Category: Disclosure

Technical Explainations, Tutorials, ShortCuts, and Reveals.

iPhone TOS Rebuttal

I held off my iPhone purchase because of an article exposing the evils of the terms of service. However, those have been adequately rebutted, that I now own an iPhone.

One of the big things holding me back from buying an iPhone in the first place, aside from lack of SSH (which was soon resolved), was an article about the hidden evils in the Terms of Service contract.

Well, not sure about whether to take things at face value or not, I bounced my concern off my friend Phil, who’s extremely knowledgeable about telecommunications.

He wrote me back a wonderful point-by-point analysis, which swayed my decision. Feeling that other people might benefit as well, I sought permission from him to reprint it here.

iPhone Requires a 2-Year Contract with AT&T.
1. True; they make the 2-year contract requirement pretty clear. This isn’t a great thing but it’s pretty standard in the U.S. when you buy a phone.

Expensive: Requires $2,280, Over $1,730 in Wireless Costs.
2. Also true, though he overstates the price. The service plan runs about $60/month ($40 voice, $20 data); if that’s too expensive, the iPhone is probably a bad idea. That’s still less costly than a Blackberry or Treo (both about $80/month when you turn on the features needed).

Double Billing. You and the Caller Both Get Charged for the Same Call.
3. True, but not unique to the iPhone. Every cellular carrier in the United States save for a few Nextel plans will charge airtime on both incoming and outgoing calls. If you call another wireless phone user, I suppose you could call that double-billing (though if that other user is on the same carrier [ATT], the airtime rate is the princely sum of zero cents per minute).

All Use of the Networks Are Always Rounded Up to the Nearest Kilobyte or Minute.
4. Standard practice for the wireless industry. The per-kilobyte complaint is pretty funny, though, since the charge per kilobyte for domestic data usage is zero cents per kilobyte.

Customers Are Billed for “Network Errors” and “Network Overhead”.
5. I have no idea what he’s talking about, but it makes no sense.

Billed Even Though the Call Doesn’t Go Through.
6. Basically untrue. Billing in a wireless system begins when the call is answered, though the timer starts when the call is initiated. In other words, if a call rings for fifteen seconds and then is answered, the clock begins at 15 seconds and counts up from there.

Bogus Fees Added to the Bill: Regulatory Cost Recovery Charge
7. While I agree that regulatory recovery fees are basically bogus padding, I challenge him to find a wireless (or, for that matter, conventional wireline) carrier that doesn’t do this.

$175.00 Termination Fee.
8. The early termination fee is pretty well standard throughout the industry. There are certain circumstances where you can avoid paying it (for example, if they raise rates during your contract term).

International Messages Are Charged Additional Fees as Are Files Over 300Kbps.
9. International text messaging (i.e. SMS) costs extra on every cellular carrier I’m aware of. The picture/video messaging charging he complains about isn’t even relevant to the iPhone. And the “additional fee” for large messages that he talks about is irrelevant to the iPhone. My phone communicates directly with my IMAP server over SSL; there’s no way that ATT can tell how large a message is, let alone bill me for those messages over 300K.

Over Your Quota: Get Gouged: 40¢ Per Minute and 69¢ Roaming Offnet.
10. Once again, he’s whining about something that’s absolutely standard in the industry: if you go over your bucket of minutes, you pay a pretty high rate. He conveniently neglects to mention that UNUSED minutes from your plan roll forward into the next month and can be used to offset high usage up to a year later. If that’s not enough, just call and switch to a higher plan and ask them to make it retroactive to your previous month’s usage.

The Services Are Not Secure and Can’t Block Your Phone Number.
11. “Not secure” is a leftover from the days of ANALOG cell phones, which could be listened in upon pretty trivially. And they’re saying that when calling certain toll-free numbers, you can’t block your caller ID since the recipient pays for the call. There’s a MENU on the iPhone that allows you set the default for whether you send caller ID or not; you can also set it per-call. In other words: JUST LIKE A LANDLINE.

The Current Mobile Email Service Doesn’t Support Attachments.
12. Absolutely false. You can send photos trivially (about the only sort of attachment that makes sense to create on a phone), and the iPhone will read a lot of formats (Word, Excel, PDF, JPEG at a minimum).

Prohibited Uses and “Unlimited” Sales Hype.
13. The prohibited uses language is pretty standard wireless carrier language. I agree with him that the claim of “unlimited” is pretty misleading marketing puffery, but it’s an industry-wide problem. If you use your FIOS connection at full bandwidth 24×7, you’ll soon discover that “unlimited” basically means that you’re not billed per unit of data, but that you can still be cut off if you abuse the service. There’s basically nothing you could do on the iPhone that would cause this to happen, though.

Service Is Not Intended to Provide Full-Time Connections: Unlimited is Hype
14. Same as above.

Wi-Fi Service is Limited
15. I think he’s deliberately misinterpreting this one. He’s talking about a completely different wi-fi service that one can purchase through AT&T that has nothing to do with the iPhone. There is of course no limit at all to the number of times in a given time period that the iPhone can connect to a wi-fi network.

“Offnet” Restrictions
16. Another deliberate misinterpretation, I think. “Off-net” usage refers to areas where you’re roaming. Since cell phone roaming charges basically don’t exist anymore for the consumer (the carriers charge each other, though), what they’re saying is that you can’t buy the phone and then use it full-time where, say, T-Mobile has service and ATT doesn’t.

Plan Goobly-gook
17. He’s so incoherent here that it’s hard to figure out what he’s mad about.

Comparing US and Other Broadband Countries: America Is being Laughed At.
18. Perhaps he should move! He forgot to mention that countries using the metric system think we’re pretty silly too–but I’m sure he would have if he’d thought about it. Seriously, he has a point: mobile telephony is more advanced in other parts of the world (largely due to standardization on one network type–GSM). But I’m not sure why that would be the fault of ATT and the iPhone.

Ubuntu and Parallels Rescue Broken XP

How I recovered a badly damaged XP box with severe Windows Update problems using Ubuntu and Parallels for OS X.

Normally, I don’t provide XP support, however, because I was the one who recommended the owner perform a Windows Update that precipitated the total incapacitation of the machine, I felt a slight guilty streak of obligation.

Because of the horrible reputation of Windows Genuine Advantage disabling legal installations, the owner of the box disabled all Windows Updates for fear his system would become disabled and he’d lose his data. As such, when I recommended keeping the system patched, there were well over 60+ patches to start with.

Frozen XP DesktopProblem was, one of those patches was for the NVIDIA GeForce Ti 4200 graphics card, and during the installation process, when the Microsoft Version was applied, the machine froze, requiring a manual reboot via the reset switch.

Naturally, after a forced shutdown one should invoke a check disk. However something insidious occurred. Explorer, and I don’t mean Internet Explorer, no I mean Explorer – the GUI shell, would lock up shortly after login. The start menu would go dead, icons didn’t function, start/run couldn’t invoke programs, applications invoked from the command line wouldn’t work, Internet Explorer wouldn’t even start, and Windows Update did nothing. Even Ctrl-Alt-Del wouldn’t work, as the Task Manager couldn’t start. Nor could the user logout or shutdown the machine. Things were bad. It was like the desktop was there, but the underlying services that made it function were dead.

I’ve had easier recoveries from the blue screen of death. If you can get past that, usually you got yourself a working system. In this case, the system would boot, and even allow a login, but once there, the interface wouldn’t function.

Of course you’d think booting and reverting to the last known good configuration would help. It didn’t. Safe mode was equally hosed. Anything past the login prompt rendered the machine in a frozen state, popping up a message about a Windows General Services failing, with an option to report the problem to Microsoft.

That’s the state of the machine as I received it prior to repair.

Here’s how I fixed it.

The detail message reported that the offending file as WUAUENG.DLL. A quick Google search showed this was the Windows Update module. It seems between going from Windows Update to Microsoft Update, the DLL got corrupted. As Windows booted after login, it accessed the DLL, and the system froze.

My goal was to replace at least this file from a working system. Problem was, I was in a catch-22. I couldn’t access the broken system, and if it was possible, the files would be in use by the operating system anyhow.

I downloaded Ubuntu and burned it to a CD using OS X. I then booted off the live CD on the broken machine, however while it could see the NTFS volume, it couldn’t write to it.

So, I enabled all the repositories by going to System / Software Sources, making sure Universe and Multi-verse were included. Then I opened up the terminal and entered sudo apt-get install ntfs-config, and installed the package that allowed writing to NTFS drives.

I added root to the fuse group, and then went to Applications / System Tools / NTFS Configuration Tool. It was quick to tell me I needed to run ntfs /dev/hda1, which fixed the volume and set it to check the disk on boot.

I shutdown Ubuntu, booted Windows, which caused a check disk, and when I finally got to the login prompt, shutdown again without ever logging in.

I booted back off the Ubuntu CD, did the same trick as before with the repositories and installation of the NTFS driver, and this time was able to mount the drive as writable.

I went to the WINDOWS\System32 directory, and found the following files, to which I renamed them, appending .old to their extension for the purposes of a backup: wuaueng.dll, wuaueng.dll.mui, and wuaueng1.dll.

Then I booted Parallels on OS X, brought up a copy of XP, went to its C:\WINDOWS\System32 directory, and copied those three files to a USB stick. I unmounted the USB stick and shutdown Parallels.

With Ubuntu still running on the broken machine, I plugged in the USB stick, which instantly appeared on the desktop, and copied over three files to the broken machine’s system32 directory.

I then shutdown Ubuntu, removed the USB stick and CD, and booted into Windows. The error message was gone, but it was obvious things were still fragile.

Back on OS X, I downloaded Windows XP Service Pack 2, burned it to CD, and stuck it in the broken machine, executing it. A bit later, it finished and I rebooted.

I was suddenly able to run Windows Update again, and that downloaded 40+ updates, effectively jump starting the process by grabbing only the critical updates. In a rise-lather-repeat cycle, I did this until all the critical updates were obtained. Then I did the same with the optional software.

Each time I came in from a mandatory reboot, I made a system restore checkpoint.

Just to confirm it was the NVIDIA driver, I downloaded just that option from Microsoft, and the machine locked up. Which, to get out of I had to hit the reset button, screwing up the disk again. No problem though, I booted, holding down F8, and booted to the last known good configuration. When it came up, I right clicked properties on the C: drive, and forced a check disk, rebooting. The machine came up fine.

Going over to NVIDIA’s site, it was a trivial matter to download the latest driver for the GeForce 4200 card, and unsurprisingly, it worked without incident.

Ubuntu saved the day for being able to repair and manipulate the NTFS volume, while Parallels made it possible to see what needed fixing, where it went, and a working copy without having to have a second dedicated Windows box.

A recovery solution wouldn’t have been possible with an disc of an OEM version of XP alone. Honestly, I don’t know why users put up with this, or how Microsoft can sleep at night.

The recover process, non-stop, took from 10am – 7pm straight. No breaks. No food. No stalling. That’s nine hours of my life I’m never getting back.

Using In A JavaScript Literal

Today I got bit by a very interesting bug involving the tag. If you’re writing code that generates code, you want to know about this.

I’m currently working on an application that takes content from various web resources, munges the content, stores it in a database, and on demand generates interactive web pages, which includes the ability to annotate content in a web editor. Things were humming along great for weeks until we got a stream of data which made the browser burp with a JavaScript syntax error.

Problem was, when I examined the automatically generated JavaScript, it looked perfectly good to my eyes.

So, I reduced the problem down to a very trivial case.

What would you suppose the following code block does in a browser?

<HTML>
<BODY>
  start
  <SCRIPT>
    alert( "</SCRIPT>" );
  </SCRIPT>
  finish
</BODY>
</HTML>

Try it and see.

To my eyes, this should produce an alert box with the simple text </SCRIPT> inside it. Nothing special.

However, in all browsers (IE 7, Firefox, Opera, and Safari) on all platforms (XP/Vista/OS X) it didn’t. The close tag inside the quoted literal terminated the scripting block, printing the closing punctuation.

Change </SCRIPT> to just <SCRIPT>, and you get the alert box as expected.

So, I did more reading and more testing. I looked at the hex dump of the file to see if perhaps there was something strange going on. Nope, plain ASCII.

I looked at the JavaScript documentation online, and the other thing they suggest escaping are the single and double quotes, as well as the backslash which does the escaping. (Note we’re using forward slashes, which require no escapes in a JavaScript string.)

I even got the 5th Edition of JavaScript: The Definitive Guide from O’Reilly, and on page 27, which lists the comprehensive escape sequences, there is nothing magical about the forward slash, nor this magic string.

In fact, if you start playing with other strings, you get these results:
  <SCRIPT> …works
  <A/B> …works
  </STRONG> …works
  <\/SCRIPT> …displays </SCRIPT>, and while I suppose you can escape a forward slash, there should be no need to. Ever. See prior example.
  </SCRIPT> …breaks
  </SCRIPTX> …works (note the extra character, an X)

With JavaScript, what’s in quotes is supposed to be flat, literal, uninterpreted, meaningless test.

It was after this I turned to ask for help from several security and web experts.

Security Concerns


Why security experts?

The primary concern is obviously cross site scripting. We’re taking untrusted sites and displaying portions of the data stream. Should an attacker be able to insert </SCRIPT> into the stream, a few comment characters, and shortly reopen a new <SCRIPT> block, he’d be able to mess with cookies, twiddle the DOM, dink with AJAX, and do things that compromise the trust of the server.

The Explanation


The explanation came from Phil Wherry.

As he puts it, the <SCRIPT> tag is content-agnostic. Which means the HTML Parser doesn’t know we’re in the middle of a JavaScript string.

What the HTML parser saw was this:

<HTML>
<BODY>
  start
  <SCRIPT>alert( "</SCRIPT>
  " );
  </SCRIPT>
  finish
</BODY>
</HTML>

And there you have it, not only is the syntax error obvious now, but the HTML is malformed.

The processing of JavaScript doesn’t happen until after the browser has understood which parts are JavaScript. Until it sees that close </SCRIPT> tag, it doesn’t care what’s inside – quoted or not.

Turns out, we all have seen this problem in traditional programming languages before. Ever run across hard-to-read code where the indentation conveys a block that doesn’t logically exist? Same thing. In this case instead of curly braces or begin/end pairs, it was the start and end tags of the JavaScript.

Upstream Processing


Remember, this wasn’t hand-rolled JavaScript. It was produced by an upstream piece of code that generated the actual JavaScript block, which is much more complex than the example shown.

It is getting an untrusted string. Which, to shove inside of a JavaScript string not only has to be sanitized, but also escaped in such a way that the HTML parser cannot accidentally treat the string’s contents as a legal (or illegal!) tag.

To do this we need to build a helper function to scrub data that will directly be emitted as a raw JavaScript string.


  1. Escape all backslashes, replacing \ with \\, since backslash is the JavaScript escape character. This has to be done first as not to escape other escapes we’re about to add.
  2. Escape all quotes, replacing ' with \', and " with \" — this stops the string from getting terminated.
  3. Escape all angle brackets, replacing < with \<, and > with \> — this stops the tags from getting recognized.

private String safeJavaScriptStringLiteral(String str) {

  str = str.replace(“\\”,”\\\\”); // escape single backslashes
  str = str.replace(“'”,”\\'”); // escape single quotes
  str = str.replace(“\””,”\\\””); // escape double quotes
  str = str.replace(“<“,”\\<“); // escape open angle bracket
  str = str.replace(“>”,”\\>”); // escape close angle bracket
  return str;
}

At this point we should have generated a JavaScript string which never has anything that looks like a tag in it, but is perfectly safe to an XML parser. All that’s needed next is to emit the JavaScript surrounded by a <![CDATA[]]> block, so the HTML parser doesn’t get confused over embedded angle brackets.

From a security perspective, I think this also goes to show that lone JavaScript fragment validation isn’t enough; one has to take it in the full context of the containing HTML parser. Pragmatically speaking, the JavaScript alone was valid, but once inside HTML, became problematic.

Customer Service at the Apple Store

What would normally be a “bad” experience at the Apple Store quickly turns positive, resulting in a generous refund and some interesting tips for future purchases for those not familiar with the differences between Apple Online Store and Apple’s retail Stores.

Please do not leave a comment if you haven’t read the full entry.

UPDATED PREQUEL: Brother in law goes window shopping for machine; brings cute seven year old daughter along. He home schools and has documentation with him. Manager offers assistance and pulls up educational pricing online and constructs machine. We go to put games back on shelf, since educational pricing is only offered on web store. Manager, unprompted, offers to match price on website, if we commit to purchase in store – knowing we’ll buy the games we’re holding. We thank her and agree. Manager starts to check us out, gets radioed away, has another person do the transaction, gives directions, but in the confusion the sales person rings up the regular store price, not the offer the manager just offered. Honest mistake. Please be aware as you read this, we knew about the retail/online price difference. She had explained that. This is a happy story, not a rant – as evidenced by the category the post.

Had an interesting thing happen with the Apple Store — my brother-in-law recently purchased for his home school an iMac, but the educational discount wasn’t applied to the software as it should have been, the sales person had made a simple goof. And, being Apple and 14 days of purchase, I suggested we go back to get the problem fixed.

Unfortunately, we got someone who was fairly new working there, and he explained to us that the Apple Store didn’t have educational discounts on software. He wasn’t going to credit the amount. We asked if he was sure, and he ran off to ask his manager, and returned confirming that was the case.

We asked him to pull up the Apple Store online and quote us the price. He did. We were correct, the educational price still stood, but he refused to refund the $30. I could tell this was frustrating my brother-in-law, and I could tell our insistence was frustrating the cashier.

“What if I return the machine in the 14 day period, and re-buy it?”

The cashier asked if it was opened, we nodded, and he said there was a 10% restocking fee.

I had enough, and I asked him to get the manager. He said it wouldn’t help. And I insisted. He flagged the manager over.

“We’re confused. The Apple Site is telling us that we can buy software at an educational discount, but the cashier is telling us the Apple Store doesn’t do that.”

“That’s correct.”

“You’re both owned by Apple. It’s the same product.”

The manager insisted that that’s just how the store operates.

UPDATE CLARIFICATION: The iMac comes with a working 30-day copy of iWork, long enough for you to go home and buy the software online with the educational discount. To have purchased a machine with the educational discount and the iWork package from the store is illogical. It was very clear from the receipt what had happened. The sales person was new and didn’t know Apple’s managers would often override pricing to make a sale. He had asserted the policy, and a good manager will back his employees. The manager was acting exactly as he should have in this circumstance. We needed to get to the point where the manager knew we had dealt with another manager, and in such a way that the employee who told us it wasn’t possible to get a refund didn’t lose face or have his manager correct him in front of us. That’s good business on Apple’s part.

“That makes no sense. It’s illogical, inconsistent,” and with slightly raised voice, “so unlike Apple. Fine, I just have one question. Why on earth would I ever buy anything through the Apple Store instead of online knowing this?”

UPDATE CLARIFICATION: This wasn’t making a scene, it was putting verbal emphasis on the Apple’s policy. I have previously dealt with this manager before, on at least two occasions, and he has happily addressed the issues. There was no problem between us or the manager. It was a friendly discussion. The banter was jovial in tone.

“Because of our superior customer service.”

“Great. Show me some. We’re talking $30 here between being happy and unhappy. We were in the store looking at machines online, and the sales person talks us into getting the machine and says the price is the same.”

“Our sales person must have been mistaken.”

“You guys go through a lot of training, she was very confident and insistent this was the case.” I then proceeded to describe her and the date of purchase. The manager interrupted, “I know who you’re talking about, that’s the other manager.”

“She told us about OS X, helped us pick the machine and software, and handed it to the cashier — a lot was going on, and I don’t think that person followed her instructions.”

“That’s what it sounds like. She does have authorization to change the price. She should have followed the transaction end-to-end, that’s what must have gone wrong.”

“Make sense. Since you’re the manager on duty at the moment, please fix it.”

“I’d be happy to.” He starts punching buttons, and in a moment he announces, “I’ve credited back your $30, and an extra $10 for your trouble, consider it for time and gas of having to make the extra trip.”

We thanked him, shook his hand, and did what any happy, satisfied customer would do… we went over to the game area and bought something with the money we just had returned to us.

The moral of the story seems several fold:
1. It always pays to stay calm and be polite.
2. Order from the Apple Store online.
3. If you do order from the Apple Store in the mall, there is wiggle room in the price.
4. Make sure you’re dealing with the manager and not a regular sales flunky.
5. Politely ask the manager to see the sale through from end-to-end.
6. Apple will make good, and even go beyond the call of duty, but you have to realize the number of people who are constantly trying to scam them on a daily basis. (We watched some kid try to claim his iPod was under warranty after admitting that he stepped on it and cracked the screen. Warranties are for manufacturing issues, insurance is for user problems.)

While we did learn that educational discounts can be had, the easier route is the Apple Store online. Should you get a student version of some software, like Final Cut Express, note that you cannot upgrade it the next release cycle.

Additionally, one extra tid-bit. When one buys a Mac at the Apple Store in the mall, you often get a “free” printer with it. You pay $99 for the printer and get a rebate for $99 back that you need to submit. We recently learned that the rebate center does not honor rebates for printers when bought with machines via an educational discount. Most sales people don’t know this and sell the standard package, thinking they’re giving you a free printer, but are accidentally setting you up for an extra $99. Ask, ask, and ask again.

Finally, if you work for the government, a contractor, or a big company — you may have a special deal cut with Apple. Always have your work badge with you when you go to the Apple store. It may be worth 10% off, but without the hassles of the educational issues.

Behind the Blue Screen of Death, Is Microsoft Vunerable?

XP suffered a Blue Screen of Death due to a very simple cause, but this got the gears going — are phone-home-on-error systems vulnerable and not getting the attention they deserve?

This morning I came in to work and discovered my Windows XP desktop in a crashed state, you know the one, the Blue Screen of Death; the same one you see billboard sized at Times Square.

Given that I’m meticulous about patches, clean registry settings, and an army of spyware, malware, and anti-virus detectors, not to mention the machine is used for very limited purposes, it’s very likely this isn’t some bad 3rd party Windows driver. Oh, no, the error message squarely put the blame on the USB driver.

Knowing that, I can think back to what my very last activities were at the end of the day. I saved a file in a simple editor, that file was on my Dell USB stick, and after it saved, I initiated a Windows Reboot, and pulled my USB stick (whose activity light was well extinguished) and walked at the door as Windows was still shutting down.

I’m going to simply conclude that Windows was so “busy” with its shutdown that it didn’t “see” the USB device get removed, and it was left in some horrified state that it had to die (something that does not happen with my Mac, ever). This is further confirmed by the fact that, after a hard power reset, XP came up fine, and all of my diagnostic utilities passed. Windows had just, plain and simply, died.

Sometime after booting, however, I got a message that Windows had detected it had shutdown in a bad manner, and it wanted to know if it was okay to send the report to Microsoft. I’m all for making things better, but I thought it might be interesting to look into the post-Blue Screen of Death activities.

The Blue Screen of Death did a crash dump and some files were written to disk in a directory called C:\Documents and Settings\{username}\Local Settings\Temp\WEReeed.dir00.

The file manifest.txt consisted of name/value pairs separated by an equal sign, in much the same way as the contents of an .ini file might be done, sans section headers.

The more curious contents of this file revealed the server, a url, and some values, what data files were being sent, and a very obscure reference to what might be a “blue” screen report.

Server=watson.microsoft.com
Stage2URL=/dw/bluetwo.asp?BCCode=1000007e&BCP1=C0000005&
BCP2=BA2C4371&BCP3=BA503AF4&BCP4=BA5037F0&
OSVer=5_1_2600&SP=2_0&Product=256_1
DataFiles=C:\DOCUME~1\{username}\LOCALS~1\Temp\
WEReeed.dir00\Mini022207-01.dmp|C:\DOCUME~1\{username}\
LOCALS~1\Temp\WEReeed.dir00\sysdata.xml
ErrorSubPath=blue

The sysdata.xml file consisted of an XML file that listed every device, its description, hardware id, service, and driver, often the version and file size as well. Sure enough, the usehub.sys file was there, buried in the batch. It simply appears this file is trying to collect the configuration of the machine, perhaps to recreate it in the lab for some regression testing and battery of comprehensively abusive test suites. At least that’s what I would hope happens.

The Mini022207-01.dump is clearly the month/day/year-sequence_number of when the dump was made. When the Blue Screen of Death happened, it claimed it was dumping all of physical memory. Given this Mini-Dump is only 92K, some post-processing has clearly taken place.

In my case, the file was clearly a page dump of a section of memory, with what looked like uninitialized memory labeled with the bytes literally reading “PAGE”. Inside, this binary blob it was very easy to make out pgfilter.sys, USBSTOR.SYS, and kmixer.sys. Other device driver names and binary glop followed.

Actually submitting the report showed that watson.microsoft.com (as in the product Dr. Watson) was queried and an IP of 65.54.206.43 came back. An https: exchange was made, and moments later oca.partners.extranet.microsoft.com (131.107.112.111) was ask of the DNS server; more content was sent to that server. wwwbaytest5.microsoft.com (207.46.18.30) was then asked for a certificate, via GET /pki/mscorp/Microsoft%20Secure%20Sever%20Authority(3).crt; a few more of these went back and forth, and wer.microsoft.com (131.107.115.67) got involved, that when my browser reported the human readable response to the report. Compounding matters, no tracking number or email address is provided, so even if I wanted to provide Microsoft with more information to help them fix the problem, I can’t.

After all this happened another thought struck me… Microsoft doesn’t really have a good track record with security, especially when it comes to error checking and services that aren’t used that much. I ponder what would have happened if the information had been tampered with before being sent? Is there invalid input that could send the error reporting systems into a tizzy? Could some bogus changes make their debugger or tool execute malicious code? Would some false data send some poor analysis team chasing fictional ghosts? What would happen if an automated script kiddie generated millions of bogus machine crash reports; how would they get sorted out?

I ask the question because there are quite a number of phone-home-if-you-see-a-problem systems out there in popular open source projects. Seems to me that there should be solid secure conventions to detect if error report data has been tampered with, or is bogus, and to prevent the same kinds of attacks regular systems suffer from. This is something worth spending some design time on, even if it isn’t part of the main product functionality.

Update: Suffered another crash, this time in the ATI driver as the system was doing nothing and changing focus from one window to another. Oddly enough, again, all the diagnostics say the system is fine — I’m going to do a very intensive sweep.

For the curious, the new directory was WERdb4a.dir00 with similar manifest, dump, and sysdata files. WER is the Windows Error Report, and the stuff after it appears to be hex glop. This time it is blaming the video driver, so I’ll be checking if there are any updates with both Dell and ATI.

TiVo and Verizon Guide Information Is Out of Sync

TiVo recording the wrong stuff for you? It is if you’re a Verizon customer in the Washington Metro Area. See, Verizon is changing their channel layout, but TiVo’s adopted it several hours too soon. Hopefully by tomorrow this will straighten itself out.

For the first time in literally years, TiVo was recording on the wrong channel. No, it’s not because the cat was pawing at the IR transmitter; I’ve got a Verizon FiOS, so my TiVo connects via a serial port.

According to Verizon’s web page, they’re expanding their service and had to jumble the channels around. Here’s a listing of the old channels and the new equivalent channels.

The changes happen according to this schedule, and in theory Verizon will adopt the new channel sequences tomorrow (Feb 20th, for us VA/MD people).

TiVo, however, has already gotten the updated channel guide and applied it. Meaning, that for the next 12-24 hours, TiVo will be confused about which channel to use. Honestly, Verizon was pretty pro-active about letting people know when the switch over would change, so I’m kinda surprised TiVo made the change ahead of schedule. I suspect we’ll see a bit of griping on the internet and then it will all fade away, given the small window of time.

Wendy’s …Ok, I’m done.

Wendy’s …yes, the burger place… oh, this is just so gross — you need to know about it.

So I’m with a friend at the Wendy’s on Rt. 7 in Sterling… all of the sudden he throws down his burger, announces we’re done, and we leave the store before he can bring himself to explain without getting sick.

We had just ordered our food and notices that every table in the place was horribly dirty. He had chosen the least dirty, wiped it with a napkin, and we started eating.

While we were eating, a Hispanic woman came out and started wiping down tables. That’s where my attention span had drifted off. At least they were addressing the problem.

However, as she was using this rag (which admittedly didn’t look all that clean), she passed by a trashcan that was a little over packed. Rather than emptying it, she reached in -with her bare hand- and started rearranging the garbage. If that wasn’t gross enough, she didn’t wash her hands afterward, but picked up the very same cloth and started wiping down the trashcan. And, if that was gross enough, she then proceeded to use that very same cloth, which was just used on the trashcan’s goop, on the tables. …tables that little kids then sat down at and started eating off of.

I’m sorry, but I find this totally disgusting and unhealthy. How can we be living in the 21st century and yet still be nearly a century behind in general sanitation practices? Even plain old common sense says you don’t touch trash and then your eating area.

I used to love going to Wendy’s, but if this kind of thing is going on all over, I simply refuse to take the chance.

Amazon vs. Borders

Sent the wife to pick up some books from Borders. She writes me back, “you sure you don’t want to do this through Amazon…” (analysis follows)

I’m a big fan of technical bookstores.

We used to have one in Tyson’s Corner, but it closed up shop. Luckily, in Washington D.C. there still is Reiters. What makes these places great is the ability to walk in, handle the books, and do an enormously painful amount of impulse buying.

At the moment, the closest thing I have to that is Borders, because many of the other chains, with perhaps the exception of Barnes and Noble (which is often more expensive than Borders), contain a very diluted technical book section.

Last night my wife was running past Borders, and I gave her a list of 35 books that were on my wish list. Borders had most of them in stock. However, when I included the title and ISBN, I also included the Amazon price, quite by accident. My wife, a thrifty shopper, noted that Borders was considerably more expensive and fired me back an email to ask if I was sure I wanted them. After all, with Amazon, you get free shipping.

I was convinced they couldn’t be that much more expensive, so she took the first dozen or so books on my list, looked them up, and sent me back the prices. I was shocked. Truly shocked.

Using a simple Perl script, I built this little comparison table.

BookBordersAmazonDiscount
The Ruby Way$ 39.99$ 26.3934%
Write Great Code$ 44.95$ 29.6734%
Modern C++ Design$ 54.99$ 38.4930%
Generic Programming and the STL$ 59.99$ 41.9930%
Generic Programming$ 50.00$ 50.000%
Beyond the C++ Standard Library$ 49.99$ 34.9930%
C++ Template Metaprogramming$ 44.99$ 31.4930%
C++ Templates$ 65.99$ 46.8529%
Maximum Boost$ 34.95$ 23.0734%
The Boost Graph Library User Guide$ 44.95$ 31.4930%
Head First ObjectOriented Analysis and Design$ 34.99$ 32.996%
CSS Mastery: Advanced Web Standards Solutions$ 34.99$ 23.0934%
Sneaky Uses for Everyday Things$ 10.95$ 8.7620%

I can not believe it’s that much cheaper to order books online. 30% savings is worth the lack of instant gratification.

Here’s the big problem though. The reason my favorite technical bookstore in Tyson’s closed was because they sold the same products as other bookstores in the area at a higher price. You went in for the massive selection, purchased the unique stuff, but walked out with a list of books you could obtain cheaper elsewhere. Enough people followed this practice, and the store closed up and went online. But the appeal of browsing and instant gratification were gone. Meanwhile the selection of technical books at regular bookstores became mediocre. I feel history is about to repeat itself.

I got to hand it to Amazon, though, the ability to browse a book online has totally changed my opinion of online bookstores. As for the instant gratification, though – I guess I can live with near-instant.

Funny thing though, if Borders instituted a “we’ll match Amazon” policy, they’d steal my business back. I take computer science very seriously. Checking my book purchasing record trends, it appears I spend about two grand on books a year. Yikes!

Verizon – Killing the Internet We Do Have

Verizon shows up, severing phone and internet, then drives off.

Despite all things, we decided we would give the fiber optic a shot, and we signed up for high speed internet and television.

Several days ago Miss Utility came out and sprayed marks all over our front yard.

Then, today, Verizon came out with their trucks, dug up the front yard to lay cable, and drove off. This was just the digging. They did not set up the internet or the television.

However, when they left, the copper land lines were severed — we have no phone service.
The cable internet no longer working — we have no internet.

In short, they cut us off completely from the outside world, including 911.

Wife calls the business office.

They claim that can’t get a truck out until MAYBE tomorrow. Unacceptable, since they’re still literally in the neighborhood.
They claim they are not responsible for copper connectivity.
They claim they are not responsible for Adelphia.

Follow that, they come by and cut the connections, then claim they aren’t responsible for fixing them.

UPDATE: Just got off the phone with the Virginia State Corporation Commission, and I have to say they were more than helpful. Our billing issue from before was something she said was fairly common called cramming, where one is signed up for services without permission. Verizon’s course of action was dead on to block future charges and to refund the entire amount; but even though they did that, the FCC is now being notified. As for today’s incident, the Virginia State Corporation Commission was hanging up with me and contacting Verizon immediately; my job is to let them know when phone service has been restored and how the experience was. The bad news is that I do need to contact Adelphia, have them fix the problem, and charge it to Verizon.

UPDATE: My wife tried calling Verizon again, explaining that her business was down as well as the vagueness of truck availability was unacceptable. Their response was that “unless this is an emergency and you’re dying” they could not get a truck out, and the time frame appeared to increase. Meanwhile, my wife’s call to Adelphia went much better, they were not surprised at all to hear Verizon sliced the line; they took note of the VSCC’s involvement. Adelphia marked this down as a priority and they’d have a truck out between now and 9am tomorrow.

UPDATE: I just got a call from Verizon’s customer service stating that they had just received the complaint from the VSCC and they were sending a truck out immediately to fix the problem. I called back the VSCC, as they wanted to know when I had contact with Verizon, and it was amusing how quickly Verizon could change its mind and how mysteriously they suddenly found the inspiration and resources. VSCC, you’re on my Christmas list.

UPDATE: As of 5:30pm the same evening, we got dial tone. Contacted the VSCC, letting them know. They had us talk to the FCC about cramming.

UPDATE: Adelphia showed up and using a little device were able to identify the line as broken. Sure enough, after some digging, they found a severed coax with a fiber optic cable running right through it. They’re taking pictures for evidence, presumably when they bill Verizon. They ran a new cable, it’s bright orange. Now, what’s interesting is that the repair guy was very upset. Driving through our neighborhood it was apparent there were many houses in our area that have orange replacement cables above ground.

Verizon – Charging for Internet We Don’t Have

A mysterious line item on our Verizon bill appeared entitled “NOL INTERNETMNTHLYFEE” for $29.95/mo.

Seems that when Verizon dug up our yard and laid dark fiber, they signed us up for internet service and started charging us for it without our permission, knowledge, or even a service on their part to deliver.

This evening I got home from work and saw a piece of mail talking about new fiber optic services now being offered in my area. My first thought was “finally…”, but now I’m questioning if I even want to do business with Verizon at all.

I opened the mail and discovered it was actually our Verizon bill, and that under “Operator Ass. Netwk” it had $29.95 as a fee — that’s a lot of operator assistance for lines we rarely use for anything but incoming calls. Something was wrong. Very wrong.

Confused, I turned to page four and saw that we were being billed for something called “NLO INTERNETMNTHLYFEE” at a rate of $29.95/mo.

Problem is, I don’t have Internet through Verizon. I don’t have a land line modem. I don’t have DSL. And I certainly don’t have fiber optic, something they’ve scheduled to install three weeks from now.

How long have they been charging us for internet service? Since April, when they dug up our yard and put down cable.

My wife, knowing we have Internet, didn’t question the charge. However, we get our internet service through Adelphia, who’s already made it a point to charge us $3 extra a month in rental fees for a cable modem that I purchased for $80 via BestBuy. (This is another sore spot.)

I suspect a lot of households are being scammed in a similar manner, too innocent to know that something is wrong.

After calling Verizon, they did confirm that the charges were incorrect, and to their credit they did block future charges and reimburse the fees.

It seems third party companies are authorized to charge under the Verizon name, and they are experiencing a rash of customer complaints where people are being automatically subscribed and billed for internet services when they come by and dig up the yard. They “just assume” you’ll subscribe, even if the service isn’t up and working.

Check your bills, meanwhile, I have neighbors to go talk to… and then a call to the Virginia State Corporation Commission.