Red Herrings

Whenever a new exploit surfaces, such as Heartbleed, and the media focuses all its attention on it, I have to wonder whether the exploit may not be a red herring—a bit of misdirection used to keep our attention focused anywhere other than it should be. It’s true that this exploit is quite terrible. It affects any server running Secure Sockets Layer (SSL) and Transport Layer Security (TSL) software based on OpenSSL, which is actually supposed to protect people engaged in confidential transactions. Supposedly, Windows and OS X servers are immune to the exploit, but these servers often rely on services offered by servers that are affected, so everyone is suspect at this point. It’s my understanding that the exploit is incredibly easy to implement and doesn’t leave any trace once the perpetrator has gone. Fortunately, there are also ways to fix the problem and most sites will likely have it fixed within a couple of days.

The exploit is an eye opener for users who have grown complacent about Internet use over the years. Most of the articles I read about Heartbleed don’t even address the user, but the user is the real loser. It’s the user’s information that is gone forever without a trace and the user who will likely bear the brunt of the financial problems caused by Heartbleed. Even if a company is forced to pay some sort of compensation to the user for the loss of information, the compensation will never fully repay the user for the inconvenience and loss of reputation that such an exploit causes. Unfortunately, the user continues to pay a price long after the exploit is forgotten in the form of lost opportunities and an inability to make use of certain services due to a loss of reputation caused by the exploit.

However, I began this post by talking about red herrings—the misdirection often found in the plot of detective novels. I find it interesting that this bug was introduced in December 2011 and is only now making headlines. This means that Heartbleed was a usable, viable means of grabbing information surreptitiously for over two years. It makes me think that there must be other kinds of exploits of this sort that nefarious individuals are currently using to grab every last bit of information possible about you. All the media attention on this one particular exploit is taking the spotlight off those other exploits. Perhaps Heartbleed has outlived its usefulness and was actually made visible by the hacker community on purpose for the purpose of hiding the true activities of these individuals. Of course, there is no way of knowing.

What all this leads me to believe is that individuals must exercise good judgement when engaging in online activities of any sort. No one will fix your credit report or reputation once ruined and counting on the financial community to make amends simply won’t work. These people are rich for a reason—they know how to hold onto their money (as in, you won’t get any). In addition, software is always going to contain errors because programmers are human, so you must count on future exploits every bit as bad (or potentially worse) than Heartbleed. With this in mind, consider taking these suggestions to moderate your online behavior and make it a little more safe.

 

  • Use strong passwords that are easy to remember so you don’t have to write them down.
  • Change your password relatively often (every month or two works pretty well).
  • Use different passwords on every site you visit.
  • Never engage in transactions of any sort with any organization you don’t know.
  • Rely on a single credit card for financial transactions and never use the credit card for any other purpose (better yet, rely on an online-specific financial aid such as PayPal).
  • Don’t expose more information about yourself than necessary.


There are other ways in which you can protect yourself, but if you follow these few techniques, you can avoid a considerable number of security issues. The point is that Heartbleed is a scary exploit and there are probably a hundred other exploits, just as scary, already in play out there. Someone will always want your information and just handing it over to them seems like a bad idea, so take steps to personally keep your information secure. Let me know your thoughts about security red herrings at John@JohnMuellerBooks.com.

 

Death of Windows XP?

There have been a lot of stories in the trade press about Windows XP as of late. A number of readers have written to ask about the aging operating system because they’re confused by stories from one side that say everyone is sticking with Windows XP and stories from the other that say people are abandoning it. Windows XP is certainly one of the longest lasting and favored operating systems that Microsoft has produced, so it’s not surprising there is so much confusion about it.

Microsoft is certainly putting a lot of effort into getting rid of the aging operating system and for good reason—the code has become hard to maintain. Development decisions that seemed appropriate at the time Windows XP was created have proven not to work out in the long run. Of course, there are monetary reasons for getting rid of Windows XP as well. A company can’t continue to operate if no one buys new product. It must receive a constant influx of funds to stay in business, even a company as large as Microsoft. In short, if you’re Microsoft and you want to stay in business, rather than service what has become an unreliable operating system, you do anything it takes to move people in some other direction.

On the other side of the fence are people are are simply happy with the operating system they have today. The equipment they own is paid for and there isn’t a strong business reason to move to some other platform until said equipment breaks. The reliability of computer equipment is such today that it can last quite a long time without replacement. Theoretically, based on reliability alone, it’s possible that people will continue to use Windows XP for many more years. I have such as system setup to hold my movie database and to play older games I enjoy, but I don’t network it with any other equipment and it definitely doesn’t have access to the Internet.

From many perspectives, reports of the death of Windows XP are likely premature. The latest statistics still place the Windows XP market share above 27 percent. Even when Microsoft’s support goes away on April 8th, many third party vendors will continue to support Windows XP. What Microsoft’s end of support means is that you won’t get any new drivers for new hardware or upgrades to core operating system features. However, you can still get updates to your virus protection and Windows XP will continue to operate with your existing hardware.

For most people, the question of whether to keep Windows XP around hinges around the simple question of whether the operating system still fulfills every need. If this is the case, there really isn’t any reason to succumb to the fear mongering that is taking place and move to something else. However, once your equipment does start to break down or you find that Windows XP doesn’t quite fit the bill any longer, try moving along to something newer.

As to the essential question about the level of Windows XP support I’m willing to provide for my books, it depends on the book. My system no longer has development software on it because developers have moved on to other platforms. So, if you ask me programming questions about Windows XP, I’m not going to be able to help you. To some extent, I can offer a little help with user-level support questions for a few of my older books. However, I won’t be able to cover issues that my support system doesn’t address any longer, such as connecting to a network or the Internet. In sum, even though I can offer you some level of support in many cases, I can’t continue to provide the full support I once did. Let me know about your Windows XP book support questions at John@JohnMuellerBooks.com.

 

Using the Set Command to Your Advantage

Last week I created a post about the Windows path. A number of people wrote me about that post with questions. Yes, you can use the technique for setting the Path environment variable to set any other environment variable. The Windows Environment Variables dialog box works for any environment variable—including those used by language environments such as Java, JavaScript, and Python. Windows doesn’t actually care what sort of environment variable you create using the method that I discuss in that post. The environment variable will appear in every new command prompt window you create for either a single user or all users of a particular system, depending on how you create the environment variable.

A few of you took me to task for not mentioning the Set command. This particular command appears in both Administering Windows Server 2008 Server Core and Windows Command-Line Administration Instant Reference. It’s a useful command because you can temporarily configure a command prompt session to support a new set of settings. When the session is ended, the settings are gone. Only those settings you create as part of Environment Variables window have any permanence. There are other tricks you can use, but using Set for temporary environment variables and the Environment Variables window for permanent environment variables are the two most common approaches.

In order to see the current environment variables you simply type Set and press Enter at the command line. If you add a space and one or more letters, you see just the matching environment variables. For example, type Set U and press Enter to see all of the environment variables that begin with the letter U.

To set an environment variable, you add the name of the variable, an equals sign (=), and the variable value. For example, to set the value of MyVariable to Hello, you type Set MyVariable=Hello and press Enter. To verify that MyVariable does indeed equal Hello, you type Set MyVariable and press Enter. The command prompt will display the value of MyVariable. When you’re done using MyVariable, you can type Set MyVariable= and press Enter. Notice the addition of the equals sign. If you ask for the value of MyVariable again, the command prompt will tell you it doesn’t exist.

Newer versions of the command prompt provide some additional functionality. For example, you might set MyVariable within a batch file and not know what value it should contain when you create the batch file. In this case, you can prompt the user to provide a value using the /P command line switch. For example, if you type Set /P MyVariable=Type a value for my variable: and press Enter, you’ll see a prompt to enter the variable value.

It’s also possible to perform math with Set using the /A command line switch. There is a whole list of standard math notations you can use. Type Set /? and press Enter to see them all. If you write application code at all, you’ll recognize the standard symbols. For example, if you want to increment the value of a variable each time something happens, you can use the += operator. Type Set /A MyVariable+=1 and press Enter to see how this works. The first time you make the call, MyVariable will equal 1. However, on each succeeding call, the value will increment by 1 (for values of 2, 3, and so on).

Environment variables support expansion and you can see this work using the Echo command. For example, if you type Echo %MyVariable%, you see the value of MyVariable.

However, you might not want the entire value of MyVariable. Newer versions of the command prompt support substrings. The variable name is followed by a :~, the beginning position, a comma, and the ending position. For example, if you place Hello World in MyVariable, and then type Echo %MyVariable:~0,5% and press Enter, you see Hello as the output, not Hello World. Adding a negative sign causes the expansion to occur from the end of the string. For example, if you type Echo %MyVariable:~-5% and press Enter, you see World as the output.

The Set command is a valuable addition to both the administrator’s and programmer’s toolkit because it lets you set environment variables temporarily. The Set command figures prominently in batch file processing and also provides configuration options for specific needs. Let me know about your environment variable questions as they pertain to my books at John@JohnMuellerBooks.com.

 

Adding a Location to the Windows Path

A number of my books tell the reader to perform tasks at the command line. What this means is that the reader must have access to applications stored on the hard drive. Windows doesn’t track the location of every application. Instead, it relies on the Path environment variable to provide the potential locations of applications. If the application the reader needs doesn’t appear on the path, Windows won’t be able to find it. Windows will simply display an error message. So, it’s important that any applications you need to access for my books appear on the path if you need to access them from the command line.

You can always see the current path by typing Path at the command line and pressing Enter. What you’ll see is a listing of locations, each of which is separated by a semicolon as shown here (your path will differ from mine).

Path01

In this case, Windows will begin looking for an application in the current folder. If it doesn’t find the application there, then it will look in C:\Python33\, then in C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common, and so on down the list. Each potential location is separated from other locations using a semicolon as shown in the figure.

There are a number of ways to add a location to the Windows path. If you only need to add a path temporarily, you can simply extend the path by setting it to the new value, plus the old value. For example, if you want to add C:\MyApp to the path, you’d type Path=C:\MyApp;%Path% and press Enter. Notice that you must add a semicolon after C:\MyApp. Using %Path% appends the existing path after C:\MyApp. Here is how the result looks on screen.

Path02

Of course, there are times when you want to make the addition to the path permanent because you plan to access the associated application regularly. In this case, you must perform the task within Windows itself. The following steps tell you how.

 

  1. Right click Computer and choose Properties from the context menu or select System in the Control Panel. You see the System window shown here open.
    Path03
  2. Click Advanced System Settings. You see the Advanced tab of the System Properties dialog box shown here.
    Path04
  3. Click Environment Variables. You see the Environment Variables dialog box shown here. Notice that there are actually two sets of variables. The top set affects only the current user. So, if you plan to use the application, but don’t plan for others to use it, you’d make the Path environment variable change in the top field. The bottom set affects everyone who uses the computer. This is where you’d change the path if you want everyone to be able to use the application.
    Path05
  4. Locate the existing Path environment variable in the list of variables for either the personal or system environment variables and click Edit. If there is no existing Path environment variable, click New instead. You see a dialog box similar to the one shown here.
    Path06
  5. When adding a new variable, type Path in the Variable Name field.
  6. Add the path you want to use in the Variable Value field. Click OK three times to close all the dialog boxes.


When you open a new command prompt, you’ll see the new path in play. Changing the environment variable won’t change the path for any existing command prompt windows. Having the right path available when you want to perform the exercises in my books is important. Let me know if you have any questions about them at John@JohnMuellerBooks.com.

 

In Praise of Dual Monitors

A lot of people have claimed that the desktop system is dead—that people are only interested in using tablets and smartphones for computing. In fact, there is concern that the desktop might become a thing of the past. It’s true that my own efforts, such as HTML5 Programming with JavaScript for Dummies and CSS3 for Dummies, have started to focus on mobile development. However, I plan to continue using my desktop system when working because it’s a lot more practical and saves me considerable time. One such time saver is the use of dual monitors.

Yes, I know that some developers use more than just two monitors, but I find that two monitors work just fine. The first monitor is my work monitor—the monitor I use for actually typing code. The second monitor is my view monitor. When I run the application, the output appears on the second monitor so that I can see the result of changes I’ve made. Using two monitors lets me easily correlate the change in code to the changes in application design. Otherwise, I’d be wasting time switching between the application output and my IDE.

I also use two monitors when writing my books. The work monitor contains my word processor, while my view monitor contains the application I’m writing about. This is possibly one time when a third monitor could be helpful—one to hold the word processor, one to hold the IDE, and one to view the application output. However, in this case, a third monitor could actually slow things down because the time spent viewing the output of an example is small when compared to creating a production application.

The concept of separating work from the source of information used to perform the work isn’t new. People have used the idea for thousands of years, in fact. For example, when people employed typewriters to output printed text, the typist employed a special stand to hold the manuscript being typed. The idea of having a view of your work and then another surface to actually work on is used quite often throughout history because it’s a convenient way to perform tasks quickly. By employing dual monitors, I commonly get between a 15 percent to 33 percent increase in output, simply because I can see my work and its associated view at the same time.

Working with dual monitors not only saves time, but can also reduce errors. By typing as I view the output of applications, I can more reliably relate the text of labels and other information the application provides. The same holds true when viewing information sources found in other locations. Seeing the information as I type it is always less likely to produce errors.

Don’t get the idea that I support using dual monitors in every situation. Many consumer-oriented computer uses are served just fine with a single monitor. For example, there isn’t a good reason to use two monitors when viewing e-mail in many cases—at least, not at the consumer level (you could make a case for using dual monitors when working with e-mails and a calendar to manage tasks, for example). Dual monitors commonly see use in the business environment because people aren’t necessarily creating their own information source—the information comes from a variety of sources that the user must view in order to use reliably.

Do you see yourself using dual monitors? If you use such a setup now, how do you employ it? Let me know at John@JohnMuellerBooks.com.

 

Your Security is an Illusion

I receive a number of queries about security from administrators and users every month, and many of these questions have links to all sorts of security issues that have occurred recently—everything from National Security Agency (NSA) spying to the Target security breach (incidentally, a number of other businesses have been attacked in the same manner). The fact of the matter is that books such as Administering Windows Server 2008 Server Core, Microsoft Windows Command Line Administration Instant Reference, and Windows 8 for Dummies Quick Reference have been telling you all along that security is a matter of vigilance—that software will never do the job alone. Even so, readers keep sending requests for some sort of magic bullet that will allay all their fears and make the task of security automatic.

Maintaining a reasonably secure system is a matter of observing personal, data, and system-wide best practices. Many other authors have listed these best practices in the past, but here are some of the techniques that people fail to use most often:

 

  • Use complex passwords that are easy to remember so you don’t need to write them down—consider using a passphrase whenever possible.
  • Change your password reasonably often and don’t rely on the same set of passwords all the time.
  • Keep your passwords secret so that no one else can abuse them.
  • Encrypt your data.
  • Perform local data backups regularly.
  • Ensure your applications remain updated with the latest security fixes.
  • Update your system as needed to ensure it provides a full set of modern security features.
  • Install security applications that check the incoming and outgoing flow of data, and block anything that looks remotely dangerous.
  • Check your system regularly for any files, folders, software, or other items that look out of place.


This list doesn’t even include some of the common user foibles, such as opening e-mail from parties they don’t know. In addition, none of these techniques are automated. You have to perform the manually in order to get the benefits they provide. Yes, it’s true that some of the techniques are automated once you start them, but you still have to start them. For example, installing security software will automatically monitor the data flow on your system, but you still have to install the security software manually.

Even with all of these security measures in place, someone who is truly determined can break into your system. You should simply count on it happening at some point, even if you’re incredibly careful. When a security breach does occur, you need to have a contingency plan in place.

Any good contingency plan will include a method of evaluating the damage caused by the security breach. You need to know just what was compromised and what the fallout of the compromise will be. Even individuals experience fallout from security breaches, such as identity theft. Once the damage is evaluated, you need a method for fixing the problems it has caused. In some cases, you may actually have to format the drive and start from scratch, which is where that data backup is going to become critical.

There is no magic bullet when it comes to security. Over the years I’ve searched, in vain, for a magic bullet and it isn’t even possible to conceive of one. Therefore, it’s the user and administrator who are best prepared for the eventuality of spying and security breaches that are in the best position to handle it later. Let me know your thoughts on security at John@JohnMuellerBooks.com.

 

Understanding the Maturing of the Command Line

A number of people have asked me why I’ve written several different command line reference books. The answer is that each book serves a different market. Serving reader needs is a quest of mine. As reader needs change, I also change my books to better meet those needs. The command line may seem static, but reader needs have changed over the years because of the way in which the command line is perceived and the new commands added to it.

The most popular of the set, Windows Command-Line Administration Instant Reference, provides the reader with quick access to the most commonly used commands. In addition, this book emphasize examples over documentation, so you see how to use a command, but don’t necessarily get every detail about it (only those that are used most often). This book is mainly designed to assist administrators. With this group in mind, the book also provides a good overview of batch files and scripting. The point is to provide something small that an administrator can easily carry around.

A second command line reference, Administering Windows Server 2008 Server Core, is designed to meet the needs of those who use Microsoft’s Spartan Server Core operating system. The book includes a number of special features for this audience, such as instructions on getting hard to install software to work in this environment. This is also the only book that discusses how to use Mono to overcome .NET Framework limitations in this environment. Even though the title specifies Windows Server 2008 Server Core, the book has also been tested with Windows Server 2012 Server Core. The point of this book is to allow you to get all of the speed, reliability, and security benefits of Server Core installations without all of the hassle that most administrators face.

My third command line reference, Windows Administration at the Command Line for Windows Vista, Windows 2003, Windows XP, and Windows 2000, serves the general needs of administrators and power users. This book is intended to help anyone use the command line more efficiently. It provides a little more hand holding and considerable more detail about all of the available commands than my other two books. This is also the only book that discusses PowerShell.

The PowerShell portion of this third book has received a lot more attention as of late. Microsoft is making a much stronger emphasis on this new version of the command line, so I’m glad I included it in my book. One of the strong suites of this book is that it not only discusses documented commands, but many undocumented commands as well (with the appropriate caveats, of course).

No matter which version of my command line reference you use, I’m always here to answer your questions about my books. How do you interact with the command line? Has PowerShell taken a more prominent role in the way you do your work? Let me know at John@JohnMuellerBooks.com.

 

Limitations of the FindStr Utility

Readers have noted that I use the FindStr utility quite often. This utility is documented in both Windows Command-Line Administration Instant Reference and Administering Windows Server 2008 Server Core (and also appears a host of my other books). At the time I wrote that documentation, I had no idea of how much comment this particular utility would generate. I’ve written a number of posts about it, including Accessing Sample Database Data (Part 3), Understanding Line-, Token-, and String-Based Command Line UtilitiesUsing the FindStr Utility to Locate Errors in Visual Studio, and Regular Expressions with FindStr. It might be possible that people think that this utility is infallible, but it most certainly has limits. Of course, the FindStr utility is line-based and I’ve already documented that limitation. However, it has other limitations as well.

The most important limitation you must consider is how FindStr works. This utility works with raw files. So, you can use it to look inside executable files and locate those produced by a specific organization as long as the file contains unencrypted data. When an executable relies on obfuscation or other techniques to render the content less viewable by competitors, the strings that you normally locate using FindStr might become mangled as well—making them invisible to the utility. In practice, this particular problem rarely happens, but you need to be aware that it does happen and very likely will happen when the executable file’s creator has something to hide (think virus).

Another problem is that FindStr can’t look inside archives or other processed data. For example, you can’t look inside a .ZIP file and hope to locate that missing file. You might initially think that there is a way around this problem by using the functionality provided in Windows 7 and newer versions of Windows to look inside archive files and treat them as folders. However, this functionality only exists within Windows Explorer. You can’t open a command prompt inside an archive file and use FindStr with it.

Recently, a reader had written me about his Office installation. Previously, he had used FindStr to locate specific files based on their content—sometimes using content that wasn’t searchable in other ways. This feature suddenly stopped working and the reader wondered why. It turns out that .DOC files are raw, while .DOCX files are archives. Change the extension of a .DOCX file to .ZIP and you’ll suddenly find that your ZIP file utilities work great with it. Old Office files work well with FindStr—new files only work if you save them in .DOC format.

Another reader wrote to ask about network drives. It seems that the reader was having a problem locating files on a network drive unless the drive was mapped. This actually isn’t a limitation, but you do have to think about what you want to do. Let’s say you’re looking for a series of .DOC files on the C drive (with a shared name of Drive C) of a server named WinServer in the WinWord folder that contain the word Java in them. The command would look like this: FindStr /m /s “Java” “\\WinServer\Drive C\WinWord\*.doc”. When using network drives, you must include the server name, the share name, the path, and the file specification as part of the command. Otherwise, FindStr won’t work. What I have found though is that FindStr works best with Windows servers. If you try to use it with another server type, you might experience problems because FindStr won’t know how to navigate the directory structure.

There is a real limit on the length of your search string. Another reader wrote with this immense search string and wondered why FindStr was complaining about it. The utility appears to have a search string length limit of 127 characters (found through experimentation and not documented—your experience may differ). The workaround is to find a shorter search string or to perform multiple searches (refining the search by creating a more detailed file specification). If you can’t use either workaround, then you need to write an application using something like VBScript to perform the task.

These are the questions that readers have asked most about. Of course, I want to hear your question about limitations as well. If you encounter some strange FindStr behavior that affects my book’s content in some way, please be sure to write at John@JohnMuellerBooks.com.

 

Installing and Managing Third Party Products

Most of my books make recommendations about third party products that you can use to enhance your computing experience. Each of these products is tested during the writing process, but without any of the add-on applications that may come with the product. For example, if I test a Windows enhancement product, I don’t test the toolbar that comes with that product. So, it’s important to realize that the advice you obtain in the book doesn’t include those add-on features.

However, it’s important to take a step back at this point and discuss why the product includes an add-on in the first place. Just like you, the product vendor has bills to pay and must obtain money from somewhere to pay them. An important concept to remember when working with computers is that free doesn’t exist. Typically, product vendors who offer free products will do so by paying for them in one of these ways:

  • Advertisements: Advertising comes in many forms, not just banner ads. Marketing types constantly come up with new ways to advertise products and induce you to buy them. A developer can obtain payment from advertisements in several ways, such as referral fees.
  • Product Add-ons: A developer can provide the means to install other products with the product that you’re installing. The company who provides the additional product sponsors the free product that you’re using.
  • Marketing Agreements: The application collects information about you and your system when you install it and the developer sells this information to marketing companies.
  • Value-added Products: The free product that you’re using is just a sample of some other product that the developer provides. If you like the free product, the developer is hoping that you’ll eventually purchase the full-fledged product.
  • Government Grants: A developer creates a product after obtaining a grant from the government. You pay for the product through your taxes.
  • Sponsorship: A larger company supports a developer’s work to determine whether the idea is marketable or simply the seed of something the larger company can develop later. You pay for the product through higher prices when you buy something from the larger company.

There are other methods that developers use to get paid for their work, but the bottom line is that they get paid. Whenever you see free, your mind should say, “This product doesn’t cost money, but there is some other price.” You need to decide whether you’re willing to pay the price the developer is asking. In the case of a government grant, you’ve already paid the price.

When you install a free product, you must watch the installation routine carefully. In almost every case, you must opt out of installing add-on products that the free product supports. So, you have to read every screen carefully because these opt-out check boxes are usually small and hard to see. The developer really isn’t pulling a fast one—just trying to earn a living. Make sure you clear any check boxes you see for installing add-on products if you don’t want that product on your machine. The reason I don’t discuss these check boxes in my books is that they change constantly. Even if I were to tell you about the check boxes that appeared at the time I installed the free product, your experience is bound to be different.

Of course, you might accidentally install one of these add-ons, an add-on that you really didn’t want. In this case, you must locate the product in the list of products installed on your system, such as the Programs and Features applet of the Control Panel for Windows users. The product name won’t be straightforward, but a little research will help you find it. Simply uninstall the add-on product. However, it’s always better to avoid installing something you don’t want to begin with, rather than remove it later, because few applications uninstall cleanly (even those from larger vendors such as Microsoft).

Unfortunately, there isn’t much I can do to help you when you install an add-on product. I do have some experience with the third party product in my book, but I won’t know anything about the add-on product. You need to contact the developer of the third party product to ask for advice in removing it from your system. This may seem like I’m passing the buck, but the truth is that the add-on products change all the time and there simply isn’t any way I can keep up with them all. When in doubt, don’t install a product, rather than being sorry you installed it later. Let me know your thoughts on third party products at John@JohnMuellerBooks.com.

 

Changes to the Start Command Functionality

Sometimes a change command line command occurs and no one really notices for a while, except that there is some oddity in the way the command executes. This is how I recently figured out a change to the Start command. Some update Microsoft provided changed the way it worked, but I have no idea of which one.

I have a batch file in the Startup folder that automatically loads all the sites I use in my favorite browser when I start my system in the morning. The old command looked like this:

Start "C:\Program Files (x86)\Mozilla Firefox\Firefox" "http://antwrp.gsfc.nasa.gov/apod/"

This command starts a copy of Firefox and loads Astronomy Picture of the Day (APOD) for me. The interesting thing is that the command continued to work, despite the change in the Start command functionality. What changed was the fact that the command window didn’t go away once the sites were all loaded. The command window would remain in place until I closed the browser. I’ve had a lot of other things to worry about, so all I did was minimize the command window and let it disappear after I had looked over my sites in the morning.

Notice how the command is in quotes. This is a necessity because there are spaces in the command, so it won’t execute if you don’t place it in quotes. After some investigation, it turns out that the new behavior is treating the command as the Title argument for Start, rather than as the command. The Start command was opening the site based on the URL argument alone. Just why the command window wasn’t closing is something I haven’t figured out yet.

Recently I decided it was time to work out the problems with the Start command because I wanted to use Chrome to load some sites (in addition to those loaded by Firefox) and Chrome wasn’t loading them. The sites were all loading in Firefox. So, I wandered over to TechNet to see what Microsoft has to say on the Start command and that’s when I noticed that the documentation had been updated on April 17, 2012—about the time I started experiencing my little problem (it does sometimes take forever for me to get the time needed to fix an issue).

After thinking through the command for a little while and trying a few alternatives at the command line, I finally came up with a new command for the batch file. Here is the result:

Start /D"C:\Program Files (x86)\Mozilla Firefox\" Firefox.exe "http://antwrp.gsfc.nasa.gov/apod/"

The new version of the command uses the /D command line switch to specify the path to the command. There is nothing new about the /D command line switch—you simply didn’t need to use it in the past to get the desired result from the Start command. Notice that the command now includes the full executable name and extension. The argument appears after the command as before. Now the command executes properly and the command window closes after all the sites are loaded.

Make sure you use this new information when working with either Administering Windows Server 2008 Server Core and Windows Command-Line Administration Instant Reference to ensure you get the desired results from the examples. Also let me know about any issues you encounter with commands in either book at John@JohnMuellerBooks.com.