My Thoughts On IT…

Brian Lewis's Thoughts on all things Information Technology related

clip_image002

Microsoft has announced a new Surface 3! This is not the Surface 3 Pro, it is a newer Surface geared at a lower price point and better battery life. The consumer version list price starts at $499. It runs the new Intel Atom x7 processor that sips battery power while giving lots of computing power!

The Surface 3 is the thinnest, lightest Surface ever made to date, also coming soon with 4G LTE! Here are some specific details for you to ponder:

  • The thinnest and lightest Surface ever built! Only 0.34” thin and1.37 pounds!
  • Best camera ever on Surface! 8MP rear facing camera with auto focus (great for capturing images of documents and bar codes). 
  • Brightest Surface display ever. 10.8”, a 3:2 aspect ratio, 1920 x 1280 resolution and the brightest display we’ve ever made makes Surface 3 easier to see in sunlight.
  • Runs desktop applications. Runs full Windows 8.1. Powered by the latest Quad Core Intel® Atom™ x7 Z8700 processor – 80% as fast as the Surface Pro 3 i3.
  • Micro USB for charging.  Open up a new world of battery charging and back-up battery accessories. Charge your phone and your Surface with the same charger.
  • All day battery life. Up to10 hours of battery life allow you work through the day.
  • 4G LTE: Surface 3 will be available with LTE!

clip_image001

The Surface 3 is powerful and efficient, it comes with full Windows, and a one year subscription to Office 365 Personal while giving you all-day battery life.

Powered by the new quad-core Intel® Atom™ x7 processor, Surface 3 is quick and responsive but designed to maximize efficiency with up to 10 hours of battery life. A range of storage and memory configurations gives people choice in power and capacity. The beautiful 10.8-inch ClearType HD multi-touch display features a 3:2 aspect ratio with front facing stereo speakers with Dolby® enhanced audio.

It also has an optional Docking Station that enables you to go from tablet to desktop workstation. The docking station has a gigabit Ethernet port, a Mini DisplayPort for an external HD monitor and four USB ports.

The Surface 3 and new accessories are available for preorder starting at just $499 through microsoftstore.com, Microsoft stores and select partner retailers in our existing markets. Through those same retailers and resellers, customers can begin purchasing Surface 3 and accessories with availability in all existing markets by May 5.

ATM Route

I try to be safe and not use ATM machines in untrusted places but my bank is a trusted place, right? Well, after seeing the two devices below, I now have a new appreciation for the ability criminals have to fool me.

The Skimmer
First a criminal would need to get a copy of the magnetic strip on my ATM card and for that they use a skimmer. While that may be easy with some untrusted ATM in a shady bar, you would not think they could pull this off at a reputable bank. Especially your bank that you always go to. Look below at one of the skimmers a criminal attached to the outside of a normal ATM reader. When you insert your card it gets read twice. Once by the ATM and once by the skimmer. I may just tug on the next ATM card reader that I use just to make sure it doesn’t come off.

The Camera
Next they need your PIN. The easiest way to get your PIN is with a hidden camera. Watch out for mirrors that could have a camera behind it. Just like with the skimmer above you need to examine the ATM. If you look close at the photo below you can see the grey bar that looks like a piece of the ATM machine.  It’s not. It is a pin hole camera that someone placed on the ATM machine to steal customers PINs. That camera would capture your pin nicely and even when you use your body block twist motion so others can’t see. I would have never noticed it, would you?

Here is a look at the back of the camera after it was pulled down…

image

The moral of this story, don’t just watch out for criminals who will physically take your money at the ATM but also beware of the electronic tools thieves use at the ATM.

I was trying to add an Office plugin to my system but I needed to know if I was running the 32 bit or 64 bit version of Office 2013. I assumed I could just click on “help” and then “about” to get my answer. That was kinda the answer but it took me forever to find it and I didn’t find any good answers when I searched for it. So I created this post to hopefully save you time and aggravation!

Question:
How do I tell if I have 32bit or 64 bit office 2013 installed?

Answer:
Click the series here:  File – Account – About Word.

image

That then brings up the window you need:

image

There is my answer! I am running 32 bit Office on my 64bit Windows 8.1 machine.

Cheers! –Brian

We all know that encryption is complicated but most people think that because they are using AES, Blowfish, IDEA, or some other advanced encryption then the data is secure. Well it’s more complicated than that. Not only do you have to look at the key size like 128 bit, 256 bit, etc., but another really important piece is the mode that the encryption uses. ECB mode has some serious problems because it is poor at hiding data patterns. There are a lot of software packages that offer strong AES encryption but use EBC mode and therefore aren’t that strong.

A standard example of the problem with EBC mode is shown below:

Original Original Securely Encrypted
Original ECB Mode Encrypted Securely Encrypted

It is very obvious above that when the original photo is encrypted with ECB mode you have changed the data but the pattern is still there. This is a very obvious example with a picture but the problem exists for text also.

Make sure to check your software because many applications that you think securely scramble your data with AES strong encryption use EBC mode. So when looking at your tools that use encryption, make sure they use Cipher-Block Chaining mode (CBC mode) or some other proven mode. You can find more on the encryption modes here:
http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

This is part 13 of the Modernizing Your Infrastructure with Hybrid Cloud series. You can find find the rest of the series located here: http://aka.ms/ModernCloud

AzureVIPHopefully by now you have had a chance to use Microsoft Azure Virtual Machines and Websites. One of the things you might want for your server on the internet is an IP address that doesn’t change. You may want this to ensure your outbound traffic from your Azure server uses a predictable IP address. This will enable you to set a DNS record or a firewall rule with your dedicated IP address. Another benefit of reserving an address is that you keep your IP address even when you de-provision your virtual machine.

There are some important steps you need to pay attention to:

  • At this time, you can’t go back and apply a reservation to something that’s already been deployed, so you must reserve the IP address first, before deploying.
  • You reserve a Virtual IP and the VIP will stay with your cloud service.
  • There is a limit of 5 reserved IP addresses per standard subscription. Limit can be raised via a support request.
  • There is a limit of 100 reserved IP addresses per Enterprise Agreement subscription. Limit can be raised via a support request.
  • The first 5 actively used IP addresses are free. Otherwise IP addresses are about $4 a month.
    Pricing details here:  http://azure.microsoft.com/en-us/pricing/details/reserved-ip-addresses/
  • Reserved IP is supported only for Regional VNets. It is not supported for VNets that are associated with affinity groups. For more information about associating a VNet with a region or an affinity group, see About Regional VNets and Affinity Groups for Virtual Network.

Currently there is no way to reserve your IP address in the graphical web tools. That’s right you must use PowerShell. In the tables below are the commands that are available today to set IP addresses. The three main commands are:

Command Explanation
get-help *-AzureReservedIP* List all Azure reserved IP commands
Get-AzureReservedIP View all of your reserved IP addresses
New-AzureReservedIP Reserve a New IP address
Remove-AzureReservedIP Delete a Reservation

 

In the So lets take a look at using this on my Azure account:

Command Description
   
New-AzureReservedIP –ReservedIPName “MyServer1IP” –Label “Server1IP” –Location “West US”

image

Create a new reservation
This creates the reservation in the location specified. Once complete it is ready to use when creating a new VM.
Get-AzureReservedIP

image

List out my reserved IP addresses

Get-AzureReservedIP lists out the Azure Reserved IP addresses you have.

New-AzureQuickVM -Windows -ServiceName bjl3 -Name bjl3 -InstanceSize Small -ImageName “a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201408.01-en.us-127GB.vhd” -AdminUsername brian -Password Your$Random^Password#Here –ReservedIPName MyServer1IP –Location “West US”

image

Create a VM using the reservation

I used the quick create command-let to create my VM.

Get-AzureVMImage |  Select-Object -Property ImageName |  Out-GridView

image

Get the Platform Image Name

In the create command I used a platform Image but they keep getting updated and that name changes. So to get the current platform name I use the get-AzureImage command.
Once the Out-GridView window opened I set a filter of “windows-server-2012-r2” to narrow the list of images down. Then I used the image name in the Quick VM create command.

Get-AzureReservedIP

image

List out multiple addresses

Here I have two reserved IP addresses – the first is in use on a VM and the second is just reserved.

Remember you are charged for the unused IP address.

Remove-AzureReservedIP -ReservedIPName MyServer2IP

image

Remove a Reserved IP address

Removing a Reserved IP address is easy. Just give the reserved IP name and it’s gone.

 

Here are the commands from above that reserve your IP and then create your VM.

New-AzureReservedIP –ReservedIPName “MyServer1IP” –Label “Server1IP” –Location “West US”

New-AzureQuickVM -Windows -ServiceName bjl3 -Name bjl3 -InstanceSize Small -ImageName “a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201408.01-en.us-127GB.vhd” -AdminUsername brian -Password Your$Random^Password#Here –ReservedIPName MyServer1IP –Location “West US”

 

I hope that helps make it easy for you to reserve your IP address today for your Azure VMs!

-Brian

For more details see the articles below:

powershell2-300x300My Father introduced me to computers when I was in high school and one of his favorite tools he would add to his workstation was a DOS tool called “whereis.exe”. The whereis name comes from a Unix command but that is not what I like about it. The executable my Dad  had was a great search tool in the old days, long before search was built into the OS and I want a tool like that.

I have looked for this tool and been disappointed with most things I have found. So, when I was brushing up on my PowerShell I looked for an equivalent way to search. I did find the PowerShell standard command for this – get-childitem, but it left me wanting more. Then I found this old article by Tim Bolton: http://timbolton.net/2010/03/05/whereis-with-powershell/ It is about a PowerShell script called whereis.ps1 and it looked promising. It was very well written and commented by Bill Stewart.

I made some changes to the script to ignore errors and change the output to make it fit my wants better. I also made a few changes to the self help to give the syntax of more complicated commands. Now it is exactly what I was looking for! Let me know if you need help getting this to work for you!

Whereis.ps1

 

Here is the code:

# Whereis.ps1
# Origionally Written by Bill Stewart (bill.stewart@frenchmortuary.com)
# Updated by Brian Lewis (blewis@microsoft.com)
#
# Searches for files and/or directories.

param ($Name,
       $Path,
       $LastWriteTimeRange,
       $SizeRange,
       [Switch] $OneLevel,
       [Switch] $Files,
       [Switch] $Dirs,
       [Switch] $Force,
       [Switch] $DefaultFormat,
       [Switch] $Help)

# Displays a usage message and ends the script.
function usage {
  $scriptname = $SCRIPT:MYINVOCATION.MyCommand.Name

  “NAME”
  ”    $scriptname”
  “”
  “SYNOPSIS”
  ”    Searches for files and/or directories.”
  “”
  “SYNTAX”
  ”    $scriptname -name <String[]> [-path <String[]>]”
  ”    [-lastwritetimerange <DateTime[]> [-sizerange <UInt64[]> [-onelevel]”
  ”    [-files] [-dirs] [-force] [-defaultformat]”
  “”
  “EXAMPLES”
  “”
  ”   set-alias whereis ./whereis.ps1      # if you set the alias you can just type ‘whereis’ instead of .\whereis.ps1 :)”
  ”             whereis blewis.txt”
  ”             whereis blewis.txt -path c:\users”
  ”             whereis blewis.txt c:\users -Force”
  ”             whereis *blewis* -path c:\users -SizeRange 55000,10000000″
  ”             whereis blewis* -path c:\users -LastWriteTimeRange 4/18/2014,6/18/2014″
  “”
  “PARAMETERS”
  ”    -name <String[]>”
  ”        Searches for items that match the specified wildcard pattern(s).”
  “”
  ”    -path <String[]>”
  ”        Searches for items in the specified location(s). If not specified, the”
  ”        default is to search all local fixed drives.”
  “”
  ”    -lastwritetimerange <DateTime[]>”
  ”        Limits output to items matching a date range. A single value means”
  ”        “”items modified from the specified date and later.”” An array is”
  ”        interpreted as an inclusive date range where the first element is the”
  ”        earliest date and the second element is the latest date. A zero for the”
  ”        first element means “”no earliest date.”””
  “”
  ”    -sizerange <UInt64[]>”
  ”        Limits output to files matching a size range. A single value means”
  ”        “”files must be at least the specified size.”” An array is interpreted as”
  ”        an inclusive size range where the first element is the smallest size”
  ”        and the second element is the largest size.”
  “”
  ”    -onelevel”
  ”        This parameter limits searches to the specified path(s). Subdirectories”
  ”        are not searched.”
  “”
  ”    -files”
  ”        Searches for files. This is the default. To search for both files and”
  ”        directories, specify both -files and -dirs.”
  “”
  ”    -dirs”
  ”        Searches for directories. To search for both files and directories,”
  ”        specify both -files and -dirs.”
  “”
  ”    -force”
  ”        Expands the search to find items with hidden and system attributes.”
  “”
  ”    -defaultformat”
  ”        Outputs items using the default formatter instead of formatted”
  ”        strings.”

  exit
}

# Returns whether the specified value is numeric.
function isNumeric($value) {
  [Decimal], [Double], [Int32], [Int64],
  [Single], [UInt32], [UInt64] -contains $value.GetType()
}

# Outputs the specified file system item. With -defaultformat,
# output the item using the default formatter; otherwise, output a
# formatted string.
function writeItem($item) {
  if ($DefaultFormat) {
    “{0} {1:yyyy-MM-dd HH:mm} {2,15:N0} {3}” -f $item.Mode,
      $item.LastWriteTime, $item.Length, $item.FullName
  }
  else {
   
   $item | Select-Object Name,Directory
  }
}

function main {
  # If -help is present or the -name parameter is missing, output
  # the usage message.
  if (($Help) -or (-not $Name)) {
    usage
  }

  # Convert $Name to an array. If any array element contains *,
  # change the array to $NULL. This is because
  #   get-childitem c:\* -include *
  # recurses to one level even if you don’t use -recurse.
  $Name = @($Name)
  for ($i = 0; $i -lt $Name.Length; $i++) {
    if ($Name[$i] -eq “*”) {
      $Name = $NULL
      break
    }
  }

  #CALLOUT A
  # If no -path parameter, use WMI to collect a list of fixed drives.
  if (-not $Path) {
    $Path = get-wmiobject Win32_LogicalDisk -filter DriveType=3 | foreach-object {
      $_.DeviceID
    }
  }
  #END CALLOUT A

  # Convert $Path into an array so we can iterate it.
  $Path = @($Path)

  #CALLOUT B
  # If a path ends with “\”, append “*”. Then, if it doesn’t end with
  # “\*”, append “\*” so each path in the array ends with “\*”.
  for ($i = 0; $i -lt $Path.Length; $i++) {
    if ($Path[$i].EndsWith(“\”)) {
      $Path[$i] += “*”
    }
    if (-not $Path[$i].EndsWith(“\*”)) {
      $Path[$i] += “\*”
    }
  }
  #END CALLOUT B

  # If no -LastWriteTimeRange parameter, assume all dates.
  if (-not $LastWriteTimeRange) {
    $LastWriteTimeRange = @([DateTime]::MinValue, [DateTime]::MaxValue)
  }
  else {
    # Convert $LastWriteTimeRange to an array (if it’s not already).
    $LastWriteTimeRange = @($LastWriteTimeRange)
    # If only one element, add max date as second element.
    if ($LastWriteTimeRange.Length -eq 1) {
      $LastWriteTimeRange += [DateTime]::MaxValue
    }
    # Zero for first element means [DateTime]::MinValue.
    if ($LastWriteTimeRange[0] -eq 0) {
      $LastWriteTimeRange[0] = [DateTime]::MinValue
    }
    #CALLOUT C
    # Throw an error if [DateTime]::Parse() fails.
    trap [System.Management.Automation.MethodException] {
      throw “Error parsing date range. String not recognized as a valid DateTime.”
    }
    # Parse the first two array elements as DateTimes.
    for ($i = 0; $i -lt 2; $i++) {
      $LastWriteTimeRange[$i] = [DateTime]::Parse($LastWriteTimeRange[$i])
    }
    #END CALLOUT C
  }

  # Throw an error if the date range is invalid.
  if ($LastWriteTimeRange[0] -gt $LastWriteTimeRange[1]) {
    throw “Invalid date range. The first date is greater than the second.”
  }

  # If no -sizerange parameter, assume all sizes.
  if (-not $SizeRange) {
    $SizeRange = @(0, [UInt64]::MaxValue)
  }
  else {
    # Convert $SizeRange to an array (if it’s not already).
    $SizeRange = @($SizeRange)
    # If no second element, add max value as second element.
    if ($SizeRange.Length -eq 1) {
      $SizeRange += [UInt64]::MaxValue
    }
  }

  #CALLOUT D
  # Ensure the elements in the size range are numeric.
  for ($i = 0; $i -lt 2; $i++) {
    if (-not (isNumeric $SizeRange[$i])) {
      throw “Size range must contain numeric value(s).”
    }
  }
  #END CALLOUT D

  # Throw an error if the size range is invalid.
  if ($SizeRange[0] -gt $SizeRange[1]) {
    throw “Invalid size range. The first size is greater than the second.”
  }

  # If both -files and -dirs are missing, assume -files.
  if ((-not $Files) -and (-not $Dirs)) {
    $Files = $TRUE
  }

  # Keep track of the number of files and their sizes.
  $count = $sizes = 0

  # Use the get-childitem cmdlet to search the file system, and use
  # the writeItem function to output matching items. For files, check
  # the date and size ranges. For directories, only the date range is
  # meaningful.
  get-childitem $Path -include $Name -ErrorAction SilentlyContinue -force: $Force -recurse: (-not $OneLevel) | foreach-object {
    if ($Files -and (-not $_.PsIsContainer)) {
      if (($_.LastWriteTime -ge $LastWriteTimeRange[0]) -and ($_.LastWriteTime -le $LastWriteTimeRange[1]) -and
          ($_.Length -ge $SizeRange[0]) -and ($_.Length -le $SizeRange[1])) {
        $count++
        $sizes += $_.Length
        writeItem $_
      }
    }
    if ($Dirs -and ($_.PsIsContainer)) {
      if (($_.LastWriteTime -ge $LastWriteTimeRange[0]) -and ($_.LastWriteTime -le $LastWriteTimeRange[1])) {
        $count++
        writeItem $_
      }
    }
  }

  # Output statistics if not using -defaultformat.
  if (-not $DefaultFormat) {
    “Found {0:N0} item(s), {1:N0} byte(s)” -f $count, $sizes
  }
}

main

 

More info on PowerShell can be found here:

Running Windows PowerShell Scripts
http://technet.microsoft.com/en-us/library/ee176949.aspx

Set-Alias
http://technet.microsoft.com/en-us/library/hh849938.aspx

Keeping Aliases Around
http://technet.microsoft.com/en-us/library/ee692685.aspx#ECAA

USBwarningOk, once again we have a very scary computer security / insecurity revelation. USB drives are horribly insecure!

We have known to be concerned of devices that map directly to memory, like FireWire. They can access the computer ram and read it or write it without restriction. USB always seemed to be more secure than these devices because they didn’t have direct access to ram. The only thing we thought we needed to worry about with USB was either malicious files on the USB stick or if it was a keyboard entry stick like the rubber ducky stick.

Well now we have more to worry about. Because those USB drives also have a firmware section that make them work. Now researchers have found that you can put exploit code into the firmware. This is a section that is not scanned by antivirus and not normally visible to the operating system.

For more on the dangers:

Hackers can tap USB devices in new attacks, researcher warns
http://news.yahoo.com/hackers-tap-usb-devices-attacks-researcher-warns-070243916–finance.html

USB: The ultimate hacking tool?
http://gianiwvl.wordpress.com/2014/08/03/usb-the-ultimate-hacking-tool/

What are the Dangers of using an untrusted USB drive? (Before the new firmware exploits)
http://lifehacker.com/what-are-the-dangers-of-using-an-untrusted-usb-drive-1533523741

Chicago-BeanTechEd Part Duex… Plus (the plus is more)
Last month Microsoft announced a new huge event we will be hosting in Chicago the week of May 4th 2015.

The unified “Microsoft commercial technology event” as it is currently called will combine 5 different conferences into one!

The five Microsoft conferences that are now being merged into one Gigantic Conference are:

  • SharePoint Conference
  • Lync Conference
  • Exchange Conference
  • Project Conference
  • TechEd North America Conference

Whatever the name of this event, “Microsoft’s unified technology event for enterprises” or “unified Microsoft commercial technology event”,  my idea “Tech-Ed Plus” Smile, or something completely different, it promises to be a great conference and I hope to see you there.

 

More information about the event can be found in the Microsoft official announcements here:

Julie White’s Blog – Microsoft’s unified technology event for enterprises
http://blogs.office.com/2014/07/21/microsofts-unified-technology-event-for-enterprises/

Channel 9 – Announcing: Microsoft’s Unified Technology Event for Enterprises
http://channel9.msdn.com/Blogs/TechEd/SavetheDateMay4#fbid=

Steve Guggenheimer’s Blog – Announcing: Microsoft’s Unified Technology Event for Enterprises
http://blogs.msdn.com/b/stevengu/archive/2014/07/21/announcing-microsoft-s-unified-technology-event-for-enterprises.aspx

image

Just when I thought I knew all about creating Virtual Machines up on Microsoft’s Azure public cloud platform a new way has released this past Monday. (The wonderful thing about working in technology is that you are always learning) Smile

As of this past Monday the Azure Preview Portal now has the ability to create, manage, and monitor Virtual Machines. I was originally worried about the new portal as I have spent the last year in the standard Azure Portal and know how to do things there. However, in the short time I have been using the new portal I find the improvements are so dramatic that I don’t think it will be hard to switch over to the new portal completely when it comes out of preview.

Why don’t you take a look at Azure today and see what the future of Server computing looks like. You can get a 30 day free trial of Azure just go the www.azure.com and click on “try it”.

Want to learn more about Azure and Hybrid Cloud?

To continue your learning on Microsoft Azure and Hybrid Cloud, be sure to join our FREE Hybrid Cloud study track in our online Early Experts study group!

Ofc365_Orng166_rgbCustomers often want to know what is coming in the next versions of a Microsoft product or service. The Office 365 group understands this and has programmatically added it to their process. With online services product groups at Microsoft are continually adding new functionality into the offerings. As opposed to a traditional software product which bundles all the updates into a new version every year and a half or so. I see having a published roadmap as a much appreciated addition to the services model.

The Office 365 team just launched an Office 365 Business Roadmap site. Unveiled yesterday, June 19th, in a blog post. You can see the announcement here:
http://blogs.office.com/2014/06/19/improving-visibility-to-service-updates/

One of the things I like about the site is how they separate the information into four main buckets and then go into detail on the specific features.

The Roadmap Site’s 4 buckets are:
image

  • What’s has Launched
  • What’s Rolling Out
  • What’s In Development
  • What’s Canceled

Check it out for yourself and see what we have planned for you.

The Office 365 for business roadmap is available here:
http://office.microsoft.com/en-us/products/office-365-roadmap-FX104343353.aspx