Friday, December 14, 2007

AverMedia AVerTV Combo PCI-E Media Center Upgrade Kit

Recording TV Programs:

Our ancient VCR (tape recorder) in the TV room is starting to act up and we are looking around for a replacement. Of course VCR is the technology of the previous century - we should probably get a DVD recorder or, better yet by far, a DVR (digital video recorder).

Enter the brand new computer. It turns out that a computer with a TV tuner card can make a dandy DVR, and this new one with lots of power, high-quality graphics, and Windows Vista Ultimate with Media Center is a perfect candidate.

TV Tuner Card:

I have Windows Vista 64 with Media Center, so I ordered the AverMedia Media Center Upgrade Kit from NewEgg.com, a PCI-E tuner card. I chose that product for its features but even more because of the good recommendations from purchasers on NewEgg.com. The card includes two tuners, one for analog channels (broadcast or cable) and the other for digital (broadcast or cable).

Installation:

I installed it in a PCI-E slot, rebooted, and Windows automatically installed the drivers. There was no need to use the drivers on the included CD-ROM; I'm confident that Windows used appropriate drivers. With the kit also came a remote control and remote receiver, for which Windows also found and installed a driver.

I connected the cable TV signal to the analog tuner, and the included "test" antenna to the digital tuner, and immediately tuned in all of the analog cable channels and eight digital broadcast channels.

I'm not an HDTV enthusiast, at least not yet. I know almost nothing about home-theater PC (HTPC). But this was trivially simple. What we have here is a card that is designed to work specifically with Windows Media Center (MC), a Microsoft software package found on some XP and Vista machines. The card came with no other software except drivers - it would be useless without MC, and MC cannot play or record TV signals without a TV tuner card. They go together hand in glove, and they worked together right out of the box with no coaxing at all.

Performance:
  • The quality of the analog cable programs is better than my desktop TV, and they have equal signals off the same splitter.
  • The quality of the digital programs is stunning.
  • MC and the tuner immediately detected and cataloged every useful analog cable channel.
  • Using a tiny "test" antenna supplied with the kit, the system detected all of the major local broadcast stations. That test antenna is all I need.
  • MC can play one program from one tuner while recording another program from the other tuner.
  • With MC not running, the computer's CPU usage is 1% to 2%. With MC playing a program it is about 20%, and with MC both playing and recording it is about 25%.
  • The card's tuner chips felt warm to the touch, but not hot.
  • I ran a CPU exercise program called HeavyLoad while MC was playing and recording, and the program played without a hitch with CPU usage bumping up between 90% and 100%. Nothing overheated.
Features I'd like to have:
  • The documentation was nonexistent. I have no idea how some of the included parts are even supposed to be used.
  • It has no FM tuner, which would be very nice with MC.
  • Though there are two tuners on the card, MC will not show picture-in-picture.
  • The tuner is capable of playing QAM (unencrypted digital cable signals) but MC will not take advantage that capability.
Bottom Line:

It works exactly as advertised and I'm glad to have it. I wonder if we should just build another, cheaper computer and dedicate it to DVR as a replacement for the VCR. Still expensive I guess.

An alternative is to rent the DVR from our cable provider Comcast, which would require us to upgrade the cable from Standard to Digital, and the rental plus the upgrade would cost us $16.00/month or about $200.00/year. At that rate we coud pay for an $800 computer in four years ... hmmm.

Tuesday, December 11, 2007

TrueCrypt Is Cool

My business requires me to safeguard the security of certain files. For years I have used Encrypted Magic Folders (EMF) from PC-Magic to encrypt those files, and to hide them from the view of an interloper. I loved it, because files were always encrypted on disk and yet were fully accessible to applications. However, when I upgraded to Vista 64, the new EMF crashed my system so completely that it was unbootable even in safe mode. I tried it twice, recovered twice with some difficulty, and gave up on EMF.

In the meantime I had heard about TrueCrypt, an open-source disk encryption package for Windows and Linux. It's free! I must admit that after I downloaded it, I needed some time to get my mind around it.

Here are the basics:
  • Using the TrueCrypt application you create a large "container" file on your system, larger than you will need to hold your encrypted files. It can be on any read/write disk, even a memory stick, and is initially filled with random data.
  • The container file can be copied, moved, deleted, or renamed just like any other file. It's not fragile. It can have any name and any file extension. You can have more than one.
  • With the TrueCrypt application, you mount that container file as a disk volume with its own drive letter. You choose the letter.
  • The TrueCrypt application runs in the background and manages TrueCrypt volumes.
  • Within the TrueCrypt volume you create folders, or copy them in, and create or copy in any files that ought to be encrypted. A TrueCrypt volume behaves exactly like any other disk, even though it's really just a file on your hard drive or mem stick. Every file within it is totally encrypted, including file names and even its file system.
  • Unused space in the TrueCrypt container file is filled with random data which cannot be distinguished from actual encrypted files.
  • When you open an encrypted file in an application, such as a wordprocessor or graphic editor, the file is decrypted on the fly so that the application sees it decrypted.
  • The file is never decrypted on disk, however, unless the application keeps temporary backup copies, and of course you should tell your applications to keep those in an encrypted volume too.
  • Backup of encrypted data is easy: Just dismount the encrypted volume and copy its container file, still encrypted, to the backup medium.
  • If the backup medium is another disk, mem stick, DVD, or CD-ROM, you can actually mount that backup container file whenever you want without ever copying it back to the original hard disk.
TrueCrypt Application Window
That's the simple view of TrueCrypt. There is lots more. For example:
  • Anyone examining your system or your disk can tell that you use TrueCrypt, and can probably even identify the container files.
  • However, you can host a TrueCrypt volume within another truecrypt volume in a manner that makes the internal volume both hidden and undectable even if the outer volume is mounted and visible. Really cool. The TrueCrypt people call this "plausible deniability," and consider it quite important.
  • Example: An adversary points a gun at you and demands to see your encrypted files. You can give them the password to the outer encrypted volume without ever revealing that an inner, hidden volume even exists. It's invisible. I don't actually see the need for a hidden volume in my business, but evidently some folks do.
  • You can host a truecrypt volume on a public computer, or another person's computer, without installing any software on that computer, so your encrypted files are portable.
  • You can tell TrueCrypt to mount certain TrueCrypt volumes automatically at bootup, though you will be required to enter a password to complete the mounting process.
  • TrueCrypt allows you to use any of eight different encryption algorithms and three different hash algorithms, making decryption by an adversary even more difficult.
I love it, and in fact am using it for my encrypted files on my new computer. It works very well indeed, even on Vista 64. It is certainly no more trouble than EMF was, and backup is much simpler. It is far better than Windows Encrypted File System (EFS) because: (1) EFS files are always available when you log on, whereas TrueCrypt files require you to enter another password; and (2) EFS files cannot easily be backed up in their encrypted form. TrueCrypt is also much simpler than Windows BitLocker encryption, which requires you to partition your drive and poses some risk of losing the entire drive if something goes wrong.

Sunday, December 2, 2007

RAID Backup

Working perfectly!

Usually, a person needs a backup when their disk drive fails. All disk drives fail sometime - there is no escape from that truth. But there are other reasons for keeping good backups:
  • Total disaster, such as a fire or flood that destroys the whole computer and all nearby backups.
  • Deliberate mischief, such as a virus that deletes important files.
  • Accidental deletion or modification of one or more files.
I'm sure there are more reasons, but if we cover these we'll probably have the rest covered.

Drive Failure:

Disk drive failure can mostly be avoided by using two mirrored drives in a configuration known as RAID 1. RAID means Redundant Array of Independent Drives, and has several well-defined levels. RAID 1 is a simple comfiguration with two drives which always contain exactly the same information, hence the term "mirrored." If either drive fails, the other simply becomes the system's sole drive and takes over without a hitch. Since the probability of two drives failing at once is very small, RAID 1 pretty well covers that problem. The new computer here employs RAID 1.

Total Disaster:

If the building burns down or floods, the only solution is to have a separate backup stored offsite. This can be on the internet, another building some distance away, or perhaps in a fire- and water-proof safe. At this office a flood is highly unlikely, so we store encrypted DVD backups of most user files in a fire-resistant safe in the basement, and we occasionally put a DVD in a safe deposit box at the bank. I have just set up an upload account and I may stop putting DVDs in the safe deposit box. We'll see.

Deliberate Mischief, or Accidental Deletion or Modification:

RAID disks don't help here, because the RAID disk controller keeps the two mirrored disks identical even when the files themselves are deleted or corrupted. This is where Windows System Restore can be very handy indeed. I have several times seen a serious problem solved by restoring a system to a previous date and time. System Restore works, though it has the disadvantage that the whole drive reverts to a selected time in the past, even if you only need to recover one file.

Intel Storage Console rebuilding a RAID volume But if System Restore isn't the solution, then backups are the answer. DVD and internet backups can be used to restore user data, but what about all of the rest of the system? I started a full backup once, but quit when the backup wizard pointed out that I would need 19 DVDs. Enter "RAID Backup" with a third identical disk drive. At some reasonable interval (every day, every week, every month) I can disconnect the power to one of the two mirrored disks and connect the third disk. The disconnected disk is instantly a complete backup of everything, and the newly-connected disk will soon be overwritten and re-mirrored to the remaining good disk in the RAID 1 pair. Voila - complete backup in about five minutes for a one-time cost of about $80. It does actually take about 2 hours and 15 minutes to re-mirror, but the system is usable, if slower, while that takes place. And the third disk, with no power, is safe from any mischief.

Intel Storage Console showing the RAID volume rebuilt It Works!:

I wasn't entirely sure that the Intel software would be totally cool with what I wanted to do, but I tried it last night and today. The system has three identical 320 Mb Western Digital hard disk. Steps in the experiment:
  • Disk Drives A and B were mirrored, drive C was powered up as a spare but had never been used.
  • I shut down the computer, disconnected power on B, rebooted the computer. The Bios complained that the RAID 1 pair was "degraded" and gave me a chance to deal with it in the Bios, but I declined and let the bootup proceed.
  • The computer booted normally, and the Intel monitor software presented a pop-up balloon that said the RAID 1 disk was degraded but could be repaired.
  • I clicked on the balloon and followed the instructions to restore disk C to mirror the good disk in the RAID pair, disk A. Two and a quarter hours later, A & C were a mirrored RAID pair and B was a complete backup. Job done.
  • As an experiment, however, I shut down again and disconnected all EXCEPT disk B, then rebooted. Again the Bios complained and the on-line software did too, but the system functioned normally on just the "backup" disk. As far as I could tell, all files were accessible. The RAID software, apparently confused, also created a second RAID array at this point, consisting of Disk B and a "missing" disk. Duh.
  • I rebooted with only A & C connected, and everything worked once again, no complaints.
  • Then I connected B as well, rebooted, and got some complaints about a degraded pair in the second RAID array (disk B), but the system ran normally and all files on all disks seemed to be accessible, including the files on disk B.
  • Finally, I disconnected disk C, leaving A & B connected, and rebooted once again. The Bios and the Intel application software both complained about degraded RAID arrays. But it allowed me to delete the second RAID array, consisting of only disk B. That done, it allowed me to re-mirror B to the good disk in the original RAID pair, disk A, even though disk B contained lots of valid data. I was concerned that it might not let me destroy data, and I think there were at least four warnings that data would be destroyed on disk B if I proceeded, but it finally let me do it. Now disk C is again the full backup and the system is back to a RAID array of disks A & B.
From now on the procedure will be much simpler: Shut down, disconnect B or C (whichever was connected), reconnect the disk that was disconnected, reboot, and tell the Intel application to restore the RAID array. The biggest hassle is moving the computer to a position where I can open the side panel and disconnect / reconnect drives. I can handle it.

Windows Experience Index:

Before these little experiments, the system's Windows Experience Index was 5.4, limited by the disk subscore of 5.4. I ran the tests several times. Since the experiments, the Windows Experience Index is 5.5, limited by both the processor and gaming graphics, with the disk subscore improving to 5.7. Why did the disk subscore go up from 5.4 to 5.7, using exactly the same disks? Only Microsoft knows.