Saving Google Maps destinations for easy navigation

Saving a destination in Google Maps makes it easier to navigate to and also lessens the chance for error when entering or trying to remember an address.

To see a step-by-step guide of this Tech Tip, watch a video on YouTube.

Destinations can be starred from a mobile device running Google Maps or from the Web. After searching for an address or location, click on the pin for the destination and switch on the star icon. Starred destinations will be synched across all Google accounts and devices. Starred destinations are easier to find and will type ahead on both mobile and desktop versions of Google Maps. Starring locations is a good idea for local errands and for vacations and business trips to other states and countries.

When traveling to a place with unreliable mobile data reception or expensive data rates, it's also a good idea to save an offline version of Google Maps. Once in the application on a mobile device, press the options button and select "make available offline." Pan and zoom the map until the area to be downloaded is highlighted. Click "done" and the map will be downloaded to the mobile device and be able to be used when mobile data isn't available.

Nick Barber covers general technology news in both text and video for IDG News Service. E-mail him at Nick_Barber@idg.com and follow him on Twitter at @nickjb.


How to pick a CPU when buying servers

As 2013 rolls in and the economy stabilises, many IT organisations are looking to upgrade their computational and storage systems. Like any IT purchasing decision, there are tradeoffs to consider and choices to make regarding hardware features and the technology available. When it comes to storage servers, the first step is understanding your CPU options.

For at least this year, the two server CPU choices remain Intel and AMD. ARM might solve some of the computational parts of some of the problems, but in 2013, ARM won't have enough I/O bandwidth with 10 Gigabit Ethernet ports and storage to make it a viable alternative. This might change for 2014, but it's too soon to predict as development of PCIe buses with enough performance capability is complex.

The latest AMD CPUs have 16 cores, but only if you are running integer operations. When it comes to floating-point operations, you have only eight cores. This combined with the fact that the latest Intel server processors can read and write data from memory significantly faster than AMD processors mean that AMD processors should be relegated to operations with low computational intensity that do not require high-memory bandwidth - you might think of things like VMs, but more on why this is not a good idea later.

Another place that Intel has a major advantage is communications between CPU sockets. The current crop of Intel server CPUs support 25.6 gigabits per second (Gbps) of I/O bandwidth between CPU sockets over the Quick Path Interconnect (QPI).

This performance combined with the per-socket memory bandwidth performance exceeds the current performance of AMD CPUs. On multi-socket machines, this has a dramatic impact on the performance for all of the sockets because a process might be making a request for which memory has been allocated on another socket.

PCIe is where the rubber meets the road on why the latest Intel processors are far ahead of their AMD competitors. The Intel technology on the latest server CPUs runs PCIe 3 with 40 lanes on each CPU.

That means that the PCIe bus and the CPU are capable of 40Gbps of I/O bandwidth. This is far greater than the bandwidth of available on AMD processors. So if you need to do a lot of network I/O or disk I/O, PCIe 3 is the better choice because it has far higher bandwidth than PCI 2.0 and the performance of the bus will double, but also the Intel CPU supports more PCIe lanes.

There is one problem with the new Intel CPUs that becomes more noticeable with quad-socket configurations. As mentioned earlier, the PCIe bus is on the CPU socket so with four sockets you have four PCIe buses with 40 lanes each for a total of 160 lanes of 1Gbps PCIe bandwidth. That is a lot of I/O bandwidth, but looking a bit deeper there is a problem:

The QPI connections between sockets is a dual-channel 12.8Gbps channel for a total performance of 25.6Gbps.The PCIe express bandwidth of a socket is 40x 1Gbps per lane or 40 Gbps of PCIe bandwidth to the socket.

Problems quickly arise when PCIe bandwidth exceeds 25.6Gbps and the process requesting access to the PCIe bus is not on the socket with the bus where the access is being requested. Some of the workarounds attempted would lock processes on sockets with the PCIe bus that needs to be read or written. But it did not work for all applications. For example, those with data coming in and going out of multiple locations such as a striped file system are affected because you cannot break the request and move each request to each PCIe bus.

The real-world performance for general purpose applications running on a four-socket system is likely an estimated 90 percent of the QPI bandwidth between sockets (or 23Gbps) unless the data goes out on the socket with the PCIe bus. Every fourth I/O, if they are equality distributed, will run at 40Gbps, so the average performance would be (3x23Gbps +40Gbps)/4 or an average performance of about 27.25Gbps per socket for a quad-socket system.

This is, of course, the average based on equal distribution of the processes and I/O to the PCIe bus. A process that has PCIe processor affinity will significantly improve that average, but it is often difficult to architect and meet the requirements of putting every task on a PCIe bus and ensuring that the process runs on the CPU with that bus. The probability of this limitation is higher with a quad-socket system than with a dual-socket system.

The diagram below shows an example of a dual-socket system that, though having the same issues, reduces the potential of hitting that architectural limitation.

My estimate for performance for a dual-socket system is (23Gbps +40Gbps) or average socket performance of 31.5Gbps. On a dual-socket system it is much easier to architect the system so that you can put the right I/O on the right CPU and achieve near-peak performance.

New Intel systems have far more I/O bandwidth than previous systems and they have more than anything available from AMD. ARM is not currently competitive if you need to move lots of data in and out of the system.

The current Intel line quad-socket systems will average about 27.25Gbps unless significant work is done to architect the system to connect with processors and PCIe buses. The IOPS performance of the system will, of course, be higher as IOPS is not impacted by QPI bandwidth limitation.

The dual-socket systems are easier to get higher performance, and the average system performance is over 4.25Gbps. So my conclusion is you are better off using dual-socket systems for high I/O bandwidth requirements versus a quad socket. This, of course, is clearly counterintuitive, but is the best strategy given the current Intel architecture.

You will mostly likely see Ivy Bridge server processors in 2013 and the QPI bandwidth will go way up so with Ivy Bridge quad socket systems likely make sense. More on this after the Ivy Bridge serve processor are released.


How to make your Surface RT touchscreen respond faster

Fiddling with the Registry is old hat to anyone conversant with Windows, but Microsoft's Surface RT - well, that's a tablet with a specialised version of Windows. Surely it has no Registry to hack, right?

Wrong.

It turns out that you can indeed access the Registry of a Surface RT tablet, and one of the first discovered tweaks can greatly reduce the lag time between touching the screen and getting a response.

Let me just pause right here and note that if you've never noticed any lag on your Surface, or it doesn't bother you, it's probably not worth monkeying with the Registry. As always, any changes you make therein can have undesirable results, so I don't recommend this to anyone who's not an intermediate or advanced user.

Needless to say, you'll also want to back up any important data you may have stored on your tablet. Just in case.

Here's how to make the adjustment:

1. Open up Search, type regedit, then tap the item when it appears.

2. Navigate to the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\TouchPredict ion

3. Lower the "latency" and "sample time" entries from 8 to 2.

4. Exit the Registry, then restart the tablet.

Based on anecdotal evidence kicking around the web, this little hack can definitely help, and it doesn't appear to impact battery life.


How to replace missing Start button in Windows 8

Whatever you might think of Windows 8, at startup there is something missing that can vex, or at least perplex, users from the get-go.

By default, Windows 8 now boots to a "Start Screen" that displays "tiles" that link to a limited set of programs and features for various options such as mail, video, music, and somewhere among the 16-20 tiles, a desktop option. Clicking the desktop option opens a Window that contains - actually not much.

The familiar start button went missing in Windows 8 and instead users are left staring at an empty space with no apparent way to access programs and applications. Early testers considered this an alpha or beta glitch, but Microsoft has confirmed that the missing start button will not be making a re-appearance in the release version of Windows 8.

In this review, I tested three different Start button replacements (Power8, Start8 and Classic Start Menu). The tests were run on Windows Preview version build 8400. Each product produces a reasonable facsimile of the legacy Windows start button. Overall I thought Classic Start was the best of the three, as it contains many more configuration and customisation options than the other two products.

Stardock's Start8 is installed using an executable file and like the other two products I tested, it installs quickly with no options presented during the install. Once the installation is complete, the familiar round start button you remember from Windows 7 appears. Not only is the button identical, but the entire start menu looks just like Windows 7 with the same options in the same location.

As mentioned in the intro, Windows 8 boots to the new Start Menu by default. Once the Start Screen tiles are displayed the status bar we have known since Windows 95 is also hidden, but Start8 adds a panel you can use to quickly get back into familiar territory. Start8 has limited configuration options, but there are a few choices such as the ability to use a metro style start menu, which is a hybrid between the old Windows start menu and the new Start Screen with tiles. It essentially takes the tiles and organizes them into a start menu like configuration, which really is only an option with larger screens in high resolution. As to look and feel you cannot make changes to colors and themes, but the start menu automatically matches the color scheme you have selected. The documentation claims that Start8 can be configured to boot directly to the desktop. Although I selected the option to boot directly to the desktop, I was not able to make this work correctly on a virtual machine. The vendor informed me that they do not support their software in a virtualized environment, which I found to be a rather surprising limitation in a world where virtualization is now so prevalent.

Start8 has a compact footprint that uses less than 1 MB of memory.

Pricing: The Beta version is currently free to download or you can pay $4.99 and receive the full version once it becomes available after Windows 8 is released.

Pros: Nice interface with ability to switch between regular start menu and metro start menu

Cons: Limited configuration and customization options, limited documentation, lacks support for virtualized environments

I installed Power8 using the available MSI file and except for the installation path there were no other options presented during the install. Upon completed installation, a large white arrow directs you to the newly available start button. When clicked, the start menu looks very much like what you see in Windows 7 with shortcuts to recently used programs, the Control Panel, including the familiar options to lock, shutdown, hibernate and log off the computer. One of the features I found especially useful is the ability to drill-down Explorer style right from the start menu without opening Windows Explorer. On my copy the start button was a bit narrow and although I tried to modify this, I could not find any configurable options except for the option of auto-starting Power8 when the Windows starts. Even with auto-start, Windows 8 still loads the Start Screen first and you have to click the desktop panel to see access the desktop and start menu.

Of the three products, this is the one that looks the least like to the start button in Windows 7. However, the difference does not detract from the overall functionality. The transparency of the start menu made it difficult to read against a light background. However this was only an issue for the initial menu, as once you expand any of the menu items they all become opaque.

Power8 bills itself as a small footprint solution, however I found it to use quite a bit of memory, running two processes totaling over 35 MB.

Pricing: Power8 is open source and free to download.

Pros: Open source, no system file integration

Cons: Very limited documentation, no configuration options

The Classic Start Menu is part of the ClassicShell package which also includes the Classic Explorer and Classic IE9. During the install you can select which features to install and although I was only reviewing the Start button replacement in this article, I installed all three. Classic Start Menu offers three style options: Windows Classic (a la vintage Windows 95/98), Windows XP or the Windows Vista/7 look. I decided to go with the Windows 7 menu and also selected one of the seven available skins. This created a start menu that is essentially identical to the Windows 7 menu with a few variations. For instance, the Control Panel has been placed under a Settings group, which also contains printers and network settings. This is not a bad idea as most users do not necessarily need these features that often. Other features such as the My Documents, Recent items, search and help are available from the immediate start menu.

By default, once installed, the Classic Start Menu does boot to the desktop as opposed to the new Start Screen tiles. Of the three products I tested this one was the only one where this feature actually works as advertised. Another neat feature of the Classic Start Menu is the ability to save the settings to an XML file or import from an XML file. This way you move your custom start menu to a different computer.

Classic Shell was the only one of the products that installed an entire program group for its product. It also has a handy link to the configuration page from the start menu itself. Of the three products tested, this one had by far the most options; there are no less than 13 different configuration tabs on the settings page. This is probably overkill for most users, but it is nice to know you can tweak certain settings such as the style and which items to display in the start menu. Uses about 2 MB of memory.

Pricing: ClassicShell is open source and free to download, but donations are accepted through PayPal

Pros: Multiple configuration and customizations options, open source

Cons: None that we could find

Both Power8 and Classic Start Menu are open source products, which means you can download and inspect the code before installing it. The safest way to use open source is to compile the source code yourself, as this ensures nothing else can be 'injected' into the binary distribution, so long as you compile every release. If you don't have the tools, time or inclination to compile the source, at the very least use the vendor-provided hash file to verify the download.

What if your company doesn't allow third-party software?

While it's encouraging to see third parties step up to the plate to help users make the transition to Windows 8, not everyone will be able to take advantage of third-party products, no matter how useful they may be. If your organisation disallows third-party software, you could well be sitting back at the blank screen wondering how to do simple tasks that used to be at your fingertips, such as configuring your printer.

Fortunately, there is a feature built in to Windows 8 that you can use in a pinch to restore some basic functions associated with the start button in Windows 7. While not as elegant as the solutions provided in the products I reviewed, if you right click the task bar and open the Taskbar Properties you can choose to display a built-in 'Desktop Toolbar'.

This is a simplified basic start menu that allows you to access some Windows features such as the Windows Explorer, Control Panel and view other computers on the LAN. It does not, however, provide access to applications, which is a very limiting restriction. We hope Microsoft will reconsider after it encounters the inevitable push back from users who need to use their computers for more than streaming videos and listening to tunes - some of us actually have to work.


How you can stop spear-phishing

Most of us have clicked on an email that seemed legitimate, but wasn't. I am embarrassed to say it, but I recently clicked on a malicious link myself, and I should know better considering that I preach to people every day about the importance of protecting your organisation against such tactic. But, the phishing email caught me at the wrong time when I was half paying attention to what I was doing, and it enticed me with right authentic looking message.

When we first started trying to educate employees about email security, I sent a sampling of 140 employees a fake phishing email. The results were jaw dropping; Seventy-two percent opened the email. Of those, 85 percent clicked on the "malicious" link. But the most concerning to me was that 65 percent gave their username and password - and that number would have been higher if word didnt get around about the fake email in social circles.

Each employee, who clicked on the malicious link were then trained as we explained the dangers of malicious emails and how to catch them in the future.

Ive spoken with hundreds of CIOs and CISOs worldwide, and many of them have impressive programs. In those discussions I also got to hear how the top organizations are protecting themselves from the risk of spear phishing to a very high degree of effectiveness. Below are the top 11 tips I've heard for best technology practices, employee education and social media smarts.

1. Inbound email sandboxing:

Deploy a solution that checks the safety of an emailed link when a user clicks on it. This protects against a new phishing tactic that I've seen from cybercriminals. Bad guys send a brand new URL in an email to their targets to get through the organization's email security. The other tactic is when they inject malicious code into the website right after delivery of the email URL. This URL will get past any standard spam solution.

2. Real-time analysis and inspection of your web traffic:

First, stop malicious URLs from even getting to your users' corporate inboxes at your gateway. Even if you have inbound email sandboxing for your corporate email, some users might click on a malicious link through a personal email account, like Gmail. In that case, your corporate email spear-phishing protection is unable to see the traffic. Bottom line: your web security gateway needs to be intelligent, analyze content in real time, and be 98 percent effective at stopping malware.

3. Employee behaviour:

The human element is incredibly important. Many CSOs that I've spoken with are adopting employee testing programs with Phishme.com (Editor's note: Clark is on the executive board of *PhishMe Inc.), and do this training on-going basis. The result isn't really employee education or security awareness - it's behaviour modification. See my five employee behavior tips below.

Employees are critical to your security success, spear-phishing defense and ability to prevent a data breach. Below are five ways you can turn them into security advocates.

1. Pen-test your organisation:

One of the best ways people create new behaviors is by making a mistake and being corrected. It's time to put your black hat on. Select a group of folks from each major department and send them targeted spear-phishing emails using an outside email address. Use only information you can locate on their social media sites (Facebook, Twitter, LinkedIn, etc.). For example, you see they like a local sports team. Send them information about a local happy hour that supports the team. When they click on the link, inform them that they have been phished and communicate best practices in a positive way.

2. Ask marketing for help:

Start a partnership with marketing to help you communicate to your employees. Your marketing team specializes in communicating to different audiences to get them to take action. It's time to use their skills. Create a communication plan that both teams can execute against and track what methods are the most effective.

3.Change how your message is communicated:

Some people learn visually, others learn audibly and for many, it's a combination of both. Change how your security message is delivered to employees. Start with a monthly email, webinar and Intranet post. Switch it up with in-person trainings and videos. Using these different mediums will help your message resonate with more employees. Remember, you will need to communicate a message multiple times for it to stick.

4. Make security relevant to them:

Just asking employees to watch out for suspicious-looking emails doesn't drive home the urgency of spear-phishing. Rip it from the headlines. When a large company makes headlines for a data breach, because an employee opened an infected email, immediately communicate how something like that could happen to your employee base. It's well-timed, newsworthy and will be on your executives' radar.

5. Reward good behaviour:

IT security is known for doom and gloom, but what if you change that perception? Start rewarding your employees for a "Catch of the Day." Start an internal contest that asks employees to forward suspicious emails they receive (both from their personal and work accounts). Pick your "Catch of the Week" every Friday, reward the employee with a $100 gift card to Starbucks, and publicise the spear-phishing attempt for other employees to see.

Social networks are gold mines of personal information for cybercriminals, especially for targeted spear-phishing emails. Below are three things I don't recommend IT Security professionals discuss online.

1. Any birthdays/addresses/other items that are used for your network passwords:

Seriously, youd be surprised at what Ive seen.

2.Your vacation schedule and home photos:

It's like an advertisement for when you will be out of town, while doing reconnaissance for the criminals. You may not think you are a target, but cybercriminals are getting more sophisticated.

3. Don't ever post your phone number:

Cybercriminals are getting more creative. We have seen more and more criminals call targeted employees and ask for information. For example, some criminals call and pretend they are from their help desk and need to reset passwords. When in doubt, go with your gut. If something seems off or you don't know the person, ask for their contact information and look into it. Ultimately, its better to be safe than polite.

Spear-phishing isn't going anywhere. As long as people use social networks and email continues to be a key workplace communication channel, spear-phishing will be a weapon of choice for cybercrime. We will continue to see the bad guys evolve and spear phish through new mediums like Twitter, SMS. We must continue to work together as leaders in Infosec to share creative/successful was to protect our organizations.