Steve Kirsch's Computer Tips

A random collection of things I've learned.

My next computer
Might be the ASUS VivoPC VM60-G105M Barebone System for $264. I can install Windows 7 on it (the asus page has the drivers). Very quiet, small package. Install mSATA SSD (which I have on my old system), and DDR3 SO-DIMM memory.

Tips:

- Putting your existing Windows DVD on a USB thumb drive to install the OS:
-- If you purchased Windows digitally, you can use a number of tools to create a bootable USB drive from the ISO.
-- If you own a physical copy of Windows, you can follow these instructions to create a bootable USB drive, then just copy/paste all of the files from the DVD onto the USB drive. These steps are almost identical to the official directions found on Microsoft's TechNet, except these also assign a drive letter to the partition, so that you can see it in My Computer:
http://www.sevenforums.com/hardware-devices/275904-usb-drives-detected-but-not-shown-computer.html#post2271682
- Windows 7 didn't have drivers for ethernet or wifi, so you'll want to have those available to install, before wiping your computer: http://www.asus.com/us/ASUS_VivoPC/VivoPC_VM60/HelpDesk_Download/
- The device knew to boot from the USB drive the first time I installed Windows, but after that, the BIOS reconfigured and wouldn't do this again. If you need to re-install Windows later, hold F8 as the computer boots, and you can pick the boot device.

Searching window (Windows 7 Search box) for a filename
filename:foo will find all files with a filename containing "foo".

filename:~<foo will find all files starting with "foo"

filename:~<foo filename:bar will find all files starting with "foo" that also have "bar" in the name

filename:~<foo bar will find all files that start with "foo" that have bar in the name or contents

see also: http://windows.microsoft.com/en-us/windows7/Advanced-tips-for-searching-in-Windows

Preventing attacks on Remote Desktop Port
I noticed port 3389 (remote desktop) was under attack by someone from china trying all sorts of usernames. I installed http://rdpguard.com/ and used Edit Group Policy to set Windows > Security>local policy> audit policy>audit logon events to log both success and failure. Then in Event log I created custom views for login failure (which looks in the Security event log for a 4625 and keywords Audit Failure) and another for looking in Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational which  also shows the username they attempted to login as.

Windows doesn't write an ip adddress when RDP over SSL is used, to fix this, open Administrative Tools, Remote Desktop Services, Remote Desktop Session Host Configuration (see creenshot attached). Open connection properties and change Security layer from SSL to RDP Security Layer.

Solving the Outlook not responding problem
Started having problems when i tried connecting Android mail clients. The Android native email wouldn't sync with my Rackspace exchange account using Exchange at all. Moxier and TouchDown do sync. Both use ActiveSync. When ActiveSync is active, Outlook clients can't access your mailbox (but my other clients like OWA and iphone and iPad have no trouble at all)! This happens for TouchDown even when it isn't syncing so it seems to leave some sort of lock on the mailbox. But Moxier was well behaved at first, and didn't lock out my mailbox when it wasn't syncing, but now it locks it out. Bummer! Seems like it might be a generic Android 4.x problem on my Galaxy Nexus.

You can tell if you have a problem when you send messages (even to yourself) and also at startup (if it takes more than 40 seconds to connect). If it takes forever, and the Outlook icon in the tray shows and hourglass and says "Microsoft Office Outlook is requesting data from the server" when you mouse over it you know you are screwed.

The quick way to resolve this is change your password using OWA. This ensures no clients can access your account, then change the password on a client at a time. Don't know if it is a "bad" client, or simply too many clients.

You can try to delete the offending active sync client (and possibly change and change back your password). I've changed my password, worked fine, then changed it back and had problems. So the offending device if it contacted the server, can really screw up the server and the only way out is to change the password and then change it back later when the bad clients no longer connect.

If you send a message to yourself and it takes more than a few seconds, you are probably impacted by this problem.

Note: only ActiveSync clients show up in the list in OWA.

Solution: use Android native email app in IMAP mode (which means no contacts or calendar), but I've had that slow down things too a bit, but not as bad as with Android ActiveSync clients.

If you try to send a message while an ActiveSync client is syncing, you'll sometimes get a message back like this:

Your message did not reach some or all of the intended recipients.

 

      Subject:    testing 1 2 3

      Sent: 11/25/2012 11:38 AM

 

The following recipient(s) cannot be reached:

 

      Steve Kirsch on 11/25/2012 11:41 AM

            This message could not be sent. Try sending the message again later, or contact your network administrator.  Error is [0x80004005-00000000-00000000].

The solution is to change your password and/or remove the activesync mobile devices using OWA using the steps below. Note that I've never had a problem with Apple's ActiveSync implementation. This only started when I added the Android clients...either too many clients or something odd about Android's ActiveSync implementations.

On the other hand, it could be the sheer number of clients attached to my mailbox. I have 2 PC desktops, 1 PC laptop, 1 apple macbook air, iphone, ipad, android so 7 devices and that's not including when i use OWA to connect.

Rackspace thinks it is one of my devices that is bogging down the mailbox. I have 7 devices connected to my Outlook account. They suggest changing my password to break the links, use as few devices as possible, and use OWA to break links as well:

"Please login to http://connect.emailsrvr.com

Select Option > See All Options > Phone (you can see all your mobile phone clients here)

Select the device and click the red X to delete"

What I did:

1. I removed three devices from the mobile phone list (3 android: one was touchdown, one android synced long ago, and a third android) using the X technique

2. I stopped Outlook on my PC at home (both accounts), and laptop, and Macbook Air.

Voila! Instant connectivity to my Outlook...sync's everything up in 30 seconds on Outlook now!

Moral:

1. You don't need to change your password

2. Try stopping devices one at a time till the problem resolves

3. Remove mobile devices you aren't using using owa (see above)

4. I suspect my android devices were messing it up (there were 3 android activesync profiles i removed from owa)

Timing for 2007: Connected at 8 seconds; this folder up to date @ 23 seconds; all folders up to date @ 35 seconds.

If the above doesn't work, look here: http://social.technet.microsoft.com/forums/en-us/outlook/thread/F38CBD33-B57E-4C57-801A-DE8C170EF69B

Decrypting TCP packets in Outlook 2007 talking to an exchange server
My Outlook isn't reliably connecting to exchange so here are some tips.

Use wireshark to see what is going on. Packets in black are errors (look at the View menu at the bottom for the Coloring Rules). But black isn't always bad. The packets from my computer are always black because the IP packet checksum is always zero because the checksumming is offloaded to the ethernet card by default in most cases so the outgoing packets sniffed by wireshark always have these errors.

I set up wireshark so it uses a capture filter of "host 184.106.31.88" which is rackspace's mailserver address. Then with the capture going, I start up Outlook and watch. You can narrow to a specific port number using a display fillter like "tcp.port==51424" (look at the local port number used in the SYN request; the remote port will be https which is 443). So this is a specific connection to the server. Outlook will start off making a connection to the server (with a SYN request) at packet #1. Note the source port. Then apply the port display filtering. What you'll find is that it will display 38 packets. This is because the connection is opened, stuff, is done, and then outlook will deliberately close off that particular port using a RST, ACK sent to the remote site and the remote site will reply with an ACK which closes down the connection. This is all exactly as it should be. The reset isn't a sign of trouble; it's just part of the protocol.

You'll notice lots of ACK packets with Len=0. This is just rackspace saying it got data. On ACK packets, the Seq is the sequence number of the person sending (rackspace), and the Ack is the # of bytes received so far on the connection. So on multiple ACK packets from rackspace where Outlook is doing all the talking, you'll see the Seq= value the same, and the Ack= values progressively increase. By the time the connection is closed for this initial socket pair, you'll see rackspace with the final ACK saying: Seq=3298 Ack=2664 which means rackspace got 2664 bytes and that rackspace sent out 3298 bytes to my computer. In these two final packets, since the Len=0, you'll note that the Seq and Ack values of the final two packets agree, then are just reversed (since ack and seq are relative to the sender).

The basic rule if you have no overlapping of time in the packets is that the SEQ, ACK of a pure ACK packet should equal the ACK, SEQ of the next packet from the sender. That says that everyone is in sync. So the Seq is always "how many bytes I've sent to you previously (i.e., not counting this packet)" and the ACK=how many bytes i've recevied from you so far on this TCP socket pair.

A TCP 3 way handshake is SYN from you, then SYN,ACK from remote (with ack=1, syn=0), then ACK from you (with seq=1, and ack=1).

SSL handshake

• client:  tls client hello (with seq=ack=1 and a len of 125)
• server: send 3 packets: server helo, tcp segment, and "certificate, server helo done."
• client: sends 2 packets: ACK  with a tcp packet. send a "client key exchange, change cipher spec, encrypted handshake"
• server sends 2 packets: ACK, change cipher spec, encrypted handshake
• client sends (in packet #12)Application data which starts about .27 seconds after the initial tcp SYN to the server. The seq=440, ack=3298 at that very first application packet from the client (the 12th packet in the sequence).

Abbreviated SSL handshake (re-use session ID):

• client: client helo
• server: server helo
• client: change cipher spec
• server: finished
• client: change cipher spec

When there are gaps, it is between data sends by rackspace, because I'm just ack'ing wit Len=0. Oddly, it is taking .2 seconds to send the ack, but that may because it's waiting to see if there is any data at my side.

When things stall, it is rackspace that is sending data on the port, but the seq=ack=1 which means that the port is a freshly opened port from the user and that either the user sent nothing, or that rackspace heard nothing. All i see is the freshly open port and all of a sudden rackspace is sending 991 new data bytes and my client sends nothing. There is no TLS negotiation on that socket (since it starts right after the tcp handshake), yet the data sent from rackspace is encrypted!?!?

Since I started my trace when the system was waiting, what's clear is that rackspace isn't sending a Server HELO. Which could be because i'm not sending a client helo or they aren't receiving it.

Oddly, i see a TLS application data request on a socket where seq=1 and Ack=1 which is odd since i'd expect the TLS handshake at that point, rather than data from the client to the server! and i've seen it from the rackspace side as well. The other odd thing is when I do a RST, ACK, I'm not always seeing ACK from rackspace.

I am seeing ssl socket open, client sends stuff to server, server sends the tcp acks, but never responds, so the client closes the connection and never gets a ACK back at the end (which presumably is sent by the application). So it's like I open a connection, send lots of stuff, never hear anything, then close the connection. That is pretty odd if that is normal protocol.

for stuff that opens and closes the socket within .5 sec, I see data from client and response and that goes 3 times total, then client does an ack, then rst, ack and there is no final ack from the server. But I've also seen packets that are strictly one way...they send their data and close, all within 1 second (sending 1600 bytes). So it sends the bytes and closes the connection.

In general, there isn't a lot of "wait time" anywhere before the socket is closed in many cases.

Use tcp.stream eq x where x starts at 0. Some of the original sockets are long lasting. Others are not!

What's very interesting is that during the "not responding part" both parties are sending each other application data packets that are exactly 99 bytes long. It ends when rackspace sends an application data packet with length >99 bytes. And the port starts with ack=seq=1 which is really odd. At the end, rackspace has sent 14,000 bytes and the client has sent 1 byte (the tcp handshake).

So the common elements during the "stall" period are:

• the port that finally responds with Application data != 99 is a port that started life with encrypted data being sent after ack=seq=1 (i.e., right after handshake)
• during the outage period, all application data of all ports (and there are many) has data size of 45 (total size of 99)
• both client and server are sending each other packets of size 45 bytes (total 99)
• it isn't a new connection that has to be made. it is an existing port than finally responds. the length of that packet is 425 tcp; 479 total.

Started from scratch, and just followed stream 0. Noticed that tcp.stream eq 0 port will send the server a 99 sized packet exactly every 30 seconds from the client to the server. The server immediately responds with a TCP ack. So these seem to be heartbeat type packets to keep the port alive. After a while, it will set the heartbeat interval to 60 seconds. Outlook says it is not responding.

So try enabling troubleshooting login per http://support.microsoft.com/kb/300479 but the file is at: C:\Documents and Settings\stk\Local Settings\temp\outlook logging\OPMLog.log

It wasn't very useful. Showed that it was taking 33 minutes to send a single message. And no errors!

2012.10.13 16:10:52 <<<< Logging Started (level is LTF_TRACE) >>>>
2012.10.13 16:10:52 HELPER::Initialize called
2012.10.13 16:10:52 Initializing: Finding a Transport
2012.10.13 16:10:52 MAPI XP Call: XPProviderInit in EMSMDB.DLL, hr = 0x00000000
2012.10.13 16:10:52 MAPI XP Call: TransportLogon, hr = 0x8004011d
2012.10.13 16:10:52 MAPI XP Call: Shutdown, hr = 0x00000000
2012.10.13 16:10:52 MAPI XP Call: XPProviderInit in EMSMDB.DLL, hr = 0x00000000
2012.10.13 16:10:54 MAPI Status: (-- -- ---/--- -- ---)
2012.10.13 16:10:54 MAPI XP Call: TransportLogon, hr = 0x00000000
2012.10.13 16:10:54 Initializing: Found a transport, Error code = 0x00000000
2012.10.13 16:10:54 MAPI XP Call: AddressTypes, hr = 0x00000000, cAddrs = 3, cUids = 1
2012.10.13 16:10:54 MAPI XP Call: RegisterOptions, hr = 0x00000000, cOptions = 2
2012.10.13 16:10:54 MAPI Status: (IN -- ---/OUT -- ---)
2012.10.13 16:10:54 MAPI XP Call: TransportNotify(BEGIN_IN|BEGIN_OUT), hr = 0x00000000
2012.10.13 16:10:54 HELPER::Initialize done, Error code = 0x00000000
2012.10.13 16:10:54 HELPER::GetCapabilities called, Error code = 0x00000000
2012.10.13 16:16:49 [email protected]: Synch operation started (flags = 00000001)
2012.10.13 16:16:49 [email protected]: UploadItems: 1 messages to send
2012.10.13 16:16:49 EXECUTING Put MAPI TASK
2012.10.13 16:16:49 Starting the Spooling Cycle
2012.10.13 16:16:49 MAPI Status: (IN -- ---/OUT fl ---)
2012.10.13 16:16:49 MAPI XP Call: FlushQueues, hr = 0x00000000, ulFlushFlags = 0x0000001a
2012.10.13 16:16:49 Sending one message
2012.10.13 16:16:49 Progress: Sending message 'testing 1 2 3' (size 2.70 KBytes)
2012.10.13 16:16:49 MAPI Status: (IN -- ---/OUT fl act)
2012.10.13 16:49:53 MAPI Status: (IN -- ---/OUT fl ---)
2012.10.13 16:49:53 MAPI XP Call: SubmitMessage, hr = 0x00000000
2012.10.13 16:49:53 MAPI XP Call: EndMessage, hr = 0x00000000
2012.10.13 16:49:53 FINISHED MAPI TASK
2012.10.13 16:49:53 [email protected]: ReportStatus: RSF_COMPLETED, hr = 0x00000000
2012.10.13 16:49:54 [email protected]: Synch operation completed
2012.10.13 16:49:54 Sending done, Error code = 0x00000000
2012.10.13 16:49:54 Sending done, Error code = 0x8004010f
2012.10.13 16:49:54 MAPI Status: (IN -- ---/OUT -- ---)
2012.10.13 16:49:54 Finishing the Spooling Cycle, Error code = 0x00000000

"All folders up to date" at about 1000 packets. I've had it not connect for 10 minutes and then disconnect.

Compare normal startup with troublesome startup. Start with stream and compare side by side.

Stream 0:

• The divergence happens right in the beginning. In both cases 595, 107, 459 length application data packets are sent about .7 sec into startup. These 3 are quickly ack'ed by rackspace by packet 42.
• Then the divergence happens. so from rackspace after the 3rd ack, we are at seq=3298, ack=2189 on both. At 1 second, the proper guy sends 3 data packets to rackspace (45, 46, 47) with sizes 107, 107, 779. But the bad startup case, the client sends nothing. Instead, the client waits exactly 30 seconds from when he should have send those data packets and just sends a heartbeats to rackspace every 30 seconds which rackspace dutifully acks immediately each time.
• The key is packet #44. What's supposed to happen is that rackspace sends a App data packet in response to all that stuff we sent them. This is coming from stream 1 (which is the socket dedicated for rackspace talking back to us where it is doing the sending). It simply isn't saying anything but sending a heartbeat every 60 seconds.

Bottom line: The key is tcp stream 1. @36 rackspace sends App data of length 417. This happens reliably all the time even on a failure to connect. When it fails, after that point it sends heartbeat (99 length) packets forever because rackspace is waiting on data. when it succeeds, you see packets of length 295, 291, 127 at home, or 319, 319, 159 at work from rackspace.

What is supposed to happen is this:

• rackspace sends (in stream 1) 417 packet at #36 at about .75 seconds into it
• client sends (in stream 0) rackspace three packets (607, 107, 543 at work) (595, 107, 459 at home)
• rackspace will ack all three of those packets with 3 individual ACKs (packet # 40 to 42 in tcp.stream eq 0)
• rackspace should then send (in stream 1) a packet around 300 bytes in response to those packets (295 or 319)  <<--- this part isn't happening on a failure...instead it just sneds keepalives every 60 seconds

Stream 0 is created on the first packet. This is the stream for the client talking to the server. Only the client talks and the server just ack's the packets. This is a long lived socket pair. After stream 1 sends the 417 long packet, the client should send 3 packets of length 607, 107, 543 (at work), and then get back a 319 length from rackspace.

Stream 1 is created on the 15th packet. This is the stream for the server to send data to the client. The client creates it, sends some data to the server, and from then on, it is basically all data from the server to the client. This is a long lived socket pair. @36 rackspace sends App data of length 417. This happens reliably all the time even on a failure to connect. When it fails, after that point it sends heartbeat (99 length) packets forever because rackspace is waiting on data. when it succeeds, you see packets of length described above.

Stream 2 is created on the 48th packet. This is for the client to talk to the server. It is long-lived.

Stream 3 is created on the 49th packet. It is short lived and the client closes it about 30 seconds into it when the authentication is complete (at packet 1148 or so). This is for the client talking to the server. It seems to be short lived.

My Bissell Carpet Cleaner won't spray water anymore
The repair facility will tell you to buy a new machine. But here are the things you should check first:

1. Make sure there is water in the main tank and cleaner (or water) in the detergent tank.
2. Make sure that if you press on both tanks that water (or cleaner) comes flowing out fast. If it doesn't, you'll find you can clean these and there is in fact a filter on the big tank on the other side that you never see since you never take it off. Mine was clogged. So unscrew both of these black tank caps and clean all sides. Put them back on.
3. Make sure that the two red rubber gaskets are attached to the removable tanks (and seat properly on them) and NOT attached to the machine. So when filled with water, both tanks should dispense lots of water freely when depressed. And the red gaskets are on the removable parts.
4. Make sure that you seat both tanks firmly in the machine. The detergent tank should "click" when seated (press back and down to seat it and you'll feel it click).
5. If you are using the hand attachment, make sure the machine is upright, the seals are in place, and the power cord is routed away from the machine and isn't preventing any seals from making contact.
6. When you turn on the machine, do NOT spray it. WAIT. Run it for 60 seconds in order to prime the pumps.
7. Put some hot water in the tank and run it on clean only through the hose. Remove the nozzle at the end. When you press the button on the hose, the water should squirt out at least 12 inches and maintain that until the water in the main tank is nearly out.
8. Check that the red part inside the main tank is freely moving. Not sure what this is, but it might be some sort of "full" bypass.
9. If that fails, you can try running a mixture of water and vinegar to try to clean the lines.

Verizon MiFi access point blocks access to \\machine
I couldn't access my home machine drives via the \\machine-name method. But it works fine from the hotel wifi, so it is clearly the Verizon card blocking the ports required for file sharing. Bizzare.

Diskeeper Home with HyperFast
Got this for my T420S laptop. After install I thought it might have caused my slow performance (it was Microsoft AntiMalware that caused the delay), so i stopped the service and then restarted it. I noticed 1) the display driver would crap out and restart, and 2) I got a blue screen (BSOD) while in Front Page. Not sure if is Diskeeper related or not, but if it keeps happening, I'm going into Services and disable it. I seems fine if it starts at system boot and you don't mess with it.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: 109
BCP1: A3A039D89A86A514
BCP2: B3B7465EED03770A
BCP3: FFFFF80002C55B30
BCP4: 0000000000000001
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Intel My WiFi and Connectify didn't work reliably for me
If you want to share an Internet connection with your family, I first enabled the Intel My WiFi Technology by going into control panel and doing a Change on the Intel PROSet/Wireless WiFi Software to enable it. It worked intermittently. Tried Connectify. Same problem. But with Connectify, my VPN stopped working and stopping (or terminating) the hotspot didn't fix it. It says "All devices connected" with Error 651 when you try to bring up the Microsoft VPN connection. On uninstall of Connectify, it hung leaving my system without a network. I had to use a restore point to get my system to work again. That was a close call. I'm back to using the Intel My WiFi.

Login to Front Page website didn't authenticate
I have my skirsch.com website hosted at a site that uses encrypted login. After I set up Front Page on my laptop, I tried logging in, but kept using the wrong userID. I switched to the right userID and it kept denying me. I spent 5 hours trying to debug it on a plane flight to Boston. My other website worked fine so I know Front Page had everything I needed. No dice. I thought it might have blacklisted my IP due to the invalid logins. When I got to the hotel, I was able to login just fine. Go figure. You don't need IIS or Front Page Extensions on the client.

Slow file copy in Windows 7
I tried copying find.exe in my unix utilities directory and found it took 2 seconds to copy a tiny 64K file. The reason: Microsoft Security Essentials scans it before the copy is allowed EVEN THOUGH I HAVE it only set to scan “incoming” files. I guess any newly created file fits that criteria.Not true with other files. So if you find a behavior (e.g., slow file copying) that is content dependent like this, look in Task Manager and see what is running when you try the copy.

2Wire router
I had a problem where my machines were slow and my wireless connections were often dropping connections to the Internet. Rebooting the 2wire fixed the problem. Never assume the firmware is solid, without bugs, even 2wire!

Acronis 2011 Home and Online backup: the BEST online backup ever
The online backup service is really cheap $5/mo for 5 PCs (up to 250GB). Such a deal. Has everything I could have wished for (it is way better than the original acronis product because you can say how many versions and how far back to keep backups. Very convenient. Full control over what gets backed up. And you can explore all the files from the app and drag them to another folder. Very nice. Just like Apple Time machine. And if you pay extra, you can restore to different hardware. The latest release (I installed on 4/15/11) works quite well. The only problem I had is that if I backed up to a network drive (\\myboookworld\stk\...), when I try to shutdown the computer afterwards, the computer hangs displaying the message "Operations are in progress. Please wait." Apparently it is a common problem  That was the only downside I noticed but that is with the normal acronis, not the online backup.

IBM T420s ThinkPad
I love it, but 1) the display is too "short" (about 2 inches shorter than previous models because they wanted the 16:9 aspect ratio) and 2) the vertical off-axis color shift really sucks. They shouldn't have cut corners on the display.

Moving system to new hardware
Before doing anything, make a full backup of your system using acronis preferably standalone. Make it to different media than your normal backup so you always have two copies. Then you can restore it just as it was and "undo" the sysprep after you are done.

Try restoring the image exactly as is to the new hardware. If that doesn't work, then try "repairing" the version of windows you just installed (see http://www.geekstogo.com/forum/topic/138-how-to-repair-windows-xp/).

If that doesn't work,  then it's more work. You'll have to trash your current disk.

Run sysprep found in c:\windows\system32\sysprep. Make sure that you run sysprep from an elevated priviledges command prompt (right click the command prompt shortcut and choose "run as administrator."  pick out of box and check the box for Generalize. Select the shutdown option since things don't work right when the sysprep is done. Then Back up the PC with acronis using the acronis recovery disk . Then restore that backup on your new hardware.

Finally, restore from your backup on your original machine so you don't have to mess with having to "undo" the sysprep. Otherwise you have to enter your windows product key, etc.

if you get a bootmgr is missing, get the install disk and do:

System hangs; "My computer" hangs
Kill IAAnotif.exe and IAANTMon.exe and see if that fixes it. It did for me. Then I disabled the Intel Matrix Storage service since it isn't needed since I don't use RAID. It was causing dropbox to use 50% of CPU when it locked up due to this. After killed dropbox, system just sat there; using no CPU or disk. When I killed those two processes, everything worked fine and the My Computer came up immediately. Not sure why this suddenly acted up!?! 

Soft auto focus on Canon L-series zoom lens
I get consistently sharper (noticeable at 1:1 magnification) with my 50mm prime than with the Canon f/4 24-105 zoom lens. Not sure why. Primes are always sharper, but I was astonished how much better the prime was. They are more similar in good light. Answer: Do a hard reset on the camera (remove battery and clock battery and power on for 10 seconds). Then calibrate your lenses using the custom function. This is an INCREDIBLE difference. Also, you'll get the sharpest focus in live view mode!

Laptop computer won't display screen on wakeup
Close the lid. Remove the Logitech USB dongle for your wireless mouse. Open the lid. You know it works when you start to hear activity within a few seconds of opening the lid.

Dropbox can't establish a secure connection to server
Check Windows Firewall setting. It may not allow traffic when you are connected to a public network or there may be multiple entries for dropbox. Make sure there is one entry, check all 3 boxes. Restart dropbox or reboot.

The other thing that might be a problem is a errant VPN connection that lets you connect to your private network, and it is configured to do default route on remote network, but the default route on your vpn is messed up so it won't route any of your other internet traffic. solution: reconfigure the VPN so you uncheck the box to route default traffic through the VPN.

Netgear VPN gives error when you try to connect when on Windows 7
Run your browser "as Administrator" the first time. That way, all the files will get installed in the proper places. Also, it won't work with Firefox.

International trips and your iPhone
If you listen to your voicemails, you'll be charged minutes. Best strategy: forward cell phone call to office line on the iphone Settings>Phone>Call Forwarding. Set up office phone to have a longer ring time in the aptela find me list on the website. In AcroBits, Settings>SIP accounts>Aptela>Incoming Calls set from off to On. Leave iPhone on Airplane mode but enable wi-fi. So you can call for free and get calls for free and if you aren't there your voicemails get mailed to you. But you have to have the app running in the foreground. Push notifications will not work because that requires cell service.

White balance
Best is to get a ColorChecker Passport which allows you to set a profile for each camera-lens-light source combination in Lightroom and has a nice way to consistently warm your images.

Take a custom white balance before your shots. Then use the color checker to check exposure right on the subject's face or critical part of the scene (white isn't blown when subject holds the colors).

Then shoot away. Little to no post processing needed!

Windows explorer locks .MOV and .AVI files whenever you touch them
Using Windows Explorer on a WinXP Pro SP3 machine with QuickTime 7.6.2 (515), merely attempting to renamed a .MOV file causes Explorer.exe to lock (handle) the file (says it's IN USE). If you uninstall QuickTime, the problem goes away. This is likely explorer calling quicktime to get thumbnail and other info about the file and hanging on the request. Then install QuickTime Alternative instead. No move file locking!

Windows Picture and Fax Viewer takes forever (a long time) to load an image
Poor programming on Microsoft's part. This is because it scans the directory before it loads your picture. If you have a dead .lnk in the directory your picture is in, then it will take forever (15 seconds or more). Move the picture to a new directory and you'll see that it loads instantly. The solution is to get rid of the dead .lnk. In my case, I had a link to a location that was only accessible via VPN. When VPN was down, the link wouldn't resolve. To find the .lnk causing the problem, double click on each .lnk in the directory with your image.

Getting your wireless device to pick the access point with the strongest signal
I did it the way you are supposed to do it: everything on a different channel, but all sharing the same SSID. The problem with this is I constantly get crummy signals as it switches to a further away access point. I have no idea what causes this, but I do know that it just loves the 2wire AT&T U-verse router, even when I'm standing next to a TP-Link access point. This is very clear when you have different SSIDs and you just pull up the Wi-Fi Networks screen of your iPhone and you'll see your access points come and go, but the 2wire will be solidly on all the time and every time you turn off/on wireless, it will go to the 2wire no matter which access point has the stronger signal. So I ended up using different SSIDs so I can force it to use the best one for the area I'm in. I'm pretty sure the problem is due to mixing different manufacturer's equipment using the same SSID. If you really want this to work right, use the same brand everywhere. I'll bet that works better, but I haven't confirmed it. Just a hunch. Contact me if you know.

Configuring a Netgear router in bridge mode (such as my Netgear Wireless-G Router WGR614)
I couldn't find this anywhere in the documentation, so I tried an experiment and it worked perfectly: Just plug all the cables (to your network and to your wired PCs) into the non-WAN ports. Voila! Everything will be on the same network, including your wireless clients!

Taking noise free photos at ISO 1600 on a Canon 7D
I was amazed that I can take absolutely stunningly crisp photos at ISO 1600 on my new Canon 7D that have no noise whatsoever. There are several tricks you have to know to do this:

1. High quality of light: Use a single high quality light source such as your flash. Mixing incandescent, natural sunlight, and flash will lead to noise.
2. Proper exposure: Make sure that your subject is properly exposed or slightly overexposed. Underexposing your subject will lead to noise. So basically, the highlights will have little noise so make sure the face of your subject is properly exposed. So if you want your whole photo to be noise free, make sure it is uniformly illuminated (i.e., as much of the photo as possible in the highlights).
3. Short exposure: Keep exposures short (e.g., 1/60 of a sec is just fine)
4. Make sure the subject is in focus: The part of the photo that is in focus will have the least amount of noise. Try focusing on the subject's eyes. If you are doing a good job, when you preview the photo in the camera and zoom to maximum, you should be able to easily see the blood vessels in the subject's eyes.
5. Closer is better: For a fixed size subject, the closer you get, the sharper the photo. So if you care about subject detail, a 50mm shot is going to have more detail than using a 100mm and standing further away.

If you leave ISO on auto, the camera will select a high ISO for flash shots to keep your background from becoming very underexposed. This has the disadvantage that your flash shots will be noisy outside of the area that is illuminated by the flash.

Portrait photos
The ones Augie Chang took of my daughters were taken with a EOS 5D Mark II at 1/125 to 1/160 sec, 85mm, f/1.8 to f/2.2, ISO 100 to 800. Outdoor photos of multiple girls were taken with 200mm lens, 13m subject distance, F/4, 1/125

Transferring long recordings on the iphone
If you use iProRecorder, the GUI is terrible, but it has a built-in webserver so if you turn local sharing on, you can download any .wav recording to your computer very easily and quickly. Otherwise, there are a variety of tools like iPhoneBrowser and TouchDrive that let you access files on your iPhone directly from Windows.

Charging your iPad in the car or from your laptop says "Not charging"
You can't charge your iPad from your car or USB. You must use the wall charger. This is because it needs a higher voltage that is only available when the cable is plugged into the wall.

Downloading large videos from your iphone
The normal methods (import from camera when your iphone is plugged into your PC) don't work for large videos. You get a file size of zero.

You have at least five good options:

Upload the video to YouTube using the regular photo brower app on your iPhone.

Use the dropbox app, select the camera at the bottom, and then select one photo or video to upload to your dropbox account.

iPhoneBrower will do the copy (look in the [root]/DCIM/100APPLE directory) and you don't have to jailbreak to access these files. Then you can make into an MP4 file using MPEG StreamClip (rotate 90 degrees CCW if you rotated the camera and adjust the resolution to 1280x720 (HDTV 720p). It's free but it doesn't show you previews and drag and drop doesn't seem to work.

Other options are TouchCopy or CopyTrans. Touch copy seemed like it would do the trick nicely, plus you can easily upload to YouTube.

Camera equipment
Canon 7D ($1600): This has Canon's best autofocus system and has fantastic low light performance (high ISOs). In addition, the controls are easy to use since there are direct buttons for the stuff you want to use. The camera is also relatively small compared with the pro cameras. So if you are a serious amateur, this seems to be the right camera to get. There is also a mic input for a shotgun mic (something my daughter's Rebel lacks). There is even a master speedlight controller built in so you don't need a ST-E2 to control flashes (but you still need the ST-E2 to trigger the radiopoppers). Basically, everything I'd ever want in a camera at a reasonable ($1,600) price. The JPGs of a screen shot look way better than the RAW file...they do noise reduction, etc. when generating the jpg's. The JPGs are indistinguishable from the RAW at the same quality (S,M,L). If you just want to view images on your computer screen only, you cannot see the difference between the highest and lowest resolution of the camera at 1:1 magnification. At higher magnifications, you can clearly see the big size is better. Low noise even at ISO 3200.
Wouldn't go beyond 3200.

Why does the 7D have a pop up flash? Useful as a master flash to trigger other speedlights. But main reason is consumers using point & shoot and upgrading will want this. But other than using it as a master flash trigger, not terribly useful since light is so harsh, although might use as a fill at -2 EV. The problem with using as fill in sunlight is to get under the synch speed you need to stop way down. Then stopped down any pop-up flash does not have enough reach to light the subject. And the pop-up cannot be used with HSS.

Canon Speedlight  430EX II ($265) is cheaper than the 580EXII, and harder to use, but works better with the pocketwizards (less radio interference); and I already have a 550EX master flash. However, the 580EXII gives you twice the distance, so that's the main reason to get it. Also, 580 is superior to the 550 in terms of information sent and white balance data, so time to upgrade to the 580EXII. I will get one and use my 550 if I need a second flash (or for use with pocketwizards). If the 580 is set for slave mode and you put it on the camera, it will reset itself to master. Unfortunately, when you remove it, it stays as master...would be nice to set it just once so off camera it is a slave and on camera it is a master.

Lens:

Canon EF-S 17-55mm f/2.8 IS USM Zoom Lens ... 2.8 Lens ($990). If you have to get one lens for the 7D, I don't see how you can beat this for versatility, size, and speed. 1.3 lbs which is virtually the same weight as the the 18 oz 28-135mm lens I now use which is a 3.5-5.6 lens. If you are more price sensitive, the Tamron 17-50/2.8 Di II VC is only $600 which is almost $400 cheaper for almost identical performance (it is louder on focus and image stabilization and there is a 1 sec delay for the IS). Since I have a 55-250mm Canon Zoom, the only drawback to this lens is I may end up having to switch lenses more often. This gives better bokeh than the 15-85 lens (which is focal length/f-number), but on the other hand, if I'm going to blur the background, I'd typically be using a long focal length to bring it closer.

But it's the f/2.8 aperture and focal range that really make this lens. It's great for low light situations, of course, but the wide aperture is also excellent for isolating your subject. For me, this often makes the difference in non-studio situations, as all of those background distractions can be blended away into a beautiful soft bokeh. It's very difficult to do this with an f/4 or f/5.6 lens.

The other option is the Canon EF 24-70mm f/2.8L USM Standard Zoom Lens. This lens gives you more zoom, but lacks IS and is heavier (2.1 lbs) and about $350 more expensive than the EF-S lens (which is why they created EF-S lenses in the first place). A pretty hard choice, but the EF-S lens seems better since the difference between 55 and 70 is pretty small, and the EF-S lens wins in every other category.

The guy at the camera store said the better tradeoff is to skip the 2.8 fixed and go instead with the EF-S 15-85 f/3.5-5.6 IS zoom lens ($720). He says if he could only have one lens for the camera, this one is the best. Not as fast, but better range and with high ISOs of the 7D, you don't need a fast lens and can get the depth of field from the 85mm (which is equivalent to 136mm on a full frame camera). There is a lot of personal preference here. I think either choice works. I like the versatility of the 2.8 which is two stops more than the 5.6 you'd get from this lens. Also, my other lens is a EF-S 55-250mm f/4-5.6 IS lens, so it complements the 17-55mm lens pretty well.

I was temped by the Canon EF-S 18-200mm 1:3.5-5.6 IS super zoom lens which has a fantastic zoom range, but optical quality is not as good as the 24-105, and focusing isn't as fast. This lens is a great choice if you only had one lens due to the zoom range. This is lower quality, but you'd never notice unless you blew up the photos (and in very rare situations).

I ended up buying the Canon Zoom Wide Angle-Telephoto EF 24-105mm f/4L IS USM Autofocus ($1,049) which seems like a really nice lens since I hate switching lenses and rarely need the longer zoom. It is 1.5lbs which is a bit heavier than the 28-135mm lens I now use (1.1lbs). Comment on B&H site: "I asked my photography teacher if he only had one lens he could purchase what would it be. He said he went to Paris with this lens and got every shot he wanted. I bought this lens on his recommendation and I am pleased I did." See the EF 24-105 review at the Digital Picture ("If I had only one lens, this would be the one"). You don't want to shoot with a UV filter, but I got one to protect the lens and I didn't notice any of the effects in that link, so perhaps it is the quality of the UV filter (mine cost $100). By photographing text using a flash on a tripod, I can see that this lens is as sharp as my trusty old 28-135 zoom (which is a lot cheaper and lighter than this lens). The advantage of this lens is it is fast which is particularly important when shooting indoors in natural light as quite often you are at 1/30 sec f4 with at ISO 3200 which means you don't have the luxury of a slower lens unless you want all your images blurry. I compared my trusty 28-135 zoom with this lens at low light on auto exposure and 100m focal length and indeed, the L lens had better quality and lower noise (likely due to twice as much light). So in real world indoor pictures, it does make a difference.

The key thing is to look at the images I take and see which lens works 90% of the time. The fact that I used the 28-135mm and never needed to switch lenses says it all. Most of my shots are family indoors. Over 100mm is awkward for indoors since you have to be too far away from the subject which is hard indoors. So I should use a lens tailored for most of my shooting. I can then use my daughter's 55-250 zoom when I need to take long shots outdoors or get a special background effect. This has the advantage that: 1) I can zoom closer (which is a real benefit at graduations, etc) 2) lens doesn't creep 3) it is lightweight and 4) I already have it. But the big disadvantage is if I want to switch to one walkaround lens, e.g., go mini golfing, I want to take just one lens that can do it all. So willing to give up the extra 50mm.

Transcend 16GB 600X ($85): 16GB holds 500 images at full RAW resolution, so that is more than enough for a single card. People have had great comments on using this card on the Canon 7D...this card can keep up with the camera without causing the camera to stall.

Yongnuo ST-E2: This has loads of advantages over the Canon ST-E2: it's a lot cheaper, won't let you thermally overload it, better range, it swivels, uses regular NiMH AA (2 required) instead of the way more expensive ($15 each) non-rechargeable lithium battery of the ST-E2. They claim it won't work with some Canon cameras, but people have verified it works with the 7D. However, you can use the popup flash in the 7D as a flash commander (you can set it not to fire as a main flash) so you don't really need a ST-E2 with a 7D (unless you want the AF assist) or like the buttons on the ST-E2 for super quick control of things like flash ratios. The problems with using the 7D as a commander are: 1) no IR assist: it doesn't do IR like the ST-E2, so it blinds your subjects (it makes a slight buzzing noise and emits multiple visible pulses whenever it is used for AF-assist, 2) it drains your main battery, 3) it doesn't have the range as the ST-E2. So using the ST-E2 is still desirable, even though not strictly required, with the 7D. When the ST-E2 is on the camera, the ST-E2 is in control which makes things pretty simple.

Radiopopper PX system: attaches very quickly to your ST-E2 when you need it (with velcro). Universal for all cameras unlike PocketWizards which has only beta software for the Canon 7D. Also Radiopopper has much better range than PocketWizards, but not if you use a sock. Bob Davis loves the Radiopoppers, but very few dealers carry them so you have to order direct. People who have used both like the Radiopoppers (see http://www.thephotoforum.com/forum/photography-equipment-products-news-reviews/191114-radio-popper-vs-pocket-wizard.html). You used to have to remove batteries from the radiopoppers when not in use, but now I have heard they have fixed that. I think I will try the PWs first ( $229 for TT5 and MiniTT1($200) since I can get them at a dealer and see if they work reliably as advertised. Seems like there are fewer things to have to put on your camera and less bulk. If you want the on-camera AF assist, you can put an ST-E2 on top of the TT1 so you can have it your way and get the AF assist which is really a necessity in low light. Configuring the PWs is simple on a computer (the RPs seem pretty complex with all the buttons you have to remember). To control flash ratios, you need a 580exII, STe2 (which is nice since it gives you AF assist), or the new PW zone controller, but I'd bet the 7D can do it on camera so you don't need any of those. It looks like the Yongnuo ST-E2 is plenty fine for my use (it has much better coverage than the Canon version) and PWs are overkill for now. If I do a lot of outdoor work where the ST-E2 can't bounce off of walls to trigger the flash, I may change my mind.

Camera bag that can hold 2 flashes, extra lens, lightsphere, cord, st-e2.

Canon WFT-E5A Wireless File Transmitter (WFT). $629 This plus ShutterSnitch on the iPad can be lots of fun at birthday parties and get togethers. I can use my Verizon MiFi 2200 card to connect the camera and the computer without having to buy a separate battery powered router like the $75 Aluratek CDM530AM. Only flaw is it won't automatically reattempt to push through unsent pictures. I got Err 45 when setting it up because my FileZilla FTP server was set up not to allow directory create access. That is required, even if you only write to root. Fixing that solved the problem. I figured this out from the TCP packet trace since the manual didn't mention this. But looking at the FileZilla Server GUI would have told this to me too. Using the connection wizard to set up a connection, you can number the connection at the very end. The best way to set things up is to always carry a portable wireless access point like MiFi or Aluratek. You do NOT need an internet connection. You can then leave you camera set up to use your MiFi card so wherever you go, you are set. The only rub is that the iPad may choose a different IP each time it connects with the router forcing you to set that IP in the camera each time you set up. Yuck. So the big trick is to give your iphone a "proper" name in iTunes like "michele-iPad" rather than "Michele Kirsch iPad". Giving it a name without spaces means you can then refer to it in the camera as "michele-iPad.local" and that way it will always work no matter what IP address the iPad gets from your router. Unfortunately, while ping finds the name just fine from my PC, the camera does not (since it is using the router for the DNS which can find external DNS names just fine). Then, when you are connected to the Internet, you can upload from ShutterSnitch to either Flickr or your FTP site. To disable the wireless quickly, goto WFT Settings>Communication Mode: Disconnect or just pop out the battery.

ShutterSnitch: see Wireless photography with an iPad and ShutterSnitch. Don't use an Eye-Fi card since Canon uses CF and the SDHC->CF adapters kill the wifi signal (unless you take the covers off and that is messy). I'll use my Verizon Mifi card as a portable access point. Note that shutterSnitch has it's own ftp server (with the funny port number), so you have to set up your camera to send to the shuttersnitch ftp server. Their FTP server won't respond until you are inside a collection (it will say listening on port ...). Testing using the URL they gave you and it will work (it uses passive mode). But my camera wouldn't connect. I checked and I entered the IP address of ShutterSnitch wrong. Fixing that solved the problem. You can then use ShutterSnitch to transfer your images to your FTP server or to Flickr. My FTP server is linked to my dropbox accont. So a good way to wirelessly work is to use shuttersnitch to get all your images (using my MiFi card as the access point so it will work anywhere), then upload them to flickr. So you don't need to set up your own ftp server and you don't need internet access at all while capturing to the iPad. Very cool. The upload functions are only available if you log in as super user. I couldn't get the flickr upload to work; it would switch screens to Flickr and then switch back again. I couldn't get the "You are currently authenticated." to appear below the "Authenticate" button. Every time it quickly went to the flickr page and came back instantly...no chance to hit the authorize button. And going to safari to log in to flickr takes me to the shuttersnitch app right after I type my username/password! Clearing cookies didn't help. Wishlist:

• Shuttersnitch needs an option to stay in superuser mode.
• the images on the iPad are not faithful renditions of the original image: text that is blurred on the iPad is clearly perfectly fine in the original jpg (and when you upload it to your ftp server)
• there should be a way to easily delete images while looking at them in full screen mode (right now, you have to select them from the filmstrip)

Gary Fong AmberDome ($18.37): I have Lightsphere II cloud, so this is a good addition. More convenient than the flimsy photo gel samples.

Rosco Roscolux Swatchbook ($2): for photo gels to put over your speedlight, you can't beat this selection for only $2! Use the pull out panel to keep these flimsy filters in place. So if you want a special effect, the price is hard to beat. I don't expect to use these much so $2 is a great investment.

Portrait Professional ($49) seems well worth the the money for the time it saves you, but Portraiture is even better and plugs into Lightroom, but only operates on JPG and TIFF files (you'd want to operate on 16 bit TIFF for best results). I might skip this for now.

Lightroom 3 is quite feature packed. It has improved noise reduction tools. You can whiten teeth, smooth skin, etc. Handy tools are the local adjustment tool which lets you draw a mask (use mouse wheel to change size), z toggles zoom, h hides mask locations, O lets you see the mask, \ toggles before/after, alt-mouse lets you remove from the mask, and checking the auto-mask makes the masks more edge aware, alt will change "Effect" to "Reset" to reset tools (so you can click on Reset). To brighten teeth, can reduce saturation and either increase exposure or brightness (otherwise you'll get grey if you just reduce saturation). If you hover the mouse over the exposure number to the right of the slider, then up and down arrows will modify the exposure and left and right arrows change images. That's a fast way to tweak exposure on lots of images. L turns lights off and on.

Lights, Camera, Capture by Bob Davis. This iPad app is great. Cheaper ($10) and better than buying the book ($25). The included videos are great...I only wish they were part of the download so you can read the book anywhere.

I considered these items, but I'm not going to buy them just yet

• Gary Fong collapsible lightsphere: allows you to mount the domes up or down. Collapses to a small size which is handy. Also accepts various filters. Not sure how well it will mount on my camera.
• Gary Fong Gel Filter Set for the Lightsphere Collapsible Diffuser: The amber is the most useful. And I have the $2 gel set for special occassions. A bit hard to get on.
• Gary Fong Lightsphere dome kit: has 3 different domes: amber, powergrid, chromedome. I don't think I'd ever need all these.
• PocketWizard MiniTT1 and FlexTT5 for Canon: shorter range than Radiopopper, and you don't need the ST-E2 and there is a nice AC3  ZoneController addon for flash control. The PocketWizard transmitter uses a small non-rechargable battery that should last a long time, and the receiver battery is rechargeable.

Safest car for teenagers
CHP officers are amazed that people driving Honda Accords always seem to walk away from accidents without damage to themselves. See safercar.gov ratings.

Apple iPhone has a limit of only 11 home screens
If you install more apps than that, the apps are there, but you cannot see them. So it forces you to organize your apps.

Quieting the fan on my ThinkPad laptop
Downloaded thinkpad fan control app: http://www.staff.uni-marburg.de/~schmitzr/donate.html. Didn't change any of the settings (except some of the .ini file options). The other option is to wear the new Bose QC15 headphones (if you have the old ones you can go to a Bose store and upgrade for $100; while you are there check out the VideoWave demo; very impressive).

Silent laptop: The T410S (with the SSD) is supposed to be very quiet, but I've heard that Dell is quieter. I love a silent laptop so if you know of one...

Rechargeable 2CR5 6V lithium batteries for Canon ST-E2: they don't exist. The ones on the market won't work because the current draw brings down the voltage so much the unit stops working. Too bad.

Best batteries to buy
IMEDION "Ready When you Are!" rechargable batteries are the best. I've purchased too many NiMH batteries that were still in their package absolutely new and when I opened them to use them, the batteries were completely dead and couldn't be recharged. These new IMEDION batteries are constructed to avoid the normal self-discharge of NiMH batteries so that you get the shelf life more like a regular Alkaline battery! They are the same price as the old style batteries and you get 10% less capacity, but the lack of any significant self-discharge is HUGE. You can get these in any size, including a 9.6V size (finally something above the normal 8.4V you usually get)! These batteries retain up to 85% of charge after one year of storage

Laptop computer running Windows 7 won't go into sleep or shut down
The conventional way is to do a clean boot, and then enable half the drivers, then try again, doing a binary search to find the offending driver preventing shutdown.

Another way: Create a custom view in event viewer for critical system events. I then sorted by date to see when these started happening. You'll see Kernel-Power events saying "The system has rebooted without cleanly shutting down first." These events started for me on 10/13/10. So first I looked for a restore point before that time. No luck. That's odd since when I went to create a new restore point, I found that only used 1.4G for restore points and 4.5G was reserved.

So I went into Control Panel >Programs and sorted by install date of the programs. It had to be something that installed just before that date. Viola! Microsoft Security Essentials installed on that date! So was adobe reader. So try uninstall security essentials first. BINGO! Shutdown was successful!!!!!!!

Note: Windows 7 seems not to like to shutdown or sleep if you are connected to a network drive, e.g., if I browse to \\mybookworld\... which I use for backups, and enter my login, then sleep and shutdown will fail. Go figure.

Outlook contact linking in Outlook 2007
Turned off by default. To turn on, do Tools>Options>Preferences>Contact Options and check "Show Contact Linking on all Forms". I also do Tools>Customize>Options and set Always show full menus.

Third party apps start and exit immediately on an iPhone
Go into iTunes and re-authorize the iPhone. You'd think they'd give you a more user friendly error message.

Exchange 2010 and Outlook 2003 "Cannot connect to exchange server"
I had to restore a computer to an old backup where the mail account was on the old exchange server. I remembered I had to change the exchange server to the new one, but kept getting a message it couldn't connect to the exchange server. The trick to getting it to work is to check the box "Encrypt data between Microsoft Outlook and Microsoft Exchange Server." Make sure you have VPN up. Make sure you can telnet exchangeServerName epmap. If you do all these things, it should work. Spent hours on the "Encrypt data."

AT&T U-verse and Outlook
When I upgraded to AT&T uverse to get faster speeds, Outlook stopped working. The reason is AT&T blocks the epmap port. They don't tell you that! So you have two choices: 1) configure Outlook to connect via https (see below) or 2) make a VPN connection first. Your choice.

Outlook and connecting via HTTP
If you set up Outlook to connect to your exchange server via http, in addition to entering the name of your exchange server, choose connect via SSL only and be absolutely sure to check both checkboxes to connect via http first or it will be very slow before you get a connection

Laptop battery
Using the Lenovo battery manager, I set my battery to start charging at <70% and stop charging at 90%. This will improve battery life (number of cycles I get). Although it means I might go on a trip with a partially charge battery, the capacity of the new battery is pretty good and I have 2G of RAM so the laptop should last a long time, even at 70% capacity. If you use the defaults, you are always charging the battery to 100% which reduces its lifetime. Keep the charge cycles low and stay below 95% of full capacity. By sacrificing a little capacity at the high end, your battery will last a lot longer.

USB flash drives and ReadyBoost: Not all file systems are created equal
Measure the read/write performance of your USB stick on your system with various file formats. You'll be surprised! I found that FAT32 is by far the fastest for writes, with exFAT about 30% slower and NTFS about 6.5 times slower than FAT32 for writes on flash drives! That is why most flash drives use FAT32!

Therefore, you want to stick with FAT32 which means you can't have more than 4GB for the ReadyBoost partition since that is the biggest size for a single file in FAT32. So I'll order an 8GB card and use 4GB for the ReadyBoost, and 4GB for file storage (My Dropbox).

To speed up my Windows 7 laptop (a ThinkPad T43), I am ordering an $8 elago Mobile Nano II USB 2.0 microSDHC Flash Memory Card Reader and an $18 Kingston 8 GB microSDHC Class 4 Flash Memory Card SDC4/8GB. The elago carrier for microSDHC is so amazingly low profile that I can leave it in my laptop all the time: same size as the USB receiver for my Logitech Anywhere mouse.

If you want something even faster, try the $30 Kingmax 8GB MicroSDHC Class 10 card (which gives you 10MB/sec transfer rates). However, the Kingston Class 4 card gave me 10MB/sec write speed and 20MB/sec read speed! Boy, was I impressed. I was expecting only 4 MB/sec or so.

Note however that in general ReadyBoost doesn't really offer much of a boost in speed since it only uses the USB stick if the data is not contiguous on the disk. So I wasn't really impressed with the difference in performance at all (and you can see on the performance monitor your ReadyBoost saved reads...there is a special panel for that).

This is way cheaper than the Buffalo Thumbkey which uses exactly the same technique, but which are a LOT more expensive and not available from any US reseller.

Here is what my Amazon review said:

Wow, was I impressed. I expected to get 4MB/sec, and instead, when copying a big file to the device, it wrote out at nearly 10MB/sec. Read speed was 20MB/sec.

I was using this in an elago Mobile Nano II which fits flush in my laptop's USB port so I never have to remove it.

Since this is a microSDHC, you can only format these with FAT32, but that's just fine since NTFS is about 6X slower on USB sticks so you'd never want to format flash memory with NTFS anyway!

So I use 4GB for ReadyBoost on Windows 7 (which is the most you can do for 4GB) and use the other 4GB for file storage for stuff I'm actively working on.

Updated ThinkPad to Windows 7, but sleep option is not available
The default display driver doesn't support sleep mode. Downloading drivers from the Lenovo site and installing them (i.e., the ATI driver) fixed the problem.

Outlook fails to update folders automatically (it shows the date last updated when you view the Inbox rather than "All folders are up to date"); doing Send/Receive All gives an error message
This means your OST file is corrupted. Try ScanOST on just the folder which isn't syncing (typically the Inbox in my case). If that doesn't work, try it on the whole .ost file. If it works, the problem should be gone. If it fails, just delete the ost file and let Outlook re-create it. Don't waste your time with scanpst. It will be successful, but will not fix the problem.

A hot IO Controller can corrupt your disks
I had disk errors where files were corrupted (my ost file) and my secondary drive would "disappear." Changing the motherboard out fixed the problem. EventLog showed disk errors, so we suspected the controller. The Intel motherboard runs these controllers very hot (80 degrees C).

SSD can give you an amazing performance boost
My hard drives in my desktop kept failing so I replaced with a Patriot Torqx 128 GB SSD ATA device formatted with NTFS. Now I couldn't be happier. It's blazingly fast. I copied a file from my second hard drive to the SSD and got a 95MB/sec transfer rate. That is simply unbelievable.

Fan speed and temperatures stopped showing up in Intel Desktop Utilities after a failed attempt to upgrade the BIOS
Never solved this one. The BIOS upgrade failed (even though it said it succeeded in Windows), and after that, no more temperature or fan speed info shows up. Replaced the motherboard and all is fine. Never figured out why the BIOS upgrade failed.

Setting up FileZilla FTP server on my home machine notes
admin port: 14147 (this is for filezilla use only so you can ignore it)
mapped  2wire FTP ports to stk-home machine (port 20 and 21 presumably in the FTP mapping in 2wire)
set up port range 61230 and 61231 to be used for transfers in passive mode in filezilla
allowed that port range in windows firewall as an exception
mapped that port range to stk-home machine in my home router
told fileziller server for passive mode it to use the external IP of 75.37.194.41 and that port range

FrontPage is confused
Try looking in
C:\Users\stk\AppData\Roaming\Microsoft\Web Server Extensions\Cache\
C:\Users\stk\AppData\Roaming\Microsoft\Windows\Network Shortcuts

I've gotten the dreaded "An error occurred accessing your Windows SharePoint Services files. Authors – if authoring against a Web Server, please contact the Webmaster for the server’s Web site. Webmasters – please see the server’s application event log for more details." and was unable to fix it after rebooting and deleting the files. I instead loaded it because it was a subdomain, so loaded up http://www.junkfax.org/skirsch.com and that worked. Bizzare. If you know of the solution, I'm all ears. It is clearly related solely to the Frontpage client, because my other two computers don't have the problem. It came on all of a sudden after they moved the IP of my frontpage server so i think it is some sort of caching problem.

My "must have" software

• Dropbox: Keeps my files in sync among my 3 computers
• SimplyFile: Outlook add-on that makes filing a message in a folder a snap
• Abaca anti-spam add-on for Outlook
• RoboForm: The newest version, RoboForm Everywhere rocks. One annual price for unlimited number of machines. They now include network sync included with the price (it auto syncs when you login or change a passcard). robotaskbaricon does seem to go into an infinite tight loop sometimes and quiting the browser doesn't help. You have to manually kill the process.
• Emacs
• Process Monitor from sysinternals: Helps you to find where the file is that a program is using
• Wireshark: Ethernet pack sniffer
• Firefox and Xmarks: I love being able to type a few keywords to find the web page I bookmarked. Xmarks keeps my bookmarks in sync
• FrontPage: So easy to use for web site editing. Too bad they discontinued it.
• ssh Tectia client (note that the profiles are all stored in a single file (the broker-config.xml) in C:\Users\stk\AppData\Roaming\SSH. if you want to copy it over to another machine)
• Acronis True Image Home 2011: a bit buggy (especially showing the backup buttons which keep dancing on me), but reliable backups and restore and it is very fast and other nice features.

"Must have" hardware

• Logitech Anywhere Mouse MX optical mouse: this mouse is so good, it tracks reliably on glass. I had to prove it to myself. Best mouse I've ever used.
• My work PC running a quad processor with 64 bit Windows 7 is completely silent (thanks to careful choice of motherboard and chassis fan) and blindingly fast. Ashwin Doshi put it together for me and if I have a problem, he's there to fix it. Couldn't be happier with the system or the service. If you are in Santa Clara, I highly recommend him. Ask for a system like mine. You will not believe your ears. [email protected]
• Western Digital MyBook: I have the USB version and the WorldBook edition. They work flawlessly. Best of all they spin down and are silent if they are not in use. You can use the WorldBook for backing up Macs using TimeMachine. So I have a totally silent (most of the time) 1TB backup disk for backing up my kid's Macs.
• TP-Link Wireless Lite N Access Point TL-WA701ND (150 Mbps). This is great for installing access points around the house. Power over ethernet is very hand so one wire to run. After a few months, it didn't bridge so I power cycled it and it is back to normal. So unfortunately, it isn't glitch free like my 2wire router that AT&T installed for my U-verse service. That 2wire box is almost rock solid. I don't have to reset it very often (if it drops Internet connectivity of wireless devices, rebooting fixes that).