Why there will be no XP doomsday.

Monday, April 7th, 2014

Right now the tech press is convinced that all instances of XP are suddenly going to become massive malware magnets that will end civilization as we know it.  I’m a teensy bit skeptical.  Its probably safe to assume that a good chunk of those computers already have malware and are part of some botnet already. Its commonly accepted that 1/3rd of all computers have a malware infection.   People using a 12-year old OS probably aren’t the ones deeply engaged in safe security practices and I’m guessing part of that 1/3rd.  In my IT career I’m often shocked at the condition of people’s home computers.  Occasionally someone will bring one in and it’ll be filled to the gills with malware, yet running an anti-virus.  The AV is usually either out of date because its commercial subscription expired or its running a free AV with poor hit detection like MSE.

Large corporations with XP installs are probably paying for continued security patches and engage in security policies like limiting user rights, updating software quickly, web/mail filtering, and running decent AV.  These machines aren’t at much risk, especially considering that when we look at malware distribution vectors, its often via a trojan like a fake flash installer or exploits via 3rd party software like Java or Adobe Reader.

We also keep hearing how 27% of all computers are running XP.  This is determined by web stats, yet most web bots show an XP derived user agent, so we really don’t know how trustworthy those numbers are.   Bot filtering is tough to do and if not caught can greatly inflate numbers.

So, what’s the worst case scenario here? Some 0-day that’ll take everything down. Possibly, but Conficker came out several months after the hole it used was patched, so we know that a lot of people aren’t even bothering to patch or are doing so on very slow schedules.  I’m not sure why a 0-day will be such a threat when a 284-day exploit works  just as well. The XP doomsday is already here and its been going on for 12 years.

My prediction is that nothing of note will happen. Maybe some computers will switch from being owned by one botnet to another.  Enterprise will continue to trudge along and migrate to 7 or even 8.1.  Per usual, the doomsayers are overplaying their hand for ad impressions.


Oculus and the Rift are (probably) dead.

Tuesday, March 25th, 2014

A few thoughts:

  1. A lot of investors and enthusiasts saw Sony’s Morpheus as a potential Rift killer. This sale to Facebook is leadership’s admission that they couldn’t compete against Sony alone. This doesn’t bode well, especially with MS and Valve possibly getting into the VR game. This tells me that the Rift product simply wasn’t competitive, or could not be made competitive with a fast enough schedule. I’m not sure how else you could interpret a sale like this. Why should I buy a $399 Rift that needs a $1200 gaming PC, when I can just pick up a $250  Morpheus for the cheap PS4 I already own?
  2. Loyalty lost is rarely regained. Now they’ll have to work twice as hard to remain credible in the industry, even if absolutely nothing changes. Remember how OLPC went from our technical darling to a completely dismissed near-crackpot idea? Or look at how Miguel de Icaza was treated for working with MS on Mono.
  3. Carmack and the rest couldn’t nail the real technical hurdles. Motion sickness is still an issue and adding cameras pointing to the rift was clearly a half-assed measure for motion tracking. Everything about the 2nd Developer Kit was a rush job. Sure its better, but just not good enough. Limiting its exposure to a limited number of reviewers was a careful PR ploy to make sure it only got positive press.
  4. Oculus has done nothing in the realm of controls. What use is VR if I can’t naturally use my hands? At least MS potentially solves this with the Kinect. WASD or game controllers isn’t a solution. What is the typical use case here that gamers expected? Its not revolutionary if I have to lug around a keyboard and a mouse. I don’t drive my car with a bridle. This isn’t VR. Its a screen strapped to my face.
  5. Price. Zuckerberg can make it affordable by filling it with ads, but who wants an ad laden VR headset? Sony can subsidize Morpheus with PS4 game licensing and other tricks. So can MS. Valve has the credibility, store, and audience to sell a $399 device. Did Oculus? Maybe once, but certainly not now.
  6. Games. What’s the Rift’s killer app? No one knows, because it doesn’t exist. We didn’t have enough time to figure it out. Now forcing it into an early 2000’s web-based social model guarantees we won’t find its killer app. Who is going to invest millions in software development to have Zuck say “no” and close you out of his walled garden?
  7. Notch’s pull-out of Minecraft for the Rift hurts. Carmack’s unusually quiet twitter today hurts as well. Its clear this was a sale of shame. A quick cash out for a product that probably wasn’t going anywhere and simply couldn’t fulfill fan and investor expectations.
  8. Facebook’s hardware  and mobile attempts thus far have been failures. Why should this succeed? Especially when they just lost all their hard earned community goodwill. Remember the Facebook phone and Facebook home?  Or how their Android app keeps getting rewritten because apparently writing a decent social app is beyond the power of this $100b company.

Let’s face facts. We all went crazy for VR and projected a lot of unrealistic scenarios here.  I got caught up in the hysteria as well.  Suddenly the metaverse was a 2014 xmas release away. The reality is that we needed at least another generation before we could sell it to consumers and we needed some kind of workable and standardized finger, head, and hand tracking before we could write that killer app.

The Oculus guys saw the writing on the wall, put up a great sales pitch, and sold out. Facebook will do something with it, but, no we won’t play AAA games or visit the metaverse with it. So, what now? Wait for Sony or MS or Valve? Probably. A hacker friendly open-ish VR headset just isn’t going to happen, at least not on this level. Maybe this is all for the best. I’d rather wait 12-24 months for a polished Valve or Sony VR headset under the aegis of a gaming company than the half-cooked product Carmack and Palmer were selling. I hope they enjoy their millions and that they share some of it with their loyal kickstarter investors.  We unrealistic dreamers will simply learn to be patient and try not to get fooled again.

2012 had a 25% return rate

Friday, January 4th, 2013

I was just discussing with a colleague my return rate for last year. For whatever reason it was high. Crazy high.

I typically buy HP servers and switches and Lenovo desktops and laptops. Typical mid-range stuff for medium sized business. I’m looking at an easy 15-20% infant or near infant (within days) mortality rate.  Items just ship with bad drives or bad boards.  Stuff that’s easily QA’d.  That’s about 20% right there.  Then I have a good 5%  mortality rate within 6-8 months. If it survives 8 months its probably going to survive 3 years.  Just today I had to pull a little netgear 4 port switch because it was locking up. That thing lasted 7 months. Its not worth my time to do a RMA so I just used another one I had laying around.

Last week HP sent me a server with a bad RAID card. Any trivial testing would have determined this.

So what do I do now?

1. Everything has a burn in period, not just servers but laptops and desktops. Catching that near infant mortality rate is really important. So I run whatever equipment for a week 24/7 to catch this.  There’s nothing worse than spending hours on a config and then losing it because that item was on its last legs.  No, I don’t have a backup of the image of the computer I haven’t even finished.

2. All drives are suspect. I’ll run some extra diagnostics hoping to catch something, but frankly its almost impossible to tell if a disk is going to die tomorrow. Sometimes you luck out by seeing a lot of bad blocks suddenly or get some SMART data warnings, but usually you don’t.

3. I buy only Rev As. If that server or desktop model just came out, I’ll pass for a few months. By then there’s either a hardware rev A or a BIOS or some other critical update that didn’t ship when it was new.

4. I’ll ask around before I buy.  Other admins and even my CDW guy will tell me return rates, but returns via the vendor isn’t the same thing as warranty repairs and no one is sharing that information.

I have no idea what’s happening in the manufacturing world, but a 25% return rate is ridiculous. In my personal life, I’m closer to 40%, but that includes returning things I didn’t like for reasons that aren’t necessarily hardware faults, like an a wifi router for its poor range.  But its not all that. I think I’ve returned 1/3rd of the video cards I’ve bought because they’re DOA. I got two bad power supplies in a row recently while building myself a new rig. It ain’t pretty out there, no one seems to care, and the problem only seems to be getting worse.  Hopefully, 2013 will be better for QA and 2012 was an quality anomaly. HP you don’t really hate me, do you?

What I want for Xmas

Thursday, December 15th, 2011

Dear Santa,

All I want for Christmas is for every browser to do this when I’m typing into a hidden field with caps lock on:

This simple feature would save countless support calls and account lockouts, and if I got this I would forgive you for not getting me all the Constructicons when I was 11, you stingy old elf. Jokes on you Santa, now that I’m an adult I can just visit ebay for all my nostalgia driven splurging.

Rebooting Server 2008

Thursday, December 15th, 2011

I sometimes need to manually reboot win 2008 server.  Not a big deal but this damn prompt stops me every. single. time.

Hey Microsoft, didn’t you guys see me hit Restart a second ago? You’re making me hit cancel and go back to make sure I didn’t accidentally hit Shutdown instead of Restart. Really guys? Who signs off on this stuff? Oh right, you’re a software monopoly. You can do things like this without suffering consequences.

I’ll spare you guys my angry rant on the server 2008 backup utility. Microsoft knows it done bad.

10 Year Old Bug

Wednesday, December 7th, 2011

Really Microsoft, we’re still doing this?

I remember my start menu going blank back when I was working with Windows 2000. Come on guys, its almost 2012 and we’re still doing this?

This is also why I can’t take futuristic sci-fi seriously. I want to believe we’ll all be doing this soon, but I know we’ll have to deal with crap like 10 year old bugs too.


Tuesday, December 6th, 2011

This is why you shouldn’t buy Netgear switches. Ever. The guy I replaced fashioned himself something of a bargain hunter and I’ve been living with his mistakes for years. Half the reviews at Newegg are one star. So, the reviewers are people its failed for early on and those who are in store for a big surprise. Oh, not to mention 2 or 3 port failures per switch. Most of which happened in under a year.

This is what I saw last night when my network started going crazy at around 11pm.

That’s right, it has a negative 8 day uptime. This was right before its final boot.  Nothing like coming in at midnight to replace a failed switch, which somehow took out the network card in one of your file servers.  The only thing it could have done worse was catch on fire. Didn’t even last 3 years.  My backup switches are 8 year old 100mbps Cisco’s that are rock solid and will probably outlive me.

If you’re a newbie admin, do me a favor and SPEND THE MONEY. The future you and your replacement will thank you. Ain’t not bargains in IT, kids. You get what you pay for. Oh, if you ever buy a used server you might as well start thinking about switching careers right now.

The really sad part of this tale is that these things are about the same price (maybe $100 less) as  the 1810 series HP Procurve series, which tend to be rock-solid, except for the occasional firmware bug.

There, I fixed it.

Saturday, December 3rd, 2011

Really city of Chicago, this is how we’re fixing things now?  This is the new shining beacon of our city? How did we go from this and this to that?!

Man, those are the wires that carry my internet! You just can’t staple them back onto a different utility pole.  I know this whole Rube Goldberg-ish mess is going to go down in the middle of a Serious Business™ VPN session one day. Mark my words, Rahm!

Seriously, this is kinda pathetic. Its like we’re slowly entering a Fallout 3 type world. It happens in stages, people. This is stage 6 out of 100. Maybe step 8 or 9. At the very least, we’ll be hunting children and eating stray radioactive dogs in a post-apocalyptic hell that’ll make ‘The Road’ look like ‘Willy Wonka’ sooner than later.

PSR is useful and evil

Friday, December 2nd, 2011

Ever need someone to tell you exactly what they did to reproduce a bug? Yeah, I know, those who need a tool to tell us these things are the most likely to never use one. But on the off chance you need to send step by step instructions (or receive them, right…) and you have Windows 7, then you already have a neat tool for this called Problem Steps Recorder. Type “psr” into start and off you go. It takes screenshots,  logs your activities, and formats it all into an IE-only mht  file.  Here’s the output after clicking on a Zune window.  Yes, I said Zune; it was on sale like 6 years ago and it still runs like a champ. Ugly but tough like it was designed by some parallel dimension Soviet engineers.

and here’s the text output:

Recording Session: 12/2/2011 7:13:47 PM - 7:14:05 PM
Problem Steps: 11, Missed Steps: 0, Other Errors: 0
Operating System: 7601.17640.x86fre.win7sp1_gdr.110622-1506
Problem Step 1: User left click in "Zune"
Program: Microsoft Zune, 4.8.2345.0 (ZUNE_DORADO_V4.8_RTM.110805-1156), 
Microsoft Corporation, ZUNE.EXE, ZUNE.EXE
UI Elements: Zune, UIX Render Window

The psr command line switches are kind of fun too:

/start            :Start Recording. (Outputpath flag SHOULD be specified)
/stop            :Stop Recording.
/sc            :Capture screenshots for recorded steps.
/maxsc            :Maximum number of recent screen captures.
/maxlogsize        :Maximum log file size (in MB) before wrapping occurs.
/gui            : Display control GUI.
/arcetl            :Include raw ETW file in archive output.
/arcxml            :Include MHT file in archive output.
/recordpid        :Record all actions associated with given PID.
/sketch            :Sketch UI if no screenshot was saved.
/slides            :Create slide show HTML pages.
/output            :Store output of record session in given path.
/stopevent        :Event to signal after output files are generated.

What’s this? You can disable the GUI and copy the output in a network folder? Hmm, I bet you can use a little psexec magic and remotely start it on the machines of users you want to monitor. Sounds like we have us a nice little spy tool here!

psexec \\evilcoworker C:\Windows\System32\psr.exe 
/start /gui 0 /output \\server\share\file.zip

Ah, now we’re speaking my language! After an hour or two send a /stop and enjoy your petty little spying, you misanthropic weirdos.

Oh Microsoft, even when you make a decent tool, it becomes trivially easy to use for evil purposes. This is why I still like you, MS. You just can’t shake off the evil regardless of how hard you try.

HP Procrap 2510G

Friday, December 2nd, 2011

Yay! New switch day. I picked up a few Procurve 2510G-48’s.  They’ve been sitting around for a while but I finally made time to install them.  I noticed they were on an older firmware so I upgraded them to  Y_11_16, the newest firmware available on HP’s site. Everything went fine, so I went back into the web manager and got this:

That’s right a live fucking crash bug posted on HP’s site. Gee, I can’t imagine why HP isn’t doing well financially. If you google 2501g and Y_11_16 you’ll see others with the exact same problem. Really HP? Really? A crash bug on an enterprise-level switch posted to your site with no update in over a year? Nice, guys. I kicked you out of my desktops/laptop arena and it looks like you’re asking to be kicked out of my server room as well.

Luckily, telnet still works. Yes, telnet. For some reason HP doesn’t enable SSH by default.  Its like the 1980’s in here!  So a short:

boot system flash secondary

and I’m back to running a firmware from 2009 that I will never attempt to upgrade. Thanks HP. If I was still in my return period, this junk would be going back. Bonus, note the dreaded blue LED on the left-hand side.