Tuesday, December 22, 2009

Using VirtualBox to install Microsoft Exchange 2003

Using VirtualBox to install Microsoft Exchange 2003



I install two servers running Windows 2003 R2. I download the .ISO image and will boot from that.
I have installed VirtualBox from Sun and created the first Windows 2003 server here. I call it 2K3srv. Setting here are fine for now .
Update using Windows update. I give it a static IP address of 10.0.2.5.
After that I created a domain controller by adding DNS, DHCP, and Active Directory.  Just use the Manage your server wizard.



Installed the second virtual machine (Exch2K3) and ran Windows Update. I gave it a static IP of 10.0.2.6.
I installed a second NIC on each VM so they could see each other. (This is the same with clusters BTW.)
Win2K3 is as follows: IP 10.0.1.1 SN 255.255.255.0 GW 10.0.2.2 DNS 127.0.0.1 2ed DNS 68.94.156.1
Exchange2K3 IP is:  IP 10.0.1.2 SN 255.255.255.0 GW 10.0.2.2 DNS 10.0.1.1 2ed DNS 68.94.156.1
So now the VM’s can ping each other and browse via My Network Places.
Join the second machine to the domain.  My domain name is stardotcafe.com.
On the second machine which will become your Exchange server install the prerequisites for Exchange.

Open Add/Remove Programs control panel
Click Add/Remove Windows Components
Select Application Server and click Details
Click ASP.NET



Double Click Internet Information Services (IIS)
Scroll down and check the box next to NNTP and SMTP


Click OK twice and then click Next. When prompted insert the CDs as requested
Once the install is complete click Finish and close the Add/Remove programs control panel
Exchange install - Forest and Domain Prep
Next insert (mount) the Exchange 2003 CD ISO image



Click Exit on the first page
Once you have the latest Exdelpoy.exe from MS run it. Enter the location to save the files and click "OK"
Next locate and double click the exdeploy.hta file
You are now at the first page of the Exchange deployment tools



Click "Deploy the first Exchange server"
Click "New Exchange 2003 Installation"


The first three steps are all about ensuring the prerequisites are met. Select the checkboxes by steps 1 and 2 as these have already been covered.
Select the checkboxes by steps 1 and 2 as these have already been covered.
For step three ensure the support tools are installed.
Click the box by step three




To perform step four open a CMD prompt (Start, Run, type "CMD", Press "Enter")
In the CMD prompt window type the command below and press enter:
dcdiag /f:c:\dcdiaglog.txt /s:domaincontrollername.domain.com
(for me is was C:\Program Files\Support Tools>dcdiag /f:c:\dcdiaglog.txt /s:Win2K3.stardotcafe.com)
This will output the results to a text file in the C: called dcdiaglog.txt. Open the file and ensure there are no errors.

You should see output like the following:
 C:\Program Files\Support Tools>dcdiag /f:c:\dcdiaglog.txt /s:Win2K3.stardotcafe.com

Domain Controller Diagnosis
Performing initial setup:
   Done gathering initial info.

Doing initial required tests
 
   Testing server: Default-First-Site\WIN2K3
      Starting test: Connectivity
         ......................... WIN2K3 passed test Connectivity

Doing primary tests
 
   Testing server: Default-First-Site\WIN2K3
      Starting test: Replications
         ......................... WIN2K3 passed test Replications
      Starting test: NCSecDesc
         ......................... WIN2K3 passed test NCSecDesc
      Starting test: NetLogons
         ......................... WIN2K3 passed test NetLogons
      Starting test: Advertising
         ......................... WIN2K3 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... WIN2K3 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... WIN2K3 passed test RidManager
      Starting test: MachineAccount
         ......................... WIN2K3 passed test MachineAccount
      Starting test: Services
         ......................... WIN2K3 passed test Services
      Starting test: ObjectsReplicated
         ......................... WIN2K3 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... WIN2K3 passed test frssysvol
      Starting test: frsevent
         ......................... WIN2K3 passed test frsevent
      Starting test: kccevent
         ......................... WIN2K3 passed test kccevent
      Starting test: systemlog
         ......................... WIN2K3 passed test systemlog
      Starting test: VerifyReferences
         ......................... WIN2K3 passed test VerifyReferences
 
   Running partition tests on : TAPI3Directory
      Starting test: CrossRefValidation
         ......................... TAPI3Directory passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... TAPI3Directory passed test CheckSDRefDom
 
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
 
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
 
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
 
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
 
   Running partition tests on : stardotcafe
      Starting test: CrossRefValidation
         ......................... stardotcafe passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... stardotcafe passed test CheckSDRefDom
 
   Running enterprise tests on : stardotcafe.com
      Starting test: Intersite
         ......................... stardotcafe.com passed test Intersite
      Starting test: FsmoCheck
         ......................... stardotcafe.com passed test FsmoCheck


So long as you have no errors move back to the deployment tools and check the 4th box.


Next move back to the command prompt and enter the command below and press enter:

Netdiag >c:\netdiaglog.txt

The command will take a short while to execute. Once complete view the log file in the C:




....................................

    Computer Name: EXCH2K3
    DNS Host Name: exch2k3.stardotcafe.com
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 6 Model 15 Stepping 6, GenuineIntel
    List of installed hotfixes :
        KB923561
        KB924667-v2
        KB925398_WMP64
        KB925902-v2
        KB926122
        KB927891
        KB929123
        KB930178
        KB932168
        KB933854
        KB936357
        KB938127
        KB941569
        KB942830
        KB942831
        KB943055
        KB943460
        KB944338-v2
        KB944653
        KB945553
        KB946026
        KB948496
        KB950762
        KB950974
        KB951066
        KB951748
        KB952004
        KB952069
        KB952954
        KB953298
        KB954155
        KB955069
        KB955759
        KB956572
        KB956802
        KB956803
        KB956844
        KB957097
        KB958469
        KB958644
        KB958687
        KB958869
        KB959426
        KB960225
        KB960803
        KB960859
        KB961371-v2
        KB961501
        KB967715
        KB967723
        KB968389
        KB968816
        KB969059
        KB969947
        KB970238
        KB970430
        KB970483
        KB971032
        KB971486
        KB971557
        KB971633
        KB971657
        KB971737
        KB971961
        KB971961-IE8
        KB973354
        KB973507
        KB973525
        KB973540
        KB973687
        KB973815
        KB973869
        KB973904
        KB973917
        KB974112
        KB974318
        KB974392
        KB974571
        KB975025
        KB975364-IE8
        KB975467
        KB976098-v2
        KB976325
        KB976325-IE8
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection 2

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : exch2k3
        IP Address . . . . . . . . : 10.0.1.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.0.2.2
        Dns Servers. . . . . . . . : 10.0.1.1
                                     68.94.156.1

        IpConfig results . . . . . : Failed

            [WARNING] Your default gateway is not on the same subnet as your IP address.

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : exch2k3
        IP Address . . . . . . . . : 10.0.2.6
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.0.2.2
        Dns Servers. . . . . . . . : 10.0.2.5
                                     68.94.156.1


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{B44011CE-955E-4EBF-A3F6-48165D15F773}
        NetBT_Tcpip_{BA88752D-970E-4FF3-9575-B48C4983D17F}
    2 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{B44011CE-955E-4EBF-A3F6-48165D15F773}
        NetBT_Tcpip_{BA88752D-970E-4FF3-9575-B48C4983D17F}
    The redir is bound to 2 NetBt transports.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{BA88752D-970E-4FF3-9575-B48C4983D17F}
        NetBT_Tcpip_{B44011CE-955E-4EBF-A3F6-48165D15F773}
    The browser is bound to 2 NetBt transports.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'STARDOTCAFE' is to '\\win2k3.stardotcafe.com'.


Kerberos test. . . . . . . . . . . : Skipped


LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] You are logged on as a local user. (EXCH2K3\Administrator)
        Cannot test NTLM Authentication to 'win2k3.stardotcafe.com'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

The text file should like the above output. You should get no errors. (I have errors for Default gateway because this is an isolated test system)


So long as you have no errors move back to the deployment tools and check the 5th box.

The next step is to run Forest prep. This must be run by a user with Schema administrator permissions. Forest Prep will extend the AD Schema with the new classes and attributes that Exchange 2003 requires to operate.
To proceed enter the path to the install CD in the box provided and click "Run ForestPrep now"
If prompted about an incompatibility then select the checkbox to ignore the warning in the future and click “Continue”
The Warning occurs because Exchange 2003 RTM needs upgrading to SP2 which we will install later.
Once the install opens click “Next”
Agree to the license and click “Next”

Note that only ForestPrep will be performed and that files will go in the default location C:\Program Files\Exchsrvr (this can be changed if required to place files on an Application drive)
Click “Next”

Select the account to be the first Exchange Full Administrator. The default is the account you are logged in as. If you are only logging in as a special schema admin account then you should select an account that will be used to admin Exchange. I will leave the default in place of Administrator.

Click “Next”
ForestPrep is a fairly slow process that could take around 30mins on a slow network. You will see several screens like the one below
Once the process is complete click Finish
Next move back to the deployment tools and check the box on the 6th step
Now move onto the Domain Prep. This will need to be performed in the root domain and any others which will hold Exchange mailboxes. Personally it is simplest to run it in all domains in the forest.
In a simple single domain forest proceed as follows:
Enter the path to the Install files where requested and click “Run DomainPrep now”.
On the welcome page click “Next”
Accept the licence and click “Next”
Again note that only DomainPrep will be carried out and that you can change the file location if you want (Only change it if you changed the location for ForestPrep too)
Click “Next”
Early in the process you will likely be warned that your domain is insecure for mail-enabled groups with hidden DL membership. Anyone in the Pre-Windows 2000 Compatible Access group can view this membership. So long as you are not using the group for a valid reason remove the default membership of Authenticated users to remove the problem.
Click "OK"
The DomainPrep is quick and shows the screen below whilst running
Once complete click Finish
Move back to the deployment tools and check the box of the 7th step.
You are now finally ready to install Exchange.
Move onto step 8. Again enter the path to the install files and click “Run Setup Now”
On the welcome page click “Next”
Accept the licence and click “Next”
This time check the install options carefully. You can choose which components to install. Generally the defaults are fine and that is what we shall stick with. Note also, that you can change the file location. Again you should do this if you changed the location for forest and domain prep.
Once you are happy with your selections, click “Next"
As there is no Exchange org setup currently select to create one and click “Next”
Name the org and click “Next”
Agree to the licence and click “Next”
Verify your choices and click “Next”
The installation will progress
When complete click Finish
Now return to the deployment tools and check the box next to step 8.
Click “Next” on the deployment tools bottom right hand corner
The next page runs through the steps again for other Exchange servers.
For now we will not install another server so again click “Next” on the deployment tools bottom right hand corner.
Congratulations you have just installed Exchange!

Sunday, December 20, 2009

Presentation Summary “High Performance at Massive Scale: Lessons Learned at Facebook” « Idle Process

Facebook Infrastucture / Site Architecture

Site Statistics:
  • Facebook is the #2 property on the Internet as measured by the time users spend on the site.
  • Over 200 billion monthly page views.
  • >3.9 trillion feed actions proceessed per day.
  • Over 15,000 websites use Facebook content
  • In 2004, the shape of the curve plotting user population as a function of time showed exponential growth to 2M users. 5 years later they have stayed on the same exponetial curve with >300M users.
  • Facebook is a global site, with 70% of users are outside of the US.


Presentation Summary “High Performance at Massive Scale: Lessons Learned at Facebook” « Idle Process

Monday, November 30, 2009

Simply connecting to the Internet..

Simply connecting to the Internet — and doing nothing else — exposes your PC to non-stop, automated break-in attempts by intruders looking to take control of your machine surreptitiously.
Shore up your cyberdefenses on these three cyberfronts
If an online intruder has infiltrated your Windows PC, you may notice recurring slowdowns of e-mail and Web browsing, or you may notice nothing at all. PC users must shore up defenses on three fronts:

Operating system vulnerabilities. Always use a personal firewall and keep security patches up to date.
As of early November, all new Windows XP PCs come with Service Pack 2, which includes a firewall and automatic patching.
Owners of Windows XP PCs purchased earlier than that should download Service Pack 2 from www.microsoft.com/athome/ security/protect/default.aspx. Users of older versions of Windows can get security tips at that same Web site.

E-mail viruses. Distrust all attachments. If you doubt it, delete it. Subscribe to anti-virus software, such as Norton AntiVirus, McAfee VirusScan or ZoneAlarm Security Suite. Keep the subscription current and set it to automatically check for updates.

Spyware. Consider switching from Internet Explorer, a sieve for spyware, to the Mozilla Firefox browser or the Opera browser. Both are free and can be downloaded, respectively, from mozilla.org or opera.com.
If you continue using Explorer, set security settings to high and use anti-spyware software.

Sources: CERT Coordination Center, Microsoft

While most break-in tries fail, an unprotected PC can get hijacked within minutes of accessing the Internet. Once hijacked, it is likely to get grouped with other compromised PCs to dispense spam, conduct denial-of-service attacks or carry out identity-theft scams.

Those are key findings of a test conducted by USA TODAY and Avantgarde, a San Francisco tech marketing and design firm. The experiment involved monitoring six "honeypot" computers for two weeks — set up to see what kind of malicious traffic they would attract. Once breached, the test computers were shut down before they could be used to attack other PCs.

The test did not measure Web attacks that require user participation, namely spyware, which gets spread by visiting contagious Web sites, or e-mail viruses, which proliferate via e-mail attachments.

However, the results vividly illustrate how automated cyberattacks have come to saturate the Internet with malicious programs designed to take the quickest route to break into your PC: through security weaknesses in the PC operating system.

"It's a hostile environment out there," says tech security consultant Kevin Mitnick, who served five years in prison for breaking into corporate computer systems in the mid-1990s. "Attackers have become extremely indiscriminate."

Mitnick and Ryan Russell, an independent security researcher and author of Hack Proofing Your Network, were contracted by Avantgarde to set up and carry out the experiment.

Test results underscored the value of keeping up to date with security patches and using a firewall. Computer security experts say firewalls, which restrict online access to the guts of the PC operating system, represent a crucial first line of defense against cyberintruders. Yet, an estimated 67% of consumers do not use a firewall, according to the National Cyber Security Alliance.
The machines tested were types popular with home users and small businesses. They included: four Dell desktop PCs running different configurations of the Window XP operating system, an Apple Macintosh and a Microtel Linspire, which uses the Linux operating system.

Each PC was connected to the Internet via a broadband DSL connection and monitored for two weeks in September. Break-in attempts began immediately and continued at a constant and high level: an average of 341 per hour against the Windows XP machine with no firewall or recent security patches, 339 per hour against the Apple Macintosh and 61 per hour against the Windows Small Business Server. Each was sold without an activated firewall.

By contrast, there were fewer than four attacks per hour against the Windows XP updated with a basic firewall and recent patches (Service Pack 2), the Linspire with basic firewall and the Windows XP with ZoneAlarm firewall.

"The firewalls did their job," says Russell. "If you can't get to them, you can't attack them."
Analysis of a break-in

While attempted break-ins never ceased, successful compromises were limited to nine instances on the minimally protected Windows XP computer and a single break-in of the Windows Small Business Server. There were no successful compromises of the Macintosh, the Linspire or the two Windows XPs using firewalls. That pattern was not surprising, as Windows PCs make up 90% of the computers connected to the Internet, and the vast majority of automated attacks are designed to locate and exploit widely known Windows security weaknesses.

Intruders repeatedly compromised the Windows XP computer through the same two security holes used by the authors of the July 2003 MS Blaster worm and May's headline-grabbing Sasser worm, which overloaded computers in banks, hospitals and transportation systems worldwide.

To hijack the Windows Small Business Server, the attacker finagled his way into a function of the Windows operating system that allows file sharing between computers. He then uploaded a program that gave him full control.

On three occasions, intruders got as far as logging on to an Internet Relay Chat channel, signaling an intent to herd the compromised PC with other hijacked PCs to pursue illicit activities.

IRC channels work like a private instant-messaging service. An intruder in control of such a channel can send instructions to some PCs to spread spam, to others to serve up scamming Web sites, and to others to hijack more PCs.

"Downloading and using other exploits, performing denial-of-service attacks, running spam-relay tools, running identity-theft tools are all very common activities of compromised machines," says Martin Roesch, chief technology officer at tech security firm Sourcefire.

The intruder who cracked the Windows Small Business Server even uploaded a tool to prevent rival attackers from following behind him and gaining access to the system, says researcher Jon Orbeton, of anti-virus and firewall supplier ZoneLabs.

That level of sophistication shows how cyberintrusions are fast becoming an ingrained part of the Internet. Compromised PCs fueled a 150% surge in suspicious security activity per machine per day in the third quarter of this year, compared with a year ago, security vendor VeriSign said in a report in November.

The end game: illicit profits. Compromised PCs supply the computing power for cybercrooks to run increasingly diverse scams, including phishing schemes that lure victims into typing account information at counterfeit Web sites.

In the past month, the first phishing scam to plant a bogus Web link on a legitimate banking Web site surfaced. The scam was probably carried out with hijacked PCs to protect the perpetrator from detection. "It's the most sophisticated, and frightening, phishing scam we've seen," says Susan Larson, vice president of global content at SurfControl, an e-mail security firm.

INSIDE THE HONEYPOTS
From Sept. 10 to Sept. 25, online intruders made 305,922 attempts to break into six computers connected to the Internet via broadband DSL. Attackers successfully compromised the Dell Windows XP computer using Service Pack 1 nine times, and the Dell Windows 2003 Small Business server once. No other machines were breached.
Platform Total attacks Attacks / day Attacks / hour
XP SP1 139,024 8,177 341
OS X 138,647 8,155 339
Win SBS 25,222 1,400 61
XP SP2 1,386 82 3.4
XP w/ZoneAlarm 848 50 2.1
Linspire 795 46 1.9


Monitoring software reveals intruders incessantly probing the Internet for vulnerable PCs on Sept. 10.

10:52:08
Less than four minutes from start of the test, an intruder breaks into Windows XP SP1 through the vulnerability most famously exploited by last May's Sasser worm. Ensuing instructions get garbled.

11:03:30
Eleven minutes later another intruder breaks into XP SP1 through the security hole exploited by the July 2003 MS Blaster worm. Ensuing instructions get garbled.

11:04:04
While the previous break-in is still unfolding, another intruder, using a different attacking computer, breaks into XP SP1 through the Sasser hole. Ensuing instructions get garbled.

20:21:44
An intruder breaks into XP SP1 for the fourth time using the MS Blaster hole. Things go smoothly. He begins uploading commands. He confirms XP SP1 is connected to the Internet, then begins making repeated attempts to connect XP SP1 to a server running an Internet Relay Chat channel, the equivalent of a private Instant Messaging line.

20:22:49
The intruder successfully connects XP SP1 to the IRC channel, which is probably also running on a hijacked PC.

20:23:05
The intruder instructs XP SP1 to navigate to a designated Web site, likely running on yet another hijacked PC. XP SP1 downloads a program, called ie.exe, from the Web site.

20:23:11
XP SP1 begins scanning the Internet, poised to similarly hijack other PCs exhibiting the same unpatched security hole.

Thursday, October 22, 2009

Five Reasons to Upgrade to Windows 7

Five Reasons to Upgrade to Windows 7

Windows 7 is finally out. Here are five reasons you might want to make the switch today.

The complete story can be found here:
http://www.pcworld.com/article/id,174179/article.html

We hope you will find this story interesting and informative. PC World, an IDG publication, has been providing independent, unbiased, reviews, news, and information about technology since 1983.

Sunday, October 18, 2009

BBC E-mail: Why Microsoft can't afford Windows 7 to fail

** Why Microsoft can't afford Windows 7 to fail **

The success or failure of Microsoft's new operating system Windows 7 will determine the future of the world's biggest software company.
< http://news.bbc.co.uk/go/em/fr/-/2/hi/business/8310867.stm >

Schmidt: “Android Adoption Is About To Explode”


Schmidt: “Android Adoption Is About To Explode”
Source: techcrunch.com


mrlinuxhead1.techsupport@blogger.com sent this using ShareThis.

mrlinuxhead asked us to send you this post from Engadget



Core Values: The silicon behind Android

10-14-2009

Core Values is our new monthly column from Anand Shimpi, Editor-in-chief of AnandTech. With over a decade of experience poring over the latest in chip developments, he's here to explain how things work and why our tech is the way it is.
Remember this chart? It's interesting for a number of reasons, but I want to highlight that all present day Android phones use virtually the same Qualcomm application processor, all based on a sluggish 528MHz ARM11 core. Blech.

I've got nothing against Qualcomm, but a big reason most Android phones feel slow is because they're running on slow hardware. The ARM11 core was first announced in 2003. It's old and creaky, and it's used so frequently because it's cheap. But the basic rules of chip design mean that things are about to change fast.
The present Qualcommfest is partly due to Android's maturity on the Qualcomm platform. Remember that the chips used in these smartphones are SoCs (system-on-a-chip), meaning that the CPU, GPU, I/O and a bunch of other functions are all integrated onto a single piece of silicon -- so driver support is crucial. Until recently, running Android on o ther SoCs required a bit of legwork, but Android 1.6 adds in native support for non-Qualcomm processors. The Samsung Moment on Sprint uses an undetermined Samsung SoC, while the Motorola Sholes is expected to use a TI OMAP SoC.
But while Android itself is changing, so are the chips themselves. There are two basic rules to know -- first, as chip size goes up, so does cost; and second, as chip performance goes up, so does size. (Both of these items have caveats, of course, but I'm trying to keep it simple.)

Our industry would be doomed if it weren't for a third rule, though: transistors get smaller every 12 - 24 months.

Rule three doesn't happen magically -- it takes a lot of very smart people and a great deal of work. But it does happen, almost like clockwork, and ultimately it's the basis for Moore's Law.

Want to build faster chips? Gotta make 'em bigger. Want to build faster chips without increasing cost? Wait two years and then you can use smaller transistors to build faster chips at the same cost (size) as before. That's really all there is to it. So -- how does this relate to Android?

The 528M Hz figure refers to the clock speed of the general purpose CPU core in these phones. There's much more to the Qualcomm SoC, but that's beyond the scope of this article, and it's really that 528Mhz ARM11 core that makes launching applications or interacting with your phone slow.

I present you with two boxes:
To scale, we have a rough estimate of the size of an ARM11 core (just the die, not the packaging) vs. a much faster ARM Cortex A8 core. Built using the same manufacturing process (same transistor sizes) it looks more like this:
ARM11 is just a lot cheaper. Most PC buyers don't understand microprocessor architecture, they just buy into clock speed. Most smartphone buyers don't even get that far. ARM11 clock speeds are easily as high as Cortex A8 speeds are, so why bother with something faster that's not going to sell more handsets?

(Oh, and just for kicks let's throw a Core i7 into the mix just to give you all an idea of scale here:)
The ARM business model doesn't work like that of AMD or Intel. ARM comes up with the architecture for a processor, but never physically makes the CPU. Instead, it licenses out the design to companies like TI, Samsung and Qualcomm, who in turn make SoCs based on the architecture either at their own fabs or at foundries like TSMC. TI's ARM based SoCs are branded OMAP, while Qualcomm's custom Cortex A8-based SoC sounds slightly more tangible with its Snapdragon name.

Like any other microprocessor company, ARM has to keep innovating, but since it doesn't make the chips, it takes a while for the design to go from ARM to incorporation in some manufacturer's SoC design, then to production, and then finally to actually being used in a smartphone. To make a long story short, while Cortex A8 debuted in 2005, it wasn't until 2009 that Apple used it in the iPhone 3GS and Palm used it in the Pre. The original iPhone and the 3G both used an ARM11 based SoC -- the same as in al l these Android phones. (I've written extensively about the difference between ARM11 and Cortex A8, if you're interested.)

Apple and Palm had more motivation to go the performance route with their handsets. They were sold at a premium and performance had to be as high as possible to enable the sort of usage models Apple / Palm were targeting. But the Cortex A8 is built using 65nm transistors, which makes it roughly twice the size (and thus twice the cost to manufacture) of an ARM11 core. That means expensive phones get to use it, while cheaper phones don't.

Move to 45nm transistors and now the Cortex A8 ends up being around the same (manufacturing) cost as a 65nm ARM11. Of course, ARM is also expecting manufacturers to make 45nm ARM11 cores, which will be even cheaper and thus enable even lower cost handsets (or higher profit margins), so we won't totally escape ARM11 anytim e soon.

In either case, we find ourselves in a ! sea of 5 28MHz ARM11-based Android phones because Android is still in its infancy and keeping costs low forces us into the open arms (pun) of a slower microprocessor.

If the rumors hold up, we'll see support for TI's OMAP SoCs in this next generation of Android phones. Samsung is also going to be making an appearance, obviously -- it'll be interesting to see if the Moment has a Cortex A8-based chip or just uses the higher-clocked ARM11 SoC that Samsung already produces. We're also seeing Qualcomm's Snapdragon chips arrive in Android phones, like Acer's Liquid and the rumored HTC Dragon. At the same time we'll see Cortex A8 SoCs moving to 45nm over the next 12 months and getting cheaper. The combination yields faster Android phones in 2010. It's about time.


Anand Shimpi is CEO and Editor-in- chief of AnandTech. Contact him at anand AT anandtech DOT com. Views expressed here are his own.

Mozilla Disables Microsoft's Insecure Firefox Add-on

Mozilla Disables Microsoft's Insecure Firefox Add-on

http://voices.washingtonpost.com/securityfix/2009/10/mozilla_disables_microsofts_in.html?referrer=emaillink