SUBSYSTEM

How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Dave Farquhar security , , , , , , ,

Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the issue in the meantime.

The biggest threat, by far, is exploit-bearing fonts being downloaded from web sites. Ideally you only install trusted fonts from trusted sources locally on your workstations, right? If not, I suggest you start that practice as well.

You have a couple of options when it comes to blocking fonts in browsers.

Read more

The world’s fastest budget PC

Dave Farquhar Hardware , , , , , , , , , , , , , , , ,

So, a relative’s PC was getting a bit aged, and runs Windows XP, barely, so I talked them into an upgrade. I noticed that Micro Center had HP/Compaq DC5700s for $99. They were standard issue office PCs a few years ago, and there are a lot of them in the refurb channel. We went and got one over the weekend.

“What are you going to do with that?” the sales rep asked. “We only use them as cash registers.”

“Word processing,” I said.

“You sure you want to run Windows 7 on an 8-year-old PC?”

“I wrote the book on running Windows on older PCs. Literally. It’ll be fine.”

I hate calling rank like that, but sometimes it’s what you have to do.

And really, for $99, it’s awfully good. Web browsing is plenty fast, Libre Office runs fine on it, and think about it. Windows 7 retails for $100-$109. So it’s like getting the hardware for free. Or Windows for free, however you want to look at it.

Read more

Yes, SSDs are “finally worth the money.”

Dave Farquhar Hardware , , , , , ,

Slashdot asked today if SSDs are “finally worth the money.”

I’m wondering since when they haven’t been. I’ve been buying SSDs since 2008. And their price has been falling at a rate faster than hard drives did, historically. Read more

Stress test computer hardware with Prime95

Dave Farquhar Hardware , , , , , ,

Let’s say you’ve just bought a used PC with a short (typically less than 2 weeks) warranty. Or a new PC that’s not the brand you know and trust. Maybe you’ve built a new PC and you want to make sure it’s going to hold up before you start using it every day. Or you have a new server, and you want to make sure it’s going to hold up under heavy loads. What should you do to stress test computer hardware (or burn in computer hardware) like that?

Do what overclockers do.

Read more

Contingency. Or how I escaped from Windows 0.7

Dave Farquhar Uncategorized , , , , , , , ,

I thought I traced my Windows 0.7 printing problem to the presence of a USB bluetooth adapter, but it turned out that was wrong. My wife called about mid-day to say the machine wasn’t printing anymore.

Fortunately, I’d never gotten around to downgrading my netbook from Windows XP to Windows 0.7. It saved the day.

Read more

The effect of registry optimizers on a run-of-the-mill PC

Dave Farquhar Windows , ,

So I had a chance to try a registry optimizer out on a typical PC. It’s a 2.7 GHz Celeron, made by HP, restored with the factory restore discs. So it was as pristine as any consumer HP PC ships from the factory.

It helped. You’d think the opposite, of course.I used NTregopt. There’s no point in paying for a registry optimizer.

It ran for what seemed like a very long time, and it trimmed about 11% off the size of the registry. Not a lot, but this was a fresh PC (supposedly). More importantly, after running it, boot time decreased by a good 20 seconds, and once it booted, I had a wee bit more memory available.

I also ran JK-Defrag on it. What it found wasn’t horrible, and it only took about 15 minutes to clean it up.

So the stock HP computer runs more nicely now. And if one were to remove all the HP crapware that comes with it (remember, it’s only crapware if you won’t use it), that will help, but doing a registry optimization and a quality defrag will help even more. Not quite as much as a fresh Windows install slipstreamed with the current service pack and all patches, but for most people, close enough.

Utility programs are no substitute for adequate system memory and a respectable graphics subsystem. That’s probably why people who build new PCs twice a year don’t think much of them. But for the rest of us, utility programs in skilled hands can squeeze more life out of an aging PC. I’d be willing to submit the six-year-old Compaq I’m using to type this as Exhibit A.

Fixing choppy audio in Windows XP SP2

Dave Farquhar Windows , , , , ,

So I’m sitting at this 2 GHz PC with 2 GB of RAM and a reasonably fast video card, and the audio in Railroad Tycoon 3 skips and sounds a little bit distorted.

It’s maddening when the game played fine on 400 MHz systems. I did some digging, and bad audio seems to be a common problem in XP SP2, but solutions are rare.I’ll cut to the chase: A little-known hotfix, KB920872, fixed the problem for me. This isn’t the specific problem this hotfix addresses, but since it does affect the audio subsystem, I figured it couldn’t hurt.

It worked for me when all of the conventional fixes didn’t, and I haven’t seen this hotfix mentioned anywhere. So if your new computer can’t play MP3s or stream online video or audio as well as a Pentium-166 running Windows 98, try the hotfix.

The usual advice is to update or reinstall your sound drivers, and if possible, to use drivers from the manufacturer of the computer or of the sound board, rather than drivers that Microsoft provides.

In my case, I already had the newest manufacturer-supplied drivers, so that didn’t help. Utilizing the newest drivers from the manufacturer is usually a very good idea anyway, of course.

Another piece of advice was to install Windows and all the service packs and hotfixes before installing drivers and software. That’s a good practice–and I like to use something like nlite to slipstream all of those updates so the system doesn’t accumulate too much cruft. But I didn’t want to rebuild this system, partly because the vendor didn’t provide an XP CD or installation files on the hard drive, only a certificate of authenticity. (Doesn’t it stink when you have to pirate software you already legally own?) So that wasn’t a very practical option in this case.

Another suggestion I’ve seen is to go into the control panel and either increase or decrease the sound acceleration. I don’t like this option; you always want to use whatever hardware acceleration you can. You paid extra for it, after all.

Using discrete hardware as opposed to built-in sound doesn’t make a difference. I was using onboard, but I found people using Creative’s highest-end cards experiencing the same problem, which must have been maddening.

Finally, I found some people saying they had the problem go away when they upgraded to Vista. I don’t like that option either, because I found just as many people saying their audio skips in Vista but worked fine under XP SP2.

And no, I don’t know how to fix skipping audio in Vista. I haven’t seen it yet and have no plans to mess with it. Maybe in five years. Maybe.

So now I just have to figure out how to get XP SP2 to get along with my Firewire card. It seems to be a common problem.

Stand by your SCSI.

Dave Farquhar Hardware , , ,

The Storage Review recently ran a feature on the Seagate Barracuda 36 series, Seagate’s current economy-class SCSI drive. Like many low-end Seagate SCSI drives of the past, it is a converted ATA/IDE design. And Storage Review eats these kinds of units up, because theoretically they provide a nice way to demonstrate the difference between IDE and SCSI.
The result? The SCSI unit was actually slower than its IDE brethren in some of the tests.

The conclusion? SCSI isn’t necessarily faster than IDE.

That’s partially right. Taking the same drive mechanism and replacing the IDE circuitry with SCSI circuitry won’t result in a rockin’-fast drive. SCSI does have more overhead than IDE, so without some other changes, the drive won’t be an impressive performer.

The thing is, people don’t buy expensive SCSI controllers and then put retreaded IDE drives on them. Or at least they shouldn’t. The Barracuda 36 series is intended for people replacing SCSI drives in older equipment. Since the drive will frequently be replacing a five-year-old drive (or older), it doesn’t have to be a screamer. Anything made today will be faster than anything you can find from the mid-90s.

SCSI gives other advantages over IDE. First, with a modern host adapter (don’t call it a controller; you’ll get dirty looks) you can connect 14 devices and only use one interrupt. On today’s crowded PCs that try to be everything to everyone, that can be a real boon. Second, you have far fewer limitations over cable length. Don’t buy an IDE cable longer than 18 inches; you’re just asking for trouble. I know, I know, some of you have 36-inch IDE cables and they work fine. Trust me: Replace it with a shorty, and you’ll get fewer data errors, which means a more reliable system at the very least, and possibly a faster system as well due to fewer retransmissions. With SCSI, you can actually use the top bays in that five-foot-tall megatower you bought. Third, you can get external SCSI devices, in the event that you made the mistake of not buying that five-foot-tall megatower, or if you just like portability. This is less of a factor in these days of Firewire and USB 2.0, but it’s still a nicety you don’t get with IDE. Fourth and most importantly, SCSI devices sharing the same bus can talk at the same time. When you put two IDE drives on the same channel, one drive has to wait for the other to shut up before it can speak its peace. This limits the advantage of having multiple drives. With multiple SCSI drives, you can actually saturate all that bandwidth you paid for.

The fifth advantage of may soon fade: command queuing. SCSI drives don’t have to perform requests in the order received. If you’re constantly accessing two files at once, reading one, then writing to the other, in alternating fashion, the IDE drive will be jumping all over the place. The SCSI drive will figure out how to reorder those requests so it doesn’t have to jump around as much. IBM’s recent Deskstar drives can do command queuing as well, provided the operating system supports that mode of operation. But it’s not a common feature in IDE drives yet. This advantage usually won’t show up in benchmarks, but it’s significant. SCSI drives, to use a popular middle-management buzzword, work smarter. If you’ve got a Windows 2000 or XP system with a SCSI drive in it, try using the system while defragmenting the drive. The system will be slower, but not unusable. That’s never true of an IDE drive.

And the sixth advantage of SCSI doesn’t really have much to do with SCSI. With SCSI, you get cutting-edge technologies first. You can’t buy a 15K RPM IDE drive. You can’t even buy a 10K RPM IDE drive. There’s only one IDE drive on the market with an 8-meg cache on it. Caches that size are commonplace on contemporary SCSI drives, and the gargantuan Seagate Barracuda 180 has a 16-meg cache. It also costs as much as a nice computer all by itself, so it’s not exactly a consumer-class drive, but it’s available if you’ve got more money than patience.

Benchmarks are deceiving. Some changes will double the benchmark scores, but a user won’t tell much difference. Other changes barely register, but the user notices them. SCSI is one of those, especially if you multitask a lot.

It’s true that there’s no point in spending $400-$500 for a disk subsystem in a PC you use for word processing and e-mail. You’ll notice a difference, but it’s not worth the extra cost. Although if you’re buying a used system and have a choice between a system with IDE disks and SCSI disks, you should get the SCSI system, even if it means ponying up another 50 bucks. You’ll thank yourself for it.

As for me, I love my SCSI systems with 10K RPM drives in them. They’re wicked fast, and no louder than the IDE drives of four or five years ago. (I don’t have a current IDE drive to compare them to.) I can let my e-mail inbox fill up with thousands of messages without it dragging beyond belief, and my non-Adobe applications load in less than three seconds. Most of them load in less than a second. The drives themselves are small and expensive, but you’re buying performance, not capacity. I can’t fill up a 9-gig drive with applications anyway. Neither can most people.

So no, SCSI isn’t a magic silver bullet. But that doesn’t mean it’s not worth having.

How the other half lives

Dave Farquhar Human Interest , ,

Steve DeLassus e-mailed me with a computer question. I think he just wanted someone to confirm whether his reaction was right. And it really got me thinking hard.
Friday night after work, I drove up to north St. Louis to help out an acquaintance with a computer problem. For those of you not familiar with St. Louis, north St. Louis ain’t Beverly Hills. It’s not East St. Louis, but I’ll just say this and move on. In my neighborhood, it’s very rare to find a house for $165,000. If you do, it’ll be a one-story. If it has any kind of a yard, it’ll be a two-bedroom house. If it doesn’t have much yard, it’ll be a three-bedroom. In north St. Louis, for $165,000 you can buy an entire city block.

I went up there to install a USB card in her system so she could use her new multifunction printer. She’s a teacher, and she’s taking correspondence courses to get her doctorate, so she needs to be able to send and receive faxes.

The computer is an old Cyrix. I didn’t pay much attention to the clock speed. It runs Windows 98, which means she bought it in 1997 or 1998. It’s adequate for what she does, which is mostly word processing. She told me flat out that the chair I was sitting on cost her $10 at a nearby second-hand store. That’s where she gets all her furniture, she said. She obviously has a good eye, because her stuff matches pretty well. Her desk was $35 in a package deal. She bought it off someone who was moving.

I didn’t really feel sorry for her. I admired her, in reality. Spending her money wisely like that, she won’t have to shop like that much longer unless she chooses to. She may choose to. She may choose to teach in an area that won’t pay her enough to ever afford anything else. But she’ll be doing it for the reward of knowing she’s doing something to make a difference.

I installed the card and left the case open in case anything went wrong. I booted the system, then Windows found the card and dutifully loaded a driver for it. Then I plugged in the printer. It recognized the printer and asked for a driver. I fed it a driver and printed a test page. It worked fine. I was happy.

I closed the case back up. I booted up again and configured the device’s fax subsystem. She told me she paid $1,000 for this computer (complete) at a time when the best price she could find on anything in a store was $1,500. She was glad you can get something now for $799. She wasn’t angry or bitter about it; she was happy that the people buying a computer today didn’t have to stretch their budgets as much as she had to.

I told her that even if a person had as little as $200 to spend, they can get something these days. It’ll be used, but it’ll be something. She was glad to hear it. Even in America, where everybody’s supposedly rich, there are people who can’t afford anything more than a $200 computer.

I remember now when I was in Farmington, New Mexico, back in 1999 or 2000. I went in to a used computer store down there, and in addition to new systems, they also were selling used systems. I saw a 386SX powered on in a corner, running DOS. It had 4 megs of RAM and a 40-meg hard drive. The price on it was $100. Of course, a faster 386 or a 486 cost a bit more. I saw someone buy one while I was there. I was shocked, because in south St. Louis–most of St. Louis, for that matter–you couldn’t give those kinds of computers away, let alone get somone to give you a hundred bucks for it.

Meanwhile I listen to spoiled yuppies complaining about how anything less than 1 GHz isn’t a real computer.

It makes me sick.

Microsoft’s temper tantrum

Dave Farquhar General , , , , , , , , , ,

Microsoft is throwing a temper tantrum that if the states’ current proposal goes through, the company will be forced to withdraw Windows from the market.
Pay no attention, move along, there’s nothing to see here.

Remember, this is the company that didn’t sign an agreement with IBM for a Windows 95 OEM license until the day it was launched. At one point during the negotiations, Microsoft told IBM it could buy it at retail. As hard as it might be to remember now, at the time, IBM was still one of the top 5 players in the U.S. PC retail market.

This is a company that plays hardball. It says unreasonable things to get its way. And it’s used to getting its way. And even when it doesn’t get its way, it still says stupid things. Remember, in 1994 Steve Ballmer said a court’s decision against Microsoft in Stac’s favor would be reversed as soon as they found a judge with actual brains.

Reality check: Microsoft can very easily comply with the states’ demands. Or reach a compromise that will benefit everybody. Once upon a time, long long ago, when you installed Windows, you could tell it what you wanted. If you didn’t have any use for Calculator, you could click a little checkbox next to it, Windows wouldn’t install it, and you’d save about 200K of disk space. Hey, back when people were trying to run Windows on 40-meg hard drives, it was nice to have that ability. Or, if you already had a third-party calculator app that put Microsoft’s to shame and thus had no need for the one that came with Windows, you didn’t have to install it.

The same was true of DriveSpace and all the other bundled stuff. I mean, let’s get serious here: Is there any reason whatsoever to install Space Cadet Pinball on your domain controller?

But with Windows 95, Microsoft started to get unreasonable. Yes, you could uncheck that little box next to MSN, but when you did it, Windows didn’t actually seem to do anything. Regardless of whether you checked that box, when Windows was finished, you had an MSN icon on your desktop. If AOL continued to exist, Microsoft’s very existence was threatened. In order for Microsoft to survive, AOL had to die. So you got MSN whether you used it or not. (Some idiot with a journalism degree figured out how to remove it a couple of years later.)

With Windows 95B, things got more sinister. Netscape replaced AOL as the imminent threat to Microsoft’s very survival, so you got Internet Explorer whether you wanted it or not. This time, Microsoft didn’t even bother putting in a checkbox for Windows to ignore. You just got it. With Windows 95 OSR2.1 and 98, Internet Explorer became increasingly more entrenched.

Once it was evident that AOL would never die and Netscape would never rise again, RealPlayer and QuickTime became threats to Microsoft’s existence. So, with Windows 98, we got Microsoft Media Player, whether we wanted it or not. Never mind that the basic Real and QuickTime players are free and both companies would have loved for Microsoft to deliver them with Windows and it would have saved the company development costs.

Microsoft could go a long, long way towards appeasing the states if they’d just put in little checkboxes that let you decide whether Internet Explorer or MediaPlayer was installed, just like Calculator. There’s no need for 8,000 different versions of Windows, like Steve “The Embalmer” Ballmer wants people to believe. Let the consumer decide what pieces he or she wants. Does a deaf person need MediaPlayer? It’s questionable. Does a file server really need Internet Explorer? Absolutely not.

And while there are magazines and book authors who want you to believe otherwise, thousands of people have removed Internet Explorer from Windows. And guess what? The sun didn’t quit rising. The world failed to fall apart. The stock market didn’t crash. Their computers didn’t fall over. The applications they needed to run still ran. In fact, the applications ran better once they got the unnecessary machinery gone. Imagine that, a basic engineering principle applying to computers!

Microsoft execs have complained about a double standard, because Apple, IBM, and Be all shipped Web browsers with their OSs. Of course, there was a big difference. In the case of MacOS, BeOS, and OS/2, you could tell the OS not to install the browser, and it didn’t do it. The same for their other components. In the case of OS/2, you could even remove the entire Windows subsystem. You lost the ability to run Windows 3.1 programs, but you gained speed and stability. I knew people who did that. I’ve done minimalist Mac OS installations that took up less than 20 megs and were completely useless because they lacked the drivers needed to install other software. But if I want to be stupid enough to install a completely crippled OS that can’t do anything besides boot a computer and let me look at its empty hard drive, Apple’s not going to stop me.

The overwhelming majority of people will just leave things alone. But the people who like to get into the nuts and botls of things want (and deserve) the opportunity to change how their computers work. They want Microsoft to fight its battles in the marketplace, not in the memory and CPUs of their computers. I don’t blame them in the least. Of course, I’m spoiled. IBM and Commodore let me have it my way, back when I was buying my operating systems from them.

So, Microsoft has a history of threats, and a history of following through with them, even when the reasoning behind them is totally ludicrous. But in the case of IBM, they ultimately budged, albeit 45 minutes into the 11th hour, and they didn’t budge much. But you don’t just shut out the #3 or #4 PC maker in the country. At the time, Microsoft still needed IBM, and IBM needed Microsoft, as much as both companies hated to admit it.

This is no different. Microsoft can’t just pull Windows off the market. Windows is still its main source of revenue, and Windows runs on more than 90 percent of the computers on the market. Microsoft isn’t going to just give that away. Sure, they make some Mac products, but the Mac is 5 percent of the market on a good day. The cheapest and easiest replacement for Windows, in the unlikely event Microsoft pulled out, is Linux, where Microsoft is a non-player. Microsoft could still sell Windows software to the existing installed base. But it’s ludicrous. Pulling Windows off the market is corporate suicide.

I really don’t think Microsoft would have made IBM buy its copies of Windows 95 at retail. Not everyone remembers it now, but there was some resistance to Windows 95 initially, and a company the size of IBM not shipping Windows 95 on its new computers would have given way to much credence to the naysayers. Microsoft was counting on Windows 95 being big, and it wasn’t going to take any chances. It had spent way too much money on research, development, and hype. Microsoft made that threat to see just how far IBM would go. And that’s what Microsoft is doing now. It’s trying to see how much the states are going to budge.

And that’s all there is to Ballmer’s rhetoric. Nothing more. And nothing less.