26 September, 2011

Chromium OS - Creation and use of a USB Flash Drive Boot


    Having played a bit with Joli OS, and generally liking it (see 2011-September-17 'Joli OS - A Primer' post), I wanted to play with Chromium OS.

    Chromium OS is the open source version of Google's 'Chrome OS'.  You'll notice it's icon is identical, to Chrome's, except it is four shades of blue, versus Chrome's blue, red, green, and yellow icon.  It is available for devices running Windows, Linux, and MAC OS.


    My intention was to find a compiled Chromium USB flash boot image that would allow me to play with the OS without performing a full installation.  After some Googling, and a bit of reading on the boards, I opted for 'Flow', built by Hexxeh, found here: http://chromeos.hexxeh.net/ , and versions for Windows, Linux, and Mac devices are provided.

    Hexxeh does a great job of documenting the steps involved.


    To duplicate my experience you will need:

  • 2GB USB flash drive (or larger) that you are willing to reformat
  • A current Chromium OS image file (available via the Hexxeh links above)
  • A USB image-file writer.  Since my primary OS is Windows XP, I chose to use the writer that Hexxah recommended, 'Image Writer for Windows', available at https://launchpad.net/win32-image-writer/ .
Creating and Using the USB Boot Drive

    Creating the USB flash disk was simple.  I downloaded the image (IMG) file, downloaded the disk imager software, then installed the image file to my USB drive.  The formatting of the drive took proximately ten minutes.  Note I used an 8GB drive, as I didn't have a spare 2GB drive available.

    Upon completion of the drive's image installation, I inserted it in my Acer One D255 netbook and turned on the device.  Within moments the Chromium logo and name appeared and my USB drive's light flickered, indicating to me that the drive was in use.  After four minutes I thought perhaps it had frozen, but a few more minutes indicated there was still activity.  After a total of ten minutes (apx.), I was presented with a simple configuration screen.  The time lag was obviously spent with Chromium interrogating the netbook to find the appropriate drivers to use.

    At the configuration screen I was able to select my WiFi network and enter its authentication credentials.  The connection to the network went well and I was soon presented with a Google login screen.  I opted for 'Guest Login', the Chromium browser launched, and I was looking at tabs displaying the contents of the USB drive.  On another tab I navigated to www.google.com and was able to quickly access the Internet.

Trying the Already Configured USB Drive in Another Device

    I then wanted to see how the USB drive worked in my notebook (versus my netbook).  Upon booting the notebook, the configuration seemed to take even longer than it had in the netbook.  Perhaps this is due to the USB drive already having been configured, for the netbook, and the reconfiguration was involving internal "Are you sure this really isn't the netbook?" kind of interrogation.  The system announced "Your system is repairing itself. Please wait." and was nice enough to provide a time estimate, in the upper right corner, of how long the process would take: 12 minutes.  Indeed, the countdown changed periodically, leaping from 12, to 8, to 7, to 5, holding there for a while, etc., but the total time of repair did take around the 12 minutes that had been estimated.  Once the repair was completed, my experience with the netbook was duplicated, in that I chose the network, entered the credentials, and was able to browse successfully.

    Shutting down, via the power button, was extremely slow, with several minutes of staring at a 'Disabling IRQ 7' message in the upper left corner of the screen.  Growing restless, after apx. four minutes, I held the power button in, powering down the notebook by force.  I restarted it, and the USB flash went back through the repair process, estimating another 12 minutes.  I assume this is because I had rudely shut the notebook off without allowing the shutdown process to complete, so perhaps my device settings had not been properly saved.  I bailed out of this process as well, forcing a shutdown.  I removed the USB drive and powered-on the notebook to ensure it's regular OS (Windows7) was intact, and all was well, with one exception:  The system time had lept five hours into the future.  I assume the Chromium OS had been set for some European country, in the image, and that had lived through into my running of the image, and it reached in and grabbed my notebook's clock and adjusted it for the Eurozone.  Pure speculation.  My notebook's clock had not been set to use an Internet time server, so in Windows7, I enabled that, and it set my clock to U.S. Central time, which is what I wanted.

Trying the Boot Drive in the Original Device in Which it Had Been Created

    I then wanted to see what would happen if I returned the drive to the netbook.  As anticipated, I was presented with a time estimate (6 mins) on the 'Your system is repairing itself. Please wait.' screen.  The anticipated time passed and the Chromium OS launched, I selected my WiFi network, and proceeded.  This time, I opted to sign in to my Google account.  I was prompted to choose a picture, to represent my account, and I was taken directly to a browser screen.  Because I choose to sync my bookmarks and history, to my Google account, all my browser history was ready and waiting for me, a nice touch.

    I noticed my system clock was two hours in the past.  I shut the OS down, via the power button -- I was gracefully taken back to a login screen and then chose the 'Shutdown' icon -- and the device turned off within 30 seconds.

    I restarted the netbook, with the USB drive still installed, and the OS booted quickly.  No repair was necessary.  I was presented with a login screen containing the picture I had chosen, along with my previously used login name, as well as the choice of the guest login.  I opted for my login name, and the Chromium splash screen displayed.  After forty minutes minutes, of the splash screen continually displayed, and the flash drive's light fluttering, I turned off the netbook.  After restarting, Chromium OS launched, in just a few seconds, and I was able to again choose my login.  Upon logging in I was quickly taken to the browser and Internet.

Installation of the OS as a Multi-Boot Option on a Device with an Existing OS

    I did not test this option, due to time constraints.  The directions that Hexxeh recommended, though mentioning Windows, were more geared toward devices containing existing LINUX OS's, versus Windows.  Although familiar with various boot loaders, I was not willing to dive into this on a Sunday afternoon minutes away from the start of the Packers game (American football team).  I will return to this, however, as I am a big fan of multi-booting my devices, and I will update this entry accordingly.


It was a fun experiment, but I did not find the OS to be usable, launching and running it from an external USB flash drive.  It certainly is less than ideal to reconfigure the USB drive from one device to another.  Were I to use the OS, via a USB flash, I would dedicate the stick to one device.  My ideal situation would be a multi-boot, as I mentioned above.

The OS itself is fine.  It's a browser and it will run apps.  I expect its load time would meet its advertized lightning fast times were I to have installed the OS as a multi-boot option.  The option to have a guest login, as well as a dedicated login, is what I wanted; Joli OS does not make it easy to lend one's device to another person, since the OS login is basically an admin-level root-access login to the device itself.  [On that note, I think I have a solution, so look to my previously mentioned Joli OS posting for an update on that soon.].

23 September, 2011

Using Personal Devices to Access Work Resources - Virtual Desktops Are a Great Answer

For the almost OCD security-conscious tech-savvy (a.k.a. yours truly), using one's own devices makes sense, from a personal perspective. They incur no support onus, by the organization, if the individual agrees they are on their own with respect to such matters.

The downside, for the organizations, is their data is no longer within the domain of their control. This implies a level of trust, between the organization and the user. I've always felt that the users need to prove that trust, demonstrating their capabilities of securing and/or preserving their data, prior to being released into the wild. Unfortunately, such an establishment of trust requires resources, from the organization, related to training and perhaps occasional auditing. Many organizations simply choose to look the other way, and then disavow responsibility in the event of a breach.

The iPad is a prime example of a consumer device that fits poorly into the workplace security. If one configures their work email, the only security is the front-end slider lock, on the device itself. Few use that, and if used, it is easily beaten. Many users also use cute little notepad apps, storing their passwords, ripe for the picking if they run to the restroom, at Starbucks, and return to find their iPad gone.

While the consumerization of IT has a lot of great benefits, to both employee and organization, the security concerns cannot be understated. I am a proponent of virtual desktops, where one can login to a work desktop, where the the resources themselves -- files, secure sites, etc. -- exist only on the virtual dt, and the user simply has to securely log in to a window to access them. Those of us who have been around, for decades, have been using this philosophy since pcANYWHERE made this popular back in the early 1990's. It's nothing new...it's just a whole lot better now, with hosted Citrix servers and other various virtual machines.

It's been fun to watch the swing from old Burroughs terminals, to totally stand-alone PC's, to p-to-p networks, to Novell and Microsoft servers, to cloud storage...and back to the "slightly-more-than-dumb" terminal approach.

Control the data centrally. Allow access from everywhere.

And by trust, I am not talking about trust from a personal integrity perspective, but rather, from a competency perspective. Very few data breaches are due to intentional employee malice. Most are due to incompetence, of which inattention is a member of the subset. Brilliance and conscious awareness, in one arena, can often be "deer in the headlights" in other disciplines, and I was speaking solely of data security awareness. But, I acknowledge a colleague's point about hiring practices. Either it is time to introduce a filtering process, related to data security and archive management, at that point, or send them off to something like Records Management training., immediately after they are hired, and prior to them having any real access.

As for email, it is one thing to intercept email, in flight, an exercise that requires specific timing and know-how. It is another to simply walk off with essentially a pile of open documents, which someone's non-secure mailbox is.

As an Enigmail (GnuPG/PGP) user, I am aware of the non-secure nature of email. I do know that, no matter how conscientious one is at not SENDING sensitive information, those same people might not be so good at deleting INBOUND sensitive messages, thinking that perhaps they are not responsible if someone else gets access. They may be right, from a legal perspective, but from an ethical one {eek! He mentioned "ethics" in an IT conversation!}, we all take care, in our personal conversations, not to repeat personal items that friends tell us, at Starbucks, even though we know someone might have overheard said conversation. We usually do not cite that at "was spoken in the public domain, and thus I can tell whomever I like" as an excuse to gossip. I see no reason why this should be different in the text world.

20 September, 2011


By definition, we cannot know everything there is to know, about anything. We can know something's velocity, but not it's location. We can know it's location, but not its velocity.

Eventually, we have to take what we know and assume we know enough about it to make an "educated" decision, and move forward.

Granted, one person's "educated enough" is another's "barely above ignorant", and yet another's "over-thought it to death".

This is the beauty, and the terror, known as "giving it one's best shot".

It comes down to a balance over over-coming laziness, and not missing the boat.

A thought about Facebook's implementation of "Subscribe" & "Acquaintances"

Facebook's recent implementation of "Subscribe" functionality -- mimicking Twitter's (which mimicked SMS blog feeds), and "Close Friends" and "Acquaintances" -- attempting to get users to more easily use their grouping features that Google+ did, brilliantly, with the latter's "Circles" concept -- is a bid for FB to become more relevant in the timeliness arena, a means for them to compete with Twitter and Google+ in the right-now world.  Fair enough.

Of course, with social networks now almost as prevalent as chat clients became ten years ago, the same issues exist that have been there since the beginning.  One must either be a member, of all of them, or have a client application that spans them all, or fear being left behind, or worse, MISSING SOMETHING.  {gasp}

This gives "we move in different circles" an entirely new, modern, and somewhat depressing slant.  Often, it is not through intentional exclusion that people find themselves out of the loop.  More often it is a result of them either not having taken the time, to set themselves up in yet another venue, or it is the posters, who wishing their company, failed to advertise where in the heck their space is.

And now, many of us have numerous email addresses, and few of us aggregate them into one email client, and thus need to remember to check multiple locations to get all of one's email.  Many of us also have multiple phone numbers, and our contacts often do not know which one of these is our preferred conduit, between us and them.  In our contact lists we may have three or four, for any given contact, not knowing which accept text messages and which are land lines.

And texting is really the universal "chat", but it's about as limited, as a tweet, for conveying useful information.

So, enjoy your new found freedom to blast your thoughts into the cloud, people.  Hopefully at least a few of your intended targets will see them.

17 September, 2011

Joli OS - A Primer - Installation Steps Included


For fun, I set out to accomplish the following within a two-hour window.  I achieved all my goals.  Joli OS really is simple.  For full disclosure, note that, a few days earlier, I did create my Jolicloud Desktop online account, a step that would have added five minutes to today's adventure, had I waited.

  • Learn enough about Joli OS to install it as a multi-boot option to my Acer One D255 netbook.
  • Learn enough about Joli OS to install it to a USB key that I could use on any PC.
  • Learn enough about Jolicloud to configure my online account.
  • Write this primer
The primer was written in a text editor, with Dokuwiki syntax.  It is thus not the prettiest, but it should be short enough to live through to get you where you need to go to accomplish the first two objectives, listed above, in a 15 minute window.


====== Joli OS - A Primer ======

Quick Notes by Dan Reams (@ebsewi)

===== Summary =====

Joli OS is an OS, optimized for netbooks and old PC's, based on the Ubuntu GNU/Linux OS, with a modified Ubuntu kernel.

It currently has two download options - an ISO image, from which you can format a hard drive and install the OS, and a Windows installer, with which you can install a multi-boot system and thus run, for example, Windows XP OR Joli OS, chosen at boot time.

It provides integration with your cloud-based files, allowing you to easily access them all from any Joli OS implementation you have.  E.g., I can access my files from my netbook's installation, from my dedicated Joli OS ancient house PC -- given new life, by Joli OS -- and even from the Jolicloud desktop, available via any supported browser from any OS, thus allowing me access to my files from my primary home Windows XP machine, my work Windows7 PC, a Mac, my wife's iPad...etc.

===== Clarification between Joli OS and Jolicloud =====

Joli OS used to be called Jolicloud, but branched off as an OS when the Jolicloud name was repurposed to refer to the online desktop product.  One can use Jolicloud from any compatible browser.  For more information on Jolicloud, visit http://www.jolicloud.com and follow the links.

If someone tells you they are running Jolicloud, on their netbook, they are more likely running Joli OS, versus an older version still called Jolicloud.  This can be confusing if you go looking to install the OS...and find yourself staring at the online desktop product.

The sheet you are reading now is dedicated to Joli OS.

===== Installation Methodologies =====
Depending on your needs, you can choose any of the methods listed below.

I recommend dedicating a USB flash drive for the purpose.  I dug around in my junk drawer and found a teeny 1GB drive, copied the EXE to it, and ran it from my netbook.  I then deleted the EXE, from the USB drive, and ****

==== Preface ====

I recommend you read http://help.jolicloud.com/entries/191624-what-are-the-differences-between-the-jolicloud-windows-installer-and-an-iso-install , as it explains the difference between running Joli OS, from a file-based partition, existing within your Windows NTFS partition, and the use of an actual separate system partition, on your hard drive.  For my initial installation I chose the former (see 'My Netbook Experience', below).  Even though my gut told me to use the separate partition approach (due to my general geekiness and adoration of keeping OS's separate), I opted for the "from Windows" approach to see how it works, figuring most of my readers might also prefer this simpler solution.  From the docs, the performance differences are stated to be negligible, if at all noticeable.

==== Running from a USB Flash Drive or Other Removable Media {E.g., Flash Disk} ====

This allows one to boot the OS from a flash drive, assuming one has configured one's netbook (or other PC) to boot from the flash drive.  As always, choose a fast USB port if your device has a choice between the ancient USB 1.0 ports and the newer USB 2.0 (or even newer) ports.  See http://help.jolicloud.com/entries/248282-how-do-i-try-jolicloud-and-joli-os-without-installing-it , which outlines this method.

To create the USB Key itself -- which is just a USB flash drive with a boot partition and software on it -- go to http://help.jolicloud.com/entries/231051-creating-a-jolicloud-usb-key-guide and follow the directions.

In summary, download the jolicloud-usb-creator-installer-{version number}.exe and the Joli-OS-{version number}.iso file, run the creator EXE, and follow the screens.  Don't fall asleep yet!  Your 'create' button will be grayed out until you browse, in the application, and locate your ISO file that you downloaded above.  See the link above for screen shots and instructions.

Note that, once the USB Key installer is installed, you can create as many keys as you want, whenever you want.  Very, very cool.

You will find the Jolicloud USB Creator in your Windows' Programs.

==== Installing and Running the Windows Multi-Boot ====

I choose to run the multi-boot, on my Windows XP netbook.  This is great for general web browsing or note-taking circumstances when I need to get information, or write notes, extremely quickly.  It also allows me to boot into Windows XP when I need to do so.  Note this does not COME WITH Windows XP; it merely allows one's Windows XP to survive, on the machine, untouched.

As mentioned in the 'Preface' above, I chose to install Joli OS to my netbook using the Windows Installer, versus installing it to my netbook via the USB ISO file.  For the required steps, see http://help.jolicloud.com/entries/230291-how-do-i-install-joli-os-while-keeping-windows .

The above link refers to 'Joli OS Express', which is the Windows installer (Joli-OS-Installer.exe) found at the downloads link.  The quick steps for doing that can be found at http://help.jolicloud.com/entries/230291#download-jolicloud-express .

=== My Netbook Experience ===

As previously stated, I chose to run Joli OS from a file-based partition -- a virtual partition, if you will -- housed within my existing NTFS file system.  To accomplish this I simply ran the Joli-OS-Installer.exe file, allowed it to create a 50GB partition file, determined a PC login name and password,* and allowed the device to restart.

*I chose a generic login name and password that my whole family, or even a guest, can use.  Reason: After restart, one will be prompted to login to their ONLINE Jolicloud Desktop account, and each person can have their own.  Thus, my method allows for multiple users to utilize the Joli OS installation, versus just dedicating it to myself.

I found the above struck-through methodology to be an incorrect approach.  The result of that procedure was the creation of an administrator-level user that had NTFS-level administrator access to the entire PC.  I.e., that user could browse to any folder, on the system, including all the Windows users' documents folders, etc.  Thus, an alternate, safe approach is to have the users utilize the Joli OS's "Guest" account, which will offer the user the ability to login to their Jolicloud address.  Using the guest login, the user can still modify their data, online (in the cloud), but no files will be saved to the local device.

I had hoped that the Joli OS' "Guest" login would take the guest to a generic app page, where the user could utilize each app, as needed (such as Gmail), logging in as necessary.  Unfortunately, Joli OS is married to Jolicloud (online Desktop), making the utility, of Joli OS, as a general kiosk solution, for my old dumpy family PC, far less useful.  It will require each family member to have her own Jolicloud account/profile.  While this is fine, and something I can set up for them, it is not likely any house guests will have such an account.  I will check the forums, for possible solutions, and update this blog entry with my thoughts as I learn more.

Summary: I erred in having defined my goal.  My goal was to create a general kiosk, usable by anyone, allowing them to connect to any web app they chose -- even just a web browser if they so chose -- and relying on them to authenticate to their own web resources via any given app.  This was achieved, but only if the guest user has an existing Jolicloud account or is willing to create one on the fly. Thus, Joli OS is not a tenable solution for a public-access kiosk, at least based on what I have learned so far (three hours into my Joli life).

My post, to the Joli OS 1.2 Feature list Facebook page, in response to my above experience:

Dan Reams: I installed the latest Joli OS, and it's neat. However, the Guest mode requires the guest to have a Jolicloud account. If they do not have one, they cannot be passed through to a generic guest Jolicloud dashboard. Instead, their only two options are to sign in or sign up. Such users cannot even use a web browser without signing in. This makes the concept of "loan the PC to a friend" only useful if one's friend has a Jolicloud account or is willing to create one on the fly.

Don't get me wrong; I'm still a fan. I understand Joli wanting to direct people to create accounts, to be exposed to Joli content. I also realize that doing so is especially simple if the guest allows Jolicloud to link to their Facebook accounts. My point is simply that the use of a guest account should be understood to be defined as "allowing a Jolicloud user to use this device without user data being permanently stored on the device," versus "allow a friend to easily access the Internet."

My full experience can be found here: http://tinyurl.com/437wjn3


After the restart the installer continued its work, installing Joli OS, providing a progress bar and various tips and tricks screens to keep me occupied.  I ignored these screens, preferring to write this document.  After a ten minute installation process, the netbook rebooted and notified me that I would need to connect to a network to continue, advising me to click the network connectivity icon.  I did so, saw my home network, logged into it*, and was ready to go.  In the Joli OS login screen, I was prompted to log in to my online Jolicloud account.  I did so, and was then staring at my online account.  I quickly configured my Google Mail and Google Docs, and was then ready to explore.

*I opted NOT to save my Joli OS Desktop login information, so that only I would have access to my data.  Any other users of the OS can then proceed to access their data via their own online credentials.

I then logged out (via the Power Button icon), held my breath, and was greeted with the standard Windows boot options menu (Yay!), offering me both Joli OS and Windows XP.  I was able to launch XP just fine.

Synopsis:  A pleasurable experience, both in installation and usage.  Since the online desktop interface applies to anywhere I log in to Joli Desktop, I can add and configure my apps, from the comfort of my home PC, and use them on my netbook later, without having to configure them VIA the netbook.  My total time spent, from getting up and making coffee, downloading and installing the OS, and writing this entire document, was exactly two hours.  Granted, I was using two PC's, but still...not too shabby.  If you follow the instructions you can be up and running in about 15 minutes, I'd guess.

==== OS Installation to a Hard Drive ====

This is a fantastic refit for your old, retired and under-the-stairs box that you've always been meaning to strip for parts, or wipe its HD of sensitive data, but just haven't gotten around to doing yet.  Quickly make a Internet kiosk that your guests can access...without screwing up your main PC or otherwise allowing them access to your personal data devices.

Follow the steps at http://help.jolicloud.com/entries/230978-how-do-i-make-joli-os-my-only-operating-system to make this happen.

NOTE: This method also allows one to install the OS, to a separate PARITION, on the hard drive, keeping your other OS intact.

In summary, you will need to download the ISO file, the USB Creator application (for Windows, Mac, or Linux), create a USB key, and set up the device.

HINT: If you want to see what this will eventually look like, use the USB method with 'Try Joli OS without installing', which will let you run Joli OS from the USB drive, without installing anything to your device.

===== Downloads =====

Official http://www.jolicloud.com/download
Both the "Keep Windows" (multi-OS) and ISO (disc image) packages

===== Support =====

Official Support http://www.jolicloud.com/support
Includes various installation options

===== Information =====

Official http://www.jolicloud.com/product

Official Blog http://www.jolicloud.com/blog/

Wikipedia http://en.wikipedia.org/wiki/Joli_OS