What and why web service ?
What contract first and contract last ?
Why contract first ?
Steps to create a simple web service (server) with spring-ws
Call Java web service from .NET(C#)
References
Questions & Answers

What and why web service ?

• Web service is a standard for building and developing distributed applications

• Ability to work on all operating systems

• Expanding interoperability between applications

• Can be reused

• Enhancing communication between client and server through the web environment

What contract first and contract last

• Contract-last approach: write  code (Java, .Net, etc) code first, and let the Web service contract (WSDL, Schema) be generated from that

• Contract-first: write service contract(WSDL, Schema) first, and use language (Java, .Net, etc) to implement that contract

• Ex: Labour contracts

Why contract first ?

• Cyclic graphs

Converting it to XML, we will end up with something like:

which will take a long time to finish, because there is no stop condition for this loop
Solution: references to objects that were already marshalled, like so:

• Performance

When Java is automatically transformed into XML, an object might reference another object, which refers to another, etc. In the end, half of the objects on the heap in your virtual machine might be converted into XML, which will result in slow response times.

When using contract-first, we do not care about converting time

Spring web service

An appropriate endpoint is searched for using the configured EndpointMapping(s)

An appropriate adapter is searched for the endpoint. The MessageDispatcher delegates to this adapter to invoke the endpoint

Return a response

Steps to create a simple web service with spring-ws

• Define operations

• Data contract

Generate java structure code from xml schema by using xjc command with syntax:
Xjc –d destdir  sourcefile

An easier way to do it is with eclipse XJC plugin from this site:
https://jaxb-workshop.dev.java.net/plugins/eclipse/xjc-plugin.html

Place person.xsd into WEB-INF folder

Add the following lib into WEB-INF/lib folder

aopalliance.jar
bcprov-jdk14-1.43.jar
commons-logging-1.1.1.jar
log4j-1.2.15.jar
opensaml-1.1.jar
saaj-impl-1.3.2.jar
spring.jar
spring-webmvc.jar
spring-ws-1.5.9-all.jar
wsdl4j-1.6.1.jar
wss4j-1.5.8.jar
xalan-2.7.0.jar
xercesImpl-2.8.1.jar
xml-apis-1.3.04.jar
xmlsec-1.4.3.jar
xmlsec-2.0.jar
xws-security-2.0-FCS.jar

• Create service classes

Handle exception

Service interface

Service implementation

Define MessageDispatcherServlet (WEB-INF/web.xml)

Automatic WSDL exposure (WEB-INF/spring-ws-servlet.xml)

Define endpoint (WEB-INF/spring-ws-servlet.xml)

Endpoint mapping (WEB-INF/spring-ws-servlet.xml)

Exception mapping (WEB-INF/spring-ws-servlet.xml)

Conclusion

• Define operations (in xml)

• Data contract (in xml schema – xsd file)

• Generate xsd file to java source (in jaxb)

• Create service classes

• Define MessageDispatcherServlet (in web.xml)

• Automatic WSDL Exposure (in spring-ws-servlet.xml)

• Define endpoints (in spring-ws-servlet.xml)

• Endpoint mappings (in spring-ws-servlet.xml)

• Exception mappings (in spring-ws-servlet.xml)

References

• Spring-ws

http://static.springsource.org/spring-ws/sites/1.5/

• Demo source code

http://www.mediafire.com/?vnc7p29lzr3prbf

* Already have Eclipse 3.4.1 or higher? Use the Eclipse Update Manager or do a manual installation
* If you don’t have Eclipse, but would like to download it, use the All-In-One package
* Don’t use Eclipse? You can download just the runtime libraries for use with other IDEs
* Download an optional language pack to complete your install.

Eclipse Update Manager

To install Crystal Reports for Eclipse using Eclipse’s built-in Update Manager, follow the instructions below:

* Click on the Help menu, and select Software Updates…

* On the Software Updates and Add-ons dialog, select the Available Software tab.

* Click the Add Site… button. This will display the Add Site dialog.

* Type the following for the Location field: http://downloads.businessobjects.com/akdlm/crystalreportsforeclipse/2_0/update_site/

* Click OK to complete the wizard. This will add the Crystal Reports for Eclipse software item to the list and start searching for available software.

* Expand and select the Crystal Reports for Eclipse item(s).

* Click the Install… button to install the software. Review the list items to install and click the Next  button. Review and accept the license agreement for each feature and click the Finish button.

* After Eclipse verifies and installs the software, it is recommended that you restart Eclipse.

All-In-One Installation

This package includes the Eclipse 3.5 SDK combined with the SAP Crystal Reports, Version for Eclipse software.

Eclipse Galileo 3.5 with SAP Crystal Reports, Version for Eclipse

Runtime Libraries

Add the SAP Crystal Reports runtime engine to any Java application.

SAP Crystal Reports for Java runtime components - Java Reporting Component (JRC)

Language Packs

Optional add-ons if you need languages other than English:

Language Pack #1 (33 MB) - German, Spanish, French, Italian, Japanese, Korean, Portuguese (Brazil), Traditional    Chinese and Simplified Chinese.

Language Pack #2 (12 MB) - Czech, Hungarian, Polish and Russian languages.

Whether you’ve forgotten your password or you have a more malicious intent, it’s actually extremely easy to break into a Windows computer without knowing the password. Here’s how to do it, and how to prevent others from doing the same to you.

There are a few methods to breaking into a computer, each with their own strengths and weaknesses. We’ll go through three of the best and most common methods, and nail down their shortcomings so you know which one to use—and how to exploit their weaknesses to keep your own computer secure.

The Lazy Method: Use a Linux Live CD to Get at the Files

If you don’t need access to the OS itself, just a few files, you don’t need to go through much trouble at all. You can grab any Linux live CD and just drag-and drop files onto a USB hard drive, as you would in any other OS.

How it Works

Just download the live .iso file for any Linux distribution (like the ever-popular Ubuntu) and burn it to CD. Stick it in the computer you want to access and boot up from that CD. Pick “Try Ubuntu” when it comes up with the first menu, and it should take you right into a desktop environment. From here, you can access most of the hard drive just by going to the Places menu in the menu bar and choosing the Windows drive. It should see any NTFS drives just fine.

Note that depending on the permissions of some files, you might need root access. If you’re having trouble viewing or copying some files, open up a terminal window (by going to Applications > Accessories > Terminal) and type in gksudo nautilus, leaving the password blank when prompted. You should now have access to everything.

How to Beat it

This method can give you access to the file system, but its main weakness is that the malicious user still can’t access any encrypted files, even when using gksudo. So, if the owner of the computer (or you) has encrypted their files (or encrypted the entire OS), you won’t get very far.

Sneaky Command-Line Fu: Reset the Password with the System Rescue CD

If you need access to the operating system itself, the Linux-based System Rescue CD is a good option for breaking in. You’ll need to do a bit of command line work, but as long as you follow the instructions closely you should be fine. Hat tip to our friends at the How-To Geek.

How it Works

Just download the .iso file for the System Rescue Live CD and burn it to disc. Boot from the disc and hit the default option when the blue screen comes up. After everything loads and you’re presented with a command-line interface, type fdisk -l to see the drives and partitions on your computer. Pick the Windows partition (usually the largest NTFS partition) and note the name, e.g. /dev/sda3.

Then, run the following command:

 ntfs-3g /dev/sda3 /mnt/windows –o force

Make sure to replace /dev/sda3 with the partition you noted earlier. Next, cd to your Windows/System32/config directory with this command:

 cd /mnt/windows/Windows/System32/config

We want to edit the SAM file in this folder, so type the following command to get a list of users:

 chntpw –l SAM

Note the username you want to access, and then type the following command, replacing Whitson Gordon with the username in question.

 chntpw –u "Whitson Gordon" SAM

At the next screen, choose the first option by typing the number 1 and hitting Enter. This will clear the user password, making it blank. When it asks you to write hive files, hit y and press Enter. It should say OK, and then you can type reboot to reboot the computer. When you boot into Windows, you’ll be able to log in to that user’s account without a password.

How to Beat it

Once again, the weakness of this method is that it still can’t beat encryption. Changing the password will disallow you access to those encrypted files, which, if the user has encrypted their entire OS, makes this method pretty useless. If they’ve only encrypted a few files, though, you’ll still be able to access all the unencrypted stuff without a problem.

Brute Force: Crack the Password with Ophcrack

Where the other two methods are vulnerable to encryption, this method will give you full access to everything the user can access, including encrypted files, since this method relies on finding out the user’s password instead of bypassing it.

How it Works

We’ve actually gone through this method before, but it doesn’t hurt to have a refresher. All you need to do is download and burn the Ophcrack Live CD (use the Vista version if you’re cracking a Windows 7 PC) and boot from it on your computer. It’ll take a little bit of time to boot, but eventually it will bring you to a desktop environment and start attempting to crack passwords. This may take a while. You’ll see the passwords pop up in the top pane of the window, though, when it finds them (or, if it doesn’t find them, it’ll notify you). You can then reboot and log in to Windows using those passwords.

How to Beat it

While this method works on encrypted OSes, it can’t crack every password out there. To increase your chance of having an uncrackable password, use something complicated and greater than 14 characters. The stronger your password, the less likely Ophcrack will be able to figure it out.

]]> http://techblog.hdexpertise.com/en/howto/how-to-break-into-a-windows-pc-and-prevent-it-from-happening-to-you/feed/ http://techblog.hdexpertise.com/en/howto/how-to-set-up-an-openvpn-server/ http://techblog.hdexpertise.com/en/howto/how-to-set-up-an-openvpn-server/#comments Thu, 14 Oct 2010 03:20:19 +0000 hunghuynh http://techblog.hdexpertise.com/en/?p=806

Having a virtual private network affords a lot of convenience, particularly for those who want or need to access a remote network from a different location, such as connecting to a work network from home, or vice versa. With the availability of 3G on the road, or wireless hotspots everywhere, being able to connect, securely, to a remote private network from anywhere is ideal.

OpenVPN is one of the most reliable VPN setups around. It’s fully open source, it’s supported on Linux, Windows, and OS X, it’s robust, and it’s secure. Unfortunately, configuration can be a bit of a pain, so in a series of upcoming tips, I aim to get you up and running quickly.

To begin, you will need to have OpenVPN installed on the server or system you wish to use as a VPN end-point. Most distributions include OpenVPN; for the server setup, I am using OpenVPN 2.0.9 as provided by the RPMForge repository for CentOS 5.

The first part of this series concentrates on the server, while the second and third parts will concentrate on the configuration of Linux and OS X clients, respectively. So without further ado, let’s get our hands dirty.

To begin with, you need to copy some files from the OpenVPN docs directory (typically provided in /usr/share/doc/openvpn-[version]) to create certificates:

# cd /usr/share/doc/openvpn-2.0.9

# cp -av easy-rsa /etc/openvpn/

# cd /etc/openvpn/easy-rsa/

# vim vars

In the vars file, edit the KEY_* entries at the bottom of the file, such as KEY_COUNTRY, KEY_ORG, KEY_EMAIL, etc. These will be used to build the OpenSSL certificates. Next, it’s time to initialize the PKI:

# . ./vars

# sh clean-all

# sh build-ca

# sh build-key-server server

For the above, and the below client certificates, you can enter pretty much anything for the “Common Name” field, however there is a certain logic to use: “OpenVPN-CA” when generating the Certificate Authority, “server” when generating the server certificate, and “client” or the name of the specific client system for the client certificates. Those certificates are generated with:

# sh build-key client1

# sh build-key client2

The next step is to generate the Diffie Hellman parameters for the server:

# sh build-dh

When this is done, you will have a number of files in the keys/ subdirectory. At this point, for the clients, you want to copy the appropriate files to them securely (i.e., via SSH or on a USB stick); the files the clients need are ca.crt, client1.crt, and client1.key (or whatever you named the files when you generated them with the build-key script).

Next, create the OpenVPN server configuration file. To get up and running quickly, copy one of the example config files:

# cd /etc/openvpn/

# cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf .

# vim server.conf

The aim here is to get this going right away, so we won’t examine each of the options in detail. The primary things you want to do are to uncomment the “user” and “group” directives, to make the openvpn process run as the unprivileged “nobody” user. You may also want to change the “local” directive to make it listen to one specific IP address. This would be the IP to which your firewall is forwarding UDP port 1194. As well, you will want to set the “client-to-client” directive to enable it, and also set the “push” directives for route and DNS options. What follows is a comment-stripped server.conf, as an example:

local 192.168.10.11

port 1194

proto udp

dev tun

ca ca.crt

cert server.crt

key server.key  # This file should be kept secret

dh dh1024.pem

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

push "route 192.168.10.0 255.255.254.0"

push "dhcp-option DNS 192.168.10.12"

push "dhcp-option DOMAIN domain.com"

client-to-client

keepalive 10 120

comp-lzo

user nobody

group nobody

persist-key

persist-tun

status openvpn-status.log

verb 3

Finally, copy the required keys and certificates that you previously generated:

# cd  /etc/openvpn/

# cp easy-rsa/keys/ca.crt .

# cp easy-rsa/keys/server.{key,crt} .

# cp easy-rsa/keys/dh1024.pem  .

And, finally, start the OpenVPN server:

# /etc/init.d/openvpn start

To get routing set up properly on the server so that remote clients, when they connect, can reach more than just the server itself, you will need to enable IP forwarding. This can be done by the following:

# echo 1 > /proc/sys/net/ipv4/ip_forward

You can also do it by editing /etc/sysctl.conf and adding the following (this is a good thing to do as it will ensure that packet-forwarding persists across reboots):

net.ipv4.ip_forward = 1

You also want to ensure that packets going back to the client system are routed properly. This can be done by changing the route on the gateway of the server’s network to route packets to the client network (10.8.0.1/32) through the OpenVPN server (if the server happens to be the gateway as well, you don’t have to do anything additional to accomplish this). How this is done largely depends on the operating system of the gateway.

Once this is done, you should be able to ping any machine on the server’s LAN from the client, and be able to ping the client from any machine on the server’s LAN. For instance, from a machine on the server LAN (not the server):

% traceroute 10.8.0.6

traceroute to 10.8.0.6 (10.8.0.6), 64 hops max, 52 byte packets

 1  fw (192.168.10.1)  0.848 ms  0.342 ms  0.249 ms

 2  server (192.168.10.11)  0.214 ms  0.231 ms  0.243 ms

 3  server (192.168.10.11)  0.199 ms !Z  0.443 ms !Z  0.396 ms !Z

% ping 10.8.0.6

PING 10.8.0.6 (10.8.0.6): 56 data bytes

64 bytes from 10.8.0.6: icmp_seq=0 ttl=63 time=17.540 ms

And from the client:

# traceroute 192.168.10.65

traceroute to 192.168.10.65 (192.168.10.65), 30 hops max, 40 byte packets

 1  10.8.0.1 (10.8.0.1)  22.963 ms  27.311 ms  27.317 ms

 2  10.8.0.1 (10.8.0.1)  27.297 ms !X  27.294 ms !X  27.269 ms !X

# ping 192.168.10.65

PING 192.168.10.65 (192.168.10.65) 56(84) bytes of data.

64 bytes from 192.168.10.65: icmp_seq=1 ttl=62 time=515 ms

The setting up of OpenVPN clients will be the subject of two tips in the next week. I’ve made the assumption that the client is correctly configured here, simply to illustrate how it should look when it all works together, but in the next parts of this series we will get into more depth with the client configuration.

In this edition of the Windows Desktop Report, I’ll show you how to use Disk2vhd, which is a free tool, to move your Windows XP installation into Windows 7 and then run it with Windows Virtual PC.

What is Disk2vhd?

As its name implies, Disk2vhd is designed to create VHD versions of physical disks. This tool can be used to convert systems running Windows XP SP2 and up as well as Windows Server 2003 and up.

To perform this task, the Disk2vhd utility makes use of the Windows Volume Snapshot feature built in to the operating system. When you run Disk2vhd, it first creates a volume snapshot image of the hard disk. It then exports that image into a VHD that you can then add to Windows Virtual PC as well as to Hyper-V Manager.

If you’ll be using Windows Virtual PC, keep in mind that it supports a maximum virtual disk size of 127GB. If you create a VHD from a larger disk it will not be accessible from a Windows Virtual PC virtual machine. Another thing to keep in mind is that Windows Virtual PC doesn’t support the Multiprocessor Specification, and it will not be able to boot VHDs captured from multiprocessor systems.

Preparation

In order to ensure a successful virtual machine transition, there are several tasks that you’ll want to perform on your Windows XP system in preparation for the operation. Let’s take a closer look.

• Backup: You’ll want to back up your system using Windows XP’s Backup Utility or a third-party disk imaging tool, such as EASEUS Todo Backup, which is a free package that I used for my test configuration. That way if anything goes awry, you can restore your Windows XP system and get right back to work. Just to be on the safe side, you may also want to back up all your data on CD/DVD or on an external hard disk. While it may sound like overkill, having an extra backup of your data will give you peace of mind.
• Optimization: You’ll want to make sure that your Windows XP system and hard disk are in tip-top shape by running Disk Cleanup and Disk Defragmenter. Doing so will help make the operation run quickly and smoothly. By running Disk Cleanup, all unnecessary files will be removed, such as trash in the Recycle Bin and Temporary Internet files. By running Disk Defragmenter, your hard disk will be ready for optimal performance.
• Windows Update: You’ll want to run Windows Update on your Windows XP system and make absolutely sure that all current updates are downloaded and installed.

My example configuration

In my example, I’ll be using two different computers: one computer running Windows XP SP3 and one computer running Windows 7. I’ll run Disk2vhd on the XP system and create the VHD on an external hard disk. The drive on this XP system is using about 40GB on an 80GB hard disk. I’ll then move the virtual machine over to Windows 7 and run it there using Windows Virtual PC.

Getting Disk2vhd

You can get and use Disk2vhd in one of two ways. You can download Disk2vhd from the Windows Sysinternals page on the Microsoft TechNet site. Or you can run immediately Disk2vhd from the Live.Sysinternals.com site. Either way, the utility does not require installation, which means that using it is as easy as launching the executable.

Converting the system

I decided to run Disk2vhd from the Live.Sysinternals.com site for this article. Once I clicked on the link, I immediately saw the Internet Explorer File Download - Security Warning dialog box, shown in Figure A.

Figure A

As soon as the download commences, Internet Explorer displays the File Download - Security Warning dialog box.

When you click the Run button, the download begins, as shown in Figure B.

Figure B

The actual download is really quick.

Once the download is complete, the executable begins to launch, which triggers the Internet Explorer - Security Warning, shown in Figure C.

Figure C

As soon as the executable begins to launch, Internet Explorer displays a Security Warning dialog box.

You’ll then need to accept the Sysinternals Software License Terms, as shown in Figure D.

Figure D

You are encouraged to read through the Software License Terms.

When you get to the main user interface, you’ll see that Disk2vhd automatically selects all the available volumes/drives, sets a default location, and chooses a name for the VHD file. You can choose a different location and name if you want. In fact, the procedure will go faster if you select a different hard disk besides the one on which you are creating a VHD. Then, select the Prepare for Use in Virtual PC check box. As you can see in Figure E, I chose only the main drive and selected an external hard disk. When you are ready, click the Create button.

Figure E

You can choose specific drives as well as a different location and name.

You’ll then have to sit back and wait. Depending on how large your hard disk is and the location of your destination folder, the process can take a while to complete. As the process chugs away, you’ll see the progress, as shown in Figure F.

Figure F

The progress gauge keeps you apprised of the conversion procedure.

For instance, my XP system with about 40GB on an 80GB drive took just a little over two hours to complete the conversion and transfer to an external USB hard disk. When the operation is complete, you’ll see the screen shown in Figure G.

Figure G

My example system took a little over two hours to convert to a virtual machine.

Running XP in Windows Virtual PC

Once you copy the virtual Windows XP system’s .vhd file over to the Windows 7 system, you’ll then open Windows Virtual PC and launch the Create a Virtual Machine wizard, as shown in Figure H.

Figure H

You’ll launch the Create Virtual Machine wizard.

In order to reduce the amount of initial tweaking, I configured my virtual machine to have the same amount of RAM as its physical counterpart, as shown in Figure I.

Figure I

You’ll specify the amount of RAM that you want your Windows XP virtual machine to have.

When prompted to add a virtual hard disk, select the Use an Existing Virtual Hard Disk option and then use the Browse button to locate your .vhd file, as shown in Figure J. When you’ve done so, just click the Create button.

Figure J

Select the Use an Existing Virtual Hard Disk option and then locate your vhd.

Once the Create a Virtual Machine wizard is complete, then just reopen Windows Virtual PC, locate the new virtual machine, and launch it. Of course, I had to do a bit of tweaking in order to get my XP system running, and because XP was now running on a new system, I had to reactivate Windows XP. However all that was relatively painless, and I was able to run my existing Windows XP installation in Window 7, as shown in Figure K.

Figure K

Windows XP is running inside of Windows Virtual PC in Windows 7.

What’s your take?

Will you use this Disk2vhd to virtualize your Windows XP system? Have you used Disk2vhd before? If so, what has been your experience? As always, if you have comments or information to share about this topic, please take a moment to drop by the TechRepublic Community Forums and let us hear from you.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

But how is a Linux desktop any more efficient than the standard windows desktop?

When you use the standard Windows desktop get used to minimizing windows on a single desktop. If you have multiple windows open up on a desktop, to work on another window you click it to get that windows’ focus. To get a window out of the way you minimize it. If you have a lot of windows open, you then have to search all those minimized icons for the window you want to work on (or you cycle through all of your open windows with Meta-Tab or Alt-Tab.

The GNOME developers have done an incredible job of melding the Windows and the Mac OS X desktop together to make a very efficient desktop. But we can take that one step further by using features from all of them. The resulting desktop will have very quick access to applications, multiple workspaces, and ways to keep your desktop clutter-free that the standard desktop can’t touch.

Figure A shows the standard desktop with a number of windows open. Figure B shows that same desktop with all of the windows shaded and out of the way. A quick right-click of a title bar and you have that window back.

Figure A

A typical cluttered Windows desktop

Figure B

A much neater, and easy to manage desktop, thanks to WinRoll.

I am going to show you how to mimic a very usable, efficient desktop on your Windows 7 machine. This desktop will have the simplicity of Windows, the cool-factor of OS X, and the efficiency of Linux. This may not be to the liking of everyone, but for those of you who prefer a more flexible environment, you will appreciate what these little additions do for the standard Windows work environment.

So, hold on to your hats, we’re going to take that tired, old desktop of yours and make it fresh, and Linux-like.

Step 1: The panels (aka Taskbar)

One of the things I like about GNOME is that the desktop is divided between two panels. The top panel is the primary panel and contains the menus, shortcuts, and notification area. The bottom panel is home of the Window List, Trash, and Show Desktop. To be perfectly honest, I always get rid of the lower panel, in favor of a dock (I’ll address this in a moment). But for the time being, let’s work with the main panel.

The first thing you need to do is move that Taskbar to the top of your screen. Why? To make room for the dock you will add later. To do this right-click the taskbar, select properties, and change the positioning from the bottom to the top (Figure C).

Figure C

You can either just drag the taskbar to the top, or use this method. I prefer this method as you are less likely to bring Explorer to a screeching halt.

Once you have done that you will want to clean that baby up. I prefer to keep my launchers pinned to the Start Menu and not the Taskbar. To pin a launcher to the Start Menu locate the application in the Start Menu, right click the application icon, and select Pin to Start Menu. After you have all of your applications pinned to the start menu you can then unpin them from the Taskbar.

You will also want to add a folder shortcut to the Taskbar, like the Places menu in the GNOME main Panel. To do this, follow these steps:

• Right click the Taskbar.
• Select Toolbars | New Toolbar.
• When the Explorer window opens, navigate to the folder you want to add to this toolbar (I like to use the Documents folder I the Libarary).
• Click Select Folder to add the new toolbar.

Once the new Toolbar is added you can then change it to only show Text or Text and Title.

Step 2: Add a Dock

The next step is to add a Dock to the bottom of your screen. Windows 7 will not allow a second Taskbar so you have to use a third-party software to add a dock. The one I like is StarDock’s ObjectDock. This application is simple to install and run.

Step 3: Add a desktop Pager

One of the most efficient tools for desktop space is the Linux pager. With this tool you can effectively have more than one workspace on your computer. It’s like having dual (or tri or quad) monitors without the extra hardware.

Since Windows does not have this feature built in, you will have to add a third-party solution. One of the better solutions for this is WindowsPager. This is a fairly good copy of the Linux pager and will give you similar features and functionality. You do not really install WindowsPager, you just fire up the executable.To have the WindowsPager tool run at startup simply copy and paste the .exe file to the Startup folder by typing shell:startup in the run dialog and then copying the file there (Figure D).

Figure D

Copy the .exe files to this directory to ensure the applications start upon login.

Step 4: Window shading

One of the features I have used since the early ’90s is Window Shading. What this does is roll your window up (like a window blind) so that the entire window rolls up into the title bar. This allows you quick access to your windows as well as the ability to arrange your windows in such a way that you always know what window is what - even if the application is “out of the way”.

The best tool I have found for this is WinRoll. This is another tool that does not actually install but runs via .exe file. Do the same with WinRoll that you did with WindowsPager, by copying the .exe into the startup folder.

Step 5: Autoraise

I don’t know about you, but I hate having to click on a window to get it to raise. Since my early days of Linux I have enjoyed the focus follows mouse and auto-raise behavior. Fortunately you do not have to install a third-party software for this feature. Instead do the following:

1.               At the Start Menu search dialog enter “change how” (no quotes).

2.               From the results select Change How Your Mouse Works.

3.               In the new window select “Activate a window by hovering over it with the mouse”.

Now when you hover your mouse over a window it will automatically raise to the front gaining focus.

Figure E shows you all the visible elements of the transformation. The only aspect you cannot see is the autoraise feature.

Figure E

Visible difference

The final look

For the curious, Figure E shows a sample of what the Windows to Linux desktop can look like. Although you do not get to see it in action, it is much more like the Linux desktop now in both look and feel.

This week a person very close to me started receiving abusive emails from a family member. This friend asked me if there was a way to block email from that particular user without changing email addresses completely.

After a little work inside Gmail, I was able to relieve this person with instructions for blocking mail from a single user. I wanted to detail the process below, to help others avoid getting bullied out of using their email address, even if their primary email isn’t a Gmail address.

If you’re already using Gmail or a Google Apps email as your primary email address, skip to step 4.

Step 1 - Sign up for a Gmail account.

Step 2 - In your Gmail Settings, go to the accounts tab and go to the row titled ‘Check Mail Using Pop3′ and click on “Add a mail account you own” button to enter the account information for your current email address.

Step 3 - While still remaining in the accounts tab of the Settings dashboard, find the ‘Send Mail As’ row and click the ‘Send Mail From Another Address’ button to complete the steps contained there to enable you to continue sending mail using your existing email address.

Step 4 - If you weren’t already using Gmail, change the settings in your email client (Thunderbird, Outlook, etc) and on your phone to check Gmail rather than checking your ISP or other email client directly.

Now we are ready to set up the mail return inside Gmail.

Step 5 - Under the Labs tab in the Settings menu enable “Canned Responses.” After hitting the radio button to ‘enable’ make sure you navigate to the bottom of the page and save changes.

Step 6 - Using the ‘Compose Mail’ button open a new mail pane. Do not worry about a To: or a Subject: since you are just using the type to create the text of your response to the offending email sender. I used “Your message has been returned unopened. This user is not accepting messages from you at this time.” as the automated response, but you can type any text you would like here.

Step 7 - Use the ‘Canned Responses’ button that has now appeared under your subject box to ‘Save New Canned Response.’ Give this response a name in the dialog box that opens and choose save. Exit ‘Compose’ window by using the ‘Discard’ button.

Step 8 - Near the search box at the top of the page use the link to ‘Create a Filter.’ This opens the ‘Filters’ tab in the Settings dashboard. Select ‘Create a Filter.’ In the From: box add the offending email address. If the offending party has multiple email accounts enter each in the From: box separated by an OR in caps. Proceed to the next step by clicking the ‘Next Step’ button.

Step 9 - In this final step you will tell the Gmail filter how to respond when an email arrives from the chosen From address(es). You should check the box to ‘Delete It’ and the box to ‘Send Canned Response’ selecting the response created in Step 8. Select Create Filter and you are finished.

Check out the video above for a quick walkthrough (best viewed fullscreen in 720p), or jump down to the instructions below if you prefer text instructions. In case you missed it, here’s the slowed down Bieber track:

This guide was inspired by reader pbhj, who pointed us in the direction of Paul Stretch, the application we’re using below.

Step One: Download and Install Paul’s Extreme Sound Stretch

First, you’ll need to download Paul’s Extreme Sound Stretch, an application made specifically for extreme sound stretching. Paul Stretch is available for download here for Windows and Linux. UPDATE: Looks like someone also ported it to OS X. I’ve only tested in Windows.

Step Two: Open Your Song in Paul Stretch and Set Your Parameters

Go to File -> Open… and navigate to the song you want to slow down. You can adjust the stretch time by moving the Stretch slider back and forth in the Parameters tab. You can stretch your audio anywhere between 1 and 10,000 times. The number immediately following “Stretch:” is the slow down amount, and the number in parenthesis is the length of your new, slowed track.

Step Three: Render Your Slow Audio

Now just click over to the Write to File tab and click the Render selection button. Name your file and choose your output format. (I went with OGG.) Remember, the longer you stretch the audio—and the longer the source track is to begin with—will have a big impact on how long it takes Paul Stretch to create your ambient epic. You can experiment by rendering small pieces by changing the pos1 and pos2 selections (position one and two—the default is to select the entire track), or hit the play button at the bottom of the window for a preview. If you choose to slow down your track a lot—say, over 100 times—it can take a really long time, so it’s worth testing before you commit an hour-plus to rendering.

Step Four: Enjoy

When it’s done rendering, your track should be in the output folder you chose above. Open it up in your player of choice and enjoy your new ambient track.

Firefox only (Windows/Mac/Linux): The VTzilla Firefox extension adds a Scan with VirusTotal option to Firefox’s right-click context menu and file download dialog that allows you to scan any file for a virus before you download it.

If you’re not familiar with VirusTotal, it’s a brilliant web service that scans any file you send it against 42 of the best malware scanners available—and it’s the tool we go to when we want to know if a download really has a virus.

now if a download really has a virus.

You can scan files with VirusTotal by uploading them to their web site, sending them via email, or uploading them via your Windows Send to menu. The VTzilla extension takes one more step out of the equation, allowing you to scan any download before you commit to downloading it to your computer. Even better: Since the latest update to VirusTotal, if the service has already scanned the file in question, the results are almost instantaneous.

VTzilla is a free download, works wherever Firefox does. Note: By default, VTzilla turns on a new toolbar in Firefox. To disable it, navigate to View -> Toolbars, then uncheck VirusTotal Toolbar.

I know five Web sites that are committed to keeping browsers free of vulnerabilities. These Web sites evaluate browsers for weaknesses and determine how freely private information is to be had. On top of that, all but one offer advice on how to make the tested Web browser secure.

Why five, you may ask. Well, I agree there is some overlap. But I found that each site manages to give a slightly different picture. I’ll introduce them and let you pick your favorite/s.

1. Browserscope

When arriving at the Browserscope Web site, the first thing you see is test results comparing many aspects of the major Web browsers. Since this post is about Web-browser security, I’d like to focus on the Security tab. As can be expected, there are many tests in just that tab. This link explains their inner-workings.

The site also allows you to check out your active Web browser. Browserscope then adds it to the list, as shown in Figure A.

Figure A

2. BrowserSPY.dk

Last year, I wrote an article about Panopticlick. Afterward, I came across a similar Web site called BrowserSPY.dk (Figure B). It performs the same checks, plus an additional 64 tests. Sadly, BrowserSPY does not offer fixes. But it does a credible job of explaining how much information is free for the taking when visiting a Web site.

Figure B

3. PC Flank

The PC Flank Web site incorporates several tests that look at overall computer security as viewed from the Internet. The checks include Stealth Test, Advanced Port Scanner Test, Trojans Test, Exploits Test, and Browser Test. Once more, I want to focus on testing the Web browser. PC Flank tries to determine whether the Web browser gives up any personal information, location details, or specifics about your ISP.

The results in Figure C show what’s going on with my Web browser. Cookies are allowed to be saved and referrer information is available to the Web sites I visit.

Figure C

4. Qualys BrowserCheck

If you don’t mind, Qualys BrowserCheck needs to install a plug-in. That’s how it looks for weaknesses in the Web browser, associated extensions, and ancillary applications. Checking aftermarket add-ons may seem like overkill, but it’s not. Attackers are finding vulnerable TPV code an easy way to gain access. In Figure D, you can see that I need get busy and fix a few things.

Figure D

5. Scanit Browser Security Check

As a company, Scanit does all sorts of security testing, from penetration tests to making sure Web applications are secure. It also offers an online Web browser security test that looks for 19 vulnerabilities.

It seems the company is serious, as parlayed by the warning “Careful! This test will try to crash your browser!” Can’t scare me; I have image ISOs. So I bravely proceeded. Fortunately, my Web browser survived (Figure E).

Figure E

Final thoughts

Now days, we have to be careful about who and what we trust. With that in mind, I wanted to get expert opinion on what Web browser tests can be trusted. These five surfaced as the best picks. If you have another favorite, I’d sure like to know about it.