell to configure PCs more efficiently, using richer logon, logoff, startup, and shutdown scripts that are executed through Group Policy.
Click here to take a quick tour of PowerShell 2.0.
7 - Troubleshoot faster and more effectively
Windows 7 provides rich tools to identify and resolve technical issues, often by the end users themselves. If a help desk call is unavoidable, Windows 7 includes several features and troubleshooting tools to help speed resolution.
• The Problem Steps Recorder allows end users to reproduce and record their experience with an application failure, with each step recorded as a screen shot along with accompanying logs and software configuration data. A compressed file is then created that can be forwarded to support staff to help troubleshoot the problem.
• Windows 7 includes a suite of troubleshooting packs, collections of PowerShell scripts, and related information that can be executed remotely by IT professionals from the command line, and controlled on the enterprise basis through Group Policy Settings.
• Windows 7 also includes Unified Tracing to help identify and resolve network connectivity issues in a single tool. Unified Tracing collects event logs and captures packets across all layers of the networking stack, providing an integrated view into what’s happening in the Windows 7 networking stack and aiding analysis and problem resolution.
8 - Create, deploy, and manage images more efficiently
Windows 7 includes several tools to streamline the creation and servicing of the deployment image, and to get users up and running as quickly as possible.
The Deployment Image Servicing and Management (DISM) tool in Windows 7 provides a central place to build and service Windows images offline. With DISM, you can perform many functions with one tool: mount and unmount system images; add, remove, and enumerate packages and drivers; enable or disable Windows features; configure international settings, and maintain an inventory of offline images that contain drivers, packages features, and software updates. Windows 7 also enables the same processes and tools to be used when managing virtual machine (VHD) and native file-based (WIM) image files.
Windows 7 also includes Dynamic Driver Provisioning, where device drivers are stored independent of the deployed image and can be injected dynamically based on the Plug and Play ID of the hardware, or as predetermined sets based on information contained in the basic input/output system (BIOS). Reducing the number of drivers on individual machines reduces the number of potential conflicts, ultimately minimizing setup time and improving the reliability of the PC.
When you are ready to deploy Windows 7, Multicast Multiple Stream Transfer enables servers to “broadcast” image data to multiple clients simultaneously, and to group clients with similar bandwidth capabilities into network streams to permit the fastest possible overall transfer rate while optimizing bandwidth utilization.
Watch a screen cast demonstration of the deployment tools for Windows 7 here.
9 - Easier migration of user data and profiles
Windows 7 includes enhancements to the User State Migration Tool (USMT), a command-line tool that you use to migrate operating system settings, files, and other user profile data from one PC to another. In Windows 7, USMT adds a hardlink migration feature for computer refresh scenarios, a capability that stores user data and settings in a common place on a drive, eliminating the need to “physically” move the files during a clean install.
10 - Improve user productivity in branch offices
Windows 7 introduces BranchCache, a technology that caches frequently accessed content from remote file and Web servers in the branch location, so users can access this information more quickly. The cache can be hosted centrally on a server in the branch location, or can be distributed across user PCs. One caveat: to take advantage of BranchCache, you will need to deploy Windows Server 2008 R2 on the related servers.
And, as a bonus:
Better support for client virtualization
Windows 7 delivers a richer experience when users are connected to a virtual desktop—much closer to the experience provides by a native Windows desktop. For example, Windows 7 provides multi-monitor support, bi-directional audio to enable Voice over Internet Protocol (VoIP) and speech recognition applications, and access to local devices, such as printers.
So there you have it—the top 10 things you need to know about Windows 7 (okay, we couldn’t stop until we hit “11”)—and if you have ideas for how to best annoy your office mates, it’s probably best to keep those to yourself!
----------------------------------------------------------------------------------------------
The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, this document should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.
At the Springboard Series, we pretty much have a one-track mind—what is in store for IT professionals responsible for desktop administration. While we might be tempted to share a couple of those weight-loss tips, it’s probably best we stick to what we know best—the top 10 things you need to know about the Windows 7 operating system.
With the Release Candidate of Windows 7 now available, we encourage you to download a version to your lab machine and begin testing your applications and devices to get to know what’s in it for you. As you begin testing, we offer this guide to the key features and capabilities in this new desktop operating system.
Here are the top 10 things to know about Windows 7:
1 - Application compatibility
The Windows Vista operating system introduced architectural changes down to the kernel level that made the OS inherently more secure than Windows XP. However, this came at a cost; many applications needed modification to function properly in a Windows Vista environment. While at this point in the lifecycle of Windows Vista (post Service Pack 1) most applications are now compatible, deploying Windows Vista into the desktop environment early on required some “heavy lifting” and creative shimming—not to mention a few late nights.
Windows 7 is built on the same basic architecture as Windows Vista, so most applications will retain their compatibility between these operating systems. This alone will make adopting Windows 7 much less challenging than migrating from Windows XP to Windows Vista. If your organization is like many that are still standardized on Windows XP, you will need to transition to updated versions of your key applications, but the availability of Windows Vista–compatible versions and well-proven shims will make this task more manageable.
2 - Hardware compatibility and requirements
Much like the application compatibility issues, adopting Windows Vista early-on was a challenge because of the higher system requirements—such as RAM and graphics. On the flip side, Windows Vista provides manageability and security that just isn’t available on Windows XP, and with more capable hardware, Windows Vista is able to perform a number of useful functions that improve productivity (such as Windows Search 4 and the Windows Aero desktop experience) and increase PC responsiveness (the ReadyBoost technology launches applications more quickly by maintaining a portion of frequently used applications in memory).
Windows 7 was designed to perform well on the same hardware that runs Windows Vista well, while delivering additional performance and reliability improvements. The design team for Windows 7 had a specific focus on the fundamentals—as well as maintaining compatibility with existing applications and hardware. In operation, you will find that Windows 7 boots faster and has a smaller memory footprint than Windows Vista.
3 - Better Together with Windows Server 2008
One of the key benefits of the modern operating system is that Windows 7 and the Windows Server 2008 operating system share a common code base, and are maintained with a single servicing model. This servicing model means updates and security updates are shared across both client PCs and servers, simplifying the process of maintaining an up-to-date infrastructure.
In addition, environments with both Windows Server 2008 and Windows 7 unlock capabilities that extend functionality and help ensure a more secure environment. One example is DirectAccess, which allows management and updating of remote mobile PCs that are connected to the Internet, even when they are not connected to the corporate network. This capability helps ensure that remote users receive security patches on a timely basis, and allows IT to update configuration setting via Group Policy. For the end user, DirectAccess allows access to locations on the corporate network without using a virtual private network (VPN) connection. (In addition to Windows Server 2008 R2, DirectAccess requires IPSec and IPv6 implementation.)
4 - Extend data encryption to removable media
News reports are rife with stories about companies losing control over sensitive information. In some industries, this is an issue with grave legal implications, while in other situations the issue is inconvenience. Regardless, smart compliance policy dictates that sensitive information be safeguarded in the event of a lost or stolen laptop. Further, preventing sensitive information from being removed from corporate resources is a pillar of effective compliance management.
Windows 7 includes BitLocker technology, first implemented in Windows Vista, which now provides full encryption of all boot volumes on a PC; along with introducing BitLocker To Go that offers data protection on portable storage, such as USB flash drives. In addition, BitLocker Drive Encryption and BitLocker To Go can be managed via Group Policy, placing more control over sensitive information in the hands of the professionals.
5 - Control the application portfolio available to end users
Windows 7 features AppLocker, a new capability that allows IT administrators to specify which applications are permitted to run on a laptop or desktop PC. This capability helps you manage license compliance and control access to sensitive programs, but also importantly, it helps reduce the opportunity for malware to run on client PCs. AppLocker provides a powerful rule-based structure for specifying which applications can run, and includes “publisher rules” that keeps the rules intact though version updates.
To see how AppLocker is set up and managed, click here for a screencast demonstration.
6 - Automate routine tasks with powerful scripting
To help IT administrators better maintain a consistent environment and improve personal productivity, Windows 7 includes an updated graphical scripting editor, Windows PowerShell 2.0—a powerful, complete scripting language that supports branching, looping, functions, debugging, exception handling, and internationalization.
• PowerShell 2.0 has an intuitive, graphical user interface that helps make script generation easier, especially for administrators who are not comfortable in command-line environments.
• PowerShell 2.0 supports two types of remoting—fan-out, which delivers management scripts on a one-to-many basis, and one-to-one interactive remoting to support troubleshooting of a specific machine. You can also use the PowerShell Restricted Shell to limit commands and command parameters to system administrators, and to restrict scripts to those who have been granted rights.
• PowerShell 2.0, with the Group Policy Management Console (available as a separate download), allows IT professionals to use scripting to manage Group Policy Objects and to create or edit registry-based group policy settings in Windows 7. Similarly, you can use PowerShell to configure PCs more efficiently, using richer logon, logoff, startup, and shutdown scripts that are executed through Group Policy.
Click here to take a quick tour of PowerShell 2.0.
7 - Troubleshoot faster and more effectively
Windows 7 provides rich tools to identify and resolve technical issues, often by the end users themselves. If a help desk call is unavoidable, Windows 7 includes several features and troubleshooting tools to help speed resolution.
• The Problem Steps Recorder allows end users to reproduce and record their experience with an application failure, with each step recorded as a screen shot along with accompanying logs and software configuration data. A compressed file is then created that can be forwarded to support staff to help troubleshoot the problem.
• Windows 7 includes a suite of troubleshooting packs, collections of PowerShell scripts, and related information that can be executed remotely by IT professionals from the command line, and controlled on the enterprise basis through Group Policy Settings.
• Windows 7 also includes Unified Tracing to help identify and resolve network connectivity issues in a single tool. Unified Tracing collects event logs and captures packets across all layers of the networking stack, providing an integrated view into what’s happening in the Windows 7 networking stack and aiding analysis and problem resolution.
8 - Create, deploy, and manage images more efficiently
Windows 7 includes several tools to streamline the creation and servicing of the deployment image, and to get users up and running as quickly as possible.
The Deployment Image Servicing and Management (DISM) tool in Windows 7 provides a central place to build and service Windows images offline. With DISM, you can perform many functions with one tool: mount and unmount system images; add, remove, and enumerate packages and drivers; enable or disable Windows features; configure international settings, and maintain an inventory of offline images that contain drivers, packages features, and software updates. Windows 7 also enables the same processes and tools to be used when managing virtual machine (VHD) and native file-based (WIM) image files.
Windows 7 also includes Dynamic Driver Provisioning, where device drivers are stored independent of the deployed image and can be injected dynamically based on the Plug and Play ID of the hardware, or as predetermined sets based on information contained in the basic input/output system (BIOS). Reducing the number of drivers on individual machines reduces the number of potential conflicts, ultimately minimizing setup time and improving the reliability of the PC.
When you are ready to deploy Windows 7, Multicast Multiple Stream Transfer enables servers to “broadcast” image data to multiple clients simultaneously, and to group clients with similar bandwidth capabilities into network streams to permit the fastest possible overall transfer rate while optimizing bandwidth utilization.
Watch a screen cast demonstration of the deployment tools for Windows 7 here.
9 - Easier migration of user data and profiles
Windows 7 includes enhancements to the User State Migration Tool (USMT), a command-line tool that you use to migrate operating system settings, files, and other user profile data from one PC to another. In Windows 7, USMT adds a hardlink migration feature for computer refresh scenarios, a capability that stores user data and settings in a common place on a drive, eliminating the need to “physically” move the files during a clean install.
10 - Improve user productivity in branch offices
Windows 7 introduces BranchCache, a technology that caches frequently accessed content from remote file and Web servers in the branch location, so users can access this information more quickly. The cache can be hosted centrally on a server in the branch location, or can be distributed across user PCs. One caveat: to take advantage of BranchCache, you will need to deploy Windows Server 2008 R2 on the related servers.
And, as a bonus:
Better support for client virtualization
Windows 7 delivers a richer experience when users are connected to a virtual desktop—much closer to the experience provides by a native Windows desktop. For example, Windows 7 provides multi-monitor support, bi-directional audio to enable Voice over Internet Protocol (VoIP) and speech recognition applications, and access to local devices, such as printers.
So there you have it—the top 10 things you need to know about Windows 7 (okay, we couldn’t stop until we hit “11”)—and if you have ideas for how to best annoy your office mates, it’s probably best to keep those to yourself!
----------------------------------------------------------------------------------------------
The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, this document should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.
Subscribe to:
Posts (Atom)
