17 Mar 2017 @ 9:59 PM 

There has been some concern and even repudiation about Microsoft’s decision to not provide updates to Windows 7, 8, and 8.1 when run on hardware using a newer processor, such as the Intel Kaby Lake processors. This has been claimed by some as a marketing move to try to “force” users to use Windows 10.

Now, I’m not the greatest fan of some of the things introduced with Windows 10. At the same time, I have no modern systems- other than Virtual Machines- not running either Linux or Windows 10. So it’s more an annoyance at how much one has to do to appropriately assert one’s desired options with Windows 10.

Windows 7 and 8/8.1 have continued to be supported as per the Windows lifecycle; the change is for hardware that was literally introduced after the end of mainstream support for both operating systems. Extended support only applies to Security updates; however, supporting security updates on Windows 7 and 8/8.1 with those Processors would mean supporting the processor. The issue there is that while the newer chips likely run the same way as older chips did with the same code, there is no guarantee of that, and it would still require the software to be tested and bugfixed specifically for those newer chips, which means effectively, supporting the new processors.

The Updates cannot go out on an “as is” basis to systems with the new processors because hten any problems will incur support costs and bugfixes to those updates that will also effectively mean supporting the new processors on the older software.

Worth noting is that this doesn’t lock out enterprising users who are willing to take the risk that their entire Win7/Win8/8.1 system will stop functioning due to said updates. One can still workaround this, it just requires you to step off the beaten path even further, making it much more clear and far “safer” for Microsoft to tell you to basically piss off if you try to get support.

It’s likely this approach may have been adopted to try to prevent another repeat of the Windows XP diehards. Mind you, it hasn’t worked so far; Many people are now Windows 7 diehards to much the same capacity. But at least- from Microsoft’s perspective- they won’t be financing it.

Posted By: BC_Programming
Last Edit: 17 Mar 2017 @ 09:59 PM

EmailPermalinkComments (0)
 24 Aug 2016 @ 10:32 PM 

User Account Control, or UAC, was a feature introduced to Windows in Windows Vista. With earlier versions of Windows, the default user accounts had full administrative privileges, which meant that any program you launched also had full administrator privileges. The introduction of UAC was an attempt to solve the various issues with running Windows under a Limited User Account to make the more advanced security features of Windows far more accessible to the average user. The effective idea was that when you logged in your security token, which was effectively “given” to any software you launched, would be stripped of admin privileges. In order for a process to get the full token, it would require consent, this consent was implemented via the UAC dialog, allowing users to decide whether or not to give or deny that full security token.

It was a feature that was not well received; users complained that Vista was restricting them, and making them ask for permission for everything- something of a misinterpretation of the feature and how it works, but an understandable one somewhat. Nowadays, it is practically a staple of Windows, being present in the default user accounts through 7, 8, and now 10. Even so, it has had some design changes over the years.

One interesting aspect of the UAC consent dialog is that it will differentiate between a “Verified”, or signed, executable, and an unsigned one, displaying slightly different designs based on the evaluation of the executable. A signed executable effectively includes a digital signature which is able to verify that the program has not been altered by a third party- so if you trust the certificate authority as well as the publisher, it should be safe.

Windows Vista

We start our tour, perhaps unsurprisingly, with Vista.


Vista UAC Dialog, shown for an executable with a verified signature.


Vista UAC Dialog, shown for an executable with a verified signature, after expanding the Details option.

When the executable is verified, we see a relatively straightforward request. Expanding the dialog, as shown in the second image, provides access to the application path; There is no way, within the UAC dialog, to inspect the publisher’s certificate- that needs to be checked via other means.

Interestingly, once we start looking at unverified executables, however, we see quite a different presentation:


Windows Vista UAC Dialog displayed for a Unverified executable.


Windows Vista UAC Dialog shown for an unverified executable, after expanding the details option.

Rather than the more subdued appearance as seen when the application is verified, the dialog displayed for an unverified application is more bold; the options are presented as TaskDialog buttons, and the entire dialog has a very “Task Dialog” feel; additionally, the colour scheme uses a more bold yellow. Interestingly, Expanding the “Details” really only adds in the file location to the upper information region. Kind of an odd choice, particularly since the UAC dialog will usually be on it’s own secure desktop and thus screen real-estate is not as valuable as it might otherwise be.

Windows 7

On Vista, elevation tended to be required more frequently and thus UAC dialogs were rather common for standard Windows operations. Users needed to give consent for many standard Windows tasks such as adjusting Windows settings. Windows 7 adjusted some of the default behaviour and it does not by default present consent dialogs for many built-in Windows operations. The design of the UAC dialog also was adjusted slightly:


Windows 7 UAC dialog on a verified/signed executable.


Windows 7 UAC dialog on a verified executable, expanded.

For verified executables, the dialog is rather unchanged; The biggest changes we see are in the title copy “Windows needs your permission to continue” changes to an ask regarding whether the user gives permission to a particular program. The dialog now includes a hyperlink in the lower-right that takes you right to the UAC settings, and publisher certificate information is now available when the details are expanded.


Windows 7 UAC Dialog for an unverified Program.


Windows 7 UAC dialog for an unverified program, expanded

The Unverified dialog is quite a departure from the Vista version. It takes it’s design largely from the “Signed” version of the same dialog; perhaps for consistency. It dumps the “TaskDialog” style presentation of the options, instead using standard Dialog buttons, as with the “Signed” Appearance.


Windows 8


UAC dialog on Windows 8 for an unverified executable.


UAC Dialog on Windows 8 for an unverified executable, expanded.


UAC Dialog on Windows 8 for a Verified executable.


UAC Dialog on Windows 8 for a Verified executable, Expanded.



For the sake of completeness, I’ve presented the same dialogs as seen on Windows 8. There have been no changes that I can see since Windows 7, excepting of course that the Win8 Windows Decorator is different.

Windows 10


UAC Dialog from the Windows 10 November Update, running an Unverified executable.


UAC Dialog from the Windows 10 November Update, running an unverified executable, showing details.


UAC Dialog running a Verified executable on the Windows 10 November Update.


UAC Dialog from the Windows 10 November Update, running a Verified executable, showing Details.


Yet again, included for completeness, the UAC dialogs shown by Windows 10 in the November Update. These are again identical to the Windows 8 and Windows 7 version of the same, providing the same information.


This all leads into the reason I made this post- the Anniversary Update to Windows 10 modified the appearance of the User Account Control dialogs to better fit with UWP standards:



Windows 10 Anniversary Update UAC dialog for an Unverified Executable.


Windows 10 Anniversary Update UAC dialog for an unverified Executable, after pressing “Show Details”.


Windows 10 Anniversary Update UAC Dialog for a Verified application.


Windows 10 Anniversary Update UAC Dialog for a Verified Application, after pressing Show Details.


As we can see, the Windows 10 Anniversary Update significantly revised the UAC dialog. It appears that the intent was to better integrate the “Modern” User Interface aesthetic present in Windows 10. However, as we can see, the result is a bit of a mess; the hyperlink to display certificate information appears for unverified executables, but in that case, clicking it literally does nothing. The information is presented as a jumble of information with no text alignment, whereas previously the fields were well defined and laid out. I’m of the mind that updating the dialog to UWP should have brought forward more elements from the original, particularly the information layout; The “Details” hyperlink in particular should be more clearly designated as an expander, since as it is it violates both Win32 and UWP Platform UI guidelines regarding Link Label controls. I find it unfortunate that parsing the information presented in the dialog has been made more difficult than it was previously, and hope that future updates can iterate on this design to not only meet the usability of the previous version, but exceed it.





Posted By: BC_Programming
Last Edit: 24 Aug 2016 @ 10:35 PM

EmailPermalinkComments (0)
 01 Apr 2016 @ 11:03 AM 

For quite some time now the idea of planned obsolescence has been somewhat commonplace. Computers in particular are often quickly considered out of date or “obsolete” only a few years after they have been used. Operating System versions that are older are met with a certain scorn from some people. I’m convinced, however, that there is a strong trend where the advantages of the latest and greatest hardware and software makes a dramatic falloff and furthermore that the speed with which a system actually becomes difficult or impossible to use for current-day tasks is falling dramatically.

for technology, it is a not uncommon mindset that it becomes useless very quickly, relative to other industries. And there is certainly some prior art for that; for example, an original IBM PC wouldn’t be able to do nearly the level of things that a PC 10 years newer would be able to do. However, I don’t think that applies quite as well to today and PCs from 10 years ago.

Consider the typical usage scenario. What everyday tasks, software, or other components does somebody use that they simply cannot use with Windows 7? Which ones require a system from the past few years to do so? Windows 8 and Windows 10 are fine; but can anybody itemize a list of what those business people had to give up by using Windows 7? I can’t even contrive anything.

whereas a system from 1984 was not very useful for the common tasks of a user in 1994, or required that the user tolerate it’s slowness, nowadays older systems can pretty much always be utilized for a modern task.

A prime example is the IBM Thinkpad T41 laptop I picked up for cheap off eBay. This laptop was released in 2003 and is 13 years old. The time difference is equivalent to using an original IBM PC in 1996. And yet here I am, writing a blog post on that system with absolutely no problems whatsoever, in a modern, up to date browser and a modern up-to-date Operating System (Linux Mint 17.3 XFCE).

This is why statements like the example I give seem so strange. It is as if the release of new OS versions suddenly make those older versions unable to perform the same tasks they did previously. We don’t see mind-bending amazing new features like VFAT in new Windows versions today, so the previous versions work just fine, and for the security conscious after it’s lifecycle expired, there is always Linux.

I wrote this Blog post on a Laptop that is 13 years old. old PCs are old- but they are no longer obsolete in the modern day, particularly as gains in CPU technologies have started to level off. I don’t need a Quad core with hyperthreading to write a text document.

Posted By: BC_Programming
Last Edit: 01 Apr 2016 @ 11:03 AM

EmailPermalinkComments (0)
 07 Nov 2015 @ 9:27 PM 

Windows 8 introduced the concept of a Windows “App”. This has moved forward through Windows 8.1 and Windows 10.

Effectively, these “Apps” are what was formerly referred to as “Metro” and is now called the Modern UI. They use something of a different interface paradigm, with different controls and with elements typically sized for easier touch-screen use. That’s all well and good.

With Windows 8, 8.1, and 10, using these Apps tends to be optional. For the most part, there are equivalents you can use. A good example is Control panel; there is a “Settings” App which has some options, but for the most part there is a overlap with the “old style” Control Panel.

Recently, however, I needed to open an App for whatever reason. Or maybe I opened it by accident. Rather than the app opening, me being annoyed, and then closing the App, it instead said “This app can’t open” and suggested that I perform a Refresh to fix it. This sent me down something of a rabbit hole- Searching online for fixes, trying them, getting weird results, etc.

Actually, I’ve jumped in the ring to wrestle these issues a few times- I’ve had it on at least one my systems for ages and it recently appeared on another. Being unable to make some changes to the system was annoying enough that I decided to fix the issue- which, again, sent me down the rabbit hole. Try this command. Try this other one. Didn’t work? use this Troubleshooter that doesn’t do anything useful. Didn’t work? I don’t know. maybe try refreshing your PC after all?

Eventually, I stumbled, almost by accident, on the solution. Many of the attempts were encountering an error about “The package repository is corrupted”. I found nothing addressing that except some statements about registry key permissions, which I checked and were fine. So I decided to find where this package repository was- C:\ProgramData\Microsoft\Windows\AppRepository- and nuke it completely. I deleted the entire contents of the folder, then ran the command again. I expected a different error or something, but that seems to have done the trick, and now those Apps all work again.

Effectively, the Windows Store/App stuff is something of a “Package Manager” and stores the package information in that folder. However it also has an index of the package information in a smaller repository file, and it seems that file can get corrupted. I tried deleting that as well but it never fixed it. I ended up going with the nuke-it-from-orbit option.

My full list of steps was:

  1. Delete contents of C:\ProgramData\Microsoft\Windows\AppRepository
    Deleted all the files inside this folder. Quite satisfying.

  2. Ran an arbitrary non-obvious command from an administrator command prompt

    This effectively “re-registers” the Windows Store itself.

  3. Ran an arbitrary non-obvious command from an administrator command prompt

    Like the above, but this re-registers the “Settings” App.

  4. Ran a final non-obvious program from the command prompt
    After all this, other apps were still causing problems, like the useless Music app or the useless mail app or the various other useless apps that are provided and available. I’m not one to leave a hippo in vinegar, so I ran one more thing- I opened Windows Search and typed “wsreset” which brought up wsreset, then I right-clicked it and selected to run as administrator. After doing so, all the apps I had started working properly again.

I’d like to pause for a moment, however- to really admire how poorly engineered something has to be for almost any problem with it to declare that the user should try nuking everything and starting over. Microsoft calls it a “Windows Refresh” but it is a reinstall, and suggesting users reinstall an OS to fix these issues is absolutely ridiculous. Another very comical aspect to this is that in the “Windows versus Linux” argument, Windows diehards will complain that Linux requires arcane terminal commands to fix issues. Now, it’s hard to argue that- some issues in Linux distributions could require dropping to the terminal to fix issues with particular commands. But given the above- it doesn’t look like Windows is any stranger to that anymore.

Posted By: BC_Programming
Last Edit: 07 Nov 2015 @ 09:39 PM

EmailPermalinkComments (0)
 21 Mar 2014 @ 11:01 PM 

One interesting trend I’ve noticed on tech-related blogs and articles is a strange focus on Linux- for example, “10 reasons to switch to Linux” or “Why I Switched to Linux”. These sorts of articles and posts are fine, but I’ve noticed a disturbing trend whereby the articles have such a strong bias that it practically dilutes the legitimate content of the article, and even removes any real value from it -turning it into nothing more than somebody typing 1000 words about nothing and based on nothing just to make a few bucks off the ad revenue.

Sort of like what I do here, except I don’t call myself a journalist.

Thing is, the problem with such articles on tech sites is they are coming from allegedly qualified individuals who should know what they are talking about, but they continue to repeat ridiculous fallacies about Operating Systems. There are a lot of real, actual benefits to using Linux but these posts and articles deluge you with idiotic reasons that in many cases aren’t even true.

The best way is to consider a specific example. Unfortunately I don’t want to give them the satisfaction of having ad revenue, so I’ll just take some central points that such articles almost always profess, and why I find them to be inaccurate.

“Windows always requires constant tweaks”

I Find this to be a curious argument, because in my experience, it has been the opposite. Even the most easy-to-use Linux OS will require a good level of scripting experience to use with the same level of customization as Windows; and you don’t get that functionality out of the base install in most cases. There is also the consideration of the script being compatible as well as upgrades. A specific case in my instance was that I wanted a wallpaper slideshow- sort of like Win7 has. The package manager of the distro I was using had about a dozen programs claiming this ability, but not a single one worked. Turned out I was using Gnome 3, and they were built with Gnome 2. I found one program (Drapes) which had a Gnome 3 plugin- that didn’t work as is, but I was able to find a freely distributed patch file for the plugin to fix it- that didn’t work either. After a few days if trying to get this basic capability in the Linux distribution I was running, I had about 2 dozen programs for switching wallpapers installed and had no idea which files they changed on installation- bash.rc had changes, and some of them installed background services. They had the common theme whereby they didn’t work, though.

I managed to piece a script together which I discussed here. I them realized my distro didn’t have sound notifications when I plugged or unplugged USB drives. I wrote another script to try to get that to work, but I either lost it or don’t have it. It was after this I realized that this held to me no real advantage over Windows; I could write a Windows Application to do all those same sorts of things if I needed too, but in fact the capabilities I was writing scripts for was built into the OS.

Therefore I find the argument that “Windows requires constant tweaks” to be a bit misleading. First off, almost any System is going to require software maintenance, and Linux is certainly no exception to this- you can’t just load up 30 different wallpaper change programs and have them fighting with your desktop manager by constantly interfering with one another. Additionally, I find that Linux requires more tweaks; this is it’s weakness but also it’s strength. The idea is that for such new capabilities and tweaks the person who creates it shares it with the world at large so other people seeking the same capabilities can simply use an existing solution. The problem is that this exact model works perfectly fine regardless of the Operating System anyway- and Other Operating Systems often have more solutions and tweaks of this nature- and often the tweaks and programs written for Linux are Desktop dependent or even package manager dependent.


“It’s Stress-free”

This is perhaps the most ill-informed sort of reasoning I’ve ever heard. It is far from stress free and to pretend that somehow a person switching from Windows will feel like they are prancing through an open flowery meadow of stress-free non-worry the moment they switch is anything but positive for the system being condoned. The only time Linux is “stress-free” would be after you have become very familiar with the system, but then you have just as many annoyances as you do when you are familiar with any system. It’s a sort of software infatuation, where you are so smitten with a system that you can see and possibly even elevate the positive attributes, while considerably downplaying real shortcomings the system may have.

“Linux is secure by design”

Every system ever designed has flaws, security problems, and exploits that can be used to get into those systems in the wild. Even FreeBSD, which has a meticulous security audit process, does not make you immune. As it currently stands the only reason Linux has any safety from maliciously-intentioned software is because there is no incentive to write malicious software that runs on Linux. If- as many people seem to want- Linux becomes a dominant Operating System, we will see serious exploits and malware being developed against and for that system and it will not be any different than the alleged “security nightmare” that Windows supposedly is.

“Fast And Gorgeous”

This is not a fallacy, though I find it to be rather irrelevant. It also depends on the distribution- if you want flash and pizazz you can get a distro suited for that taste; if you want something unassuming or simple, you can get that as well. One issue I find with much Linux software is that one thing that keeps getting done over and over again are desktop environments. It would be nice if there was more effort pooling being put into trying to make other environments better, rather than deciding to make a new one entirely.

There are a number of similar statements made in support of it, but one thing I find most disturbing is that a lot of the Linux appeal rides entirely on the waves of dissent for Windows; the people don’t really give a crap if the OS they are using is actually better than Windows- they just don’t want ot use Windows. That’s a fine reasoning on a personal basis but it’s a pretty damned crappy one at coming up with the actual Better System. At least FreeBSD and the other BSD communities don’t involve themselves in such idiotic slapfights, and instead focus on actually building good, usable software. It’s not perfect either- it can be tricky to install and there sometimes aren’t drivers or other software that you need, but the advantage is a lot more of the BSD is committed to making BSD better. They improve their systems over time, whereas a lot of Linux people just try to make Windows look worse.

Windows 8 has really sparked a movement in this regard- there are many people who, for whatever reason, have decided that somehow Windows 8 somehow goes beyond some imaginary line in their minds that Microsoft should not have dared cross. It is merely coincidence of course that this happens with every Windows Release ever– For example, 95’s release was the beginning of the end for Microsoft and people swore to never upgrade; Windows 98 was the beginning of the end for Microsoft, and people swore not to upgrade, Windows XP, Windows Vista, and even in many cases Windows 7. And now what we have pretty much the same thing. With Windows 95, people latched onto the Start menu and Windows 95’s evil way of organizing programs and it’s evil document-centric approach that was trying to do too much for the user, Users swore that they would never use Windows 95, that they would not stand this forced upgrade, and would stand firm with their copy of Windows 3.1. With Windows 98 people latched onto Active Desktop like bloodthirsty leeches, sucking it dry until they could no longer complain about it, and swore they would stick with Windows 95, which was obviously the last version made before some imagined downhill tumble… With Windows XP, people latched onto the default theme, saying it’s default theme’s colourfulness “fisher-price” was too playful for a serious OS, and they swore that they would stick with Windows 98- the last version of Windows released before Microsoft made the fatal mistake of abandoning the crappy ancient DOS-based codebase that was well-known for problems and instead decided to use their NT codebase which had already proven itself stable for the previous 8 years. “The fools” people said. “Why would they replace something that kinda sorta works most of the time with something that works all the time? And how will I run my 20 year old copy of Lotus 1-2-3? This is a forced upgrade!”, With Vista it was UAC. With Windows 7, it was how it hardly changed (more often people praised it for “fixing Vista” even though it practically changed none of the same problems people decried in Vista). With Windows 8, it is obviously the Modern UI that has been in the crosshairs of badly constructed arguments to ignorance. With each version, there were people who either swore to use the previous version, or swore off Windows and the evil Microsoft empire (The fact that people who had not really been a Microsoft Patron for years swearing off and boycotting Microsoft’s new products as if somehow that will hurt MS right then and there is a bit hilarious though).


IMO a lot of dissent with new systems- and this applies outside of Windows- to things such as Unity- is based simply on not being familiar with the new system. The interesting thing is that switching to Windows 8 from Windows 7 is going to be easier than switching to Linux, so I’m rather boggled at the logic, where Windows 8, by adding a new complementary user-interface model designed for providing a single development platform that can be used across various devices, has somehow ruined everything. People focus on Modern UI- usually referring to it as “Metro” because they have a case of recto-cranial inversion) and completely ignore pretty much every other aspect of the system- much of which is improved over previous versions, or entirely new.

Posted By: BC_Programming
Last Edit: 17 Oct 2014 @ 03:58 PM

EmailPermalinkComments (0)
 28 Nov 2012 @ 10:52 AM 

As many web developers are aware, there are a myriad of ways to develop websites and interactive web applications today. On the server side, one typically chooses from one of two technology stacks; the “Open Source” and the Microsoft. Disregarding political and license concerns, they really are very much equal in core capability. The Open Source stack typically consists of A Linux distribution as the Operating System, Apache as the Web Server, MySQL as the database, and PHP as the server-side language. These can also be installed to a Windows machine as well, and Apache has modules that even allow the use of .NET technologies via the Mono runtime. The Microsoft stack consists naturally of Windows as the OS, IIS as the webserver, and ASP as the core server-side script. ASP itself, of course, supports a number of languages; you can use JScript, VBScript, or a .NET language. Both of these platforms provide a myriad of tools at your disposal. LAMP allows you to leverage the wealth of Apache modules and use a large selection of programming languages like Ruby, Python, Perl, and of course PHP. The Microsoft Stack makes use of the very powerful SQL Server, and is particularly scalable to large operations. Of course there are variations of these; obviously MySQL could be swapped out for PostGreSQL, or even a remote SQL Server.


The cheapest hosting plans for most WebHosts use a Linux-based stack. This makes PHP one of the more accessible server-side languages to learn. When I started this sight, I wasn’t really sure how well it would turn out, what I would write about, or how much exposure it would give me or my various programs. After three years, I’m still not entirely sure of that; but at the time, I was working predominantly in Visual Basic 6. I was stagnating, and I didn’t even realize it. When starting the sight, I really had two choices- go with the Linux stack, or the Microsoft stack. My choice of the LAMP stack was done purely for a single reason: it was completely foreign to me. That may seem like an odd reason to choose a technology, but I’m always up to a challenge. I won’t try ot say that learning the “Linux way” of doing things was easy, but it did get easier over time. With the server itself of course I didn’t have full access anyway; just a standard CPanel, and I still do; but understanding Linux, Apache, and MySQL were very helpful in using PHP, which was the language I had to learn to get teh site off the ground beyond a few ugly static webpages.

I basically slogged through learning PHP, in an attempt to create a relatively simple CMS. After getting a basic CMS and some crappy side links started, I decided to redesign the site from scratch. I sketched how I wanted it to look on paper, and then set to work duplicating that appearance using the available web technologies, as well as through the use of Photoshop for the various images I needed. The end result is what you see on the main page; of course I’ve made changes to it since, and added features to the underlying CMS to support new functionality such as listing my youtube videos and different categories of items, but the visual appearance is much the same. I toyed recently with the idea of redesigning it, but decided that it could stay as it is now a little while longer; a redesign is a rather big undertaking, and I like how it looks now.

Since then, I’ve also learned and become quite adept (If I may say so) at C#. This has left me rather- annoyed- when I use PHP, which feels very messy in comparison to what is generally a very clean working environment. Not to mention being relegated to having to debug using echo, which I can’t say I really missed from using GW-BASIC.

I did install a MS Stack locally some time ago, and experiment with it for a short time before deciding to avoid it; I reasoned that if I was to use C# for web development start to avoid working on my PHP site even more. I’ve since changed my mind, however; I’ve decided to install a local IIS-based server and experiment some more with what .NET has to offer on the server-side. I’ve been able to make some pretty fine-looking stuff with WPF and Windows Forms, and I know WebForms as well as the Base-Class Library that is not heavily leveraged on the client side are one of the many areas where my abilities and knowledge can be expanded, so I can’t see why not.

Also, I’ve always thought it a bit weird that my site ran on PHP and I focussed mostly in Windows-based and MS technologies and languages. Though I don’t see a switch over occurring anytime soon.

Posted By: BC_Programming
Last Edit: 28 Nov 2012 @ 10:52 AM

EmailPermalinkComments (1)
Tags: , , , , ,
Categories: .NET, Linux, Windows
 08 Jul 2012 @ 11:52 PM 

Important Note: In a system management setting, Or a corporation, this is NOT something I prescribe. managing and dealing with a PC that only you would use is one thing, handling them for others is, well, another thing entirely. In those cases a good AV is required and keeping it up to date as well. (With the possible exception of Linux/BSD, where you still need to be aware of any problems that crop up in the software being used)

Personally I do not use a “On-demand” or background scanner. I do have tools such as MBAM and the like installed which I will run when I notice odd processes in task manager, svchost hogging resources, or general “odd” behaviour from my system. I’ve never felt it was worth the processing overhead; The task of AV scanning takes time, and having it occur on nearly every file access is a rather hefty price. And of course, even the best AV application isn’t going to catch everything, so you need to be cautious anyway, means that, for me, I’m actually safer when I don’t have an AV installed.

When I did have one installed (after a nasty Virut infection on Windows XP to keep me from reinfecting the system using existing executables on my data drive) I actually found that a lot of activity I found suspicious and thought “oh no, I’m reinfected” could be traced to the AV. While their purposes are far more noble and good, I’m sort of felt that AV software is sort of like “fighting fire with fire”; rather than a Virus or malware building a huge root system in your machine, the AV software does. That’s why they all seem to need special software to fully remove. That, and a lot of the systems I’ve fixed for others that they blamed on “Viruses” were in fact caused by the Anti-virus software they were using, which if you ask me is utterly unacceptable. (I’ll say I’ve only seen those issues with one or two “Free” offerings, Mcaffee, and older versions of Norton, though.

Basically, my “protection” amounts to healthy cynicism. Almost all malware infections these days are trojans. So few infect a system by way of things like exploits and “drive-by” stuff that it’s hardly worth the effort to waste time thinking about. More importantly, the first line of defense even for those is the same. After all, in order to download a trojan you need to trust a website, and in order to visit a web page, you need to trust the link. Typically, when dealing with an unfamiliar executable, I’ll just run it. (unless it has a blatantly suspicious name). I might run process explorer and keep track of what the program does as well to make sure there is no funny business. I usually have that running in the background anyway. If the program requests administrator permission- it doesn’t get it. Not at first. This has prevented a good lot of “infections” if you ask me, since you can’t well infect a machine without administrator permissions. Naturally, software installers do need those permissions so depending on the software I will allow. Or, if I’m in a forgiving mood I might just say yes and deal with whatever happens later. When I am infected, I usually catch on rather quickly and am able to either kill the malware processes, or, if they are the type where they autorespawn each other, suspend all the suspicious processes and kill them all at once. Visit regedit and delete the offending entries (generally in the Run key), reboot, and typically everything is back to the way it was. In 7-8 years I was only infected once, and since moving to Vista/7, I’ve had hardly any problems.

An important Note: Typically, “manual” Virus removal is not something that just anybody does. It really requires a intimate knowledge of how Windows software works, the PE file format, and of course a willingness to “get your hands dirty”. At the same time, it really is only an extension of what you should do even when you have a AV installed- keeping a system clean requires constant vigilance and you need to constantly be assessing what possible security repurcussions your actions could have. “Does this application REALLY need admin permissions?” type stuff. More importantly, a single screw-up can cost you dearly. This is NOT something I recommend. Heck I don’t even recommend it to myself. I just don’t like the “cloud” surrounding Windows being inherently insecure to the extent of requiring an AV to function, so I don’t use one.

BC’s tips for AV-free operation

Sometimes your applications will crash; this is pretty much inevitable. Sometimes you’ll need to run Task Manager for various reasons. While there, glance over the processes. Again, this requires a familiarity with the type and number of processes you would typically see running on your machine, so it’s useless unless you are familiar both with your operating system of choice as well as your “normal” software configuration. Things like rundll32.exe showing up in there out of nowhere will make me reach for Process Explorer, where I can determine the “threat” posed by that process.

As I type this, my desktop machine does in fact have a rundll32.exe process running. Which piqued my curiousity. You can use the “Select columns” menu in the view menu of Windows Task Manager to enable columns such as “command line” which can give additional information on the process. you can also use various features of Process Explorer for that same task, or further investigation of a suspicious process, such as examining it’s in-memory layout, stack frames, loaded Libraries, etc. in the case of this particular rundll32.exe, it turns out to be used to launch a function called “GameUXShim” in C:\Windows\System32′ gameux.dll, which according to it’s description, is “Games Explorer”. the parameters, and function name, passed make it clear this is designed to “Shim” an older game to work in the newer Windows 7 environment. Again, familiarity with the Windows System helps here, the compatibility settings provided by the windows shell itself pale in comparison to what is actually provided “under the hood” which involves a massive network of shims, compatibility hooks, and databases on the sorts of the two needed for various games and older applications that were, for lack of a better word, written badly. In this case, it seems to be for “Halo.exe” the executable for the popular Halo game, which I bought and never played hardly until yesterday where I played for 5 minutes and got stuck. Knowing that I played the game, and was no longer, I can safely terminate this process and know it wasn’t malicious, and is required for proper gameplay. Same for a variety of other older games I have. {Edit: As I discovered previously, this gameUX.dll mess was actually caused by something else}

Obviously, this isn’t for people that just want to “do work” on their computer; it’s more useful for people who want to learn about how it works, and I don’t purport it as being safe, or even really that smart. An AV solution is only as good as it’s user, which is a nice way of telling people “you keep getting infected because your stupid, not because your AV sucks”. Usually I can get them to understand.

More critical that what AV a person uses is learning how to use that AV software effectively. You can’t just install an AV and forget about it; they each have their own nuances and settings that you should configure to your unique usage scenario. Learning what causes their various “popups” to appear warning you about things and how severe they are is important, particularly since the way a lot of AV suites present their messages is using skinned messages and gaudy pop-ups with stupid images that depict “virus infections” or other images that are wholly unimportant. Installing an AV and blindly following it’s advice and getting all worked up because it says it quarantined something merely feeds the ignorance, it doesn’t absolve it. It just adds confusing terms. “Quarantine” for example, is just a silly term in a software environment. All it amounts it is a backup folder where the files are moved to. Why? Because AV software has false positives, so it moves it there so that if it turns out that “woops that wasn’t infected” it can be moved back. It’s sort of like the equivalent of a society where, if anybody is identified as “sick”, they are euthanised. (a bit harsh but that’s essentially the analogy as far as software goes). For “cleaning” and disinfecting files, basically at this point the analogy would be that they can cure your cold, but they will have to rip off all your limbs and cut off your ears. (the resulting program very rarely still works as it used to and you need to reinstall anyway). In such a scenario, false positives could be disasterous. Instead of just having a call to your house telling you that your test results were wrong and you don’t actually have the flu, the doctor would have to interrupt your funeral to say “oh, yeah turns out he wasn’t sick”, which usually means he is no longer invited to the reception. As such AV software does what might be done in such a scenario: instead of outright deleting/killing the victims, it moves them to a special holding area, where they are forgotten about and usually deleted anyway, but at least that way if the doctors/AV software balls’d up they can just release them back into society. This only outlines that AV software is far from perfect. using medical terminology like “quarantine” and “virus” and “heal” and “infection” only serves to confuse the issue, since it actually makes people think that the entire area of malware removal is a “profession” like your standard medicine on which the analogies are based. It’s not, certainly no where near the level of the field they have taken the terms from. At this point, Anti-Virus software as a “medical” field is about the equivalent of when we would drill holes in peoples heads to release their inner demons. That isn’t to say it’s useless, just that a lot of what it does is a tad drastic.

Posted By: BC_Programming
Last Edit: 21 Oct 2012 @ 12:02 AM

EmailPermalinkComments (0)
Tags: , , ,
Categories: Software
 20 Jun 2012 @ 2:56 AM 

First, a warning:

WARNING:Running programs under the LocalSystem account is dangerous! Only run programs that are built into the OS, and programs you trust. NEVER run a Browser under this account, or any similarly designed program. This should ONLY be used for trouble-shooting or cleaning up messes things like the Windows Update service leave behind!

Now that that is out of the way…

One of the nice things about later versions of windows is that you don’t automatically have full control over everything. Some people try to say this is bad, because it is their computer so they should be able to do what they want, but the point they are missing is that the changes to the default security settings is not to prevent them from doing things, but to prevent nasty programs from being able to do anything they want. By definition the settings for a user control more what the programs running under that account can do; and only serve to restrict the user themselves by virtue of them not really being able to do anything that a program cannot do. (If no program can delete a file, that user cannot delete it either).

Sometimes, however, this can get in the way. Stubborn files, for example, might refuse to be deleted. Usually, running a program as administrator clears this up, but sometimes even this doesn’t work.

In particular, a failed Windows update, or an update that doesn’t clean up properly, can leave a mess of files around. Usually these are weirdly named folders in the root of the system drive. A quick search for words like that via google reveals that this is not an uncommon problem. The problem is that nothing can delete these files- you cannot run as an administrator to delete them, tools like unlocker and deleter don’t work either. The cause is that the files weren’t even created by the administrator, but rather by the LocalSystem account under which Windows update runs. (this is required so that the update can update dll files and other files that are in-use, which usually will require a reboot for a myriad of reasons that I won’t get into). The files are supposed to be deleted afterwards- they are simply temporary files- but a unexpected power loss or an error could prevent proper cleanup of these files. But since they are owned by LocalSystem, nobody else can delete them.

So the question is- how the heck do we clean-up the files?

well, if the only way to delete them is to become LocalSystem- let’s try that. After some experimenting, one of the most reliable ways I found was to create a service. You can do this by starting a Elevated Command Prompt, and entering the following command:

This creates a new service called runcmd. the /K start is necessary because the service control manager expects services you run to be… well, services. cmd is not a service, so it won’t register itself with the SCM and this SCM will kill the process after a timeout. using /K start, we can force that first spawned cmd to instantly start another one, since killing the parent process does not kill child processes, that cmd remains alive.

Running it is simple. just enter this command:

On my System, this didn’t seem to do anything, but a few moments later I received a “Interactive Services” notification:

So, CMD was running. I switched to the Interactive desktop, and was greeted (after this weird switch thing) with this:

The Interactive Services desktop.

Success! cmd was running under the LocalSystem account. This is good way to clean up files left about by services. However, while I was able to get explorer running (start menu), I wasn’t able to get explorer running (file manager). So I cheated, opened notepad, and used it’s file dialog. This method could be used to delete odorious files that refuse to be deleted on other ways.

Obviously, this should only be used when needed and the applications you run should be kept to a minimum, and you surely shouldn’t run browsers this way!

Posted By: BC_Programming
Last Edit: 20 Jun 2012 @ 02:57 AM

EmailPermalinkComments (0)
 29 Nov 2010 @ 4:07 PM 

So I was bored and decided to update my Flash plugin, a chore that I recollect stopping in it’s tracks previously, for reasons I couldn’t recall. Main reason was that my flash plugin has been nearly constantly crashing on certain sites. Mostly due to the ubiquitous use of flash for advertisements, which seems to be one of the dominant uses of the technology.

So, I visit adobe.com and go to download the player. First, they try to shove a McAfee scan down my throat. You know the drill. They know we just want to get the hell away from them, so they decide to helpfully fill out the “default” options for us, which just so happen to correspond with the options one would need to choose to give them the most revenue.

So I finally manage to get past that brigade of crap, and then it asks to install software. fair enough- that is what I was doing.

Much to my chagrin, however, it isn’t installing flash, it wants to install Adobe DLM, DLM I assume stands for DownLoad manager, although it could very well stand for Dingo-Llama-Mammoth for all I care.

let’s analyze the sequence of events so far:

  1. I find that because of the shitty programming by Adobe their newest, most stable release of Flash, which I might point out isn’t even theirs and is just a sodomized and tortured version of what was at least a personable Macromedia Flash, it crashes nearly constantly doing routine tasks, like showing, I don’t know, pictures, as it’s designed to.
  2. So, I decide to go to the vendor page (although I would prefer not to) in order to see if an upgrade is available. I believe there is. So I click to download Adobe Flash player. Before I do this I have to uncheck the “agreement” on my part to have them perform rectal scans of my computer using an AV product that probably is rather familiar with the appearance of a rectum, since that’s it’s origin. Now, remember, when I clicked the button, it said I was downloading Flash Player. And then *poof* up comes the prompt screen asking me to download this entirely unrelated “download manager” which brings me to another point.

Every single fucking program I download wants to install a god damned download manager! how many bloody download managers do I need? Am I going to need a download manager manager to manage all the download managers that all manage only the specific downloads from that specific company? Is there something wrong with the concept of downloading a program, I don’t know, using the conventional browser method? You know, like any other sane person? No, Adobe has decided to decide for me. “We won’t install Flash like you wanted, but we will install a download manager that will consume resources indefinitely for this one-time installation of Flash. Then it will sit in the background and make sure your updated, because god forbid if your version get’s out of date!”

Which brings me to another rant, Versioning. I mean, I totally understand why you might want to have the latest version of an application- it fixes bugs, adds features, and so forth. and being notified, and even having the opportunity to update with a few clicks is very convenient. I have no beef with the concept.

What I disagree with is this whole “OMG if you aren’t updated to the latest version you will get haxored!” there are people who say this about every bloody program. It’s understandable for browsers, and for a number of browser-based/web-based technologies, as well as things like the .NET framework, and of course the core of windows itself. But, seriously, the main reason you update a program is to fix bugs and add features, and hope that the bugs and security concerns that a new version adds (And they always do, unless the change is extremely minor) don’t outweigh the benefit of having the known vulnerabilities and the existing bugs eliminated.

Additionally, this very mantra is proposed on applications that have little relevance to web technologies. I mean, Microsoft Word has been relatively unchanged since version 6, with of course downlevel changes (which I’m sure took a lot of effort, I’m not downplaying that) But the fact is the entire purpose of the program is to be a word processor. The fact that it now represents a bloody programming platform should be some indication that they might have sort of lost their focus on what the program is supposed to do. It’s supposed to make it easy to edit documents, not make it easy to program spam e-mail merge programs or even be a platform from which to launch your own applications.

I don’t mean to pick on Word or Microsoft by any means- this seems to be a problem with a global scale. It’s a complex with versioning. If somebody has a problem, and they don’t have the latest version, that is automatically the cause, and truly, this attitude, or more precisely, the logic behind me, continues to elude me. They don’t understand the various downlevel changes, and half the time the release notes and changelog for said program mention nothing even remotely relevant to the various issues the person might be having.

Going almost hand-in-hand with the “download manager” syndrome is the “background updater”. Each company seems to have it’s own. You’ve got the Adobe one, the one from, say, Google, Apple, and so forth. And every single one of them is sitting in the background making sure I’m “up to date”. The problem here is that they all have to same goal but they all have very different UIs and they all act entirely different and essentially have different paradigms. This is something where Linux has the right idea; the package manager can update any package you install through either the GUI package manager or through a apt-get command in the terminal. The thing is, the environment is different; Linux programmers have no problem submitting their updates and new packages to the essentially neutral repository folks. With Windows, the best solution, which is the integrate this all into Windows Update, is owned by MS, which many of the companies who would have their software in it are competing with, which seems a bit like a conflict of interest; who knows if MS will “accidentally” forget to update users of competing products?

Back to the various “update” managers, they don’t simply update the programs you already have from their company; they also inform you of “updates” to their other products. The Apple update software makes sure you know when a new version of Safari is available, even if you only have iTunes; Google’s updater makes sure that you’re fully aware of when a new version of Picasa is released. And so on.

In conclusion, suffice it to say that currently update and download managers are wholly unnecessary (especially with the latter) and a huge pain in the ass for everybody.

Posted By: BC_Programming
Last Edit: 18 Oct 2011 @ 09:11 AM

EmailPermalinkComments (0)

 Last 50 Posts
Change Theme...
  • Users » 42423
  • Posts/Pages » 353
  • Comments » 104
Change Theme...
  • VoidVoid « Default
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight


    No Child Pages.

Windows optimization tips

    No Child Pages.

BC’s Todo List

    No Child Pages.