Useless, Troublesome Services running in Win XP

We all know there are a lot of services running in XP which are just a nuisance. Here is one I noticed recently and found the fix to shut off. The problem I observed is well described by the title of this KB article: "Programs May Start, Quit, Lose, and Gain Focus Randomly"
KB313176 is at http://support.microsoft.com/default.aspx?scid=kb;en-us;313176
The functionality is called "advanced text services", and that article describes how to disable it. I have not investigated what is going on under the hood, ie the service which runs and associated registry settings, but this seems to clear up the problem.

Home Networking with Microsoft Windows

I have been setting up a small network at home with machines running different versions of Windows (WinXP Prof, WinXP Home, Win2k) and it took me a while to figure out the proper way to set up file sharing. This is in a configuration with a Domain Controller. In that case security will be limited to only two account types, Admin and Limited. And under 'Simple File Sharing' the guest account is used for all access from a different machine. So you need to make sure that the guest account is Active, but not necessarily allowing it to logon. That is done using "Net User guest /active".
Steve Winograd shows this on his 'Windows Networking Myths' page http://www.bcmaven.com/myths.htm . He also makes the point, that under this sharing regime, there is no need to explicitly share out folders.
There are also several KB articles discussing the security and file sharing.
This one is excellent: How to Configure File Sharing in Windows XP
On XP Prof you can disable Simple File Sharing: How to disable simplified sharing and set permissions on a shared folder in Windows XP

Also, it seems that you need to disable the MS "Internet Connection Firewall", which is done with a control panel applet "firewall.cpl". Steve Winograd above has some old articles at PraticallyNetworked which explain this in detail.

Here is a quote from the first MSKB article below:

Verify that the Internet Connection Firewall (ICF) or Windows Firewall (WF) feature is not enabled on the adapters that you use to connect the computers to the home network. If these features are enabled on these adapters, you cannot connect to shared resources on other computers in the
network.

And this is from the second article:

After you enable an Internet firewall, you may not be able to search, or "browse," for other computers on your home or office network, and you may not be able to share files with other computers on your home or office network. For example, when you enable the Internet Connection Firewall (ICF) feature in Microsoft Windows XP, you find that you cannot browse
your network by using My Network Places. Also, if you use the net view \\computername command to view shares on a computer on your home or office network, you may receive the following error message:

System error 6118 has occurred. The list of servers for this workgroup is not currently available.

Relevant MSKB articles:
How to troubleshoot home networking in Windows XP
Internet firewalls can prevent browsing and file sharing

Roy Osherove and Don Box tweak VS.NET launch

Here is a link to an article/blog entry about a little registry tweak to change
the shell integration of VS.NET

http://weblogs.asp.net/rosherove/archive/2003/04/30/6237.aspx

"A VS.NET 2003 Registry Tweaker Don Could Use
Since Don was writing on how you can tweak the registry in order to be able to ShellExecute VS.NET associated files into an open instance of VS.NET(instead of a new one each time)..."

LUA development

I have been trying for about a year to follow the advice to develop without admin privileges. Keith Brown (see his blog at pluralsight) has been pushing this for several years, and more recently Microsoft has gotten on board. They have some of their people blogging on it and they have produced some tools to help with it. Until MS fixes VS so that one can use it with LUA privilege there seem to be two main approaches. One is to run as non-admin for most use, and launch VS and other needed processes under an admin account. That is what I do.
The other approach is to run with admin rights and reduce privileges to browse the web.
Keith's chapter "How to develop code as a non-admin" discusses the issues and techniques, though I have found that even using his tips I still need to run VS as an admin.

Aaron Margosis (Microsoft) has an excellent blog on this topic. And he has produced several utilities to help run with LUA. PrivToolBar shows effective privileges. MakeMeAdmin will elevate privileges of the current user, though that leads to issues of object ownership (see his blog).
Michael Howard (a Microsoft security guru) has a utility (DropMyRights) to go the other way - that is reduce privileges for your logon while running 'Internet-facing' apps such as Web Browsers or Mail Readers.
There was also a blog or forum starting up on the topic - It is listed below.


References to Articles and Blogs

Full-blown Articles:

• Developing Software in Visual Studio .NET with Non-Administrative Privileges (MSDN 2003) One of the first actual publications detailing techniques to facilitate this.
• Two articles by Michael Howard: Browsing and Reading Email Safely: part1, part2

Blogs and specific postings:

• Keith Brown's 'Security Briefs' blog
• Keith Brown's Wiki on Security
• Aaron Margosis' blog is wonderfully helpful.
• Table of contents, for Aaron Margosis' non-admin blog
• G. Andrew Duthie's blog hasUseful posts and links.
• nonadmin.editme.com is the Wiki mentioned above - Not much info there, but it has plenty of links on running LUA.
• 'Geek Noises' blog by Peter Provost has links for Non-Admin development

More links to specific weblog postings (cribbed from others above)

• Larry Osterman's - What is this thing called, SID?

[added July 05]

Michael Howard blogged about his article here.
And a comment on limitations with SSL are discussed here.

Issues Searching in Windows XP

Searching and the Search Dialog have certainly gotten worse in Windows lately.

I used to use Search all the time, remember it was Find (using Ctl-F, though F3 still works except in IE). You could select a start point, and easily choose files or folders or specific file types and then ask it to look inside files. Well a lot of that changed in Win2k and then XP.
I hate that it is so hard to specifically search for a folder. When you select file type it takes a long time to load up all the registered file types and then for SOME reason you can't jump to Folder by just hitting F. (Why doesn't it work like other list boxes?) So you have to scroll down, which is very tedious. I thought this might get fixed in XP, but no.

Then with XP they changed content searching, to speed it up apparently, by restricting content search to only registered file types. Now I have found the articles explaining how to fix that or after service pack 1 to set searching inside all files. I will find the urls and post them here.

Better way to use google

Somebody at some seminar mentioned there is a better way to define site restricted searches in Google than appending "site:microsoft.com" or some such. But I don't remember what it was. Does anyone else?

Let's see...

Attended the ISV seminar on SQL Sever 2005 and Business Intelligence.
Then a Microsoft / Pluralsight class on .NET Connected Systems.