Frank Shu, Senior Program Manager for Microsoft, gave a presentation in 2008 called Windows 7 Enhancements for Solid-State Drives. The slides illustrated a set of challenges with SSD for the Microsoft Windows OS

• Reporting non-rotating media will allow Windows 7 to set Defrag off as default; improving device endurance by reducing writes.

He meant that when the ATA8 rotation rate value of 0001h is reported to the Windows operating system, it could automatically disable de-fragmentation.

Shu’s presentation towards the end explains why it matters.

SSD endurance is equal to the safety of user’s data.

Defrag no longer is your friend; it can actually be your enemy. What does that mean for earlier versions? Windows XP is here to stay, right? Note the most recent end-of-life announcement from Microsoft:

We might therefore expect it to be updated to ensure “the safety of user’s data.” Alas, the challenges presented by Shu at Microsoft in 2008 are today still present in Windows XP.

The SSD offers an easy way to give new life to an old system since the price for a reasonable size has dropped under $100. It makes sense that every XP owner would go there and after a little research (uh, four years?) Microsoft would support them. Where do you want to go today? SSD.

Yet defrag is just the beginning. Microsoft has left other SSD problems for Windows XP unsolved as well. Here is an even better example. The presentation revealed major performance risk:

A fresh install of Windows 7 can do a proper geometry alignment but an upgrade from Windows XP would be mis-aligned and inherit a 50% performance hit. Ouch. Common symptoms are a system freezing momentarily.

This leads to a very uncomfortable user experience. You’ll know availability loss when you hit it. After seeing the first taste of SSD speed it feels like slamming on the brakes after driving on the highway.

For a more technical test, simply use Start -> Run and type msinfo32. You can see the problem by looking at the Partition Starting Offset value. Divide the number by 4096. If that number doesn’t divide evenly by 4096, then obviously the partition is not aligned with the 4096-byte sized sectors of an SSD. Here’s an example that shows a start at 32,256:

Divide by 4096 and you get 7.785. Uh-oh.

This also can happen on virtual systems as the physical layer is abstracted completely away. NTFS of a legacy OS could be mis-aligned with VMFS, which itself is not aligned with SAN LUNs. At least in large enterprise you can hope a service provider will be aware and looking for symptoms of read and write degradation as sector sizes are represented up the stack.

Microsoft however has left many users in the lurch. Fortunately there is an easy and free solution…Linux. Here’s a good example of why this actually matters today and how Linux is doing things right.

Let’s say you want to buy a sub 3 pound laptop with a full keyboard, bright screen and 10 hour battery life for under $200.

You can start with a solid machine for just $50. It’s known as the IBM Thinkpad X40 and it was one of the best form-factors ever built. No, I’m not just being nostalgic. If that were the case we’d be talking about the IBM 701c Butterfly or the Apple Duo 230. The X40 is more than a pretty face, it is a very practical and useful system for today’s needs that literally costs $50.

The X40 is perhaps best known for being the lightest laptop when it was introduced in February of 2004, weighing just 2.7 pounds (lighter than the portless Apple Air!). Although the first 1.8″ HDD was introduced in 1991 it was the Apple iPod in 2001 that brought it to mainstream. The IBM X40 then adopted it. I mention that because today buying a tiny 1.8″ SSD for an IBM laptop might feel odd. Just remember that in 2005 the thin and light tablet form-factor was mega-hyped and even helped bring perpendicular recording to market, but I digress…

SSD storage prices have come down so a 64GB 1.8″ SSD for the X40 should be less than $100. Put that with your $50 X40 and you now have a light fast laptop for $150. The official specs say Windows 7 is not supported but you can make it work if you fiddle with the drivers. Or you also could install Linux and go. Mint Maya is very nice.

But what if you want to restore life into an existing Windows XP installation (or install from factory CDs, or want to use the Windows XP license attached to the hardware)? Then you have to do some SSD geometry alignment for NTFS to address all the challenges (e.g. safety of your data) identified by Microsoft yet left for you to deal with on your own.

Linux to the rescue. You only need a 128MB or larger USB drive to boot the system with GParted Live. Creation of the USB drive with GParted is trivial. Download the Tuxboot executable. Run it and choose GParted Live from the source menu, choose the USB device from the target menu. After a few minutes you will be ready to fix your NTFS partition.

Insert your USB device into a powered down system. Next you’ll have to get the BIOS to let you boot from USB. On an X40 this means pressing power and then F12 to get to a device boot prompt. Select USB, answer the GParted setup questions and then the live environment is loaded.

You now can either fix an existing XP installation or create a new partition from the Gparted live tool. If you want to fix alignment, just select the “resize/move” option. Change the “free space preceding” value to 2. Click apply. This will take about 30 minutes on 64GB. Then select the “resize/move” option again and change the value from 2 to 1. Click apply. Wait another 30 minutes. That’s it!

Take another look with Start -> Run -> msinfo32. You now should be able to divide your number by 4096.

The move to 2 and then back to 1 by GParted re-aligns the NTFS partition to the geometry of the drive, per the Microsoft presentation above.

Don’t forget to also disable defragmentation, remove the swap file (a memory upgrade to the max on the X40 is $20)…basically you want to get rid of all the “caching” habits that were designed to help speed up old spinning disks when memory was low or expensive.

That’s how you can go from a 2008 risk presentation on NTFS to a 2012 snappy-lighter-than-air-system-with-lots-of-cool-output-ports-and-10 hour-battery-life for just $150.

Imagine if that would have been the point of the Microsoft presentation in the first place…if you don’t need/want to run a dual core i5-2520M and 8GB RAM in a magnesium skin (e.g. pay for industry-leading engineering like the sub 3 pound yet incredibly durable Panasonic Toughbooks) then why not breathe new life into a classic design by IBM? Think about it.

The BBC has posted a story on malware issues of the Indian Navy.

a virus had collected data from computers not linked to the internet and had sent it to IP addresses in China.

Not on the network, yet sending data on the network? Perhaps they mean not directly connected to the Internet? Need more detail. I’m totally ready to start assuming the worst. Did the malware also install network interface cards and make cables? Did it install a router? ZOMG. NICware!

---

Update: It turns out to only be a case of shared infected removable storage. Some systems were taken off-line to protect them from infection; and then storage was shared with on-line systems. The storage device collected data after it was plugged in. When it detected network access it also attempted to send data.

---

Sophos, however, says not to get excited yet. There isn’t much detail.

Although those IP addresses were reportedly traced to China, an analyst from security firm Sophos warned against reading too much into the detail.

“Even if a hack is traced back to a Chinese IP address, it doesn’t necessarily mean that Chinese hackers are behind the hack,” Graham Cluley, senior technology consultant, told the BBC.

“It’s very hard to prove who is behind an attack because hackers can hijack computers on the other side of the world and get them to do their dirty work for them. In fact, they often do this to cover their tracks.

Thanks Sophos for throwing a wet blanket on my sometimes pastime of poking fun anti-virus companies. McAfee has had some really good examples of jumping to wild conclusions, as I wrote a year ago.

Earlier, in February of 2011, I made pointed out in several presentations that the urge of Americans to instinctively blame the Chinese was getting ridiculous.

To be fair, this is not only an American habit. The Finnish company F-Secure desperately wants to fault America every time malware in the Middle East is a topic of conversation, as I pointed out recently. If you want a good laugh, you can watch Mikko Hypponen’s analysis of international political issues.

Alas, I should give a giant thank you to Sophos and Graham Cluley. I would love to see them spar with the other vendors on this issue.

Sophos’ argument, not exposed in the BBC report, is supported by some common sense facts. There are a vast number of out-of-date, un-patched, pirated, un-licensed, poorly managed computers in China. So systems there are no only far more numerous lately but also rife for exploitation by automated attacks, which often install remote-control and bot capabilities.

There also is a big complication of getting details out of the attack paths. Unfortunately after tracing an attack to a random PC (let’s say a point-of-sale in a tiny noodle-shop in Chengdu) the next steps for a (civilian) investigator can be controversial and even difficult.

That is why it used to be common to throw up a “the Chinese did it” (if you are American) or a “the Americans did it” (if you are Finnish).

If you want historic parallels this is a lot like how medicine and forensic science was practiced in America in the early 1900s. Doctors rushed to conclusions, perhaps with intent to prescribe a wonder-product from a giant company. Do you have a cough? Bayer once was happy to sell you a “harmless” cure with diacetylmorphine, also known as Heroin. It was even pushed on mothers to give to restless babies, often killing them. A tragic assessment of cause and solution.

In short, the commercial sector did not really understand causality as much as they led the public to believe. And people did not have details or skill enough to find causality themselves. The author of the Poisoner’s Handbook gives us some perspective on the birth of forensic science as a public practice.

Pulitzer Prize-winning journalist Deborah Blum talks about her new work, The Poisoner’s Handbook, a look at how easy it used to be to kill someone with poison and the researchers who made poisoning much harder to get away with.

[…]

“I was looking for coverage and you could not open up a paper in that period without seeing accidental poison death, spectacular poison suicides and really some very bizarre murders; and you’re right, a real acceptance of which I have to remember that this was in an era where a lot of these chemicals were just being introduced, they were the backbone of the industrial age. People regarded them as this scientific magic for which you had to somehow pay a price. And there was a bizarre acceptance of that. I’m not saying we’ve entirely outgrown that. People still die of carbon monoxide poisoning. We still have industrial chemicals that we haven’t figured out.”

And we have malware that we haven’t figured out, with an IP in China, but at least we know who created the Heroin problem, right?

Blum’s book, by the way, is a brilliant look into the damage to society when trained professional investigators rush to conclusions or fail to be thorough in their analysis.

A great mass of soldiers, estimated at over 150,000 men and women, marched towards Pennsylvania in late June of 1863. Almost half were were led by General Lee, who had made it abundantly clear since the start of hostilities that he planned to push conflict deep into Union territory.

In 1861 Lee had turned down the offer to be a Major General in Washington DC. He instead returned to his home state to command forces in secessionist Virginia. Within a year his plans were to return north with Lt. Gen. Thomas J. “Stonewall” Jackson; they intended to lead a Confederate Army into Pennsylvania. Resources could not be spared at that time but by 1863, following aggressive tactics and success in the Battle of Chancellorsville, Lee convinced Confederate leaders to let him push forward.

The massive Rebel army was assembled quickly; it had to be made from unseasoned and less confident men than Lee had relied upon in past, which brought challenges in communication. Stonewall Jackson, for example, no longer was part of the plan. He had been gravely wounded by his own soldiers at Chancellorsville. Lee nonetheless hesitated little because of risk that his superiors would change their mind about his strategy.

Many books and articles have been written about the contributing factors to Lee’s decision and his preparations. Whatever he really thought or said by July 1st many thousands of Rebels neared Gettysberg, Pennsylvania and Lee stirred up an urgency to defend the North. A first-person account by a school girl gives a colorful description of when the first ones arrived:

…a dark, dense mass, moving toward town…

“What a horrible sight! There they were, human beings! Clad almost in rags, covered with dust, riding wildly, pell-mell down the hill toward our home! Shouting, yelling most unearthly, cursing, brandishing their revolvers, and firing right and left.

“I was fully persuaded that the Rebels had actually come at last. What they would do with us was a fearful question to my young mind.

“Soon the town was filled with infantry, and then the searching and ransacking began in earnest.

“They wanted horses, clothing, anything and almost everything they could conveniently carry away.

“Nor were they particular about asking. Whatever suited them they took. They did, however, make a formal demand of the town authorities, for a large supply of flour, meat, groceries, shoes, hats and (doubtless, not least in their estimations), ten barrels of whisky; or, in lieu of this five thousand dollars.

The Rebels also were surprised to encounter nearly 10,000 Union men near there. The two sides had been estimating where they would battle when a decision suddenly was made. The importance of this small town elevated quickly and was not lost upon the commanders of the Union forces, as explained in a first-person account by a Union soldier.

Gettysburg was a point of strategic importance, a great many roads, some ten or twelve at least concentrating there, so the army could easily converge to, or, should a further march be necessary, diverge from this point. General Meade, therefore, resolved to try to seize Gettysburg, and accordingly gave the necessary orders for the concentration of his different columns there. Under the new auspices the army brightened, and moved on with a more elastic step towards the yet undefined field of conflict.

And so began escalations of historic proportions. Nearly 90,000 Union soldiers rushed ahead to hold the town against the 75,000 coming Rebels. Right from the start Lee’s charge over his newly formed army, rife with misunderstandings and delayed communication, found itself unable to push through the right and left Union flanks.

July 1st ended in standoff as the Rebels did not fully engage. July 2nd, Lee pushed harder and increased the total dead count to more than 30,000, yet his efforts failed to break the Union line.

He then infamously ordered a full attack on the center. His next in command, General Longstreet, later claimed registering a strong objection:

General, I have been a soldier all my life. I have been with soldiers engaged in fights by couples, by squads, companies, regiments, divisions, and armies, and should know, as well as any one, what soldiers can do. It is my opinion that no fifteen thousand men ever arrayed for battle can take that position.

Whether or not these words were said Lee did not back down from his aggressive plan for the third day and, believing two prior days of flank attacks had weakened the center, gave the order to attack. The plan failed miserably.

Artillery first was unleashed in the early afternoon to weaken the Union line. Ammunition was quickly spent.

About 150 guns opened up at once–the biggest artillery barrage in the history of the North American continent–and thundered with bone-jarring ferocity for nearly two hours.

“…Ammunition nearly out.” Pickett read the note, then took it to Longstreet. “General, shall I advance?” he asked. Longstreet, with no confidence in the attack, could not speak, but merely nodded.

A Union cease-fire during the barrage, meant to conserve ammunition, also may have persuaded the Rebels to move forward. Brigades and regiments then were decimated as they advanced into heavy Union artillery and musket fire.

Within only one hour 7,000 new casualties lay on the battlefield. Lee was forced to withdraw.

When Lee asked [Pickett] to reform his division to repulse a possible counterattack, [Pickett] replied, “I have no division now.”

A series of tactical battles and aggressive maneuvering in the South had brought him success yet Lee’s strategy to bring pressure to the North failed on July 3rd 1863 at Gettysburg.

On July 5th, after a two day train ride from New York, a newspaper reporter arrived in Gettysburg to search for the body of his friend. He wrote home a description of the calamity:

The city is filled with wounded officers, all of whom agree that our loss was at least 30,000, and many estimate it as high as 50,000. I saw a Brigadier General for a few moments, who was wounded in the arm, and who says that his brigade lost 1,200 out of 1,600 men